Jump to content


Photo

False Positive ?


  • Please log in to reply
1 reply to this topic

#1 dcdc

dcdc

    Newbie

  • Members
  • Pip
  • 1 posts

Posted 12 September 2007 - 10:56 AM

Should I delete this Reg, entry please?
OS: 98SE

Name:Windows
Category:Vulnerability
Object Type:RegData
Size:1 Bytes
Location:software\microsoft\windows nt\currentversion\winlogon "Shell" ()
Last Activity:12-09-07
Relevance:Low
TAC index:3
Comment:
Description:General Windows Security Issue. Your system security may be compromised. The specifics of the possible compromised item are listed in the comments section.

( nothing in the comments section)

#2 LS Albin (former Lavasoft employee)

LS Albin (former Lavasoft employee)

    Former Lavasoft Staff

  • Members
  • PipPipPip
  • 407 posts

Posted 12 September 2007 - 11:52 AM

Should I delete this Reg, entry please?
OS: 98SE

Name:Windows
Category:Vulnerability
Object Type:RegData
Size:1 Bytes
Location:software\microsoft\windows nt\currentversion\winlogon "Shell" ()
Last Activity:12-09-07
Relevance:Low
TAC index:3
Comment:
Description:General Windows Security Issue. Your system security may be compromised. The specifics of the possible compromised item are listed in the comments section.

( nothing in the comments section)


Hi dcdc !


The Windows family is a special family which recognizes changes on Windows default data values.

I can see you are using an really old OS. With newer versions of Windows OS the default data value in this key is Explorer.exe, which is the shell for Windows. Some malware targets this value to start up at the same time as the shell is loaded.

In this case I suppose the data value in software\microsoft\windows nt\currentversion\winlogon "Shell" () is empty , and Ad-Aware SE
recognizes the empty data and want to change it to software\microsoft\windows nt\currentversion\winlogon "Shell" (Explorer.exe).
If you get hit on this every scan , I suggest you to put it on ignore.


Best Regards

Albin

Lavasoft Research




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users