Re: SPYBOT RESULT-PLEASE COMMENT
From: LuckyStrike (LS_at_smokedamagedfurniture.youcandriveitawaytoday.com)
Date: 07/08/04
- Next message: nico: "WML/XHTML and USER AGENT String"
- Previous message: Jan Il: "Re: Favorites problem"
- In reply to: bettyboop: "SPYBOT RESULT-PLEASE COMMENT"
- Next in thread: LuckyStrike: "Re: SPYBOT RESULT-PLEASE COMMENT"
- Messages sorted by: [ date ] [ thread ]
Date: Thu, 8 Jul 2004 01:38:26 -0600
Bettyboop -
Google shows this which makes the Spybot Search and Destroy scan seem quite
possibly accurate in having detected something.
cmdfile\shell\open\command\!="%1"%*
http://snipurl.com/7lmj
Further investigations show these:
http://www.sophos.com/virusinfo/analyses/w32appixe.html
http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=PE_APPIX.B&VSect=T
http://vil.nai.com/vil/content/v_99785.htm
http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=Pe_Appix.B
I would suggest the following: If Spybot shows this as an item displayed in
RED, it is doubtless a parasite of some sort. You can verify it by doing a
few online scans for Virus and Trojans first (some on-line virus scanners
can detect some Trojans as well.).
I would do that before removing the item via Spybot Search and Destroy. Also
FYI: although you have many good programs to detect such parasites, you
should realize that some things are scanner specific. In other words, not
all apps can detect all things. Lastly, you made no mention of any Antivirus
applications that you may have. Do you use an AV program? I hope you do.
OK, here are some on-line AV and Trojan scanners:
> Quick and basic scans (hardly definitive, but a start)
> Doxdesk parasite scan
> http://doxdesk.com/parasite/
> Jim Eshelmans WSC on-line quick scan
> http://www.aumha.org/a/noads.htm
> More In-Depth on-line scanners for parasites and Trojans:
> GFI free on-line Trojan scanner
> http://www.windowsecurity.com/trojanscan/
> Sygate Technologies Trojanscan
> http://scan.sygatetech.com/pretrojanscan.html
> PestPatrol on-line scan
> http://www.pestscan.com/home.asp
> SpywareChecker on-line scan
> http://www.spywareguide.com/txt_onlinescan.html
> On-Line Virus scanners:
>
> RAV Antivirus Online Virus Scan
> http://www.ravantivirus.com/scan/
> Command on Demand
> http://www.authentium.com/solutions/cod/index.cfm
> Freedom on-line virus check
> http://www.freedom.net/viruscenter/onlineviruscheck.html
> TrendMicro Housecall (also detects some Trojans)
> http://housecall.trendmicro.com/
> BitDefender Scan Online
> http://www.bitdefender.com/scan/licence.php
>
> Kapersky Online Virus Scanner
> http://www.kaspersky.com/remoteviruschk.html
> The above scanner works differently from most; it is a server based
> scanner, and will only scan individual files, or directories which are
> limited to 1 MB in total size. It will not do a full system scan.
>
> Hauri LiveCall Online virus scanning
> http://www.globalhauri.com/html/products/livecall.html
> The above is also server based if I remember correctly
>
> Panda on-line virus scan
> http://www.pandasoftware.com/activescan/activescan.asp
> I've only used this one once or twice, and don't particularly care for it.
>
> McAfee FreeScan
> http://us.mcafee.com/root/mfs/default.asp
> Don't remember if I ever used this one. Not a big McAfee fan.
>
> I've had trouble running Symantec's scanner though:
>
> Symantec Security Check (page offers security and/or virus scan)
> http://snipurl.com/7gz1
>
>
> HTH -
> --
>
> LuckyStrike
> LS@smokedamagedfurniture.youcandriveitawaytoday.com
>
> How to make a good newsgroup post:
> http://www.dts-l.org/goodpost.htm
> http://home.satx.rr.com/badour/html/post.html
> --------------------------------------------------------------------
"bettyboop" <bettyboop@discussions.microsoft.com> wrote in message
news:1E5B2FD9-A78F-473C-B7BE-910A37279BFB@microsoft.com...
> Hi All,
> I have found this results listed on my Spybot result page. I looked in my
Hijack This log, I didn't see anything to resembling this. My other scans,
Adware6, Pestpatrol, Spyweeper,ect,..produce a clean sweep.
> The Spybot results read:
> POSSIBLE EXTENSION HIJACK
> Default command file handler
> HKEY_CLASSESS_ROOT\cmdfile\shell\open\command\!="%1"%*
> (Please note that the*at the end of the % substitutes for an x)
>
> Please comment.
>
> Also, in the Internet Options box, in the Advance tab, I have the BROWSING
> "enable third-party brower extension (requires restart") unchecked., would
that have something to do with this entry?
>
>
> --
> bettyboop
- Next message: nico: "WML/XHTML and USER AGENT String"
- Previous message: Jan Il: "Re: Favorites problem"
- In reply to: bettyboop: "SPYBOT RESULT-PLEASE COMMENT"
- Next in thread: LuckyStrike: "Re: SPYBOT RESULT-PLEASE COMMENT"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
