Auto-scan; file extensions

[pudding.man]

Hi,

New here.

W2k sp4 desktop, Spybot S&D 1.6.0.31.

Since I updated, I can't open a .pdf with Adobe reader. I get instead
Spybot auto-scan.

I've run Settings and checked file extension exclude for .pdf. Seems
to have no effect.

I really, Really, REALLY don't need Spybot taking over my intended
file extension associations.

How can I get Spybot to treat extensions as in older versions (or
otherwise circumvent this silly, silly problem)??

Thx,
Puddin'

 

[Tom.K]

Try to find a setting in Adobe Reader which associates .pdf extensions.

To remove the shell extension, you should reinstall Spybot-S&D but uncheck the next checkbox: "Explorer File Scan Plugin (in File Context menu)"

This has effect on all files which are not associated.
Shell Extension adds itself as a command.
When you run any non-associated files, Spybot-S&D just scans it. And if you right click on the file, you see that "Scan with Spybot-S&D" is a default command. I don't like that.

 

[md usa spybot fan]

pudding.man (Puddin'):

Right click on a .pdf file and look at the context menu. If the "Scan using Spybot-Search&Destroy" option is the first option in the menu, it will be executed by default if you double click on that type of file. You what "Open" as the default.

To fix the problem and still keep the "Scan using Spybot-Search&Destroy" option in the right click context menu try this suggestion posted by matt Humphreys in:

• Spybot and doubling clicking file
  http://forums.spybot.info/showthread.php?t=32011

If you would like to eliminate the "Scan using Spybot-Search&Destroy" right click context menu option entirely from the context menu on all file types, see this post by Zer0 Voltage in:

• Spybot 1.6 questions
  http://forums.spybot.info/showthread.php?t=30678

 

[pudding.man]

Right click on a .pdf file and look at the context menu. If the "Scan using Spybot-Search&Destroy" option is the first option in the menu, it will be executed by default if you double click on that type of file. You what "Open" as the default.

Correct.

To fix the problem and still keep the "Scan using Spybot-Search&Destroy" option in the right click context menu try this suggestion posted by matt Humphreys in:

• Spybot and doubling clicking file
  http://forums.spybot.info/showthread.php?t=32011

1.) Thanks for your attempt to help.
2.) It doesn't work for me:

Open any folder
select 'Tools'/'Folder Options'
select 'File Types' tab
scroll the extensions until you find the one you're after and click to select it
You should see a button called 'Advanced'

There is no button called 'Advanced'. Which I find really curious,
as he claimed W2k (which I am running). When he says "Open any folder", I assume he means using Win Explorer.

Any ideas?

I *would* like to keep the "Scan using Spybot-Search&Destroy" right click context menu option. It's all I ever needed.

3.) Spybot is rising higher and higher on my list of "software likely to be soon forsaken".

Spybot is German-authored, like Nero? Vas Ist Los??

Thx,
Puddin'

 

[PepiMK]

Ireland, but German origins

I did add an issue to the bugtracker here.

Not quite sur where this is coming from. I played through a few of virtual machines, but not one shows this behaviour. Might be an OS specific thing whether the first in list will e assumed as default? XPs and Vistas are still asking the user when no default "verb" is defined.

As to whats up... could write down a list of excuses, from RSI and Dvorak learning myself to all the legal trouble the bad guys and even legal competition is creating... but well, would I be here at this time (GMT!) if we wouldn't be busily working?

 

[pudding.man]

I did add an issue to the bugtracker here.

Thanks for the intent.

Can you edit it so it reads "File scanner should not ..." instead of "File scanner should net ..."

Not quite sur where this is coming from. I played through a few of virtual machines, but not one shows this behaviour. Might be an OS specific thing whether the first in list will e assumed as default? XPs and Vistas are still asking the user when no default "verb" is defined.

Approximate content comprehended: 50%

I noodled around, set the file assoc. back to it's default (Adobe had set it differently), "Advanced" magically appeared, and I was able to apply the fix suggested by md... (thanks hereby rendered).

If everything on my desktop system required the infinite silliness that this issued required, I'd flip the desktop in the trash and shine up my abacus (note no smiley).

As to whats up... could write down a list of excuses, from RSI and Dvorak learning myself to all the legal trouble the bad guys and even legal competition is creating... but well, would I be here at this time (GMT!) if we wouldn't be busily working?

Approximate content comprehended: 10%

a.) Given the install default that created this problem, I am now convinced that Spybot doesn't want me running their software. My long-term plans will be designed to comply.

b.) The (easy) fix damn well should've been in Spybot and not in "Windows".

Thanks,
Puddin'

 

[PepiMK]

Typo corrected

Will have someone with a notebook that can reproduce the problem at the office tomorrow, because we can't.

50%: means I tested on a bunch of machines. "verb" is the Microsoft term for actions available for files. The default "verb" is "open", another known verb is for example "print". Spybot uses the verb "sdfiles". So as long as Windows handles "open" as the default verb, Spybot should not come up by default.

As to where the fix should be - ence we get hold of the underlying reason for this behaviour, there will be a fix in Spybot. A small thing in the weekly updates that will correct this.

10%: in case you didn't recognize, that was a joke basically meaning that we could come up with a list of excuses that you wouldn't understand, but instead don't want to use excuses and work hard instead.

