services.exe re sisport

can someone tell me how to answer the following alert re allow/deny?

Services.exe in windows/system32..
wants to set/change the following key:

HKLM\system\controlset001\services\sisport

Not knowing what it does, I deny it but it usually comes back after every reboot. While it seems denying does not to affect anything I do, I would be interested to know whether it is relevant.

 

Beethoven, have you tried tracking down what the registry entry sisport is related/tied to? The reason I ask is when I looked for that location in my XP home SP2 registry there is no such entry. This makes me think it is tied to some device on your system, that may be trying to update the registry info. What is the full alert as listed in the RD log?

 

disciple - I just rebooted the pc and the alert came up again. It is about deleting a key. It is shown as "a friendly alert" - however as in my other post https://www.wilderssecurity.com/showthread.php?t=114589 the actual log does not show anything.

I did an initial google on this but it did not help me, perhaps some more technical would have more understanding

 

Hi beethoven,

Using regedit, try taking look at the ImagePath value under that key. If that value points to sisport.sys, then it is a USB-related driver. I would grant "Allow" permission to whatever RD spots for this key. You may not have a problem now when you block the change, but you may in the future.

Nick

 

thanks Nick,

the path is as you expected. Took me a while to find it and to figure out that HKLM and HKey_Local_Machine is the same but I finally found it.
Thanks you for your help