Jump to content

Perhaps a false positive ?


Recommended Posts

Hello everybody

Just for an advice (I suppose)

Trying 1.50 Beta, I got an alert about an infected registry key which I suppose could be a false positive about "no Autorun win32" v. portable.

Hereunder the LOG and the registry key.


Malwarebytes' Anti-Malware 1.50 Public Beta


Version de la base de donn

Link to post
Share on other sites

This is used to restrict start menu logoff and is not the default XP setting. Some trojans and many restrictions to the start menu and this is a known one.

From the outside looking in there is no way to determine if this was done by malware or intentionally by the user so we opt to help the less knowledgeable users while assuming that advanced users will understand the issue and add the detection to their ignore list.

Link to post
Share on other sites

Thanks a lot nosirrah for the answer.

In fact, I saved the Key before deleting it as it may have resulted from changes I made a fearly long time ago. In fact the alert came from my first scan with v.1.50 public beta meaning after the 11th of this month. My former scans did not show anything so, is there a possibility to know if this detection rule came before this date?

Anyway as you confirm me this key is not issued from the default setting, I keep it deleted. (Depending still from what could be your answer)


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.