Jump to content

Alan_B

Experienced Members
  • Posts

    4,274
  • Joined

  • Last visited

Everything posted by Alan_B

  1. An "Automatic" alternative to manual deletion might be :- 1. Create a simple script file ( *.bat or *.cmd ) to delete the file, and after deletion completion to run CCleaner, and 2. Change your CCleaner startup link to instead aim at the above script. Regards Alan
  2. Terance I recently read somewhere, possibly in Spyware Hell, that some malware especially cripples CCleaner and other junk removers because some malware hopes to lurk un-detected in junk / temp folders and files, so takes pre-emptive action. Consequently, if you are suffering with a form of malware, advice in this forum based on how CCleaner SHOULD work may be totally inappropriate to a crippled/corrupted installation. If I were in your situation I would consider the whole network to be corrupt - all computers and routers and firewalls. As a perpetual paranoid I would also consider the possibility of virus infection of firmware, bios, cmos,and any other non-disc locations. I would not trust a hardware firewall - it could already be compromised. Even if the hardware firewall was NOT compromised, I would only expect it to protect my network from the WWW internet, and fear that it has no ability to prevent cross-infection within my network. I would fully isolate one computer from all the others, purge as far as possible, and add a good quality software firewall (I recommend Comodo) which gives better protection than a hardware firewall against WWW intrusions, and can be infinitely superior against anything already inside the network. Only after doing this for all computers would I begin to put them together as a network. I see danger where ever I look, so going over the top is a bit of a habit, but it might also be why I have been "virus free since 83" !!! I have expressed my fears and how I would spend my first 5 minutes approaching the situation, BUT I would definitely feel out of my depth. BEFORE taking any action I would first seek advice and hand-holding from experts, such as in our companion forum Spyware Hell at http://forum.piriform.com/index.php?showforum=12. I wish you well Best regards Alan
  3. An alternative, or additional improvement, would be to put the file size at the START of the row, NOT the END of the row. It would also be nice if it had a vertically aligned fixed format. My eyes get very tired finding the zig zag far end of every row - and when long paths require a horizontal scroll I go ballistic. Regards Alan.
  4. ABSOLUTELY NOT NECESSARILY SAFE. M.$. do stupid things. They have installed M.$. "Teach yourself Windows" junk on my computer. Part of the installation includes executables within my profile, out of reach of other users; BUT these executables are referenced in a PUBLIC registry hive instead of my personal profile hive; So any user OTHER than myself will have CC offer to delete the keys which are needed for MYSELF. M.$. do other stupid things that also cause problems, but they cannot be enumerated without overloading the Piriform servers !!! I would like to clean all users, BUT I would not like other users to do the same to me !!! Regards Alan
  5. To summarise :- 1. installing Nokia PC Suite failed to fix the problem; 2. USB drivers are still working O.K. My experience includes applications that can work when first installed, but after they are "broken" they will not work upon a second installation. Something is left behind which makes the installer think the application is already installed, and you have to un-install before you can have a further successful installation. With luck one simply downloads and re-installs - it might not be fully functional, but with luck it will deposit enough valid information for Add/Remove Program to un-install cleanly. If that fails I have seen strong recommendations for http://www.revouninstaller.com/ Alternative possibilities :- Any registry cleaning can be undone by restoring the registry, preferably via the backup which CC will have recommended that you do, alternatively via :- an ERUNT backup (creation takes 10 Seconds and is automatic at start of day); or System Restore to a point pre-dating the cleanse. Any file cleanse cannot be undone. Unfortunately CC refuse to delete into the ReCycle Bin, and once it is gone it is gone for ever, but you have 3 possibilities :- 1. RECUVA can with luck retrieve files that have been deleted, and the quicker you try it the luckier you will be; (The longer you wait the greater the risk that the deleted file will get over-written, and if RECUVA is not already installed then Murphy's law dictates that installing RECUVA itself will over-write the file you wanted to un-delete !!!) 2. System Restore to a point pre-dating the cleanse - you may be lucky; 3. System Restore to the point at or immediately after first installing Nokia PC Suite. Regards Alan
  6. MUI Cache was one of my suspects - it still is. Did you do the tests I suggested ? What were the results ? Perhaps a Floppy disc file has been read/written in the past, resulting in registry entries/pointers/etc. When CC cleans the registry it tests such registry entries/pointers/etc for current validity, so anything that was on Drive A:\ will still need to be on drive A:\. If you run CC with no floppy disc loaded, the drive will click and bang, and the O.S. will report to CC that the removable drive is absent, and CC will abort that test. If instead you run CC whilst an empty floppy (formatted but no files) is present, then the O.S. reports that the relevant file is absent, and THEN you may expect CC to tell you what file it wanted to find. Regards Alan.
  7. What happened then ???? If it worked again, it is unlikely that Nokia installed "drivers for the USB or some system files", therefore CC never removed them. Regards Alan
  8. I do not know if CC has any special skill to modify " beyond the VM 'envelope' ". I believe you can use VM to run/simulate Linux on a Windows machine etc., and I would expect CC to clean any files the VM allows for write access. I also think of VM (and Sandboxes) as techniques to protect the system from Internet malware, and if that is your requirement, any indication that CC is transgressing the protection boundary suggests defective protection against malware. Regards Alan
  9. I remember seeing privacy concerns when they first announced Chrome. I have just used Google for Advanced Search, All the the words "Google Chrome Browser Privacy". Top of the hit list was http://www.law.com/jsp/legaltechnology/pub...d=1202425790725. If you are interested there are 422,999 more hits to explore !!! Regards Alan
  10. 1. Not quite. I.E. is unfortunately embedded within Windows. You can't get rid of it. I.E. does not pre-load itself. It is M.$. Windows software that takes a long time on start up loading all sorts of code. Hence I.E. can be launched without loading much more code. 2. Not really strange. Launch Windows Task Manager and view Processes. You will only see I.E. if the I.E. browser is actually running, and present on the task bar. Its Pre-loader is Windows itself. You will see the F.F if its pre-loader is present. You only have to select that process and click the "end process" button to stop it, then CC will clean the cache. 3. Yes, but it would be dangerous if you killed the wrong process. If I advise you wrongly it could damage your system. Others here may have first hand experience and could help, or visit http://www.computerhope.com/forum/index.php?board=2.0 A possible alternative might be to schedule the FF pre-loader to occur after using CC.
  11. By itself that does nothing, not until you use the Options button, then Include, and then you can stipulate the Custom files and folders you choose to purge. Regards Alan
  12. I thought all Chrome Browsing History tended to be in the public domain anyway !!! Alan
  13. This stuff may not cause a problem, but it causes extreme aggravation, and I wish to avoid the problem or minimise the delay. 103 MBytes of obsolete junk were still present after 11 days. They have now gone after hanging around for 13 days. I archive a disc image before I allow M.$ to dump a Security update on me, so I can immediately recover if their "fix" should cripple the system. Then for two weeks I want to create a further disc image so I can immediately recover if I cripple my own system, BUT I am less likely than M.$. to cripple it, so I wait until removal of the obsolete junk. ( 103 MBytes till yesterday, Perhaps 1000 MBytes after this week's update.) I wait because 103 or 1000 MByte etc. would increase the time taken to create the image, and would reduce the number of images on a finite external hard drive, thus reducing how far back in time I could go. It would be nice if I could get rid of junk immediately it becomes obsolete. I guess I could simply delete the junk, but I am sure Windows would punish me sooner or later. Regards Alan
  14. Hi In principle the original idea was, or should have been, that :- Created is when the file was first created; Accessed is the last time anything read the contents; Modified is the last time the file was re-written. All three dates should exactly match at the instant when the file first appears. In practice that may happen sometimes - but not so much now we have Windows !!! Using Xplorer2, a dual pane alternative to Windows Explorer, and also DIR in a DOS CMD Shell, I captured :- Name Modified Created AccessedNew_Files.rtf 22/07/2007 21:17:14 23/05/2007 17:45:18 09/11/2008 15:41:40TweakMASTER-Install.exe 23/05/2007 16:17:34 23/05/2007 16:17:24 09/11/2008 15:36:08C:\Documents and Settings\Dad\My Documents\My Received Files\Edit_etc>DIR /T:A09/11/2008 15:41 577 New_Files.rtf09/11/2008 15:36 1,728,160 TweakMASTER-Install.exeC:\Documents and Settings\Dad\My Documents\My Received Files\Edit_etc>DIR /T:A09/11/2008 15:41 577 New_Files.rtf10/11/2008 14:08 1,728,160 TweakMASTER-Install.exe It is worth noting that the Tweak*.exe file was "opened" when the download started, and 10 seconds later the download ended and my Anti-virus scrutinised and permitted the contents on-board, hence the 10 second delay after "Created" before "Modified". *.exe files can damage Windows (e.g. a virus) so Windows gets its retaliation in first, and the Accessed date gets caught in the cross-fire !!! Another possibility is simply that System Restore inspects many file types, including *.exe but excluding *.rtf, with a view to capturing copies in a restore point incase the get changed. Either way, and in addition, if Windows ever sees a file in a directory listing, it instantly trashes the Accessed date to "NOW". Furthermore, if the file is an *.exe :- the new date is instantly put in whatever DOS "DIR" reads (I guess I mean the disk, but Windows has so many peculiarities I am not sure); otherwise the new date is held pending, and written to the disc (or whatever) upon close down ready for the next time the computer starts up. Before I used Windows to show all three dates of two files, I captured the first of the two DIR lists, hence the Windows list and the first DIR list show the same Accessed date. I then captured the second DIR list, which shows that Tweak*.exe has just been "Accessed". Windows does not show this change other than in a new instance of Windows Explorer etc. The New*.rtf Accessed date is also punished - but it is suspended and pending via a different mechanism. Even launching a new instance of CMD still shows the old accessed date, BUT it is going to change. The first of the two DIR lists proves the New*.rtf will get punished. Yesterday at 09/11/2008 15:36:08 I performed the same operations as today, after which the New*.rtf date remained as per Modified, i.e. 22/07/2007 21:17:14. Today New*.rtf date had become 09/11/2008 15:41:40, which is 5 minutes after 09/11/2008 15:36:08 and corresponds to when I closed down the computer. Files with alternative extensions may suffer alternative consequences. The above tests were done within my private documents, from which System Restore is excluded. If you are looking at C:\Program Files\* the waters become muddy !!! Finally, Modified should be later than Created, but not always, as an example :- C:\WINDOWS\system32\c_20127.nls :- Modified 18/08/2001 19:00:00; Created 20/05/2003 16:24:58. My guess is the source code was last changed in 2001, but a security hole was found and, with no change to the raw source code, conditional compiler directives or something may have altered the EFFECT of the code (e.g. specifying a different or updated library) and a new c_20127.nls was created and transferred on a Patch Tuesday Update. 20/05/2003 16:24:58 may be the date of Patch Tuesday hitting this particular computer, or when the latest version was prepared for release to every-one, or ....... Conclusions :- 1. The Accessed date is extremely vulnerable to damage if Windows should look at the file; 2. The other two dates often mean what they say - but there are exceptions to this general rule; 3. When in Windows, tread carefully !!! n.b. Some of the above I learnt today - Windows is a never ending bag of tricks. Regards Alan
  15. When Registry Cleaner is run from my daughter's profile, it offers to delete entries for Applications which are removed. It ALSO does this for an application which, in their stupid folly, M.$ installed in my user profile, which was therefore invisible to Registry Cleaner when run in a different profile. It seems to me very possible that at some time a floppy drive executable was run, and Windows automatically added relevant entries to the registry, and the Registry Cleaner will automatically look at Drive A to see if the executable is still there - hence it rattles and bangs. I suggest you :- 1. Format a floppy so it is readable, but has no files which might correspond to what the Registry has recorded; 2. Remove the floppy and reboot to ensure Windows knows nothing about the floppy; 3. Start Registry Cleaner and then insert the floppy disc. If Registry Cleaner then offers to remove entries corresponding to executables absent / un-installed from Drive A:\ you will know exactly what it was looking for, and you can then clean those references so it will not rattle and bang any more. NB If you never ran / installed the "missing" executable, you might like to challenge everyone else who had access to the computer - if you tell them what they ran, they may confess to other miss-deeds !!! Regards Alan
  16. YoKenny That was actually a bit more than I need to know !!! Thank you, it was very informative. Regards Alan
  17. If I launch Notepad I can immediately save a file which holds nothing. File properties shows it to be 0 bytes, and the size on disc is 0 Immediately I add a solitary character to this file, properties shows Size 1 byte, Size on disk 4 KB - the size of my clusters. I suspect that Yokenny has a cluster size of 512 bytes. The "size" of the file only determines how many clusters are needed to hold it. Any size greater than zero will consume at least one cluster. n.b. How does Windows Explorer tell me when I created this Null.txt file, and what its name is ? I suspect that this is data planted in the MFT (or the FAT depending upon O.S), AND that this data consumes yet another cluster, even when the file it describes is zero bytes long. I do not think it useful to set a specific size as a limit, AND most users will NOT look at file properties - they will simply see a DIR listing showing a file size of 1 byte (or how many characters I typed), and users who do not appreciate the difference from "Size on Disk" may soon start posting bug reports !!! Regards Alan
