How to find which program causing prob?

G

gehang

New member
I have some program which keeps trying to change the registry. So I clicked always deny, now my computer is really slow because I have about 10 windows saying registry changed denied that never go away becuse this program won't stop trying the changes..

How can I find out which process is trying to initate the change so I can stop the service, and remove the program?
 
Hello.Could you open Spybot,click mode up top,then Advanced Mode,then click tools,then resident,and there should be a resident log there.Highlight the last couple of things,then rightclick,select copy,then paste it here.
 
Having the same problem

I'm having the same problem. Here's the resident log

3/6/2007 5:01:39 PM Denied value "{A6ACAE64-F798-4930-AD86-BD3FB32038DB}" (new data: "") added in Browser Helper Object!
3/6/2007 5:01:40 PM Denied value "{A6ACAE64-F798-4930-AD86-BD3FB32038DB}" (new data: "") added in Browser Helper Object!
3/6/2007 5:01:41 PM Denied value "{A6ACAE64-F798-4930-AD86-BD3FB32038DB}" (new data: "") added in Browser Helper Object!
3/6/2007 5:01:42 PM Denied value "{A6ACAE64-F798-4930-AD86-BD3FB32038DB}" (new data: "") added in Browser Helper Object!
3/6/2007 5:01:43 PM Denied value "{A6ACAE64-F798-4930-AD86-BD3FB32038DB}" (new data: "") added in Browser Helper Object!
3/6/2007 5:01:44 PM Denied value "{A6ACAE64-F798-4930-AD86-BD3FB32038DB}" (new data: "") added in Browser Helper Object!
 
theikonx:

Assuming your question is the same or similar to gehang's:

gehang said:
How to find which program causing prob?
Click to expand...
gehang said:
How can I find out which process is trying to initate the change so I can stop the service, and remove the program?
Click to expand...

If you go into the following Web page:
Then do a search for the following CLSID/GUID (Class ID/Globally Unique ID):
  • A6ACAE64-F798-4930-AD86-BD3FB32038DB
The results indicate:

OBJECT NAME: (no name)
GUID: {A6ACAE64-F798-4930-AD86-BD3FB32038DB}
STATUS: X BHO ("X" - Certified spyware/foistware, or other malware, "BHO" - Browser Helper Object)
FILENAME: isadd.dll
DESCRIPTION : Variant of the Zlob aka Puper Trojan
Click to expand...
The Puper link in the above description links to the following McAfee write-up:
 
You must log in or register to reply here.
Back
Top