diff --git a/rules/windows/process_creation/win_control_panel_item.yml b/rules/windows/process_creation/win_control_panel_item.yml
index 02f827c26..8045adc4c 100644
--- a/rules/windows/process_creation/win_control_panel_item.yml
+++ b/rules/windows/process_creation/win_control_panel_item.yml
@@ -24,7 +24,7 @@ detection:
         CommandLine|endswith: '.cpl'
     filter:
         CommandLine|contains:
-            - '\System32\\'
+            - '\System32\'
             - '%System%'
     selection2:
         CommandLine|contains: