![](http://content.invisioncic.com/d154966/set_resources_6/84c1e40ea0e759e3f1505eb1788ddf3c_pattern.png)
Tarun
-
Posts
2,122 -
Joined
-
Last visited
Posts posted by Tarun
-
-
No, this one's a common dialog that means several things, and it helps to know a lot more information before we get into explaining it.
Yeah, it was a bad joke.
-
You guys did come down HARD & FAST , I must Say !! Keeps the senses sharp
I remember when I was trading commodities and join a forum , picking was all that was done.....
I'll teach you something cool. See this image -->
. Well, when you click it on multiple posts, you can quote each post as I have done. Once you click it the image changes to ->
You've got the power , now what are you going to do with it...LOLIsn't there a commercial that says " I've Got the Power"? Your grammar is better , though........
He-Man? "I have the poooower!"
-
Post a screenshot, along with your Windows version so we'll know what you're talking about.
Hope it's not a BSoD.
-
Great...now what? It looks like I can safely remove most of this stuff. How do I do that? And no, I am not using Firefox or the other software you are referring too. Once removed, how often will I need to do this? I suddenly feel very lost out here. Can you walk me through this?
And, once removed, what is left?
Thanks.....
Simple check off the items and click Fix. You only need to do it once, unless you get malware or have concerns later.
Firefox can be found there.
-
In the O4 section of a HijackThis log (startup items), where many malware, viruses, and other items often start. HijackThis can remove it and stop it from running. But HijackThis also scans other sections to help stop the malware from running. Stopping it from running is preventing it.
in a sence it could prevent future malware....If you get infected with some sort of malware, more then likely it will add itself to your HKLM Run part of your registry. Thus when you reboot your computer or login as another user they then become infected as well, or more malware can be downloaded and executed.
so Tarun is correct by saying that hijackthis prevents malware. just not in the way we would like it to as a complete malware preventer...
Exactly.
That is like saying Ad-Aware SE Personal edition prevents spyware. It helps to remove spyware but I do not feel that it prevents anything. If you want to stop programs from being added to "your HKLM Run part of your registry," I would recommend installing StartupMonitor.Untrue. Ad-Aware can scan in archives and more and find malware and even trojans. This can prevent the user from running the malicious file and getting infected. Make sense?
-
Microsoft actually recommends not using their Java anymore. But you can download the latest Sun Java here.
-
First, download this Anti Malware Package, it contains everything you need to effectively clean your computer.
Next, refer to this PC Maintenance website, as it will tell you the settings you need and everything to effectively clean your computer. Then you can post your HijackThis log here.
-
Is there a spell check on here? I usually spell correctly , but then there are those times when you just aren't sure.
If you're using Firefox (hint hint) then yes. Simply change the G to the set of books (Dictionary.com) and then check your word in doubt there.
-
Merijn's Download Website
Here is the log file. I just ran it this morning after downloading the software and having run CCleaner and spyware removal software:
I have no idea what this all means and if I use this software again, I would not know what to do either. How can I find out what to keep, and/or what not.
THANKS....I am always wanting to clean stuff up on the pc if it is not necessary.
P.S. This pc is used by the whole family but I do know my one son does the downloading. I have warned him over and over about downloading stuff on here.
This will tell you what you can safely remove.
Generated by Tarun's HijackThis Converter.
Created registry value. Safe to remove:
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://channels.aimtoday.com/search/aimtoolbar.jsp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=22028
Changed registry value. Safe to remove:
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://channels.aimtoday.com/search/aimtoolbar.jsp
Created extra registry value where only one should be. Safe to remove:
R3 - Default URLSearchHook is missing
Enumeration of existing IE's BHO's. Safe to remove:
O2 - BHO: AuthBHO.cBHO - {A4D90779-6CB2-4752-83C2-A2AB4D9A672D} - C:\Program Files\Comcast\Security Manager\app\AuthBHO.dll
O2 - BHO: Starware - {CA356D79-679B-4b4c-8E49-5AF97014F4C1} - C:\Program Files\Starware\bin\Starware.dll
O2 - BHO: Starwood Toolbar - {CAC335E0-9FFB-4a59-A3F5-03B7713E937B} - C:\WINDOWS\system32\starwood.dll
Enumeration of existing IE's toolbars. Safe to remove:
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: Security Manager Popup Blocker - {64634180-B0EA-48B6-82B7-9620D33362C1} - C:\Program Files\Comcast\Security Manager\app\AuthBHO.dll
O3 - Toolbar: AIM Search - {40D41A8B-D79B-43d7-99A7-9EE0F344C385} - C:\Program Files\AIM Toolbar\AIMBar.dll
O3 - Toolbar: Starware - {D49E9D35-254C-4c6a-9D17-95018D228FF5} - C:\Program Files\Starware\bin\Starware.dll
O3 - Toolbar: Starwood Toolbar - {CAC335E0-9FFB-4a59-A3F5-03B7713E937B} - C:\WINDOWS\system32\starwood.dll
Enumeration of suspicious auto-loading registry entries. Safe to remove:
