Summary
Summary
Action- More Information
| Affected operating systems | Windows |
|---|---|
| Detected by | Sophos Anti-Virus for Windows, version 7 |
Action
- Summary
- Action
- More Information
Your options
If you've received an alert, then you have 2 options:
- authorize the file
- send the file to the lab for analysis
Authorize the file if it's from a trusted source.
Send it to the lab for analysis if you:
- do not trust the file
- or believe it to be compromised in some way
To reduce the chance of unwanted detections, Sophos HIPS should be set to 'Alert only' mode for the duration of any software installations. For more information, please read the knowledgebase article about deciding whether to allow or block a file.
Sending a file to the lab?
When you complete the sample submission form, please give a reason for your submission and mention this "HIPS/" detection.
More Information
Runtime behavior alerts of this type inform the user that a suspicious-looking program has attempted to modify the registry of the computer in order for it to run before files of a particular type . Any attempt at this behavior by an unauthorized program could indicate a malware infection.
Please note that the behavior of some legitimate product installers can sometimes resemble that of malware. For this reason, installing or updating software carries an increased likelihood of unwanted HIPS detections and we recommend configuring HIPS to Alert Only mode for the duration of any product installs or updates. For further information please refer to the following knowledgebase article deciding whether to allow or block a file.
HIPS/RegMod-003 uses Sophos Behavioral Genotype technology to enhance detection accuracy.
|
