Recurring Ad-Aware object

Discussion in 'NZ Computing' started by Invisible, Oct 29, 2003.

  1. Invisible

    Invisible Guest

    This turd appears daily, even after clearing & quarantining it in Ad-aware.
    Virus scan is clean. Any ideas what the hell it is?


    RegData
    Data :
    Rootkey : HKEY_CLASSES_ROOT
    Object : regfile\shell\open\command
    Vendor:Windows
    Category:Malware
    Object Type:RegData
    Size:-
    Location:regfile\shell\open\command "" ()
    Last Activity:29-10-2003
    Risk LevelLow
    Comment:possible virus infection, REG file extension compromised
    Description:No Detail Information Available.
    Invisible, Oct 29, 2003
    #1
    1. Advertising

  2. Invisible

    Evil Bastard Guest

    On Wed, 29 Oct 2003 23:22:02 +1300, Invisible wrote:

    > This turd appears daily, even after clearing & quarantining it in Ad-aware.
    > Virus scan is clean. Any ideas what the hell it is?


    Whatever it is, I run Linux, and haven't seen a single piece of adware *,
    spyware, scumware, malware, jackware or any other software which in any
    way compromises my choices.

    Linux is a bit of a techno-geek esoteric pain in the ass when you first
    get into it, but it's only a matter of time before it becomes second
    nature. Kind of like growing from crawling to walking, or from a tricycle
    to a normal bike.

    Also, you soon discover that what makes Linux a little intimidating at the
    outset is the way one's mind has been moulded into the Microsoft paradigm.
    As you settle into the Linux paradigm, you will never want to use Windows
    again. And, you'll discover an entire universe of free, secure, powerfully
    flexible software.

    The best place to start with linux is to download and install Mandrake.
    It's highly windows-like, so won't be too traumatic a change. You may stay
    with Mandrake, or upgrade to Debian (a common favourite), or even Gentoo,
    LFS or one of the BSD family.

    Trust me, Invisible - a whole new wonderful world of freedom awaits you.

    Cheers
    EB

    * the only piece of 'adware' running on my linux box is Opera v7 - and
    then, it's not my main browser.
    Evil Bastard, Oct 29, 2003
    #2
    1. Advertising

  3. Invisible

    ~misfit~ Guest

    Invisible wrote:
    > This turd appears daily, even after clearing & quarantining it in
    > Ad-aware. Virus scan is clean. Any ideas what the hell it is?
    >
    >
    > RegData
    > Data :
    > Rootkey : HKEY_CLASSES_ROOT
    > Object : regfile\shell\open\command
    > Vendor:Windows
    > Category:Malware
    > Object Type:RegData
    > Size:-
    > Location:regfile\shell\open\command "" ()
    > Last Activity:29-10-2003
    > Risk LevelLow
    > Comment:possible virus infection, REG file extension compromised
    > Description:No Detail Information Available.


    No idea. Have you tried running SpyBot Search and Destroy? I find they work
    well together and each finds and removes things the other has trouble with.
    I run them both (with the latest definitions) at least weekly and (fingers
    crossed) they've kept my PC clean AFAICT.
    --
    ~misfit~
    ~misfit~, Oct 29, 2003
    #3
  4. Invisible

    Lennier Guest

    On Thu, 30 Oct 2003 00:36:39 +1300, Evil Bastard wrote:

    > Also, you soon discover that what makes Linux a little intimidating at the
    > outset is the way one's mind has been moulded into the Microsoft paradigm.
    > As you settle into the Linux paradigm, you will never want to use Windows
    > again.


    Yup - agreed.

    Lennier
    Lennier, Oct 29, 2003
    #4
  5. Invisible

    Invisible Guest

    On Thu, 30 Oct 2003 00:39:07 +1300, "~misfit~" <~misfit~@his.desk.com> wrote:

    >Invisible wrote:
    >> This turd appears daily, even after clearing & quarantining it in
    >> Ad-aware. Virus scan is clean. Any ideas what the hell it is?
    >>
    >>
    >> RegData
    >> Data :
    >> Rootkey : HKEY_CLASSES_ROOT
    >> Object : regfile\shell\open\command
    >> Vendor:Windows
    >> Category:Malware
    >> Object Type:RegData
    >> Size:-
    >> Location:regfile\shell\open\command "" ()
    >> Last Activity:29-10-2003
    >> Risk LevelLow
    >> Comment:possible virus infection, REG file extension compromised
    >> Description:No Detail Information Available.

