Please start regedit.exe and navigate to the following key:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon
Can you post a screenshot of the key’s shown there.
[attachment deleted by admin]
I tried to disable this autorun but access is denied. It does appear that I could delete this autorun but I am not sure if I should do it.
[attachment deleted by admin]
Does that only happen with this entry? Please try unticking another autorun entry to see if the same thing happens or not. Please don’t forget to revert the change you just made for testing.
Are you running with a Limited User Account on Windows?
Can you post the full details for ‘UserInit’ in that regedit screen, the thing in \program files… is causing this alert.
Only the first part should be there on a ‘default’ install. (C:\Windows\system32\userinit.exe) something is starting up automatically on UserInit stage of the winlogon.
Here it is.
[attachment deleted by admin]
I am running under an admin account
[attachment deleted by admin]
I can confirm that Soluto is causing this alert, because it changed the UserInit value in registry.
If I add this to my system and start a smartscan it only takes a few seconds before it’s flagged purely based on the registry key, I don’t have the soluto exe on disk.
Changing this key causes it, so you can safely ignore this alert in this case.
Thank you Ronny.