ScripTrap and Adaware

Discussion in 'other security issues & news' started by optigrab, Jul 14, 2004.

Thread Status:
Not open for further replies.
  1. optigrab

    optigrab Registered Member

    Nov 6, 2002
    Brooklyn/NYC USA
    Adaware identifies a problem with the registry ever since I installed ScripTrap (yesterday).

    I've been digging to the bottom of this little puzzle today, but I think I have resolved it. I'm posting the story here in case someone is kind enough to check my reasoning, and hopefully to help out the next person that wonders about this.

    The finding reads something like this:
    > Category:Vulnerability
    > Object Type:RegData
    > Location:regfile\shell\open\command "" ()
    > Risk LevelLow
    > Comment: Possible virus infection, REG file extension compromised
    > Description:No Detail Information Available.

    Searching the web I found one measely reference, but it seems be be "right on point" - addressing my exact problem. To quote the poster, Bassbag (happens also to be a regular over at the Outpost forums):
    And from the "freaky coincindences" file, here's here's a Wilders' post I just found from a member having the same issue with Spybot S&D and Script Sentry. In both cases, the best soltution is to use the exclusion (workaround).

    Last edited: Jul 14, 2004
  2. hyhohy557

    hyhohy557 Guest

    Had the same problem with ScriptTrap
    Antivir also had a problem with it
    Solve the problem when i used AnalogX ScriptDefender instead, and it's more configurable, could block all the script extensions I want.
  3. iceni60

    iceni60 ( ^o^)

    Jun 29, 2004
    i use script defender,and aaw and spybot both find these Possible extension hijacks,which i have to put in exclude

    Possible extension hijack: Default batch file handler (Registry change, nothing done)
    HKEY_CLASSES_ROOT\batfile\shell\open\command\!="%1" %*

    Possible extension hijack: Default command file handler (Registry change, nothing done)
    HKEY_CLASSES_ROOT\cmdfile\shell\open\command\!="%1" %*

    Possible extension hijack: Default old executable handler (Registry change, nothing done)
    HKEY_CLASSES_ROOT\comfile\shell\open\command\!="%1" %*
  4. Ronin

    Ronin Guest

    Not really a new thing.

    This has being around for about a year already really. It's much like the more recent blank page warning on IE. It['s only a "possible" problem.
Thread Status:
Not open for further replies.