    >
    >No idea. Have you tried running SpyBot Search and Destroy? I find they work
    >well together and each finds and removes things the other has trouble with.
    >I run them both (with the latest definitions) at least weekly and (fingers
    >crossed) they've kept my PC clean AFAICT.


    Spybot doesn't pick it up. It's weird that it keeps coming back.
    Invisible, Oct 29, 2003
    #5
  6. Invisible

    ~misfit~ Guest

    Invisible wrote:
    > On Thu, 30 Oct 2003 00:39:07 +1300, "~misfit~"
    > <~misfit~@his.desk.com> wrote:
    >
    >> Invisible wrote:
    >>> This turd appears daily, even after clearing & quarantining it in
    >>> Ad-aware. Virus scan is clean. Any ideas what the hell it is?
    >>>
    >>>
    >>> RegData
    >>> Data :
    >>> Rootkey : HKEY_CLASSES_ROOT
    >>> Object : regfile\shell\open\command
    >>> Vendor:Windows
    >>> Category:Malware
    >>> Object Type:RegData
    >>> Size:-
    >>> Location:regfile\shell\open\command "" ()
    >>> Last Activity:29-10-2003
    >>> Risk LevelLow
    >>> Comment:possible virus infection, REG file extension compromised
    >>> Description:No Detail Information Available.

    >>
    >> No idea. Have you tried running SpyBot Search and Destroy? I find
    >> they work well together and each finds and removes things the other
    >> has trouble with. I run them both (with the latest definitions) at
    >> least weekly and (fingers crossed) they've kept my PC clean AFAICT.

    >
    > Spybot doesn't pick it up. It's weird that it keeps coming back.


    Bugger.
    --
    ~misfit~
    ~misfit~, Oct 29, 2003
    #6
  7. Invisible

    Warwick Guest

    On Thu, 30 Oct 2003 00:36:39 +1300, Evil Bastard
    <postmaster@127.0.0.1> wrote:

    >On Wed, 29 Oct 2003 23:22:02 +1300, Invisible wrote:
    >
    >> This turd appears daily, even after clearing & quarantining it in Ad-aware.
    >> Virus scan is clean. Any ideas what the hell it is?

    >
    >Whatever it is, I run Linux, and haven't seen a single piece of adware *,
    >spyware, scumware, malware, jackware or any other software which in any
    >way compromises my choices.
    >
    >Linux is a bit of a techno-geek esoteric pain in the ass when you first
    >get into it, but it's only a matter of time before it becomes second
    >nature. Kind of like growing from crawling to walking, or from a tricycle
    >to a normal bike.
    >
    >Also, you soon discover that what makes Linux a little intimidating at the
    >outset is the way one's mind has been moulded into the Microsoft paradigm.
    >As you settle into the Linux paradigm, you will never want to use Windows
    >again. And, you'll discover an entire universe of free, secure, powerfully
    >flexible software.
    >
    >The best place to start with linux is to download and install Mandrake.
    >It's highly windows-like, so won't be too traumatic a change. You may stay
    >with Mandrake, or upgrade to Debian (a common favourite), or even Gentoo,
    >LFS or one of the BSD family.
    >
    >Trust me, Invisible - a whole new wonderful world of freedom awaits you.
    >
    >Cheers
    >EB
    >
    >* the only piece of 'adware' running on my linux box is Opera v7 - and
    >then, it's not my main browser.



    I am pleased you have managed to convert so completely - however I
    don't believe everyone can do it.

    Ive been using linux and windows for several years.

    I still need my windows box to play games on, use snowie and C Builder
    cheers


    but to get on topic - Ive never had a recurring problem in adaware
    like that.
    Sounds as if one of the applications on the machine is altering the
    registry subtly everytime it runs, and that application is running at
    least once a day. Perhaps you can isolate the guilty app.

    I would add tho that recently I ran adaware and noticed that it
    requires an dat file in the same way AV does. I updated mine, re ran
    adaware and found 25 new objects.

    So adaware is now updated as frequently as the AV, something I had not
    been doing beforehand.

    Best
    Warwick.
    Warwick, Oct 29, 2003
    #7
  8. Invisible

    ~misfit~ Guest

    Warwick wrote:
    > On Thu, 30 Oct 2003 00:36:39 +1300, Evil Bastard
    > <postmaster@127.0.0.1> wrote:
    >
    >> On Wed, 29 Oct 2003 23:22:02 +1300, Invisible wrote:
    >>
    >>> This turd appears daily, even after clearing & quarantining it in
    >>> Ad-aware. Virus scan is clean. Any ideas what the hell it is?

