ScripTrap and Adaware

Discussion in 'other security issues & news' started by optigrab, Jul 14, 2004.

Thread Status:
Not open for further replies.
  1. optigrab

    optigrab Registered Member

    Joined:
    Nov 6, 2002
    Posts:
    624
    Location:
    Brooklyn/NYC USA
    Adaware identifies a problem with the registry ever since I installed ScripTrap (yesterday).

    I've been digging to the bottom of this little puzzle today, but I think I have resolved it. I'm posting the story here in case someone is kind enough to check my reasoning, and hopefully to help out the next person that wonders about this.

    The finding reads something like this:
    > Category:Vulnerability
    > Object Type:RegData
    > Location:regfile\shell\open\command "" ()
    > Risk LevelLow
    > Comment: Possible virus infection, REG file extension compromised
    > Description:No Detail Information Available.

    Searching the web I found one measely reference, but it seems be be "right on point" - addressing my exact problem. To quote the poster, Bassbag (happens also to be a regular over at the Outpost forums):
    And from the "freaky coincindences" file, here's here's a Wilders' post I just found from a member having the same issue with Spybot S&D and Script Sentry. In both cases, the best soltution is to use the exclusion (workaround).

    Regards,
    Optigrab
     
    Last edited: Jul 14, 2004
  2. hyhohy557

    hyhohy557 Guest

    Had the same problem with ScriptTrap
    Antivir also had a problem with it
    Solve the problem when i used AnalogX ScriptDefender instead, and it's more configurable, could block all the script extensions I want.
     
  3. iceni60

    iceni60 ( ^o^)

    Joined:
    Jun 29, 2004
    Posts:
    5,116
    i use script defender,and aaw and spybot both find these Possible extension hijacks,which i have to put in exclude

    Possible extension hijack: Default batch file handler (Registry change, nothing done)
    HKEY_CLASSES_ROOT\batfile\shell\open\command\!="%1" %*

    Possible extension hijack: Default command file handler (Registry change, nothing done)
    HKEY_CLASSES_ROOT\cmdfile\shell\open\command\!="%1" %*

    Possible extension hijack: Default old executable handler (Registry change, nothing done)
    HKEY_CLASSES_ROOT\comfile\shell\open\command\!="%1" %*
     
  4. Ronin

    Ronin Guest

    Not really a new thing.

    This has being around for about a year already really. It's much like the more recent blank page warning on IE. It['s only a "possible" problem.
     
Thread Status:
Not open for further replies.