Jump to content


Experienced Members
  • Posts

  • Joined

  • Last visited

Posts posted by TonyKlein

  1. Just wanted to let you know that we have two new Lists up and running at SystemLookup


    Firefox Extensions database


    Active Setup List, containing items registered to HKLM or HKCU\Software\Microsoft\Active Setup\Installed Components


    The new Lists do not yet show up on the main "Browse By List" page, but as you can see they can be directly accessed.

    Also, a global search for a CLSID or filename will yield results from the new lists as well.


    FYI, after the creation of the initial eight Lists mentioned at the start of this topic, the following Lists were also added:


    Startup List - Startup / Autorun Entries

    O16 List - ActiveX Installs

    SEH List - ShellExecuteHooks

    Drivers List - Windows System Drivers



    And again, we're always grateful for any new submissions. After all, we can't be everywhere at once all by ourselves... ;)


    A big thank you to everyone for your continued support!

  2. Also you can re-associate reg files in xp, see here






    Download that regfile association fix.


    Now the best thing to do, when double-clicking the downloaded regfile will not produce the "Are you sure you want to add the information in *FileName.reg* to the registry?" prompt either, is open the Registry Editor (Start > Run > type regedit , then press OK or hit 'Enter')


    Choose 'Import' from the 'File' menu


    Browse to the downloaded regfile , highlight it, and press the 'Open' button.


    You should be told that 'the information in *filename.reg* was successfully added to the Registry.


    That ought to fix your problem, unless something else is 'broken' as well.

  3. Look like:




    is working, but




    Is not.


    Microsoft Technet almost exclusively refers to HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run


    Not running Windows 7 myself, but it would therefore appear that Windows does not check the HKCU equivalent at boot.


    FWIW, the key is used to store autostart entries for 32-bit software on 64-bit systems

  4. Not sure how exactly CCleaner determines whether an extension is 'unused', but you could experiment with also registering your new extension under:




    Unlike on Win 9x, in XP and Vista this is the principal key that determines the current program in use for the filetype.



    Come to think of it, it's prolly a good idea to make sure that your application is registered under HKCR\Applications with its shell\open\command subkey's Default value set to the path name of the application's executable

  5. Hi Tony, I'd be interested to hear your take on Sandboxie. Do you think Anti-Spyware is still required if you always run your browser sandboxed?


    Hi Woody. :)


    I've never used Sandboxie myself. I have a test box I can hose whenever I want, and on my main box I have Acronis True Image installed which has a handy Sandbox feature of itself called "Try&Decide" which I use as well


    That said, as there is a variety of ways one can get infected, not just by browsing the net, I think a good Anti-Malware is always a useful addition.

  6. I've been using Avira's Antivir Premium for awhile now and I'm beginning to think that other than a softwall firewall and router, Avira Premium is all that's needed.


    I run Avira Premium as well, and I'm very happy with it too, but I still believe Malwarebytes Antimalware is a very useful addition to any antivirus. They specialize in baddies that AVs generally either pay less attention to, or have trouble removing, and the MBAM team really is on top of currently 'in the wild' malware


    There are even numerous examples of Avira (as well as Symantec, and no doubt other AV's) staff actually recommending MBAM to get rid of particularly resilient malware...

  7. Looks good, and I've bookmarked it. :) Thanks for sharing the link! ;)


    You're very welcome, Andavari. :)


    It was Javacool who, last August, came forward with his generous offer to host the Lists, and they're being updated throughout the day


    In addition to myself, the editing team currently includes the following members of the anti-malware community:








    Vino Rosso


  8. Frequently suffering Denial Of Service attacks because of the good work they did fighting online crime, CastleCops is no more.


    It wasn't so much because of that that, but (at least on the surface) because Paul started working for Microsoft, Robin and Paul had their 3rd child and reportedly no third party showed up willing to run the site up to the standards and conditions asked for.


    Regrettable, but many of us did kind of see it coming... :(


    I'm just happy that we found a new home for the databases before the site went 'pouf!' with little or no notice.


    All in all I think all this could have been handled a whole lot better! :rolleyes:

  9. It looks great but I don't know what they mean when they say you can search or you can browse the lists. All I've gotten is the search option on every page. I see category headings such as CLSIDs, 09, etc. When I click on them I'm back to a search option. I don't see lists anywhere. :huh:


    "Browsing" may be next on the to do list, not sure...


    You can of course search the databases though.


    Lots of tweaking still needs to be done, both visible and under the hood; it was however important to us to get the site public as soon as possible.

  10. I'm happy to announce a new, dedicated home for the CLSID + other helper lists: http://www.systemlookup.com


    The list maintainers, contributors and I have been working on this site non-stop, and enough features are up and running to get it in the hands of the people that need it. :)


    Although global search of all lists isn't yet up, you can browse and search by list: http://www.systemlookup.com/lists.php

    The following lists are currently available, with more (the O4s and others) coming soon:


    * CLSID List - BHOs, Toolbars, SHs, Explorer Bars

    * O9 List - Internet Explorer Buttons

    * O10 List - Layered Service Providers

    * O18 List - Extra protocols

    * O20 List - AppInit_DLLs & Winlogon Notify

    * O21 List - ShellServiceObjectDelayLoad

    * O22 List - Shared Task Scheduler

    * O23 List - Services



    We look forward to continuing to improve the site and building some great new features to make things even easier.


    But for now - Enjoy! :)


    Best regards,


    Javacool & the List Maintainers and Contributors:











    Note that the search function per List is slightly different than what you were used to, in that you need to specify whether you're searching for a name, CLSID or filename; this to reduce the number of irrelevant search results.


    Please feel free to blog this, and/or post this announcement anywhere else at this board if you feel a certain section is better suited, as well as at any other board you frequent and which we may be forgetting! ;)


    Thanks! :)

  11. To remain on the completely safe side, it IS probably best to remove only those subkeys that do not contain the Compatibility Flags value; although that would be a time consuming business.


    But again, it can't hurt to leave it alone entirely, as the 'orphaned' registry keys are harmless, and do not really contribute much to 'registry bloat'.

  12. Protection for a CLSID is "on" only when the "Compatibility Flags" DWORD value is present in the subkey in question, and its value data equal "0x00000400"


    No idea why you should have 'empty' keys there once all protection is ENabled, unless a number of CLSIDs were removed from the SpywareBlaster daatabase in previous updates.


    Note, SpywareBlaster is not the only software writing to that registry key. SpyBot does as well ("immunisation") , and there are others, so it's probably a little rash to accuse' SB of having put them there.

  13. I don't like that it leaves stuff behind like that.


    I have many entries there without any values on them, like many bonzibuddy entries.





    Well, they're harmless, and, as I said, they can safely be deleted.


    I agree with you in that it would be preferable for SB to completely remove the subkeys themselves in case of an uninstall. Maybe a suggestion to post at Javacool's forum at Wilderssecurity?



  14. I first disabled all protection from SB and then uninstalled it using the program own uninstaller. After that i checked the registry and those entries created by SB were still there. Well i rebooted, but after that those entries ARE STILL THERE. Aint SB create entries here:


    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility


    When disabling protection for a given CLSID, SpywareBlaster only removes the "Compatibility Flags" string value of the subkey in question, not the subkey itself, in case you might want to re-enable it afterwards.


    If this bothers you, yes, you can remove the entire "ActiveX Compatibility" subkey, then recreate an empty one afterwards

  • Create New...

Important Information

By using this site, you agree to our Terms of Use.