OneofTen

Member
  • Content Count

    8
  • Joined

  • Last visited

Community Reputation

1 Neutral

About OneofTen

  • Rank
    New Member
  1. hi, this is the full kernel dump 021616-12171-01.dmp
  2. Okay will do asap and make the upload. thank you so far
  3. that would be really great. this makes it almost impossible to use this software.
  4. Hi, on one of my windows 10 machines i get the BSOD while scanning all drives. dmp files are attached. Would be nice if i can get help on this. many thanks 020916-11234-01.dmp 020916-11687-01.dmp
  5. Is there a way to change this behaviour ? the debug log gets spamed with a2hooks and id like to white list out complete folder structure ... we did that but still the a2hooks is flooding our logs.
  6. we have issues with the Behaviour Blocker on our dev pc's. we are using incredibuild and visual studio 2013. When the compiling is started we get a lot of BB warnings and it will cause the building to fail. Emsisoft Anti-Malware - Version 11.0 BB log Date PID Application Event Detection 05.02.2016 13:19:22 10136 C:\Windows\reg Blocked once by user Behavior.CodeInjector 05.02.2016 13:19:14 8536 C:\Windows\reg Blocked once by user Behavior.CodeInjector 05.02.2016 13:19:12 12668 C:\Windows\reg Blocked once by user Behavior.CodeInjector 05.02.2016 13:17:49 0 C:\Windows\reg App rule deleted 05.02.2016 13:17:34 0 C:\Windows\reg App rule modified 05.02.2016 13:17:23 0 C:\Windows\reg App rule added 05.02.2016 13:17:23 1004 C:\Windows\reg Allowed always by user Behavior.CodeInjector 05.02.2016 13:16:50 0 C:\Windows\reg App rule deleted 05.02.2016 13:16:50 0 C:\Windows\reg App rule added 05.02.2016 13:16:50 7848 C:\Windows\reg Allowed always by user Behavior.CodeInjector 05.02.2016 13:15:32 0 C:\Program Files (x86)\Xoreax\IncrediBuild\Temp\ib_5B7BF.bat App rule deleted 05.02.2016 13:14:53 12564 C:\Windows\reg Allowed once by user Behavior.CodeInjector 05.02.2016 13:14:03 0 C:\Windows\reg App rule deleted 05.02.2016 13:14:02 0 C:\Windows\reg App rule added 05.02.2016 13:14:02 8416 C:\Windows\reg Allowed always by user Behavior.CodeInjector 05.02.2016 13:14:01 0 C:\Windows\reg App rule deleted 05.02.2016 13:14:01 11340 C:\Windows\reg Allowed always by user Behavior.CodeInjector 05.02.2016 13:14:01 0 C:\Windows\reg App rule added 05.02.2016 13:13:44 0 C:\Windows\reg App rule deleted 05.02.2016 13:13:44 11936 C:\Windows\reg Allowed always by user Behavior.CodeInjector 05.02.2016 13:13:44 0 C:\Windows\reg App rule added 05.02.2016 13:12:14 0 C:\Windows\reg App rule deleted 05.02.2016 13:12:14 0 C:\Windows\reg App rule added 05.02.2016 13:12:14 4260 C:\Windows\reg Allowed always by user Behavior.CodeInjector 05.02.2016 13:11:33 6752 C:\Program Files (x86)\Xoreax\IncrediBuild\Temp\ib_5B7BF.bat Allowed always by user Behavior.CodeInjector 05.02.2016 13:11:33 0 C:\Program Files (x86)\Xoreax\IncrediBuild\Temp\ib_5B7BF.bat App rule added 05.02.2016 13:08:17 0 C:\Program Files (x86)\Xoreax\IncrediBuild\Temp\ib_261FF.bat App rule deleted 05.02.2016 13:08:16 0 C:\Program Files (x86)\Xoreax\IncrediBuild\Temp\ib_BF200.bat App rule deleted 05.02.2016 13:08:16 0 C:\Program Files (x86)\Xoreax\IncrediBuild\Temp\ibcmd{05063DA0-6C9D-45AF-A8AA-5F129F1A6712}.bat App rule deleted 05.02.2016 13:08:16 0 C:\Program Files (x86)\Xoreax\IncrediBuild\Temp\ibcmd{56227610-B173-4074-83BF-F7E2DFDB5942}.bat App rule deleted 05.02.2016 13:08:16 0 C:\Windows\reg App rule deleted 05.02.2016 12:55:42 0 C:\Windows\reg App rule modified 05.02.2016 12:55:39 0 C:\Windows\reg App rule added 05.02.2016 12:55:39 12544 C:\Windows\reg Allowed always by user Behavior.CodeInjector 05.02.2016 12:55:21 0 C:\Program Files (x86)\Xoreax\IncrediBuild\Temp\ibcmd{05063DA0-6C9D-45AF-A8AA-5F129F1A6712}.bat App rule added 05.02.2016 12:55:21 6124 C:\Program Files (x86)\Xoreax\IncrediBuild\Temp\ibcmd{05063DA0-6C9D-45AF-A8AA-5F129F1A6712}.bat Allowed always by user Behavior.CodeInjector 05.02.2016 12:54:53 0 C:\Program Files (x86)\Xoreax\IncrediBuild\Temp\ib_BF200.bat App rule added 05.02.2016 12:54:53 7008 C:\Program Files (x86)\Xoreax\IncrediBuild\Temp\ib_BF200.bat Allowed always by user Behavior.CodeInjector 05.02.2016 11:00:59 0 C:\Windows\reg App rule deleted 05.02.2016 13:19:10 2040 C:\Windows\reg Blocked once by user Behavior.CodeInjector is there a way other then just turning the BB off ? the c:\Windows\reg is not a real Applikation :-/ so no whitelisting possible Many thanks