But: as to what created this problem, I am not sure if it really was Spybot-S&D. So far, I would guess that Spybot was the first installed app to encounter this problem. We won't know until we've looked at a few registry dumps (of "HKEY_CLASSES_ROOT\*\").

What exactly did you mean by the changes Adobe had made?

 

[pudding.man]

But: as to what created this problem, I am not sure if it really was Spybot-S&D. So far, I would guess that Spybot was the first installed app to encounter this problem. We won't know until we've looked at a few registry dumps (of "HKEY_CLASSES_ROOT\*\").

What exactly did you mean by the changes Adobe had made?

Again, the problem arose on a W2k sp4 desktop system. Also running AVG, Sunbelt pers. firewall, and with AdAware installed. 'Tis a multi-boot system, but I doubt that has anything to do with the problem.

I'd been getting a nag screen for update to Adobe Reader 8.1.2 for weeks. Finally installed. I suspect that's when the "Advanced" button for .pdf file extension went away. It came back when I set the program spec back to default.

The problem ensued with Spybot SD 1.6.0.31. I did not have the problem with an older version of Spybot. Near as I can tell, "open" was the default verb for .pdf before update to Spybot SD 1.6.0.31: thereafter it was Spybot.

My registry now shows:
HKEY_CLASSES_ROOT\.pdf\OpenWithList\AcroRd32.exe

Any help?

Thx,
P

 

[PepiMK]

That sounds more like the Adobe Reader upgrade destroyed your proper .pdf extension handling than Spybot-S&D hijacking it.

What we've found so far:

• If you click an unassociated file with Windows XP 64 or later, Windows will ask you what to do with it.
• If you click an unassociated file with Windows XP 32 or earlier, unknown files will be opened with the first "all files" handler available.

By unassociating .pdf, we could reproduce this. But then, if .pdf is not asociated with any app, there's something wrong
Skip a few paragraphs now if you're not interested in the technical background.

The PDF association usually goes like this:
The key HKEY_CLASSES_ROOT\.pdf\ has a (Default) value saying AcroExch.Document. This means the action taken when opening PDFs would be the one found in HKEY_CLASSES_ROOT\AcroExch.Document\Shell\Open\Command\ , where the (Default) value points to "C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe" "%1" or similar.

Well, actually it's designed even more complex; the (Default) in HKEY_CLASSES_ROOT\AcroExch.Document\CurVer\ forwards, being set to AcroExch.Document.7, handling to HKEY_CLASSES_ROOT\AcroExch.Document.7\shell\ , where you'll see the (Default) verb Read, which means that the command in HKEY_CLASSES_ROOT\AcroExch.Document.7\shell\Read\command\ will be executed by default for PDFs.

Breaking any value in that chain from .pdf (open) to AcroExch.Document (open) to AcroExch.Document.7 (read) will indeed open a PDF with Spybot (because it could not find the intended app ah the end point of that chain). But that would be the case just because MS intended unassociated apps to be opened with the first all-filetypes handler.

Thinking about workarounds, the only one we've found would be to adjust the registry to behave on XP 32 and earlier to something that is used in XP 64 and later.

Downside: changing this behaviour would also affect other applications that have handlers for all file types. Users my find that mich more annoying than the current situation that happens with broken file associations "only".

A method to reduce this would be to apply that patch only if Spybot-S&D is the only all-files-handler using the "shell" entry (packers often use "shellex" which has the downside of working only half of the time on 64 bit machines ), but that would not deal with situations where other apps might be installed at a later point.
Microsoft does not seem to have offered a method to list items that are not to be used to open an unassociated file (see this MSDN page).

So, to sum it up: right now it looks very much like a broken Adobe Reader update and not Spybots fault. And that's where "the damn fix should be in Spybot" is not true any more, because it would mean changing either Windows default behaviour (which would annoy many more users) or give up a feature because it irritates the user in case his system is broken (which imho is no an option either).

 

[pudding.man]

That sounds more like the Adobe Reader upgrade destroyed your proper .pdf extension handling than Spybot-S&D hijacking it.

What we've found so far:

• If you click an unassociated file with Windows XP 64 or later, Windows will ask you what to do with it.
• If you click an unassociated file with Windows XP 32 or earlier, unknown files will be opened with the first "all files" handler available.

By unassociating .pdf, we could reproduce this. But then, if .pdf is not asociated with any app, there's something wrong
Skip a few paragraphs now if you're not interested in the technical background.

I did read thru the tech stuff, but I'm not sure it's relevant.

Of this I'm certain. While the problem existed:

1.) The .pdf file assoc. was "Adobe <something>".
2.) When I right-clicked a .pdf, "Scan with Spybot" was bolded and first in the list. And that's what ran when I double-clicked the .pdf.

From that and the fact that the problem didn't exist when running older versions of Spybot I concluded that Spybot was the culprit.

I cannot now say that with certainty. But neither can I refute it.

The problem is near identical to that dealt with in:

http://forums.spybot.info/showthread.php?p=236264#post236264

While you can't replicate it, obviously I did (unintentionally).

Y'all have got beau-coup VM's lying around and none are running W2k and are suitable for testing this?

Regardless of that, your efforts are appreciated.

Puddin