Login
    Contents x
    Malware detected after installing Pharos Popups
    • 18 Mar 2024
    • 1 Minute to read
    • Print
    • Dark
      Light
    • PDF
    Contents

    Malware detected after installing Pharos Popups

    • Updated on 18 Mar 2024
    • 1 Minute to read
    • Print
    • Dark
      Light
    • PDF
    Article summary

    Why does Windows Defender (formerly Microsoft Antispyware) detect malware after installing the Pharos Popup Client?

    Windows Defender (formerly Microsoft AntiSpyware) reports a file used by the Pharos Popup Client as the Rivarts.A trojan.

    The registry key:

    HKLM\System\CurrentControlSet\Services\mchInjDrv

    Has been detected as malware by Defender.

    Microsoft is aware of this problem. Other third party applications use the same hook. So far, however, Microsoft has not whitelisted the application, madCodeHook by Madshi.

    Madshi, the developers of madCodeHook (the file in question) is also aware of this issue.

    For more information on Madshi, and madCodeHook see: http://www.madshi.net

    This is a required file needed for the Pharos Popup Client to function and does not pose a threat to the system.

    Was this article helpful?
    Related articles
    What's Next
    Change password!
    Changing your password will log you out immediately. Use the new password to log back in.
    Change profile
    Success!
    First name must have atleast 2 characters. Numbers and special characters are not allowed.
    Last name must have atleast 1 characters. Numbers and special characters are not allowed.
    Enter a valid email
    Enter a valid password
    Your profile has been successfully updated.
    Logout