Jump to content


Experienced Members
  • Posts

  • Joined

  • Last visited

Everything posted by TonyKlein

  1. Hi Dennis My pleasure, always good to be here!
  2. Just wanted to let you know that we have two new Lists up and running at SystemLookup Firefox Extensions database Active Setup List, containing items registered to HKLM or HKCU\Software\Microsoft\Active Setup\Installed Components The new Lists do not yet show up on the main "Browse By List" page, but as you can see they can be directly accessed. Also, a global search for a CLSID or filename will yield results from the new lists as well. FYI, after the creation of the initial eight Lists mentioned at the start of this topic, the following Lists were also added: Startup List - Startup / Autorun Entries O16 List - ActiveX Installs SEH List - ShellExecuteHooks Drivers List - Windows System Drivers And again, we're always grateful for any new submissions. After all, we can't be everywhere at once all by ourselves... A big thank you to everyone for your continued support!
  3. Indeed! Download that regfile association fix. Now the best thing to do, when double-clicking the downloaded regfile will not produce the "Are you sure you want to add the information in *FileName.reg* to the registry?" prompt either, is open the Registry Editor (Start > Run > type regedit , then press OK or hit 'Enter') Choose 'Import' from the 'File' menu Browse to the downloaded regfile , highlight it, and press the 'Open' button. You should be told that 'the information in *filename.reg* was successfully added to the Registry. That ought to fix your problem, unless something else is 'broken' as well.
  4. I was able to get all my incompatible extensions to work again thanks to MR Tech Toolkit, except for IE Tab Coral IE Tab however turns out to be a great alternative
  5. Well, I don't have the HKCU\Software\Microsoft\Terminal Server Client subkey in the first place, but I did test (WinXp SP3). I created HKCU\Software\Microsoft\Terminal Server Client\Default\AddIns\RDPDR\FilterQueueType I then ran CCleaner, and it did indeed remove all subkeys below HKCU\Software\Microsoft\Terminal Server Client
  6. Microsoft Technet almost exclusively refers to HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run Not running Windows 7 myself, but it would therefore appear that Windows does not check the HKCU equivalent at boot. FWIW, the key is used to store autostart entries for 32-bit software on 64-bit systems
  7. Not sure how exactly CCleaner determines whether an extension is 'unused', but you could experiment with also registering your new extension under: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts Unlike on Win 9x, in XP and Vista this is the principal key that determines the current program in use for the filetype. Come to think of it, it's prolly a good idea to make sure that your application is registered under HKCR\Applications with its shell\open\command subkey's Default value set to the path name of the application's executable
  8. Hiya Rock, welcome - good to see you here!
  9. Hi Woody. I've never used Sandboxie myself. I have a test box I can hose whenever I want, and on my main box I have Acronis True Image installed which has a handy Sandbox feature of itself called "Try&Decide" which I use as well That said, as there is a variety of ways one can get infected, not just by browsing the net, I think a good Anti-Malware is always a useful addition.
  10. I run Avira Premium as well, and I'm very happy with it too, but I still believe Malwarebytes Antimalware is a very useful addition to any antivirus. They specialize in baddies that AVs generally either pay less attention to, or have trouble removing, and the MBAM team really is on top of currently 'in the wild' malware There are even numerous examples of Avira (as well as Symantec, and no doubt other AV's) staff actually recommending MBAM to get rid of particularly resilient malware...
  11. Happy New Year, everyone!
  12. You're very welcome, DennisD. Happy Holidays to everyone.
  13. np, you're very welcome, Hazel
  14. You're very welcome, Andavari. It was Javacool who, last August, came forward with his generous offer to host the Lists, and they're being updated throughout the day In addition to myself, the editing team currently includes the following members of the anti-malware community: miekiemoes Metallica random/random nasdaq Marckie Zupe Vino Rosso Rorschach112
  15. It wasn't so much because of that that, but (at least on the surface) because Paul started working for Microsoft, Robin and Paul had their 3rd child and reportedly no third party showed up willing to run the site up to the standards and conditions asked for. Regrettable, but many of us did kind of see it coming... I'm just happy that we found a new home for the databases before the site went 'pouf!' with little or no notice. All in all I think all this could have been handled a whole lot better!
  16. Happy Holidays and all the best for 2009 to the both of you, and to everyone else at Piriform!
  17. "Browsing" may be next on the to do list, not sure... You can of course search the databases though. Lots of tweaking still needs to be done, both visible and under the hood; it was however important to us to get the site public as soon as possible.
  18. You're very welcome, Hazel. CastleCops has been inaccessible more often than not over the last months, so we badly needed a comprehensive and reliable solution...
  19. Note that the search function per List is slightly different than what you were used to, in that you need to specify whether you're searching for a name, CLSID or filename; this to reduce the number of irrelevant search results. Please feel free to blog this, and/or post this announcement anywhere else at this board if you feel a certain section is better suited, as well as at any other board you frequent and which we may be forgetting! Thanks!
  20. To remain on the completely safe side, it IS probably best to remove only those subkeys that do not contain the Compatibility Flags value; although that would be a time consuming business. But again, it can't hurt to leave it alone entirely, as the 'orphaned' registry keys are harmless, and do not really contribute much to 'registry bloat'.
  21. Protection for a CLSID is "on" only when the "Compatibility Flags" DWORD value is present in the subkey in question, and its value data equal "0x00000400" No idea why you should have 'empty' keys there once all protection is ENabled, unless a number of CLSIDs were removed from the SpywareBlaster daatabase in previous updates. Note, SpywareBlaster is not the only software writing to that registry key. SpyBot does as well ("immunisation") , and there are others, so it's probably a little rash to accuse' SB of having put them there.
  22. Well, they're harmless, and, as I said, they can safely be deleted. I agree with you in that it would be preferable for SB to completely remove the subkeys themselves in case of an uninstall. Maybe a suggestion to post at Javacool's forum at Wilderssecurity? http://www.wilderssecurity.com/forumdisplay.php?f=19
  23. When disabling protection for a given CLSID, SpywareBlaster only removes the "Compatibility Flags" string value of the subkey in question, not the subkey itself, in case you might want to re-enable it afterwards. If this bothers you, yes, you can remove the entire "ActiveX Compatibility" subkey, then recreate an empty one afterwards
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.