Solved Where did Strip My Rights come from?

I like the idea of lowering my browser's write capability with a restricted token, but that's what I have Simple Software Restriction Policy and EMET for. I never intentionally downloaded or installed StripMyRights.exe, which is in C:\Windows, and Malwarebytes Premium is flagging the registry keys and values written by it as a "Security Hijack", specifically (HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\FIREFOX.EXE|Debugger) for example ( there are 4 keys and 4 values in total) Is this put here by EMET or Simple Software Restriction Policy? How can I check that my browser is actually operating under a restricted token rather than a (maliciously) elevated one? Thanks!

This is what I found on a google search.

StripMyRights - Based on DropMyRights

Griffscavern said:

This is what I found on a google search.

StripMyRights - Based on DropMyRights

Click to expand...

Thanks! Somehow I missed that one when I was Googling. Also, I ran into a post at the Malwarebytes Forum where someone had run into a similar problem, and it turned to be EMET that was throwing a flag with Malwarebytes. I consider this solved, but would still appreciate if someone knows how to check on the restricted browser token (that it's restricted and not elevated). Thanks Griffscavern!

Migotop said:

Griffscavern said:

This is what I found on a google search.

StripMyRights - Based on DropMyRights

Click to expand...

Thanks! Somehow I missed that one when I was Googling. Also, I ran into a post at the Malwarebytes Forum where someone had run into a similar problem, and it turned to be EMET that was throwing a flag with Malwarebytes. I consider this solved, but would still appreciate if someone knows how to check on the restricted browser token (that it's restricted and not elevated). Thanks Griffscavern!

Click to expand...

Restricted User also covered in that link, I just missed it on the first read through/skim. Solved.

Migotop said:

Migotop said:

Griffscavern said:

This is what I found on a google search.

StripMyRights - Based on DropMyRights

Click to expand...

Thanks! Somehow I missed that one when I was Googling. Also, I ran into a post at the Malwarebytes Forum where someone had run into a similar problem, and it turned to be EMET that was throwing a flag with Malwarebytes. I consider this solved, but would still appreciate if someone knows how to check on the restricted browser token (that it's restricted and not elevated). Thanks Griffscavern!

Click to expand...

Restricted User also covered in that link, I just missed it on the first read through/skim. Solved.

Click to expand...

You're welcome. Glad I could help.