Anyone know what this is?

Discussion in 'adware, spyware & hijack cleaning' started by Blackspear, May 19, 2004.

Thread Status:
Not open for further replies.
  1. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    My system is clean. I am running Script Sentry, Spybot S & D, Adaware, Abtrusion Protector, Nod32 AV, Spyware Blaster, Spyware Guard, File Checker, Active Ports, Eraser, Zone Alarm.

    This file is consistantly coming up in Spybot S & D

    Possible extension hijack: Default registry file handler (Registry change, nothing done)
    HKEY_CLASSES_ROOT\regfile\shell\open\command\!=regedit.exe "%1"


    --- Spybot - Search && Destroy version: 1.3 ---
    2004-05-12 Includes\Cookies.sbi
    2004-05-12 Includes\Dialer.sbi
    2004-05-12 Includes\Hijackers.sbi
    2004-05-12 Includes\Keyloggers.sbi
    2004-05-12 Includes\LSP.sbi
    2004-05-12 Includes\Malware.sbi
    2004-05-12 Includes\Revision.sbi
    2004-05-12 Includes\Security.sbi
    2004-05-12 Includes\Spybots.sbi
    2004-05-12 Includes\Tracks.uti
    2004-05-12 Includes\Trojans.sbi


    And this is what follows in a Ad-aware scan

    Vendor:Windows
    Category:Vulnerability
    Object Type:RegData
    Size:-
    Location:regfile\shell\open\command "" ()
    Last Activity:19-05-2004
    Risk LevelLow
    Comment: Possible virus infection, REG file extension compromised
    Description:General Windows Security Issue.Your system security may be compromised.

    And yet, a scan with Nod comes up clean...

    Cheers :D
     
    Last edited: May 19, 2004
  2. dvk01

    dvk01 Global Moderator

    Joined:
    Oct 9, 2003
    Posts:
    3,131
    Location:
    Loughton, Essex. UK
    Ignore it

    it's warning you that something is changing the commands for opening reg files

    It's certain to be either script sentry or reg prot or similar causing it
     
  3. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    I thought as much, however just wanted to check, better safe than sorry :rolleyes:

    Cheers :D
     
Thread Status:
Not open for further replies.