Jump to content
Sign in to follow this  
Guzlo

Possible False Positive - PC Group Policy Issue?

Recommended Posts

On my company desktop running Vista, when I log in with my standard user ID and run Malwarebytes I always get a positive on the following registry entry.

Registry Values Infected:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowCpl\1 (Malware.Trace) -> No action taken

I can delete it but it comes back with the next reboot since it is a Group Policy entry.

If I look with Regedit I can see that this entry is to disable "autoplay" on my PC which is standard on all our company system configurations. I had another user run Malwarebytes on their system with the same registry entry and they show no infection. My system shows no infection when logged into with another ID's. Why me and not others?

Any ideas? Off a McAfee forum ( http://community.mcafee.com/message/110103 ) I saw this remark in an entry:

Additionally the HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowCpl\1 entry "detected" by MalwareBytes also is not necessarily caused by Malware. This can be configured by Group Policies and othe rsoftware as well. Not saying there wasn't something malicious on the system that set this at one time, but also are other reasons for this. With MalwareBytes not detecting other malware on the system (other than the false detection above) leads me to believe that this is likely just a bit of over-aggressiveness by them as well.

Share this post


Link to post
Share on other sites

The problem is that there is no way to tell when malware has disabled something or if it was intentional . I opt to help the victims and hope that more advanced users will use the ignore function .

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.