O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
O4 - HKLM\..\Run: [AS00_Gear311T] C:\Program Files\NETGEAR\WG311TSU\Utility\Gear311T.exe -hide
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [DXDllRegExe] dxdllreg.exe
O4 - HKLM\..\Run: [mmtask] C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1108571938\EE\AOLHostManager.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [AOLCC] "C:\Program Files\AOL Computer Check-Up\ACCAgnt.exe" /startup
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\America Online 9.0a\AOL.EXE" -b
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
Disabling of "Internet Options" Main tab with Policies. Safe to remove:
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
Extra IE context menu items. Safe to remove:
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
Extra "Tools" menu items and buttons. Safe to remove:
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\IEExtension.dll
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker\IEExtension.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)
Trusted Zone Autoadd. Safe to remove:
O15 - Trusted Zone: *.musicmatch.com (HKLM)
Downloaded Program Files item. Safe to remove:
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwe...up1.0.0.8-2.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.com/computercheckup/qdiagcc.cab
O16 - DPF: {88D758A3-D33B-45FD-91E3-67749B4057FA} (Sinstaller Class) - http://dm.screensavers.com/dm/installers/si/1/sinstaller.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.av.aol.com/molbin/shared/m...,20/mcgdmgr.cab
O16 - DPF: {CAC335E0-9FFB-4A59-A3F5-03B7713E937B} (Starwood Toolbar) - http://www.starwoodhotels.com/dp/en_US/com...bar/install.cab
Enumeration of NT Services. Safe to remove:
O23 - Service: ISEXEng - Unknown owner - C:\WINDOWS\system32\angelex.exe (file missing)
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Networks Associates Technology, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel? Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
I hope you're using Firefox. If you are you can safely uninstall Starwood Toolbar and AOL Toolbar.
You may also wish to use Quicktime Alternative and Real Alternative.
-
hah easier said then done lol then again i've only commited about 2 hours of the past 4 days or so into learning it..
I just need to find a really cool app in which too look at the source-code and see how it "ticks".
For VB, a friend of mine Jeff made a cool program that just demonstrated things like the timer, text on change, messageboxes, etc... and gave me the Source Code with pretty much every line commented with what it does.
Nice. You still got AIM? Maybe we can help each other learn this stuff too.
-
Looks pretty awesome Tarun, nice to see your moving from VB to Delphi. I've been trying C++, C#, Java, and Delphi over the past month. Still prefer VB over anything else cause of the simlicity, but I want to code things with more power.
Even Delphi is pretty simple, you just have to learn it like VB.
-
Check the version numbers. Whichever is highest/latest, copy to C:\Windows\System32\
-
Control Panel > Scheduled Tasks
-
That fixes that.
-
You're right, DjLizard: i didn't know that.
Do you think it's a bug or simply a CCleaner's feature?
It's because you are clicking on the checkbox when you right click. It's neither a bug nor a feature.
-
I have seen these discussions in the forum. Is this something I need to be concerned about? Don't know what it is, but when I looked at someone else's post I thought I should inquire?? Does this have something to do with spyware?
Thanks!
It deals with preventing and removing malware.
HijackThis: A general homepage hijackers detector and remover. Initially based on the article Hijacked!, but expanded with almost a dozen other checks against hijacker tricks. It is continually updated to detect and remove new hijacks. It does not target specific programs/URLs, just the methods used by hijackers to force you onto their sites. As a result, false positives are imminent and unless you are sure what you're doing, you should always consult with knowledgable folks (e.g. the forums) before deleting anything. -
Use HijackThis and post a log file. Then we can determine what you can safely remove, etc.
-
There's a huge bug. Using VB.NET. Oy. VB6 > VB.NET by far.
-
You may wish to try and download the Visual Basic 6 Runtimes as this can often fix many problems.
Also get the latest version, CCleaner 1.19.108.
-
Site looks like a bad geocities website.
-
think something is off?
if i use CCleaner to check it says a new one but then offers me the 119 download
if i go to this site same thing
did you not rename it? or are they old files?????
From 1.19.105 to -> 1.19.108
-
First, download this Anti Malware Package, it contains everything you need to effectively clean your computer.
Next, refer to this PC Maintenance website, as it will tell you the settings you need and everything to effectively clean your computer. Then you can post your HijackThis log here.
-
-
A gemini eh? Whoa.
Spybot
in Software
Posted
You only really want to disable it if you have no programs that are dependant on it. Some may "report" to be, but don't really need it. You can do so under the Administrative Tools in Control Panel.
The HOSTS file and the fact he has a log that is causing a MS schedules text file not to be deleted are in no way related. -.-