If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Display Modes |
#1
|
|||
|
|||
Run mystery
I use the Run command selom and unually only for Msconfig and Regedit.
However, sometimes I find in the 'memory' other commands, like the one for the Firewall. I assume that these are acused by viruses/malware. Is that common? Is there a way of blocking the Windows Firewall so that no introsuion is possible? Thank you JB |
Ads |
#2
|
|||
|
|||
Run mystery
"Jorge Bravo" wrote in message
... I use the Run command selom and unually only for Msconfig and Regedit. However, sometimes I find in the 'memory' other commands, like the one for the Firewall. I assume that these are acused by viruses/malware. Is that common? Is there a way of blocking the Windows Firewall so that no introsuion is possible? One does not block a firewall. Rather, one allows a firewall to block intrusion attempts from hackers. To see if you are protected, go to this site: https://www.grc.com/x/ne.dll?bh0bkyd2 Scroll down and click Proceed. On the new page, click on the grey buttons, especially All Service Ports. If you don't pass, let us know. If everything is green, you are successfully in Stealth Mode, which is what you want. Regarding commands being memorized (as well as Web sites visited, doucments opened, etc.), this is a function of Windows. If you would like to erase your tracks, I recommend using Ccleaner: http://www.ccleaner.com/ When you install it, you will probably want to avoid installing any toolbar add-ons. When you run it, you may configure it to delete different items, including what you described above -- under Windows Explorer there is item called "Run (in Start Menu)." Some people are just interested in regularly cleaning out temp files and choose to leave the other items, including paswwords. If your firewall is doing its job and no one else uses your PC (or account), this should not be a problem, but it's your call. Since cleaning registry items does not noticeably improve a PC's performance and might even do some amount of damage (including preventing you from booting up!), be sure to avoid, Ccleaner's registry "cleaning" function. Otherwise, it's a great program. |
#3
|
|||
|
|||
Run mystery
Thanks
Everything is green in stealth mode. But I don't think I explained myself well.. When I go into the Run command box and attempt to typr something a scroll-down list of past commands appears. Sometines, in the past, I found strange commands which I never typed. Just recently there was one about firewall.cpl (I think) and at that time I had a virus that opened up Internet Explorer in the Firewall without my permission. So, I ant to know how it is that commands can appear in the 'past commands' in the Run box if I did not type them myself; and if thre is a way of stopping intrusions in this way that access the Firewall without my knowing. JB "Daave" escreveu na mensagem ... "Jorge Bravo" wrote in message ... I use the Run command selom and unually only for Msconfig and Regedit. However, sometimes I find in the 'memory' other commands, like the one for the Firewall. I assume that these are acused by viruses/malware. Is that common? Is there a way of blocking the Windows Firewall so that no introsuion is possible? One does not block a firewall. Rather, one allows a firewall to block intrusion attempts from hackers. To see if you are protected, go to this site: https://www.grc.com/x/ne.dll?bh0bkyd2 Scroll down and click Proceed. On the new page, click on the grey buttons, especially All Service Ports. If you don't pass, let us know. If everything is green, you are successfully in Stealth Mode, which is what you want. Regarding commands being memorized (as well as Web sites visited, doucments opened, etc.), this is a function of Windows. If you would like to erase your tracks, I recommend using Ccleaner: http://www.ccleaner.com/ When you install it, you will probably want to avoid installing any toolbar add-ons. When you run it, you may configure it to delete different items, including what you described above -- under Windows Explorer there is item called "Run (in Start Menu)." Some people are just interested in regularly cleaning out temp files and choose to leave the other items, including paswwords. If your firewall is doing its job and no one else uses your PC (or account), this should not be a problem, but it's your call. Since cleaning registry items does not noticeably improve a PC's performance and might even do some amount of damage (including preventing you from booting up!), be sure to avoid, Ccleaner's registry "cleaning" function. Otherwise, it's a great program. |
#4
|
|||
|
|||
Run mystery
Jorge,
The memory for the Run option on your start button window is contained in the registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Explorer\RunMRU. In the right pane, there will be up to 26 entries named with single alphabet letters (hence the limit of 26) and one named MRUList. The data for the keys named after small alpha characters should be command lines that you've previously entered at 'Start Run'. The MRUList value has a series of letters that determines the age sorting of the other values to enable bumping the least used when you need to make room for new command lines. Writing a script or program to edit entries under this registry key is quite simple but I'm not sure why anyone creating malware would want to do so. If some hacker can get you to run a script on your PC, it would be easier to simply run an executable from the script rather than modify listings under the 'Start Run' option and wait for the user to try it. I can see how someone providing you with an application might add their own entry to the registry so that if a user deleted whatever shortcut they provided to launch their application it would be simpler for the user to use "Plan B' and launch from the Run line. The only code I've written to alter that key were scripts to purge the clutter and trip the list to half a dozen rather than 26. Steve Yandl "Jorge Bravo" wrote in message ... Thanks Everything is green in stealth mode. But I don't think I explained myself well.. When I go into the Run command box and attempt to typr something a scroll-down list of past commands appears. Sometines, in the past, I found strange commands which I never typed. Just recently there was one about firewall.cpl (I think) and at that time I had a virus that opened up Internet Explorer in the Firewall without my permission. So, I ant to know how it is that commands can appear in the 'past commands' in the Run box if I did not type them myself; and if thre is a way of stopping intrusions in this way that access the Firewall without my knowing. JB "Daave" escreveu na mensagem ... "Jorge Bravo" wrote in message ... I use the Run command selom and unually only for Msconfig and Regedit. However, sometimes I find in the 'memory' other commands, like the one for the Firewall. I assume that these are acused by viruses/malware. Is that common? Is there a way of blocking the Windows Firewall so that no introsuion is possible? One does not block a firewall. Rather, one allows a firewall to block intrusion attempts from hackers. To see if you are protected, go to this site: https://www.grc.com/x/ne.dll?bh0bkyd2 Scroll down and click Proceed. On the new page, click on the grey buttons, especially All Service Ports. If you don't pass, let us know. If everything is green, you are successfully in Stealth Mode, which is what you want. Regarding commands being memorized (as well as Web sites visited, doucments opened, etc.), this is a function of Windows. If you would like to erase your tracks, I recommend using Ccleaner: http://www.ccleaner.com/ When you install it, you will probably want to avoid installing any toolbar add-ons. When you run it, you may configure it to delete different items, including what you described above -- under Windows Explorer there is item called "Run (in Start Menu)." Some people are just interested in regularly cleaning out temp files and choose to leave the other items, including paswwords. If your firewall is doing its job and no one else uses your PC (or account), this should not be a problem, but it's your call. Since cleaning registry items does not noticeably improve a PC's performance and might even do some amount of damage (including preventing you from booting up!), be sure to avoid, Ccleaner's registry "cleaning" function. Otherwise, it's a great program. |
#5
|
|||
|
|||
Run mystery
"Jorge Bravo" wrote in message
... So, I ant to know how it is that commands can appear in the 'past commands' in the Run box if I did not type them myself; and if thre is a way of stopping intrusions in this way that access the Firewall without my knowing. If you didn't enter it, someone else did. Make sure others don't use your PC; that will stop this from happening. Also make sure you are malware-free. See: http://www.elephantboycomputers.com/...iruses_Malware |
#6
|
|||
|
|||
Run mystery
That's what I meant. Nobody uses my computer; only me!
JB "Daave" escreveu na mensagem ... "Jorge Bravo" wrote in message ... So, I ant to know how it is that commands can appear in the 'past commands' in the Run box if I did not type them myself; and if thre is a way of stopping intrusions in this way that access the Firewall without my knowing. If you didn't enter it, someone else did. Make sure others don't use your PC; that will stop this from happening. Also make sure you are malware-free. See: http://www.elephantboycomputers.com/...iruses_Malware |
#7
|
|||
|
|||
Run mystery
Thank you very much Steve, for the very clear and informative reply.
JB "Steve Yandl" escreveu na mensagem ... Jorge, The memory for the Run option on your start button window is contained in the registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Explorer\RunMRU. In the right pane, there will be up to 26 entries named with single alphabet letters (hence the limit of 26) and one named MRUList. The data for the keys named after small alpha characters should be command lines that you've previously entered at 'Start Run'. The MRUList value has a series of letters that determines the age sorting of the other values to enable bumping the least used when you need to make room for new command lines. Writing a script or program to edit entries under this registry key is quite simple but I'm not sure why anyone creating malware would want to do so. If some hacker can get you to run a script on your PC, it would be easier to simply run an executable from the script rather than modify listings under the 'Start Run' option and wait for the user to try it. I can see how someone providing you with an application might add their own entry to the registry so that if a user deleted whatever shortcut they provided to launch their application it would be simpler for the user to use "Plan B' and launch from the Run line. The only code I've written to alter that key were scripts to purge the clutter and trip the list to half a dozen rather than 26. Steve Yandl "Jorge Bravo" wrote in message ... Thanks Everything is green in stealth mode. But I don't think I explained myself well.. When I go into the Run command box and attempt to typr something a scroll-down list of past commands appears. Sometines, in the past, I found strange commands which I never typed. Just recently there was one about firewall.cpl (I think) and at that time I had a virus that opened up Internet Explorer in the Firewall without my permission. So, I ant to know how it is that commands can appear in the 'past commands' in the Run box if I did not type them myself; and if thre is a way of stopping intrusions in this way that access the Firewall without my knowing. JB "Daave" escreveu na mensagem ... "Jorge Bravo" wrote in message ... I use the Run command selom and unually only for Msconfig and Regedit. However, sometimes I find in the 'memory' other commands, like the one for the Firewall. I assume that these are acused by viruses/malware. Is that common? Is there a way of blocking the Windows Firewall so that no introsuion is possible? One does not block a firewall. Rather, one allows a firewall to block intrusion attempts from hackers. To see if you are protected, go to this site: https://www.grc.com/x/ne.dll?bh0bkyd2 Scroll down and click Proceed. On the new page, click on the grey buttons, especially All Service Ports. If you don't pass, let us know. If everything is green, you are successfully in Stealth Mode, which is what you want. Regarding commands being memorized (as well as Web sites visited, doucments opened, etc.), this is a function of Windows. If you would like to erase your tracks, I recommend using Ccleaner: http://www.ccleaner.com/ When you install it, you will probably want to avoid installing any toolbar add-ons. When you run it, you may configure it to delete different items, including what you described above -- under Windows Explorer there is item called "Run (in Start Menu)." Some people are just interested in regularly cleaning out temp files and choose to leave the other items, including paswwords. If your firewall is doing its job and no one else uses your PC (or account), this should not be a problem, but it's your call. Since cleaning registry items does not noticeably improve a PC's performance and might even do some amount of damage (including preventing you from booting up!), be sure to avoid, Ccleaner's registry "cleaning" function. Otherwise, it's a great program. |
Thread Tools | |
Display Modes | |
|
|