Jump to content

TonyKlein

Experienced Members
  • Posts

    586
  • Joined

  • Last visited

Everything posted by TonyKlein

  1. Impossible. They all use their own format.
  2. TonyKlein

    Help me~~

    Please go to this section of the forum, and post a 'HijackThis' log so that one of the analysts can take a look at your configuration.
  3. TonyKlein

    Using msconfig

    Yes, you're absolutely right. Still, I think there's something appealing about being able to simply toggle the status of a startup as opposed to nuking it, then having to restore it from a backup should you decide you want it after all.
  4. TonyKlein

    Using msconfig

    Certainly, but here we're talking about the Msconfig Startup tab, as opposed to the Services tab.
  5. TonyKlein

    Using msconfig

    If within the program itself there is no such option, The Msconfig Startup tab is an excellent alternative, allowing you to simply disable the application from launching with Windows, something that can be reversed if desired. Deleting a Registry run entry with HijackThis or CCleaner is of course a little more difficult to reverse.
  6. TonyKlein

    Using msconfig

    The message is by design; in that dialogue you'll find a "don't show me this message again" check box. Tick it, and you won't see that popup again.
  7. How about today? http://www.CCleaner.com/download/builds
  8. Do the following: Close CCleaner Copy the text inside the 'Quote' box to Notepad, and save in a location of your choice as Fix.reg (make sure you save as type: 'all files') Doubleclick the Fix.reg file you just created, and answer yes when prompted to add its contents to the Registry. Launch CCleaner; the Office 2003 entry should now be gone.
  9. No such prob here. CCleaner ought to launch whatever you have set as your default web browser. Are you sure that in 'Set Program Access and Defaults' FireFox is indeed set as your default?
  10. That's not CCleaner's fault. It's because of QuickTime restoring the registry value. Do a Ctrl - Alt- Delete to bring up Task Manager, and end task on the qttask.exe process. Now go to your Program Files\QuickTime folder, and rename the qttask.exe file to qttask.bak Next, launch CCleaner > Tools > Startup, and delete the Qttask startup entry. It should not bother you any longer. In any case not until you update QuickTime in which case you'll have to step through this process once again.
  11. It is indeed a known 'issue': http://forum.antivir-pe.de/thread.php?thre...ilight=CCleaner
  12. Yup, thanks! It is indeed a very powerful program and it enumerates the contents of practically all currently known autostart and launch points. One caveat: do NOT un-check or delete anything unless you reaaally know what you're doing. Here's only one example of what could easily happen: http://forum.sysinternals.com/forum_posts.asp?TID=11351
  13. Alrighty then... If you have no more Symantec software installed you also want to fix the following lines: O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
  14. Well, you certainly have no shortage of security software... in fact it definitely amounts to overkill and can only cause conflicts Alongside Nod32 and BOClean you certainly do NOT need both AVGAntiSpyware and SpySweeper as WELL as Windows Defender and Spyware Doctor running residently... At the very least you need to make a choice between SpySweeper, AVG AS and Spyware Doctor. I suggest picking either SS or AVG. Feel free to keep the others, but use them ONLY to scan on demand. Do you in fact still have Symantec software installed, and if so what exactly? This because there are a couple of Symantec services still present, and if you no longer have that software, you want to get rid of those. Other than that it's a pretty clean log. I'd just check and have HijackThis fix the following lines in order to get rid of a couple of orphaned or empty registry keys/values: F3 - REG:win.ini: load= F3 - REG:win.ini: run= O2 - BHO: (no name) - {A4D90779-6CB2-4752-83C2-A2AB4D9A672D} - (no file) O3 - Toolbar: (no name) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - (no file) O3 - Toolbar: (no name) - {64634180-B0EA-48B6-82B7-9620D33362C1} - (no file)