  18. I would like CCleaner to automatically launch upon Shut Down, so that other users who may fail to run CCleaner will have it done for them. BUT - A VERY BIG BUT I would be very afraid. Depending upon the phase of the moon, and I know not what else, Windows may shut down cleanly; At other times it gets hung up because some application has not shut down in time, and the Event log shows all sorts of ominous warnings with recommendations about changing services/domains/etc. Quite often the guilty process is ctfmon. This is supposed to help with alternative text input, which I DO NOT NEED. In practice it actually closes down Notepad and other things whilst I am still using them. I often remove the start-up entries of ctfmon, but a few days later it is resurrected. I would hate it if CCleaner were to cause the same grief as ctfmon. Regards Alan
  19. I can not see any use for this, nor how it could be used. The standard backup BEFORE cleaning will create a *.reg file, and if you do not like the result of cleaning a simple double click will merge it into the registry to put it back as it was. What do you expect an AFTER backup to do ? How would it know what keys and values to backup ? How would you use this *.reg file ? If you think the cleaned registry is now perfect, and you want to preserve its state, I recommend the use of ERUNT. Regards Alan
  20. On 29/10/2008 a security patch update dumped in the download folder :- 103 MBytes in 9 sub-folders with 32 character names e.g. 491a2c8e1582f5cdd01f8b3da4b8ef7d 36 KByte in one file with a 40 character name, 3dc173f8c7d24153dd41411e822b91ff9e4d7d82. When does Windows purge ? :- This was successfully installed, so why did it not go away immediately? My experience is that most such dumps usually go away eventually when Windows decides to purge. Is there anything I can do to accelerate this process ? Would I be lucky if I disconnect from Internet time sources and set the date forward one month and reboot the computer a few times ? And how many times should I reboot ? And why does stuff stay ? :- There is also 2.5 MBytes in 4 folders that were modified in 2006 and 2007 Why did they get stuck ? Could they be the result of a patch that failed to install ? This folder also has 18 off 40 character named files. Total size is 10 MBytes, most of which is in the 7.5 MByte file that came on the Sept 2009 Patch Tuesday. All these files have 40 character names, and they have at least one month between them. There are 30 months without such a file - I may have missed a few Patch Tuesdays, but not that many. Does Windows have a 40% failure rate at deleting these files ? Do I still need them ? (I am now wondering what was so special about the Sept 2009 patch that its index/whatever file is so large.) Finally (for now), I have set Automatic Updates to "Turn OFF". Do I need to weaken my defence against M.$ errors by setting it to "Notify" ? i.e. I want to stop M.$. breaking my system with unexpected updates, but does "Turn OFF" also delay or disable the purging of obsolete files ? Like many people, I fear that the next Patch Update will damage my system, so until last year I set Automatic Updates to Notify ONLY. Last year M.$. broke the rules and did a secret download and installation, with absolutely no prior nor subsequent warning nor notification, and System Administrators had no chance to take back-up precautions, and some had drastic system failures as a result of this M.$ virus. Since then I use "Turn OFF Automatic Updates", and only switch to Notify when I have made a fresh backup. Any day now I expect M.$. to break their latest promises, and dump regardless, I guess I will then add M.$. to my Hosts file for exclusion !!! Regards Alan
  21. 14 days old ??? I have 116 Prefetch files. Their CREATED dates range from 19/08/2008 to 08/11/2008 Their MODIFIED dates range from 24/10/2008 to 08/11/2008 Their ACCESSED dates are all 08/11/2008. Which of the three possible date types in Windows Explorer is craigathus looking at when he says some are more than 14 days old ? Which of these three date types does CCleaner use when deciding if a file is more than 14 days ? Are we comparing apples with oranges ? Regards Alan
