Hi all, I'm trying exlude a registry activity without success.
+ DeleteValueKey C:\\Program Files\\Internet Explorer\\iexplore\.exe HKCU\\Software\\Macromedia\\FlashPlayer\\FlashPlayerVersion But still this registry is marking the site as malicious: "registry","1/12/2009 11:37:54.189","C:\Program Files\Internet Explorer\iexplore.exe","DeleteValueKey","HKCU\Software\Macromedia\FlashPlayer\FlashPlayerVersion","-1" I've verified there is a tab between each column, and I have tried either sending the file from server and from the vmware machine. any advice? Thanks Emilio
_______________________________________________ Capture-HPC mailing list Capture-HPC@public.honeynet.org https://public.honeynet.org/mailman/listinfo/capture-hpc
