Ad-Aware says regedit.exe %1 is possible virus - anyone?

wrote in message

> I've done scans with several programs and can't find anything. Avast's
> response was:
>
> I'm not sure what it's trying to say, but "regedit.exe %1" is the default
> value for .reg files...

They are trying to tell you that this is not a detection of a malware file, but
is instead an alert on a registry key value. The default entry in the registry
for dealing with .reg files is to open them with the registry editor (regedit)
and that is what "regedit.exe %1" means (feed this invoked file represented
by "%1" to "regedit.exe") in the key value.

Ask Ad-Aware, not Avast! why they detect this.
 >> Stay informed about: Ad-Aware says regedit.exe %1 is possible virus - anyone? 

> This is the Ad-Aware log comment.
> Has anyone gotten this and is it a false positive?

Yes I have had that. I am not sure if I would regard it as a false positive.
After all with a REG file, running REGEDIT to open the contents is a
natural.
The problem is that this is a security hole. This troubles me greatly.

I recognise the need to run registry scripts but not just any.

Stephen Howe
 >> Stay informed about: Ad-Aware says regedit.exe %1 is possible virus - anyone? 

"Stephen Howe" <sjhoweATdialDOTpipexDOTcom> wrote in


>> This is the Ad-Aware log comment.
>> Has anyone gotten this and is it a false positive?
>
> Yes I have had that. I am not sure if I would regard it as a false
> positive. After all with a REG file, running REGEDIT to open the
> contents is a natural.
> The problem is that this is a security hole. This troubles me greatly.
>
> I recognise the need to run registry scripts but not just any.
>
> Stephen Howe
>
>

For what it's worth, I just found these right under it in the registry
HKEY_Classes_Root:


RegWizCtrl.RegWizCtrl.1
Clsid
(Default) {50E5E3D1-C07E-11D0-B9FD-00A0249F6B00}

I also see something called Rend.rendezvous.1



Should I backup the registry and delete those Regwizctrl keys?

It seems like if these are spyware or part of a virus, no AV program or
Spyware program is catching it (and I have numerous ones running along
with constant regcleaners).
 >> Stay informed about: Ad-Aware says regedit.exe %1 is possible virus - anyone? 

"Stephen Howe" <sjhoweATdialDOTpipexDOTcom> wrote in


>> This is the Ad-Aware log comment.
>> Has anyone gotten this and is it a false positive?
>
> Yes I have had that. I am not sure if I would regard it as a false
> positive. After all with a REG file, running REGEDIT to open the
> contents is a natural.
> The problem is that this is a security hole. This troubles me greatly.
>
> I recognise the need to run registry scripts but not just any.
>
> Stephen Howe
>
>
>

So what's the solution? Avast doesn't seem to find anything on the OS
drive and neither did Trend Micro or Kaspersky. Hijackthis doesn't show
anything other than programs I know that are loading and the Google search
stuff.
 >> Stay informed about: Ad-Aware says regedit.exe %1 is possible virus - anyone?