  22. I use Comodo Software Firewall, recently supplemented by Netgear Modem/Router/Firewall. The Netgear Modem gives better speed than the Thomson Speedtouch I previously used. Given perfect security, and freedom from errors by users, nothing nasty should come on-board. If any keyloggers get in, or if the P.C. is recruited into a BotNet army, software Firewalls give much better protection against "outgoing" than hardware firewalls. I like the fact that the hardware Firewall uses zero computer resources to block most of the attacks. BUT I have more confidence in Comodo. I have read that Hardware SIPS give more stringent protection than Software without SIPS. I do NOT trust SIPS. My Comodo rules are quite restrictive, but they never interfere with legitimate traffic. The only time a software download failed was when I tried to update the Netgear Wireless adapter. I discovered that Netgear tried to download to a port different from the port I used to request the update. I then found that if I initiate an outgoing link to an IP address, any packets from that address are considered by the hardware to be replies to an outgoing request, and hardware lets them through - even if they are the wrong protocol. It even allows incoming ICMP just because of an outgoing TCP or UDP packet. I strongly suspect that anything aimed at a Privileged Port would succeed in taking over my P.C. The Comodo Firewall has a stricter policy - the reply has to be aimed at the port that issued the request, and it has to be the same protocol, otherwise it is NOT a reply to outgoing, but is an unrequested incoming that should be blocked. I am careful what sites I visit, and avoid any which Google warns could damage my computer, BUT when a site is first infected Google will not warn, and I think that Hardware SIPS will welcome any malware that is available, BUT Comodo will protect me. Regards Alan
  23. Thank you Davey, you gave me the assurance I need. I converted the old "Standard" from registry to cleaner.ini based so I could easily transfer my customisation to a new Portable version, AND so that before adopting the latest I could conveniently compare the results of one version to the next. I have no concerns about the extra files in C:\Documents and Settings\Dad\Application Data\Microsoft\MSN Messenger\413677275\ "Standard" version v2.10.618 did not recognise these as junk to be zapped. "Portable" version v2.13.720 version wants to zapp them, which I take as evidence the developers have made improvements ( I previously believed that, but it is nice to see proof !!! ) Regards Alan
  24. Do I need any of the DLL's What benefit are the contents of embedded_INIs_v2.13.zip I have been using a "standard" version v2.10.618 which is installed on C:\. together with winappi.ini dated 18/10/2007. N.B. winsys.ini and winreg.in are absent. I have now checked the Advanced "Save all settings to INI file" option, which immediately created CCleaner.ini. Then I downloaded Portable version v2.13.720, and unzipped on Drive H:\ As expected the portable version ran with default settings - none of my "standard" customisation. Immediately after copying CCleaner.ini to H:\ it had all my standard customisation. I found that both Standard and Portable found identical registry settings to purge. The Portable also found all the Files that Standard wanted to purge, but in addition Portable found a lot of C:\Documents and Settings\Dad\Application Data\Microsoft\MSN Messenger\413677275\. I found that Unicows.dll was needed for Windows 95/98, and decided I did not need it because I use Windows XP Home edition with SP3. I deleted ALL the *.dll files, i.e.Unicows.dll and also all the language files. I could see no difference in operation. Is there any situation in which I will need any of those *.dll files ? I shut down the P.C. and then restarted, after which Portable still found and offered to delete exactly the same files and registry settings as before. WHY ? Does the winappi.ini do nothing at all ? If winappi.ini did anything useful for Standard CC, I would have expected Portable CC to be inferior in its absence, Or did the original "Standard" CC put data in the registry based upon winappi.ini, and the "Portable" CC (which has no copy of winappi.ini) has made use of those registry settings ? (N.B. I think "Portable" software should not modify the registry - and I would not expect it to use it either.) Will the various *.ini files within embedded_INIs_v2.13.zip do me any good ? What benefits may I expect ? If I try them and decide I do not like the effects, will deleting these files restore everything exactly as it was ? or will I need to also do a System Restore to put the registry back as it was ? Regards Alan
  25. Perhaps CCleaner is still waiting for them to be more than 48 hours old, and perhaps it is deciding this on the basis of "last accessed" rather than "Modifed" or "created". Regards Alan
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.