    >>
    >> Whatever it is, I run Linux, and haven't seen a single piece of
    >> adware *, spyware, scumware, malware, jackware or any other software
    >> which in any way compromises my choices.
    >>
    >> Linux is a bit of a techno-geek esoteric pain in the ass when you
    >> first get into it, but it's only a matter of time before it becomes
    >> second nature. Kind of like growing from crawling to walking, or
    >> from a tricycle to a normal bike.
    >>
    >> Also, you soon discover that what makes Linux a little intimidating
    >> at the outset is the way one's mind has been moulded into the
    >> Microsoft paradigm. As you settle into the Linux paradigm, you will
    >> never want to use Windows again. And, you'll discover an entire
    >> universe of free, secure, powerfully flexible software.
    >>
    >> The best place to start with linux is to download and install
    >> Mandrake. It's highly windows-like, so won't be too traumatic a
    >> change. You may stay with Mandrake, or upgrade to Debian (a common
    >> favourite), or even Gentoo, LFS or one of the BSD family.
    >>
    >> Trust me, Invisible - a whole new wonderful world of freedom awaits
    >> you.
    >>
    >> Cheers
    >> EB
    >>
    >> * the only piece of 'adware' running on my linux box is Opera v7 -
    >> and then, it's not my main browser.

    >
    >
    > I am pleased you have managed to convert so completely - however I
    > don't believe everyone can do it.
    >
    > Ive been using linux and windows for several years.
    >
    > I still need my windows box to play games on, use snowie and C Builder
    > cheers
    >
    >
    > but to get on topic - Ive never had a recurring problem in adaware
    > like that.
    > Sounds as if one of the applications on the machine is altering the
    > registry subtly everytime it runs, and that application is running at
    > least once a day. Perhaps you can isolate the guilty app.
    >
    > I would add tho that recently I ran adaware and noticed that it
    > requires an dat file in the same way AV does. I updated mine, re ran
    > adaware and found 25 new objects.
    >
    > So adaware is now updated as frequently as the AV, something I had not
    > been doing beforehand.


    There was a whole new kernal for AdAware released (1.81?) a week or so ago.
    I always hit the 'check for updates' or whatever it's labeled before doing a
    scan and a lot of the time there is a new definitions file available. They
    aren't big downloads either, usually less than a minute on 56K. Same with
    SpyBot.
    --
    ~misfit~
    ~misfit~, Oct 29, 2003
    #8
  9. Invisible

    T-Boy Guest

    In article <>, walk@all-
    over.me says...
    > This turd appears daily, even after clearing & quarantining it in Ad-aware.
    > Virus scan is clean. Any ideas what the hell it is?
    >
    >
    > RegData
    > Data :
    > Rootkey : HKEY_CLASSES_ROOT
    > Object : regfile\shell\open\command
    > Vendor:Windows
    > Category:Malware
    > Object Type:RegData
    > Size:-
    > Location:regfile\shell\open\command "" ()
    > Last Activity:29-10-2003
    > Risk LevelLow
    > Comment:possible virus infection, REG file extension compromised
    > Description:No Detail Information Available.


    The correct value for this key (string) should be:
    regedit.exe "%1"

    not
    "" ()

    Maybe change it - and rescan - see what you get then.

    --
    Duncan
    T-Boy, Oct 30, 2003
    #9
  10. Invisible

    steve Guest

    Evil Bastard allegedly said:

    > Also, you soon discover that what makes Linux a little intimidating at the
    > outset is the way one's mind has been moulded into the Microsoft paradigm.
    > As you settle into the Linux paradigm, you will never want to use Windows
    > again. And, you'll discover an entire universe of free, secure, powerfully
    > flexible software.


    This is the sort of thing you and I and many others know......but to folks
    who don't know it, it's almost like trying to explain colour to the blind.
    They hear the worlds but just.....don't......get.......it.

    It's one of those things you have to experience to really 'know'.

