Untested Internet Explorer Remover/Cleaner (?)

Replies are listed 'Best First'.
Re: ReIE.pl - no it's not malware by diotalevi (Canon) on Oct 01, 2002 at 01:32 UTC
This code is not malicious or anything - just poorly documented (by my definition). Whatever characterset those strings are in is completely unreadable to my ISO-8859-1 fonts. That said it looks like a sort of "reset" for the author's Internet Explorer setup along with a few other unrelated things that were just included but aren't actually bad persay... You can break your Internet Explorer using this though. perl.exe reie.pl -help This is obvious - print unintelligible help perl.exe reie.pl -unlock / -lock This enables or disables the RegEdit.exe program from altering the registry. It shouldn't prevent this program from running. 'Lock' stops RegEdit from running, 'Unlock' allows it to go again. perl.exe reie.pl This is the program's main mode of operation. I'll just provide a list of it's actions Delete all files matching these extensions per each directory listed: .html, .hta, .htt, .htw, .htx, .url, .vbs your desktop your start menu your programs directory in your start menu your startup directory in your start menu your quick launch directory Now repeat but for the All Users account Recursively delete some entries from your registry. I gather this is an attempt to somewhat protect against malicious scripts which might use these components. Or something. Windows Scripting Host Shell Scripting Filesystem object Internet Explorer something else I don't know # Delete these registry entries but don't attempt recursion HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoViewContextMenu HKEY_LOCAL_MACHINE\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run HKEY_LOCAL_MACHINE\SOFTWARE\\Microsoft\\Internet Explorer\\Main\Window Title HKEY_LOCAL_MACHINE\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\WinLogon\LegalNoticeCaption HKEY_LOCAL_MACHINE\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\WinLogon\LegalNoticeText HKEY_LOCAL_MACHINE","SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\Ratings\Key Now rename some common desktop elements recyle bin control panel scheduled tasks printers Network and dialup connections Web Folders And now set some other default settings (starting with this bit`HKEY_CURRENT_USER","Control Panel\\International","sTimeFormat","H:mm:ss"],` This is mostly harmless and just alters the search and homes pages and such. Lastly . . . sigh.... `# Attempt to match each of these regexes against HKCU\Software\Microso +ft\Windows\CurrentVersion\Run's entries # and if one matches, remove it. Repeat for HKLM as well. @matchword = ( 'IEXPLORE\.EXE', '\.html?$', '\.ht[atwx]$', '\.url$', '^http:\/\/', '^www\.', '\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}', '\.com$', '\.net$', '\.org$', '\.cn$', '\.biz$', '\.info$' );` [download] Update I have no earthly idea why but I originally emphasized that first 'is'. I just made it plain.	[reply] [d/l] [select]
Re: ReIE.pl by Anonymous Monk on Oct 02, 2002 at 09:08 UTC
Hello,very thankful your give directions. We will as soon as possible improve it. One thing I ought to explain to you.We are come from China.Our English all is not very good. Therefore invite you considerate. by pGG <pgg@zapo.net>	[reply]
Re: Re: ReIE.pl by footpad (Abbot) on Oct 02, 2002 at 16:38 UTC
Welcome to the Monastary; we look forward to your contributions and appreciate any that help us improve our skills and understanding of Perl, as well as how to use it well. Having said that, we encourage you to keep a few guidelines in mind when posting: The engine uses HTML to render its content. For best display results, please format your posts using properly structured HTML. For an example, please view the source of this node. As noted earlier, we appreciate any useful or educational code samples, however, that does not include code that destructively renames files, extracts passwords, or writes random values to the user's operating system files. Please try to limit your contributions to those that help educate people in a positive way. Destructive examples aren't really appreciated. While we have members who work with a variety of character sets, the site itself uses ISO 8859-1 (Latin-1). It appears the text strings in your original node have been converted accordingly, thus obscuring the intent. In turn, this may make things more difficult for the average monk to divine the purpose and results of your code.¹ It is possible to use some Unicode HTML entities, however, browser support has always been spotty. In my personal experience, more numeric entities are supported than the character entities. Your experience may vary, of course. We're certainly not against non-English contributions. However, you may receive more helpful feedback by posting code that does not contain extended characters. --f ¹ - Update: Rewote this point, due to Chatterbox feedback. Thanks, jarich.	[reply]
Re: Untested Internet Explorer Remover/Cleaner (?) by Anonymous Monk on Oct 03, 2002 at 12:54 UTC
Hello,I was very glad to receive your discuss and I have read it very careful. It was very nice.I was said my friend ROB.I will tell more China people who are interesting in Perl to go here.I holp we can study together will more Perl fan all over the world and make progress in a short time. After we in improve our program I will send it to you. And I am thanks again for your help. Good Luck! by pGG	[reply]


Perl-Sensitive Sunglasses
	PerlMonks