"pcbutts1" <pcbutts1@leythosthestalker.com> wrote in message
news:f98h91$iav$1@blackhelicopter.databasix.com...
> You have a lot to learn about malware. If I were you I'd hate myself for
> being so stupid. These are just a few.
> [HKEY_CLASSES_ROOT\
> [HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers
> [HKEY_CLASSES_ROOT\AppID\
> [HKEY_CLASSES_ROOT\CLSID\
> [HKEY_CLASSES_ROOT\Interface\
> [HKEY_CLASSES_ROOT\software\microsoft\windows\curre ntversion\explorer\browser
> helper objects
> [HKEY_CLASSES_ROOT\Typelib\
> [HKEY_CURRENT_USER\
> [HKEY_CURRENT_USER\clsid
>
> These are good ones do you know what these do? probably not.
> [HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\policies\explorer\Run]
> [HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Policies\System]
> [HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Run]
> [HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Shell]
> [HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Shell
> Extensions]
>
> You CANNOT completely remove Malware without removing the registry
> entries. You know nothing about Spyware.
>
>
Can you tell me how a registry key in any of those places without a
corresponding file somewhere on the computer would cause a re-infection of
the system? Something has to run to re-infect the system. If the files don't
exist what will run? I can actually accept that it may be theoretically
possible to hide some code in a registry key and then somehow get that code
to execute. I've never heard of it being done and even though I can conceive
of the possibility I certainly don't know how to do it. If it was easy or
even only moderately hard I think we'd have seen it already. Currently if
there is no malware code somewhere on the pc it doesn't matter what is in
the registry. As I said in my first post it is nice if anti-malware software
cleans up the registry but it is not required to ensure the pc is clean.
And yes I know about all of those places in the registry hives. You've
actually missed a couple of places where very common malware like the vundo
trojan hides. All you are doing is proving how little knowledge you really
have.
--
Kerry Brown
Reply With Quote