I am busy to write a littel utillity that repairs certain registry entries after a infection.
I am looking for the default file extension settings for:
.exe
-. com
-. bat
I also need the default values for the following registry keys:
double click on a drive in explorer so it opens
default shell handlers
Other related keys are also welcome.
If you know one or more of these, please export them to a file and paste the content of the file here.
Trying to fix a little bug. It refuses to recognize IE 7 as the latest version, but I will fix it.
Also adding data for Vista support and the detection dbase has new detections.
Best thing to mention: After this update, you only have to set things on ignore once, newer databse updates will keep your settings.
At one point I tried to make a tool that would detect the presence of trojans by checking for certain registery key in the HKEY_LM\software\microsoft\windows\run and HKEY_cu HKEY_CU\software\microsoft\windows\run.
If you are intersted let me know I I can send you the list
Ok, HiLoA 4-1 is out.
Due to lack of time, I haven’t been able to add everything to the detections I wanted, but it is a start.
And if everything really is working, next time you only have to dl a small update for new detections.
Eddy, can you compare your tool with HijackReader that automatically reads HijackThis logs and gives advice on what to fix? http://www.hollmen.dk/content/view/69/31/
The readers sees many things as undeterment, like:
Service: PC Tools Spyware Doctor
Service: Symantec AntiVirus Client
And these two are very well known and not harmfull.
It also says: O11 - Options group: [INTERNATIONAL] Internationa l* , need to be fixed while this one is not bad aat all.
It relies on lists created by others, which is not really a good thing to do.
It does not check for a firewall
It does not check Internet Explorer
USERS OF AVAST ANTIVIRUS AND/OR TROJANHUNTER: Some users of these two software products may receive a virus/trojan warning when using HijackReader.
*cough* Why only some? If avast is up to date, we all are using the same engine and vps.
Also seen the date on that article? june 2006. Im 99%+ sure that util didn’t excisted back then.
And why (almost a year later) isn’t there any update?
Why is it still in beta?
As far as I see it, it is a poor effort trying to imitate the functions in HiLoA
Bob, that is one of the many bugs in Vista.
Look HERE
USERS OF AVAST ANTIVIRUS AND/OR TROJANHUNTER: Some users of these two software products may receive a virus/trojan warning when using HijackReader.
Avast! didn't give me this warning while testing the program.
Eddy is right, there are many undetermined items. (many, many - lots of them!!!!) :o
It is however very easy to use. :)