TonyKlein
-
Posts
586 -
Joined
-
Last visited
Posts posted by TonyKlein
-
-
Congrats, Dennis!
-
What is usually meant by 'defragmenting' the registry, is compacting the hives to their minimum size, which, especially if you've never done it, can result in better system performance.
NTRegot is a good choice: http://www.larshederer.homepage.t-online.de/erunt/
-
FireFox needs to be registered as your default browser.
Have a look here for some pointers:
-
... as well as other system settings, such as autorun keys, protocol handlers, and a number of other registry keys and values routinely tampered with by malware.
-
Microsoft Windows Sysinternals RegJump, albeit it isn't automatic but if regjump.exe is installed in the Windows directory it can be used via Start->Run.
I'm familiar with it, but I already use a registry editor which offers that feature
That said, it would be nice if the CC Uninstall manager offered that possibility; it would make it a whole lot more useful.
-
I have System Restore "disabled" because on more than 1 occasion it has failed me!...could not roll back to a "Windows" created system restore point...whatever!
There are a variety of reasons why System Restore points could become corrupted or other issues that might cause a restore to fail.
Here's some reading:
http://www.kellys-korner-xp.com/xp_restore.htm
http://www.microsoft.com/technet/community...s/faqsrwxp.mspx
-
No doubt due to an incomplete removal of a previous version of SpyBot. One of them is likely to be just an orphaned registry key.
It would be great (as has been repeatedly suggested in the past) if there was a "Regedit Jump" option in Uninstall Manager that could take you to each of the registry keys in question .
That way you could verify which entry holds the path to your current installation of SpyBot S&D, and you'd know which entry to remove.
For the sake of good houskeeping, and if you're not familiar with the Registry, try uninstalling both,
One of the entries may refuse to go, and that will very likely be the invalid registry key. In that case, simply remove the entry it with CCleaner
Finally, do a fresh insttall of SpyBot.
-
It took 10 gig of space on my hdd. WHAT A WASTE haha
That's because you were very likely unaware of the fact that you can limit the amount of disk space SR occupies:
Control Panel > System > System Restore > Settings
I second/third Davey and Andavari: leave it enabled.
-
You can always subscribe to the RSS feed to get first hand notice of new or updated add-ons::
-
Yes same thing here, over, and over. tried to download it from majorgeeks.com and downloads.com but it always comes with the trojan. At first I quarantied it but then deleeted and yes it shuts down CCleaner but the setup is still left in and just nowwent to add/remove and got rid of it....Too bad because I have used CCleaner for about 3 yrs. I did the deep zonealarm scan on it 4 times with the same result, so I wont be downloading it again.
Once again, the smart thing to do is submit the file to ZoneAlarm so that they can finally FIX this false positive, which they ought to do in a hurry, at least if they care about their reputation.
As Andavari already said, you can upload the installer at Virtustotal, where it will be scanned simultaneously by over 30 different antiviruses, including ALL the top brands, and you'll find that none of them will find anything wrong with it.
-
You're very welcome.
-
I'm not too concerned about not being able to uninstall image statation as it's not a very big application. But will this be a problem on all installs?
It may be for other applications using the InstallShield Engine. I suggest copying the files from another computer running the same operating system to your System32 folder.
-
iKernel.exe errors are often due to insufficient privileges. Try logging in as Administrator, then uninstall.
But I'd first perform all four fixes in this InstallShield KB Article
-
So my question is: Is it appropriate and safe to delete those folder and "string" entries that have the words "Symantec" and "Norton" in them based on my registry search? Or should I leave well-enough alone and not worry about it?
It is simply impossible to give broad advice of this kind without actual access to the computer in question. Of course, if you have no other Symantec/Norton software installed, "Symantec" keys *ought* to be safe to remove.
However, I'd advise against removing every single string value that contains the word 'Symantec' or 'Norton' unless you know its exact purpose.
Many registry keys and values are interdependent, and, especially if you're not really at home editing the Registry, you could easily remove more than is called for.
What I'd do is run CCleaner's Registry cleaner, and have it remove what it finds, making sure you answer yes to the back up prompt, and leave well-enough alone!
