Ad-Aware registry warning

[Mike]

Archived from groups: microsoft.public.win2000.setup (More info?)

I am getting a warning from Ad-Aware about a windows 2K registry entry:

Vendor:Windows
Category:Vulnerability
Object Type:RegData
Size:-
Location:SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon "Shell"
(Explorer.exe)
Last Activity:12-13-2004
Risk LevelLow
Comment:Shell Possibly Compromised
Description:General Windows Security Issue.Your system security may be
compromised.

I am unable to find anything on the Lavasoft site as to why this is considered
to be an indication of a Security Issue. Is this low warning a sign of
something that needs to be resolved? Should I delete the entry?

Thanks.

--
Mike.

 

[Guest]

Archived from groups: microsoft.public.win2000.setup (More info?)

Mike wrote:
> I am getting a warning from Ad-Aware about a windows 2K registry entry:
>
> Vendor:Windows
> Category:Vulnerability
> Object Type:RegData
> Size:-
> Location:SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon "Shell"
> (Explorer.exe)
> Last Activity:12-13-2004
> Risk LevelLow
> Comment:Shell Possibly Compromised
> Description:General Windows Security Issue.Your system security may be
> compromised.
>
> I am unable to find anything on the Lavasoft site as to why this is considered
> to be an indication of a Security Issue. Is this low warning a sign of
> something that needs to be resolved? Should I delete the entry?
>
> Thanks.
>

I have the same registry entry (in the HKLM tree) and the
latest Ad-Aware doesn't complain about it. All I can
think of is that your actual explorer.exe file might be
a newer version than what Ad-Aware knows about, or it might
be an older version that has known security issues.

 

[Guest]

Archived from groups: microsoft.public.win2000.setup (More info?)

Don't know if this would help..but I use Ad Aware as well...try uninstalling
your older version of Ad Aware and reinstalling it..see if that clears up the
warning..

e

"Mike" wrote:

> I am getting a warning from Ad-Aware about a windows 2K registry entry:
>
> Vendor:Windows
> Category:Vulnerability
> Object Type:RegData
> Size:-
> Location:SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon "Shell"
> (Explorer.exe)
> Last Activity:12-13-2004
> Risk LevelLow
> Comment:Shell Possibly Compromised
> Description:General Windows Security Issue.Your system security may be
> compromised.
>
> I am unable to find anything on the Lavasoft site as to why this is considered
> to be an indication of a Security Issue. Is this low warning a sign of
> something that needs to be resolved? Should I delete the entry?
>
> Thanks.
>
> --
> Mike.
>
>

 

[Mike]

Archived from groups: microsoft.public.win2000.setup (More info?)

On Thu, 24 Feb 2005 11:29:06 -0800, Eileen wrote:
> Don't know if this would help..but I use Ad Aware as well...try uninstalling
> your older version of Ad Aware and reinstalling it..see if that clears up the
> warning..

> e

> "Mike" wrote:

>> I am getting a warning from Ad-Aware about a windows 2K registry entry:

>> Vendor:Windows
>> Category:Vulnerability
>> Object Type:RegData
>> Size:-
>> Location:SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon "Shell"
>> (Explorer.exe)
>> Last Activity:12-13-2004
>> Risk LevelLow
>> Comment:Shell Possibly Compromised
>> Description:General Windows Security Issue.Your system security may be
>> compromised.

>> I am unable to find anything on the Lavasoft site as to why this is considered
>> to be an indication of a Security Issue. Is this low warning a sign of
>> something that needs to be resolved? Should I delete the entry?

That is a common error message from Ad-Aware. I finally found a discussion of
it somewhere and concluded it was pretty much a false negative.

Try one of the other spybot lookers and see if their results do the same.

--
Mike.