Endpoint Protection

 View Only

  • 1.  Who is changing file associations without my knowledge?

    Posted Jul 04, 2010 10:54 AM
      |   view attached
    Every five minutes I am getting an alert in my system indicating that a file type association is getting changed in my web browser. SEP has not complained any virus or malware presence. Not sure who is changing file type associations in my box. Is there a tool or strategy to diagnose this issue?


  • 2.  RE: Who is changing file associations without my knowledge?

    Posted Jul 04, 2010 11:08 AM
    Seemingly the Maxton application is performing as such! (I am not sure, but it seems to be so)

    However some of the applications which are associated with some file types, periodically check if the file types are still associated with them or not. The famous application performing this action are Quick Time and Winamp. Winamp does this using an agent installed in the systray.

    By they Way, I suggest to check the configuration of the Maxton browser and disable the feature which checks the file association to it.


  • 3.  RE: Who is changing file associations without my knowledge?

    Posted Jul 04, 2010 11:09 AM
    Run a full scan on the machine in safe mode and see if  you find any thing?


  • 4.  RE: Who is changing file associations without my knowledge?

    Posted Jul 04, 2010 11:33 AM
    Farzad,

    Thanks for comparing and contrasting a few other similar applications. However here Maxthon is relinquishing on the ability to handle .URLs and Windows IE is alleged to theive. The alert is *not* given by Maxthon by a generic tool called WinPatrol which monitors the system of any changes anywhere.

    Had it been Maxthon it would have been much easier to zero down on its settings and fix 'em up right away right?


  • 5.  RE: Who is changing file associations without my knowledge?

    Posted Jul 04, 2010 11:34 AM
    No malicious activity was detected. I actually mentioned in my original post that this exercise was completed. Since I was encountering a dead big barrier wall I just thought I would ask for help in the forums.


  • 6.  RE: Who is changing file associations without my knowledge?

    Posted Jul 04, 2010 12:07 PM
    Deepak
    Are you sure that the maxton is not performing that?
    Try to uninstall it and check it this happens again


  • 7.  RE: Who is changing file associations without my knowledge?

    Posted Jul 05, 2010 08:58 AM
    It's simple - it says at the top. the extension . URL is being used by another browser, which is not your default, and Windows is trying to make Internet Explorer use this extention instead.



  • 8.  RE: Who is changing file associations without my knowledge?

    Posted Jul 05, 2010 10:08 AM
    Let's make it simple:

    A) Do you have the Maxton browser installed on your system? If YES, go to item B. If NO, don't go to item B!
           #So you don't have the Maxton browser installed on you system. Therefore the prompt is fake. So you need to inspect the system for virus or Trojan. I feel this is a trojan doing so, however restart the system in safe mode and do a full scan, or alternativly you can use the SRT (Symantec Recovey Tool) to check the system. Whatever method you use, just scan the system.

    B) Ok, you have a Maxton browser installed on the system. follow the below instruction to disable the maxton the periodic checking of the default browser:
    1. in the upper left corner of the window, select the Menu (blue botton)
    2. Chose the Options
    3. In the current window you can see the "Keep Maxthon3 as my default browser". Uncheck it if it is checked