If you do decide to jump in, I suggest you create a fresh System Restore point beforehand.
-
My router and Online Armor full
-
Be nice if they listed a changelog somewhere (I can't find one)
From http://blogs.technet.com/sysinternals/arch...-front-end.aspx
This major update to Autoruns shows an entry?s raw launch string in its image details area, lists Explorer and IE COM classes names and icons, is aware of several more autostart locations, including additional shell extensions, Windows Vista scheduled tasks and Windows Vista Sidebar gadgets, and has better support for alternate online search engines. -
Personally i would just stick with virustotal if it's variety of av engines you want and it's reasonable quick.
I like virscan.org as well, as it submits files to additional Chinese and Korean based AVs. Very useful when uploading malware to be tested that hails from those parts.
-
Not bad. Tony. But I know of another 2...
I specifically didn't mention virus.org, as the reputation of the people involved is said to be questionable (and I'm putting it mildly)
Hadn't heard of viruschief.com, thanks.
However, the two I mentioned are useful as both of them use a larger variety of AV engines to test uploaded files than the other three.
-
Aargh!
-
Here's an online malware scanner: http://virusscan.jotti.org/
And here are two other ones:
http://www.virustotal.com/en/indexf.html
RunScanner is indeed a laudable effort; kind of HijackThis on steroids...
..
Just like with Sysinternals Autoruns, make sure you KNOW what exactly it is you 'fix'...
-
Puzzled about program files. I've a lot of stuff in SiteAdvisors program files folder:
I assumed everyone did.
Would anyone else like to have a look what they have in program files? Would appreciate the input.
Hi Dennis,
Frankly, once you know an application is legit, do not question what's in its Program Files folder; the developers obviously deem it essential to the program's workings.
Cheers,
-
NvCpl (probably component of nVidia's drivers) RUNDLL32.EXE C:\windows\system32\NvCpl.dll,NvStartup
nwiz (probably component of nVidia's drivers) nwiz.exe /install
NvMcTray (probably component of nVidia's drivers) RUNDLL32.EXE C:\windows\system32\NvMcTray.dll,NvYaskbarInit
Reader_sl (Adobe Speed Launch for those who aren't familiar, needed) "D:\Program Files\Adobe\Reader\Reader_sl.exe"
None of the above are essential to the workings of either your Graphics card or Adobe Reader.
I have three of them, and they have been disabled from the beginning.
NvCpl and nwiz are only required in some cases, namely when you have one of the advanced features of your Graphics card enabled. If that's not the case, they should be disabled.
Adobe Speed Launch is a useless feature. On modern day computers you won't notice any difference at all with or without it enabled.
-
10 Startups here:
ClipMate7 c:\program files\clipmate7\clipmate.exe
FileLocatorProHotKey c:\program files\mythicsoft\filelocator pro\flprohotkey.exe
Firefox Preloader c:\progra~1\firefo~1\firefo~1.exe
H/PC Connection Agent "c:\progra~1\mi3aa1~1\wcescomm.exe"
OnlineArmor GUI "c:\program files\tall emu\online armor\oaui.exe"
RoxioDragToDisc "c:\program files\roxio\easy cd creator 6\dragtodisc\drgtodsc.exe"
SnagIt 8 c:\progra~1\techsm~1\snagit~2\snagit32.exe
TClockEx c:\program files\tclockex\tclockex.exe
TurboNote c:\progra~1\turbon~1\tbnote.exe
avgnt "c:\program files\antivir personaledition premium\avgnt.exe" /min /nosplash
Incidentally, you can easily copy the contents of Msconfig/Startup by going to Start > Run > Msinfo32, then go to Software Environment > Startup programs
-
I can not access Task Manager because it gives me an error message stating that Task Manager has been disabled by Administrator. I do not have a Control Panel any longer.
These sound like policies/restrictions the likes of which are caused by a lot of current malware (SDbot type worms, other trojans)
I suggest you post a HijackThis log in the appropriate section of this forum, so that one of the analysts can have a look at your configuration.
Programs security updates
in Windows Security
Posted
To even further widen your choice, DSLReports has a well maintained Security Updates thread as well; it's the topmost sticky in their Security Forum