TonyKlein
-
Posts
586 -
Joined
-
Last visited
Posts posted by TonyKlein
-
-
Hi Dennis
My pleasure, always good to be here!
-
Just wanted to let you know that we have two new Lists up and running at SystemLookup
Active Setup List, containing items registered to HKLM or HKCU\Software\Microsoft\Active Setup\Installed Components
The new Lists do not yet show up on the main "Browse By List" page, but as you can see they can be directly accessed.
Also, a global search for a CLSID or filename will yield results from the new lists as well.
FYI, after the creation of the initial eight Lists mentioned at the start of this topic, the following Lists were also added:
Startup List - Startup / Autorun Entries
Drivers List - Windows System Drivers
And again, we're always grateful for any new submissions. After all, we can't be everywhere at once all by ourselves...
A big thank you to everyone for your continued support!
-
Also you can re-associate reg files in xp, see here
Indeed!
Download that regfile association fix.
Now the best thing to do, when double-clicking the downloaded regfile will not produce the "Are you sure you want to add the information in *FileName.reg* to the registry?" prompt either, is open the Registry Editor (Start > Run > type regedit , then press OK or hit 'Enter')
Choose 'Import' from the 'File' menu
Browse to the downloaded regfile , highlight it, and press the 'Open' button.
You should be told that 'the information in *filename.reg* was successfully added to the Registry.
That ought to fix your problem, unless something else is 'broken' as well.
-
I was able to get all my incompatible extensions to work again thanks to MR Tech Toolkit, except for IE Tab
Coral IE Tab however turns out to be a great alternative
-
Well, I don't have the HKCU\Software\Microsoft\Terminal Server Client subkey in the first place, but I did test (WinXp SP3).
I created HKCU\Software\Microsoft\Terminal Server Client\Default\AddIns\RDPDR\FilterQueueType
I then ran CCleaner, and it did indeed remove all subkeys below HKCU\Software\Microsoft\Terminal Server Client
-
Look like:
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run
is working, but
HKEY_CURRENT_USER\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run
Is not.
Microsoft Technet almost exclusively refers to HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run
Not running Windows 7 myself, but it would therefore appear that Windows does not check the HKCU equivalent at boot.
FWIW, the key is used to store autostart entries for 32-bit software on 64-bit systems
-
Not sure how exactly CCleaner determines whether an extension is 'unused', but you could experiment with also registering your new extension under:
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts
Unlike on Win 9x, in XP and Vista this is the principal key that determines the current program in use for the filetype.
Come to think of it, it's prolly a good idea to make sure that your application is registered under HKCR\Applications with its shell\open\command subkey's Default value set to the path name of the application's executable
-
Hiya Rock, welcome - good to see you here!
-
Hi Tony, I'd be interested to hear your take on Sandboxie. Do you think Anti-Spyware is still required if you always run your browser sandboxed?
Hi Woody.
I've never used Sandboxie myself. I have a test box I can hose whenever I want, and on my main box I have Acronis True Image installed which has a handy Sandbox feature of itself called "Try&Decide" which I use as well
That said, as there is a variety of ways one can get infected, not just by browsing the net, I think a good Anti-Malware is always a useful addition.
-
I've been using Avira's Antivir Premium for awhile now and I'm beginning to think that other than a softwall firewall and router, Avira Premium is all that's needed.
I run Avira Premium as well, and I'm very happy with it too, but I still believe Malwarebytes Antimalware is a very useful addition to any antivirus. They specialize in baddies that AVs generally either pay less attention to, or have trouble removing, and the MBAM team really is on top of currently 'in the wild' malware
There are even numerous examples of Avira (as well as Symantec, and no doubt other AV's) staff actually recommending MBAM to get rid of particularly resilient malware...
-
Happy New Year, everyone!
-
You're very welcome, DennisD. Happy Holidays to everyone.
-
np, you're very welcome, Hazel
-
Looks good, and I've bookmarked it. Thanks for sharing the link!
You're very welcome, Andavari.
It was Javacool who, last August, came forward with his generous offer to host the Lists, and they're being updated throughout the day
In addition to myself, the editing team currently includes the following members of the anti-malware community:
miekiemoes
Metallica
random/random
nasdaq
Marckie
Zupe
Vino Rosso
Rorschach112
-
Frequently suffering Denial Of Service attacks because of the good work they did fighting online crime, CastleCops is no more.
