Author Topic: False Positive? Warframe - [Suspicious.Path] found in registry  (Read 5599 times)

0 Members and 1 Guest are viewing this topic.

September 22, 2018, 03:19:15 PM

Faergor

  • Newbie

  • Offline
  • *

  • 48
  • Reputation:
    0
    • View Profile
False Positive? Warframe - [Suspicious.Path] found in registry
« on: September 22, 2018, 03:19:15 PM »
Hello, this was found today while scanning, is this please false positive?


¤¤¤ Registry : 2 ¤¤¤
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {27624FD4-2773-4BBD-8B37-317672D4C322} : v2.28|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|RPort=80|RPort=443|RPort=8080|RPort2_10=6665-6669|RPort2_10=6695-6699|App=C:\Users\XXXXXXX\AppData\Local\Warframe\Downloaded\Public\Tools\Launcher.exe|Name=Warframe Launcher (TCP-In)|EmbedCtxt=Warframe|Edge=TRUE| [7] -> Found
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {FE17ED16-68BE-49B0-B16E-7D8378EC5C2A} : v2.28|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|Profile=Public|RPort=80|RPort=443|RPort=8080|RPort2_10=6665-6669|RPort2_10=6695-6699|App=C:\Users\XXXXXXX\AppData\Local\Warframe\Downloaded\Public\Tools\Launcher.exe|Name=Warframe Launcher (TCP-Out)|EmbedCtxt=Warframe| [7] -> Found

I scanned my PC day before yesterday and nothing was found and I had same version of Roguekiller installed as I have today (V12.13.1.0). I have warframe installed on my external HDD, but I do not remember launching it yesterday. I scanned my PC today and this was found. I am attaching txt file as well.
Thanks :)

Reply #1September 22, 2018, 05:02:12 PM

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2809
  • Reputation:
    100
    • View Profile
Re: False Positive? Warframe - [Suspicious.Path] found in registry
« Reply #1 on: September 22, 2018, 05:02:12 PM »
Hi Faergor,

Thanks for your feedback.
This is indeed a false positive. We will fix this as soon as possible.

Regards.