Kenjii
2008-08-05, 02:12
Hello, recently i contracted something that is attempting to make a registry change - Thankfully Spybot S&D caught it before it could do anything, however, it keeps trying.. again and again. I searched and found this (http://http://forums.spybot.info/showthread.php?t=394) thread, but it confirmed that it wasn't a malicious program. Here is one of the hundreds of logs from the blocked Registry change.
8/4/2008 7:55:29 PM Denied (based on user blacklist) value "ExcludeFromKnownDlls" (new data: "") deleted in Session manager!
8/4/2008 7:55:30 PM Denied (based on user blacklist) value "BootExecute" (new data: "autocheck autochk *
") changed in Session manager!
8/4/2008 7:55:30 PM Denied (based on user blacklist) value "ExcludeFromKnownDlls" (new data: "") deleted in Session manager!
8/4/2008 7:55:31 PM Denied (based on user blacklist) value "BootExecute" (new data: "autocheck autochk *
") changed in Session manager!
It goes on and on like that, many thanks for any help you may provide.
edit: I'm running Vista 64 if that matters at all.
8/4/2008 7:55:29 PM Denied (based on user blacklist) value "ExcludeFromKnownDlls" (new data: "") deleted in Session manager!
8/4/2008 7:55:30 PM Denied (based on user blacklist) value "BootExecute" (new data: "autocheck autochk *
") changed in Session manager!
8/4/2008 7:55:30 PM Denied (based on user blacklist) value "ExcludeFromKnownDlls" (new data: "") deleted in Session manager!
8/4/2008 7:55:31 PM Denied (based on user blacklist) value "BootExecute" (new data: "autocheck autochk *
") changed in Session manager!
It goes on and on like that, many thanks for any help you may provide.
edit: I'm running Vista 64 if that matters at all.