February 2008 - Posts
Silent Runners R56 checks four additional values in the HKLM...Control tree and allows IPv6 localhost addresses to be recognized in the HOSTS file. Minor changes have been made to output format.
It is recommended that you download Silent Runners R56 and delete earlier versions.
1. HKLM\SYSTEM\CurrentControlSet\Control\BootVerificationProgram\ImagePath
2. HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Authentication Packages
3. HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Execute
4. HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SetupExecute
--------------------------------------------------------------------------
I added these values for a variety of reasons:
Geert M ( http://www.runscanner.net/ ) recommended that I add 1, 3 and 4. Thanks, Geert!
Microsoft documents #1:
http://www.microsoft.com/technet/prodtechn...ntry/58555.mspx
An empty value exists by default for #4 in Vista.
I included #3 because, well, Autoruns checks it. (I can't seem to find anything else about it.)
I've saved #2 for last because it's the most interesting. I thank Jay S. of HandyNetworks.com for bringing it to my attention.
It's documented by Microsoft here:
http://msdn2.microsoft.com/en-us/library/a...784(VS.85).aspx
It turns out that it's an exceptionally powerful launch point, since it's accessed during login.
IPv6 localhost notation
-----------------------
Vista includes "::1" in the HOSTS file to point to localhost. This is
IPv6 shorthand for 127.0.0.1. Thanks to Jules C. for cluing me in.
Vista execution tip
-------------------
Silent Runners will be able to look at a lot more places in Vista if its run from an Administrative-level command prompt.
To get to such a command prompt, right-click on "Command Prompt" in the Start menu and choose "Run as Administrator". After clicking through the UA alert, cd to the Silent Runners directory and issue the following command: cscript "Silent Runners.vbs"
Note that the quotes are mandatory.
The launch points list on the web site has been updated.
http://www.silentrunners.org/sr_launchpoints.html
The updated script (R56) can be found here:
http://www.silentrunners.org/Silent%20Runners.vbs
A zipped version can be found here:
http://www.silentrunners.org/Silent%20Runners.zip
Note: THE BETA DEFINITIONS ARE FOR ADVANCED USERS ONLY!
Re-Immunize numerous times once updated to ensure maximum protection.
Please see the below URL for additional information regarding this update >
http://spybot.info/en/updatehistory/index.html
LS 2007 users may use the web update feature to obtain this definition file.
SE users *must* manually update using one of the two below URLs >
http://www.lavasoft.com/single/mirror_download.php?f=948DEWk12
http://download.lavasoft.com/public/defs.zip
Please see the below URL for additional information regarding this update >
http://www.lavasoftsupport.com/index.php?showtopic=16648
LS 2007 Users may use the web update feature.
SE Users *must* manually update at either of the below URLs >
http://www.lavasoft.com/single/mirror_download.php?f=948DEWk12
http://download.lavasoft.com/public/defs.zip
Please see the below URL for highlights regarding this update >
http://www.lavasoftsupport.com/index.php?showtopic=16618
Note: THE BETA DEFINITIONS ARE FOR ADVANCED USERS ONLY!
Please refer to the below URL for additional information regarding this update >
http://www.spybot.info/en/updatehistory/2008-02-20.html
LS 2007 users may update using the web update feature.
SE *must* manually update using one of the two below URLs >
http://www.lavasoft.com/single/mirror_download.php?f=948DEWk12
Or > http://download.lavasoft.com/public/defs.zip
Please see this URL for further information regarding this update >
http://www.lavasoftsupport.com/index.php?showtopic=16460
LS 2007 users may use the web update feature to obtain this latest update.
SE users *must* manually update using the below URLs >
http://www.lavasoft.com/single/mirror_download.php?f=948DEWk12
Or > http://download.lavasoft.com/public/defs.zip
Please use the web update feature to obtain this latest update.
9641 Total Items in the database > 130 New.
Enable full protection via the hyperlink in the above screenshot.
LS 2007 Users may use the Web Update feature to obtain this latest update.
SE Users may manually update here > http://www.lavasoft.com/single/mirror_download.php?f=948DEWk12
Or here > http://download.lavasoft.com/public/defs.zip
Information on this update may be read here > http://www.lavasoftsupport.com/index.php?showtopic=16280
Blocking Unwanted Parasites with a Hosts File
http://www.mvps.org/winhelp2002/hosts.htm
http://www.mvps.org/winhelp2002/hosts.zip (148 kb)
http://www.mvps.org/winhelp2002/hosts.txt (647 kb)
Note: the "text" version makes a good reference for determining possible
unwanted sites.
How To: Download and Extract the HOSTS file
http://www.mvps.org/winhelp2002/hosts2.htm
HOSTS File - Frequently Asked Questions
http://www.mvps.org/winhelp2002/hostsfaq.htm
Sign up for HOSTS file update notices
http://www.mvps.org/winhelp2002/updates.htm
Visit the Hosts News blog
http://msmvps.com/blogs/hostsnews/default.aspx
http://java.sun.com/javase/downloads/index.jsp > download > select O/S and language > check accept License Agreement > choose Windows Offline Installation > click on the executable URL > save to desktop.
Ensure you uninstall Java Runtime Update 3 from Add/Remove Programs once installed.
http://java.sun.com/javase/downloads/index.jsp > download > select O/S and language > check accept License Agreement > choose Windows Offline Installation > click on the executable URL > save to desktop.
Ensure you uninstall Java Runtime Update 3 from Add/Remove Programs once installed.