[Dshield] Re: Open door (RShady/SBuczak)

R.H. Cotterell seec at mail.retina.ar
Fri Aug 24 17:53:05 GMT 2001

dshield-request at dshield.org's e-mail of 24 August 2001 12:01 stated:

>Today's Topics:
>   1. Re: door opener (RShady)
>Message: 1
>Date: Fri, 24 Aug 2001 11:05:23 -0400
>From: RShady <RShady at stny.rr.com>
>To: dshield at dshield.org
>Subject: Re: [Dshield] door opener
>Reply-To: dshield at dshield.org
>Does anyone know how to remove unneeded stuff from a systems

Yes.  Get yourself EasyCleaner v1.7f form <http://www.saunalahti.fi/tonihele>
or give Google the job to find the new site.  

Read the documentation with extreme care!  BTW, none of you have stated what OS 
you are running and requesting information on.

>What's safe, whats not? is it ok to open the reg file in a
>text editor then save back to disk?

Well, you should use the RegEdit that comes with your OS.

>You really have to know what you're doing when you edit the registry.  I use ConfigSafe which backs up the
>registry on a daily basis and you can specify what in the registry you can back up.  The cool thing about
>ConfigSafe is that you can roll back the system configuration to a previous good configuration.  I've had to
>roll back my W2k Pro a few times.  It really saved my bacon.  It's worth the bucks and you can find it here:

That's one way... but again, Windows 98, for example, comes with the 
possibility to backup your registry without a problem.  For that go to 
Start\Programs\Accessories\System Tools\System Information and open the Tools 
menu item and select Registry Checker.

Should you get into a Registry problem, the way to overcome the difficulty is 
to get to a DOS command prompt (not in Windows!) and type *scanreg /restore* 
<enter> and you wull get the necessary information that you need to get a 
started normal registry.  Remember, though, that when you incorporate software 
or unload  any, always update your Registry and System Files.

Another method, which is not necessarily the avenue to solve all your problems -
 you need to think which of the two is most convenient, and this would be, 
perhaps, the first tentative approach, is type at the C:\> prompt the following 
and in this order:

C:\>scanreg /fix <enter>

and when finished, type:

C:\>scanreg /opt <enter>

and reboot into Windows.  If it doen't fix what is inhibiting a clean Windows 
boot, then do what I suggested, that is the scanreg /restore command. 
>Susan Buczak wrote:
>> Hello.
>> New here. I think code red is just a door opener for other stuff. I
>> have never received as much suspicious possible virus email as I have
>> during the past 2 months.
>> I just reformatted this computer because there was way too much
>> evidence of something... so it's 5 days old.
>> I found my link to windows explorer looked like this last night:

In Windows 98, you'll see something such as the following: 
c:\windows \explorer.exe /n, /e, c:\ (Note the spaces!).

This latter command line hints at the parameters that
Explorer supports. The syntax of these parameters is
as follows (I've eliminated the path for brevity's sake): 
explorer {/n} {,/e} {,/root, x} {{,/select}, y}.

The /n switch opens a new Explorer window, even if an
existing window is open. The /e switch specifies a
two-pane Explorer view, rather than a single pane.
Note that commas are necessary between parameters.

The /root and /select switches make things interesting.
You use /select -- followed by file, folder, or
computer name y -- to highlight the selected object
and put Explorer's focus on its parent. You use /root
in the same way, followed by x, to open Explorer
with object x fixed at the "top" of the tree view.

You would typically use the /select switch to make
Explorer start with a specific folder or drive
selected. By contrast, the /root switch, which is used
less often, makes Explorer display a window in which
the "root" you've specified is as high as you can go.

Here are some examples. The following command line
would start Explorer with the Docs folder open and the
file Today.doc selected: 
explorer /n, /e, /select,c:\docs \today.doc.

Perhaps you don't need to select a specific file but
only want Explorer to focus on a different drive
letter than the default. In that case, you can
dispense with the optional /select switch and simply
name the drive.

For example, the following command line would cause
Explorer to open with its focus on the D: drive, which
might be your
CD-ROM or other device: 
explorer /n, /e, d:\.

The following /root command would start Explorer with
Server1 at the top of the tree: 
explorer /n, /e, /root, \\server1.

Try these for yourself. You can easily make several
Explorer shortcuts, one for each drive, one for
special folders, and so forth.

For more details, go to
search.support.microsoft.com/kb/c.asp  and search for
article ID Q237494.

>> I have an executable in here already that does a running process, but
>> I cannot find it even with hidden files showing.
>> Not like theres a lot of stuff in here so it should be easy one would
>> think... my computer sends two passwords at logon to my isp. That I
>> cannot figure out yet either. They are getting in here I think via
>> email. Then they sync data out somehow. I have deleted 'mobsync'
>> twice and it showed up again last night. I do wonder I am logging in
>> twice to my isp or to someone elses??? I have been through all the
>> settings numerous times, I am not a novice, and I cannot find the
>> problem. figure I will determine what I need on this end to fully
>> protect the mailbox/system then formatt again and reload clean AGAIN
>> hopefully.
>> Does anyone know if its possible for a hacker to affect the bios of a
>> system? On last format this drive seemed to remember stuff it should
>> related to internet connections. I could just be ultra paranoid about
>> that one but it sure did seem that way.
>> Does anyone know how to remove unneeded stuff from a systems
>> registry? Whats safe, whats not? is it ok to open the reg file in a
>> text editor then save back to disk?
>> S.


Richard H. Cotterell <mailto:seec at mail.retina.ar>

A quotation for your reading pleasure:
The greatest thing by far is to be a master of metaphor.  It is
the one thing that cannot be learned from others;  it is the mark
of genius, since a good metaphor implies an eye for resemblance.
  -Aristotle (384-322 B.C.) Greek philosopher, in Poetics

More information about the list mailing list