Silent Runners has been updated to R36 and adds important functional improvements. If you use this program, it is recommended that you download the new version and delete earlier ones.

1. On NT4+ systems, the script now checks:
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\DataBasePath
to determine where the HOSTS file is located. If the default value has been changed, a "HIJACK WARNING!" appears. The script uses the location in this value to find the HOSTS file.

2. On NT4+ systems, the script now checks sub-keys (executable names) of:
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\
for a value named "Debugger".

This is a very powerful launch point. Any program can be cited as a debugger and it will run in place of the executable name. There is one default value that serves as an example. If anything else is found, an "INFECTION WARNING!" appears.

3. The launch points list on the web site has been updated to this location: 

The updated script (R36) is here:

A zipped version can be found here:

NOTE: This tool is for advanced users who know how to read and use the log it generates.