I'm looking to write a procedure to look for Browser Hijacks. The current wave of fake spyware is blowing trhough all of the KES and firewall products.

What I want is to see if the browser Shell Open Command has been sert to something other then the default, it so set an alert/alarm (can be via email) and possiblely put it back.

Anyone have such a script? I'm also looking for someone to write scripts for me on an On Demand basis. So often I know what I want but don't have the time to work out the syntax.

IE Values

@="\"C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE\""

“C:\Program Files\Mozilla Firefox\firefox.exe”