Everytime I run adaware I get a report that says my system may
> be compromised due to a security vulnerability, but I dont know what it is, what it
> does, where it came from nor how to deal with it as it keeps coming back everytime I
> remove it.
>
> HKEY_CLASSES_ROOT:scrfile\shell\open\command''''' (notepad.exe%1
>
> HKEY_CLASSES_ROOT:regfile\shell\open\command''''' (notepad.exe%1
>
> are they dangerous and what do I do to stop them coming back?

Hi

Ad-Aware is alerting because these two registry keys do not contain the standard values. However, the values are proably not dangerous. They inform Windows to open screen saver files and registry files in notepad rather than the normal windows operation which is to run the screen saver or merge the registry file. Some viruses use these file types to propagate themselves. As such these file associations can be changed to say run something harmless like notepad instead. Some security tools make these changes to help protect your PC.

As such you can opt to keep these settings, in which case they can simply be added to the ignore list in Ad-Aware or you can restore them to their default value. Neither way Ad-Aware would not alert on future scans.

The reason I say proably not dangerous is that if your notepad has been infected then of course opening either of these types of files would run the infected notepad. Have you run any security tools that offer protection by adjusting file types or file associations? If so then the changes are to be expected.

If you want to restore them to the default values then post back with which version of Windows you are running. To be sure also post a full copy of the log from a scan with Ad-Aware.

Many thanks