    --
    defenestrate: The act of throwing Windows out the window and replacing it on
    your PC with some other operating system.
    steve, Oct 30, 2003
    #10
  11. Invisible

    T.N.O. Guest

    steve wrote:
    > It's one of those things you have to experience to really 'know'.


    not only that, but you have to experience it for a while before you
    appreciate it for what it is.
    T.N.O., Oct 31, 2003
    #11
  12. Invisible

    Patrick Bold Guest

    "Invisible" <> wrote in message
    news:...
    > This turd appears daily, even after clearing & quarantining it in

    Ad-aware.
    > Virus scan is clean. Any ideas what the hell it is?
    >
    >
    > RegData
    > Data :
    > Rootkey : HKEY_CLASSES_ROOT
    > Object : regfile\shell\open\command
    > Vendor:Windows
    > Category:Malware
    > Object Type:RegData
    > Size:-
    > Location:regfile\shell\open\command "" ()
    > Last Activity:29-10-2003
    > Risk LevelLow
    > Comment:possible virus infection, REG file extension compromised
    > Description:No Detail Information Available.
    >
    >


    I suspect Ad-Aware may simply be throwing up a flag because the value
    there now (nothing) is wrong. So try this: Save the the text below to a
    file as Fix.reg. Then run it. It will restore the value that's supposed
    to be in this key. Then see if it gets overwritten again. That way
    you'll know for sure if you have a real problem.

    -----------------------------------------------------------------------
    Windows Registry Editor Version 5.00

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\regfile\shell\open\command]
    @="regedit.exe \"%1\""
    Patrick Bold, Oct 31, 2003
    #12
  13. Invisible

    Gavin Tunney Guest

    On Fri, 31 Oct 2003 12:48:34 +1300, steve <> wrote:

    >Evil Bastard allegedly said:
    >
    >> Also, you soon discover that what makes Linux a little intimidating at the
    >> outset is the way one's mind has been moulded into the Microsoft paradigm.
    >> As you settle into the Linux paradigm, you will never want to use Windows
    >> again. And, you'll discover an entire universe of free, secure, powerfully
    >> flexible software.

    >
    >This is the sort of thing you and I and many others know......but to folks
    >who don't know it, it's almost like trying to explain colour to the blind.
    >They hear the worlds but just.....don't......get.......it.
    >
    >It's one of those things you have to experience to really 'know'.


    Oh joy, oh wondrous things, oh gosh, they've seen the light....
    hallelujah!

    they'll start singing next.......

    ...barf

    Gavin
    Gavin Tunney, Oct 31, 2003
    #13
  14. Invisible

    Mainlander Guest

    In article <>, says...
    > On Fri, 31 Oct 2003 12:48:34 +1300, steve <> wrote:
    >
    > >Evil Bastard allegedly said:
    > >
    > >> Also, you soon discover that what makes Linux a little intimidating at the
    > >> outset is the way one's mind has been moulded into the Microsoft paradigm.
    > >> As you settle into the Linux paradigm, you will never want to use Windows
    > >> again. And, you'll discover an entire universe of free, secure, powerfully
    > >> flexible software.

    > >
    > >This is the sort of thing you and I and many others know......but to folks
    > >who don't know it, it's almost like trying to explain colour to the blind.
    > >They hear the worlds but just.....don't......get.......it.
    > >
    > >It's one of those things you have to experience to really 'know'.

    >
    > Oh joy, oh wondrous things, oh gosh, they've seen the light....
    > hallelujah!
    >
    > they'll start singing next.......


    No they just get really too big for their boots and start banning email
    from hotmail just because some of hotmail's clients use it to send spam
    Mainlander, Nov 3, 2003
    #14
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Kevin Speed

    dial up connection box recurring

    Kevin Speed, Sep 13, 2003, in forum: Computer Support
    Replies:
    7
    Views:
    466
    John Doe
    Sep 16, 2003
  2. AK

    Recurring spyware

    AK, Oct 27, 2003, in forum: Computer Support
    Replies:
    6
    Views:
    811
    ┬░Mike┬░
    Oct 28, 2003
  3. Just Curious

    Recurring Problem

    Just Curious, Dec 12, 2003, in forum: Computer Support
    Replies:
    4
    Views:
    438
    Just Curious
    Dec 13, 2003
  4. john tracy

    Recurring dll problems with windows me

    john tracy, Aug 22, 2004, in forum: Computer Support
    Replies:
    4
    Views:
    1,244
  5. SP

    Recurring problem with Kodak DX3600

    SP, Jul 31, 2004, in forum: Digital Photography
    Replies:
    2
    Views:
    961
    Ron Baird
    Aug 2, 2004
Loading...

Share This Page