It would be extremely helpful in removing malware if TeaTimer would simply show the name of the executable or dll (started with rundll) that tried to change the registry.
teatimer should show offending process
It would be extremely helpful in removing malware if TeaTimer would simply show the name of the executable or dll (started with rundll) that tried to change the registry.
inhahe:
TeaTimer does not capture information about what process made the registry change because TeaTimer actually detects that a registry change has occurred after the fact by comparing the current content of the registry with snapshot files of the registry taken earlier.
Getting an answer is one thing, learning is another.
Microsoft Windows XP Home Edition running on a 2.40GHz IntelŪ PentiumŪ 4 Processor with 512 MB of RAM and a 533 MHz System Bus.
Reply With Quote
