New
#1
Event log warnings concerning Diskeeper 2010
Hello,
I've been searching for an answer on Google and throughout many forums but I couldn't seem to find one so I figured I'd just ask here as this seems to be a good source of knowledge. I noticed numerous warnings in my event log concerning Diskeeper 2010 (I'm using Build:14.0.896.0) that state:
Category : 0
CategoryString :
EventCode : 1530
EventIdentifier : 1530
EventType : 2
Logfile : Application
Message : Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 20 user registry handles leaked from \Registry\User\S-1-5-21-3913409669-960638304-123155719-1001:
Process 3416 (\Device\HarddiskVolume1\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe) has opened key \REGISTRY\USER\S-1-5-21-3913409669-960638304-123155719-1001
It goes on to list all the other keys Diskeeper has opened as well. On a whim, I wrote to Diskeeper tech support and asked them to explain and their reply was:
"Thank you for contacting us in regards to your Diskeeper software.
The registry activity noted in your email is not typical of Diskeeper software. This activity is quite suspicious and resembles the work of third-party malware which could be causing the DKService to unnecessarily access and hold on to registry keys.
The only advice we would be able to offer is to run a full system scan using a scanner that is not compromised on your system in order to determine the cause of the Event Log Warnings regarding the DKService and the registry keys listed."
Thank you,
Jun Dockins
Technical Support Rep.
Diskeeper Corporation
Now, I feel certain that I don't have malware on my system. I'm running Kaspersky 2010 and use Malwarebyte's Anti-Malware as a backup. I scan regularly and also keep tabs on all active outbound connections. I've scanned and scanned and they're always clean. I've tried multiple rootkit scanners, online scanners and just about everything else you could try. I just can't find anything wrong. I also get a warning concerning Wininit that states "Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications." Has anyone else seen this or does anyone have any ideas on what may be happening?