Anumator 0 Posted October 20, 2013 Share Posted October 20, 2013 Was wondering if this was normal behavior for svchost.exe: 10/19/2013 11:48:36 PM C:\Windows\System32\svchost.exe Modify registry HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_EPFWWFP blocked Self-Defense: Registry with full protection 10/19/2013 11:48:36 PM C:\Windows\System32\svchost.exe Modify registry HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_EPFWWFP blocked Self-Defense: Registry with full protection 10/19/2013 11:48:36 PM C:\Windows\System32\svchost.exe Delete from registry HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_EPFWWFP blocked Self-Defense: Registry with full protection 10/19/2013 11:48:36 PM C:\Windows\System32\svchost.exe Modify registry HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_EPFWWFP\0000 blocked Self-Defense: Registry with full protection 10/19/2013 11:48:36 PM C:\Windows\System32\svchost.exe Modify registry HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_EPFWWFP\0000 blocked Self-Defense: Registry with full protection 10/19/2013 11:48:36 PM C:\Windows\System32\svchost.exe Modify registry HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_EPFWWFP\0000\Control blocked Self-Defense: Registry with full protection 10/19/2013 11:48:36 PM C:\Windows\System32\svchost.exe Modify registry HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_EPFWWFP\0000\Control blocked Self-Defense: Registry with full protection 10/19/2013 11:48:36 PM C:\Windows\System32\svchost.exe Modify registry HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_EPFW blocked Self-Defense: Registry with full protection 10/19/2013 11:48:36 PM C:\Windows\System32\svchost.exe Modify registry HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_EPFW blocked Self-Defense: Registry with full protection 10/19/2013 11:48:36 PM C:\Windows\System32\svchost.exe Delete from registry HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_EPFW blocked Self-Defense: Registry with full protection 10/19/2013 11:48:36 PM C:\Windows\System32\svchost.exe Modify registry HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_EPFW\0000 blocked Self-Defense: Registry with full protection 10/19/2013 11:48:36 PM C:\Windows\System32\svchost.exe Modify registry HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_EPFW\0000 blocked Self-Defense: Registry with full protection 10/19/2013 11:48:36 PM C:\Windows\System32\svchost.exe Modify registry HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_EPFW\0000\Control blocked Self-Defense: Registry with full protection 10/19/2013 11:48:36 PM C:\Windows\System32\svchost.exe Modify registry HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_EPFW\0000\Control blocked Self-Defense: Registry with full protection Link to comment Share on other sites More sharing options...
TGW 15 Posted October 20, 2013 Share Posted October 20, 2013 Yes, it's alright, I see nothing unusual. Link to comment Share on other sites More sharing options...
Arakasi 549 Posted October 20, 2013 Share Posted October 20, 2013 Epfwwfp belongs to ESET. So it appears svchost is trying to change something with ESET and self defense or HIPS is rejecting. Its most likely a minor settings change to the software, but nothing malicious is at work here. Link to comment Share on other sites More sharing options...
Recommended Posts