Jump to content

Registry Data Items infected


Recommended Posts

Registry Data Items Infected:

HKEY_CLASSES_ROOT\scrfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: (NOTEPAD.EXE %1) Good: ("%1" /S) -> No action taken.

HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: (NOTEPAD.EXE %1) Good: (regedit.exe "%1") -> No action taken.

I did a security check that was suggested to someone else early, however there was no dialog or follow up regarding the problem. Is this a significant problem for the computer. It is sluggish and some items will not work, especially the automatic updates.

Results of screen317's Security Check version 0.99.18

Windows Vista Service Pack 2 (UAC is enabled)

Internet Explorer 8

``````````````````````````````

Antivirus/Firewall Check:

Windows Firewall Enabled!

avast! Internet Security

iolo technologies' System Mechanic

Microsoft Security Essentials

WMI entry may not exist for antivirus; attempting automatic update.

```````````````````````````````

Anti-malware/Other Utilities Check:

Malwarebytes' Anti-Malware

Java SE Runtime Environment 6

Flash Player Out of Date!

Adobe Flash Player 9.0.124.0

````````````````````````````````

Process Check:

objlist.exe by Laurent

Windows Defender MSMpEng.exe

Malwarebytes' Anti-Malware mbam.exe

Microsoft Security Essentials msseces.exe

Internet Explorer AvastSvc.exe -?-

Internet Explorer ioloServiceManager.exe -?-

``````````End of Log````````````

Link to post
Share on other sites

Hi, MarloweV07:

Please have a look here at the FAQ - Section #18 for an explanation.

ISSUE: I keep getting the following detections, even after allowing Malwarebytes' Anti-Malware to fix them:

HKEY_CLASSES_ROOT\scrfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: (NOTEPAD.EXE %1) Good: ("%1" /S)

HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: (NOTEPAD.EXE %1) Good: (regedit.exe "%1")

SOLUTION: Most often when these two items return repeatedly it is due to the presence of an IOLO product such as System Mechanic. System Mechanic and other IOLO security products alter these settings from their Windows defaults. If you do have an IOLO product installed, it is best to simply change the security setting in your IOLO product so that it does not change the settings for .reg files and .scr files or that you simply have Malwarebytes' Anti-Malware ignore these particular detections. These entries are not actual infections, just system settings changes that are not set to their defaults, which is something that some infections will do to prevent .reg files and .scr files from executing, which is why Malwarebytes' Anti-Malware detects these items, since it has no way of knowing if the change was made by the user, an infection, or a legitimate software such as IOLO.

Please let us know if this resolves your issue.

Thanks!

daledoc1

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.