Jump to content

Malicious Activity Detected: Persistence via Registry - Windows


oconnb17
 Share

Recommended Posts

Immunet detected a persistence behavioral issue on a Windows machine notification below.

"Behavioral Protection detected malicious activity [UserInitMprLogonScript Registry Key Used for Persistence] No remaining actions were taken."

It is not consistently displayed, might be OneDrive or another App that wrote to registry and unclear how to inspect and/or remediate.   Any direction would be helpful.

Link to comment
Share on other sites

Other users have reported the same detection as well recently. This is a False Positive.

I would suggest you submit a False Positive report to the Immunet Support team & since it's a ClamAV detection also report it to the folks at ClamAV too. Here's the links for both to do so.

https://www.immunet.com/false_positive

https://www.clamav.net/reports/fp

  • Thanks 1
Link to comment
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
 Share

×
×
  • Create New...