It wasn't so much because of that that, but (at least on the surface) because Paul started working for Microsoft, Robin and Paul had their 3rd child and reportedly no third party showed up willing to run the site up to the standards and conditions asked for.
Regrettable, but many of us did kind of see it coming...
I'm just happy that we found a new home for the databases before the site went 'pouf!' with little or no notice.
All in all I think all this could have been handled a whole lot better!
-
Happy Holidays and all the best for 2009 to the both of you, and to everyone else at Piriform!
-
Antivir Premium
-
It looks great but I don't know what they mean when they say you can search or you can browse the lists. All I've gotten is the search option on every page. I see category headings such as CLSIDs, 09, etc. When I click on them I'm back to a search option. I don't see lists anywhere.
"Browsing" may be next on the to do list, not sure...
You can of course search the databases though.
Lots of tweaking still needs to be done, both visible and under the hood; it was however important to us to get the site public as soon as possible.
-
You're very welcome, Hazel.
CastleCops has been inaccessible more often than not over the last months, so we badly needed a comprehensive and reliable solution...
-
I'm happy to announce a new, dedicated home for the CLSID + other helper lists: http://www.systemlookup.com
The list maintainers, contributors and I have been working on this site non-stop, and enough features are up and running to get it in the hands of the people that need it.
Although global search of all lists isn't yet up, you can browse and search by list: http://www.systemlookup.com/lists.php
The following lists are currently available, with more (the O4s and others) coming soon:
* CLSID List - BHOs, Toolbars, SHs, Explorer Bars
* O9 List - Internet Explorer Buttons
* O10 List - Layered Service Providers
* O18 List - Extra protocols
* O20 List - AppInit_DLLs & Winlogon Notify
* O21 List - ShellServiceObjectDelayLoad
* O22 List - Shared Task Scheduler
* O23 List - Services
We look forward to continuing to improve the site and building some great new features to make things even easier.
But for now - Enjoy!
Best regards,
Javacool & the List Maintainers and Contributors:
TonyKlein
miekiemoes
Metallica
random/random
nasdaq
teacup61
Marckie
Zupe
Note that the search function per List is slightly different than what you were used to, in that you need to specify whether you're searching for a name, CLSID or filename; this to reduce the number of irrelevant search results.
Please feel free to blog this, and/or post this announcement anywhere else at this board if you feel a certain section is better suited, as well as at any other board you frequent and which we may be forgetting!
Thanks!
-
To remain on the completely safe side, it IS probably best to remove only those subkeys that do not contain the Compatibility Flags value; although that would be a time consuming business.
But again, it can't hurt to leave it alone entirely, as the 'orphaned' registry keys are harmless, and do not really contribute much to 'registry bloat'.
-
Protection for a CLSID is "on" only when the "Compatibility Flags" DWORD value is present in the subkey in question, and its value data equal "0x00000400"
No idea why you should have 'empty' keys there once all protection is ENabled, unless a number of CLSIDs were removed from the SpywareBlaster daatabase in previous updates.
Note, SpywareBlaster is not the only software writing to that registry key. SpyBot does as well ("immunisation") , and there are others, so it's probably a little rash to accuse' SB of having put them there.
-
I don't like that it leaves stuff behind like that.
I have many entries there without any values on them, like many bonzibuddy entries.
Well, they're harmless, and, as I said, they can safely be deleted.
I agree with you in that it would be preferable for SB to completely remove the subkeys themselves in case of an uninstall. Maybe a suggestion to post at Javacool's forum at Wilderssecurity?
-
I first disabled all protection from SB and then uninstalled it using the program own uninstaller. After that i checked the registry and those entries created by SB were still there. Well i rebooted, but after that those entries ARE STILL THERE. Aint SB create entries here:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility
When disabling protection for a given CLSID, SpywareBlaster only removes the "Compatibility Flags" string value of the subkey in question, not the subkey itself, in case you might want to re-enable it afterwards.
If this bothers you, yes, you can remove the entire "ActiveX Compatibility" subkey, then recreate an empty one afterwards
The "Lists" have Moved! :)
in Windows Security
Posted
Thank you, Hazel