J
Jonathan Holmes
I always add the attached registry key to my systems. It produces a "View As
Text" entry in Explorer's right-click context menu on every file, and this
entry runs Notepad, passing the filename as a parameter.
After installing MS Anti-Spyware, the behaviour of this menu entry has
changed and the file itself can be executed rather than Notepad being
executed with the file as a parameter.
If I have security agents enabled, and I right-click a .bat file and choose
"View As Text", I receive a pop-up asking whether I wish to *execute* the
batch file. If I say yes, the batch file is indeed executed: notepad is not
invoked at all. This itself is a very serious concern because even though
the message appeared to be misleading, I did not truly expect the batch file
to be executed, and I executed a batch file accidentally as a result.
Similarly, if I have security agents disabled, and I right-click a .reg file
and choose "View As Text", I receive this prompt from MS Anti-Spyware:
A script file C:\Documents and Settings\Jon\Desktop\NAT.reg is trying to
execute. This file has been frozen from running pending your approval.
A Registry file (.reg) is a script that can add, remove or modify any
values within your Window's registry.
Advise: If you are installing a legitimate program you might want to
allow this script to run as some programs do run legitimate scripts during
installation. However, scripts are also one of the biggest known
transmitters of viruses and worms specifically distributed through email.
(Minor bug, the word "Advise:" should read "Advice:")
If I click Allow, instead of Notepad running, I receive a prompt from
Registry Editor asking whether I wish to add the information to the
registry.
Once I have allowed a particular file to "run" and I have active threat
monitoring disabled, further right-clicks and selection of "View As Text"
leads to the file executing in Notepad as expected.
Jonathan Holmes
Text" entry in Explorer's right-click context menu on every file, and this
entry runs Notepad, passing the filename as a parameter.
After installing MS Anti-Spyware, the behaviour of this menu entry has
changed and the file itself can be executed rather than Notepad being
executed with the file as a parameter.
If I have security agents enabled, and I right-click a .bat file and choose
"View As Text", I receive a pop-up asking whether I wish to *execute* the
batch file. If I say yes, the batch file is indeed executed: notepad is not
invoked at all. This itself is a very serious concern because even though
the message appeared to be misleading, I did not truly expect the batch file
to be executed, and I executed a batch file accidentally as a result.
Similarly, if I have security agents disabled, and I right-click a .reg file
and choose "View As Text", I receive this prompt from MS Anti-Spyware:
A script file C:\Documents and Settings\Jon\Desktop\NAT.reg is trying to
execute. This file has been frozen from running pending your approval.
A Registry file (.reg) is a script that can add, remove or modify any
values within your Window's registry.
Advise: If you are installing a legitimate program you might want to
allow this script to run as some programs do run legitimate scripts during
installation. However, scripts are also one of the biggest known
transmitters of viruses and worms specifically distributed through email.
(Minor bug, the word "Advise:" should read "Advice:")
If I click Allow, instead of Notepad running, I receive a prompt from
Registry Editor asking whether I wish to add the information to the
registry.
Once I have allowed a particular file to "run" and I have active threat
monitoring disabled, further right-clicks and selection of "View As Text"
leads to the file executing in Notepad as expected.
Jonathan Holmes