A coworker asked me to look at her laptop (Gateway Viper-SR,Vista Business SP 2) to fix a Citrix-related problem and I ran a full system scan in Safe Mode using MBAM 18.104.22.1680 for standard maintenance. It pulled up 2 entries in the Registry Values Detected section of the log:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegEdit (HiJack.Regedit)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegEdit (HiJack.Regedit)
There were no other infections or problems detected elsewhere in the system. Her system is not slow or exhibiting any other issues that may indicate an active infection but I don't want to send the machine home until I am reasonably sure there is not a lurking rootkit,etc.
Is this just a false positive or a signal to do more extensive testing?