  15. HijackThis being a diagnostic tool, posting a log and having it analyzed is an excellent way to find out whether there IS something that needs to be looked at more closely. No need to look further than this very place; we have some first rate analysts right here. A couple of other forums that offer expert help: http://www.bleepingcomputer.com/forums/index.php? http://www.techsupportforum.com/ http://forums.tomcoyote.org/index.php? http://forums.spybot.info/index.php (Just four out of many, of course...)
  16. I probably have far too many extensions, but, what the heck, I like them, and surprisingly the great majority of them have, at one time or another, turned out to be useful... Enabled Extensions: [34] - Adblock 0.5.3.043: http://adblock.mozdev.org - AI Roboform Toolbar for Firefox 6.9.3: http://www.roboform.com - All-In-One Search button 1.67: http://www.pcdingo.net - Auto Copy 0.6.4: http://autocopy.mozdev.org - BBCodeXtra 0.2.5.6: http://bbcodextra.extenzilla.org - Clippings 2.6: http://clippings.mozdev.org/ - ColorfulTabs 2.0.4: http://varun21.googlepages.com/ - CoLT 2.3.0: http://www.borngeek.com/firefox/colt/ - CookieSafe 2.0.6: http://forum.softwareblaze.com - Cooliris Previews 2.4: http://www.google.com/search?q=Firefox%20Cooliris%20Previews - CustomizeGoogle 0.60: http://www.customizegoogle.com/ - Fasterfox 2.0.0: http://fasterfox.mozdev.org/ - FireFTP 0.97: http://fireftp.mozdev.org - FlashGot 0.5.99: http://flashgot.net - FoxLingo 2.1.4: http://www.concisefreeware.com/foxlingo.php - IE Tab 1.3.3.20070528: http://ietab.mozdev.org/ - Linkification 1.3.3: http://yellow5.us/firefox/linkification/ - MediaPlayerConnectivity 0.8.3: http://membres.lycos.fr/sethnakht/ - Menu Editor 1.2.3.3: http://menueditor.mozdev.org/ - MR Tech Local Install 5.3.2.3: http://www.mrtech.com/extensions/local_install/ - NoScript 1.1.6: http://noscript.net - Play All 0.4.0.4: http://joliclic.free.fr/mozilla/playall/ - PopupMaster 1.2.1: http://yellow5.us/firefox/pm/ - Print/Print Preview 0.4: http://www.splintered.co.uk/ - Resizeable Form Fields 0.2.1: http://justinsomnia.org/2006/10/resizeable...ds-for-firefox/ - Resurrect Pages 1.0.8: http://trac.arantius.com/wiki/Extensions/Resurrect - ScrapBook 1.2.0.8: http://amb.vis.ne.jp/mozilla/scrapbook/ - ShowIP 0.8.05: http://l4x.org/showip - Split Pannel 0.8: http://www.geocities.com/max1million/firefox.htm - Tab Mix Plus 0.3.6: http://tmp.garyr.net - Text size toolbar 0.6.2: http://www.splintered.co.uk/ - Toolbar Buttons 0.4.1.4: http://codefisher.org/toolbar_button/ - Translate 0.6.0.8: http://ctomer.com - Update Notifier 0.1.5.3: http://www.longfocus.com/firefox/updatenotifier
  17. Well, look at the changelog I posted. This is certainly not a dramatic re-write, but it fixes a couple of bugs, one of which failed to properly enumerate the contents of a startup location used by recent malware. It also adds a few new startup locations that had been requested for quite a while. The result of this is that a log run with the new version of HijackThis simply gives a more complete and correct picture of the operating system in question, allowing analysts to help you better.
  18. You're very welcome, Hazel.
  19. It could simply be that, whereas the program itself is now at v2.0.2, it really IS version 1.0.0.1 of their installer...
  20. Well, as I said, there isn't really a good reason to hold on to the previous one... Changelog: [v2.00.0] * AnalyzeThis added for log file statistics * Recognizes Windows Vista and IE7 * Fixed a few bugs in the O23 method * Fixed a bug in the O22 method (SharedTaskScheduler) * Did a few tweaks on the log format * Fixed and improved ADS Spy * Improved Itty Bitty Procman (processes are frozen before they are killed) * Added listing of O4 autoruns from other users * Added listing of the Policies Run items in O4 method, used by SmitFraud trojan * Added /silentautolog parameter for system admins * Added /deleteonreboot [file] parameter for system admins * Added O24 - ActiveX Desktop Components enumeration * Added Enhanced Security Confirguration (ESC) Zones to O15 Trusted Sites check
  21. It's absolutely useless to keep the old one. This new TM build has a number of bug fixes and additions and it is in fact for 99% identical to what Merijn originally meant to issue as v1.99.2 There's not a single reason why you'd want to hold on to v.199.1
  22. 13 Startups here, mainly because I can
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.