Author Topic: WinPatrol malwarebytes  (Read 2519 times)

0 Members and 1 Guest are viewing this topic.

Offline fletch

  • Full Member
  • ***
  • Posts: 43
    • View Profile
WinPatrol malwarebytes
« on: November 04, 2015, 11:26:04 PM »
Anybody getting hits on the WinPatrol network drivers from Malwarebytes?

Offline Digerati

  • LzD Friends
  • Hero Member
  • *****
  • Posts: 1061
    • View Profile
Re: WinPatrol malwarebytes
« Reply #1 on: November 05, 2015, 03:08:31 AM »
Not here. I cannot find anything to suggest that file and service is related to WinPatrol. While the file's digital signature is by Ruiware, the current developers of WinPatrol, it appears to be associated with a different product, Windows (R) Win 7 DDK.
Bill (AFE7Ret)
Freedom is NOT Free!
2007 - 2018

Offline Pierre75

  • Sr. Member
  • ****
  • Posts: 410
    • View Profile
Re: WinPatrol malwarebytes
« Reply #2 on: November 05, 2015, 04:01:09 AM »
Sorry, nothing here on either PC. Maybe Bret is able to clarify?
IF IT AIN'T BROKE -  DON'T FIX IT

Offline fletch

  • Full Member
  • ***
  • Posts: 43
    • View Profile
Re: WinPatrol malwarebytes
« Reply #3 on: November 05, 2015, 01:29:05 PM »
I saw the DDK connection.  Looks like netfilter2.sys that they renamed and signed.  Guess it's used to insert into the network layer to allow them control of things.  Perhaps a common method of infecting systems and MWB now flags those as "potentially" unwanted.

Offline Digerati

  • LzD Friends
  • Hero Member
  • *****
  • Posts: 1061
    • View Profile
Re: WinPatrol malwarebytes
« Reply #4 on: November 05, 2015, 02:51:39 PM »
Quote
Looks like netfilter2.sys that they renamed and signed.
Who is "they"?
Bill (AFE7Ret)
Freedom is NOT Free!
2007 - 2018

Offline fletch

  • Full Member
  • ***
  • Posts: 43
    • View Profile
Re: WinPatrol malwarebytes
« Reply #5 on: November 05, 2015, 07:20:22 PM »
Quote
Who is "they"?

Ruiware.  Apparently this was left behind from an early install of WinPrivacy.  I've deleted the file.  I'm told it's not used in the current release.