AVG-6 boot up engine

Hi, TDS has shown me that I still have @AVG-6 engine boot. I haven't used AVG for 2 or 3 yrs! I found it in the registry but it's in Legacy what ever that is, and the registry won't let me delete it. TDS will let me change the file name but I haven't got a clue what to change it to? I need some Geek help? Thanks Maybe this isn't the right forum?

 

Hi ENT, When you are in reg edit and have navigated to the Legacy entry, right click the entry and select "permissions" you will see that it greyed out, click the allow boxes and apply. You will now be able to delete the entry.

Be aware that mucking around in the registry can seriously damage your PC's health, so back up your registry first before making any changes.

HTH Pilli

 

Hi, I tried but I don't have that option in my registry, just delete or rename? Thanks for your help!

 

When you are at the legacy key do not open the key just right click it and then you will be able to change the permissions providing you have administrative rights.

Pilli

 

Sheesh! I have AD. rights but it still won't work! Didn't open it either. Something I am missing? Brother....! Do you ever sleep? Thanks again

 

Do I ever sleep? Yes, but not for long
Let's see if this will help Note that this the cuser arrow on the legacy_procguard folder, simply right click key's folder and select "permissions" Tick full control and apply - You can then delete the key

Screenshot:

 

Process Guard? ummm I don't have Process Guard anymore. I messed up my computer too much with the settings Am I right you think I have Process Guard or do I need to get more sleep?

 

hi ent, that was just an example

 

Ohhhhh! Hee-Hee.... I understand now.... BUT I still don't have a thingy that says permissions that I can tick on when I rt. click? Wait...Do you mean when I go to search and find LEGACY to click on properties and allow permission? If so I did that and I still can't delete? I still get the error in rededit? I know this is probabley a real pain for you....

 

Could AVG still have parts installed that are being started somehow? If so we move to plan B

Restart your machine into Safe mode, Here is how if you do not already know - Just before windows starts to load i.e directly after you Bios loads press F8 several times, you should see a DOS like window with several items on it - Select Safe Mode then try the procedure as stated in previous posts.

HTH Pilli

 

Hi, doesn't work in safe mode either? :-( Error: cannot delete ?

 

OK Ent, We shall have to try another approach, if this does not succeed then you may have to contact Grisoft, I believe they have a forum now.

Download a good registry cleaner if you do not already have one. Here is free one I found, I do not know how good it is but you can always ask elsewhere. http://personal.inet.fi/business/toniarts/ecleane.htm#download

Pilli

 

Ok Pilli, I give too! You know Process Guard and Ewido are in there too and I don't have them on my machine either. I just wish I knew why I can't delete ANY of them? Not nice! It's MY MACHINE!!!! I have Reg Supreme Pro and CC Cleaner and now Toni Arts and none of them show it except TDS, and it only shows AVG6 starting up. Do you know why those LEGACY files are soooo important that they can't be deleted? I can delete any other files and mess things up, why not them......? Thanks For all of your help! I really appreciate it! ENT

 

If you can see them with regedit then they are there
I think the reason that TDS3 see them is that it watches start keys for changes which could be due to malware.

Legacy keys: Are to do with Start up programs I think though I am no expert.
Here is the procedure again taken from MS KB:
How to delete legacy keys:
To delete legacy keys will require editing the security permission for the keys. Highlight the specific key and select 'Security | Permissions...' from the menu bar. Set the 'Everyone' group to "Full Control" and click 'OK'.

Hopefully you will see the "everyone" Icon.

Here is some more KB information:
On a computer that runs Windows 2000 and Windows XP
Windows 2000 and Windows XP have two separate Run policies: the Windows 2000 Run at Startup policy and the Windows 2000 Legacy Run at Startup policy. Windows 2000 Professional, Windows 2000 Server, and Windows XP use these policies. The Windows 2000 and Windows XP Run at Startup policy is similar to the other Windows family of operating systems.

To modify this list:
Open the Microsoft Management Console (MMC), and then add the Group Policy snap-in.

Click Local Computer Policy, click Computer Configuration, and then click Administrative Templates.

Click the System object, double-click Run these programs at user logon in the list of Local System policies in the right pane, and then click either Enable, Disable, or Not Configure.

NOTE: In Windows XP, click the System object, click the Logon object, and then double-click Run these programs at user logon.

To modify the list, you must enable the policy, and then click Show to modify the list of programs to run at Startup. A list of these files can be found in the registry under the following key:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run
The second Run policy involves legacy programs. Many third-party programs such as RealAudio can be included in this category. These programs use a different registry key to configure the program to run at Startup. This registry key (the same registry key that Windows 95/98 and Windows NT use) is located at:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run

-or-

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce
Programs that are configured to run at Startup from this registry key are considered legacy programs.

Windows 2000 and Windows XP do not enable you modify this list directly from the MMC Group Policy snap-in. Windows 2000 and Windows XP only enable you to enable or disable this entire list. To do this, go to the object in the MMC that contains the "Run these programs at user logon" policy. This is explained in the preceding section. Then find the policy called "Disable legacy run list". If you do not want any of your legacy programs to run, you can enable this policy.

Windows XP Home Edition
If you only want to modify the list of legacy programs that run at Startup, you must use either Regedit or Regedt32:
Run Regedit or Regedt32, and then go to one of the following registry keys:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run

-or-

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce
If you do not want a program to run at Startup, find that particular program and delete its entry from one of these registry keys.

You can add entries here as well, but it is recommended that you use the Windows Run at Startup policy to add programs that you want to run at Startup.

The third-party products discussed in this article are manufactured by vendors independent of Microsoft; we make no warranty, implied or otherwise, regarding these products' performance or reliability.

REFERENCES
For additional information, click the article numbers below to view the articles in the Microsoft Knowledge Base:

Q147381 How to Use System Policies On a Standalone Computer
Q159936 Using the Windows NT 4.0 or Windows 95 System Policy Editor
Q179365 INFO: Run, RunOnce, RunServices, RunServicesOnce and Startup

 

HI, I went into the help in regedit and it says I cannot change or delete keys with a predefined value such as ROOT which is what I am trying to do! I haven't tried to change the d word, wonder what would happen if I do that? Maybe I am getting in toooo deep....By the way there was no permission icon I'm probably just stuck with these entries. I think I quit... Thanks for your time and effort! ENT

 

Hi Ent, I have reached the end of my knowledge regarding this though maybe DCS might know of an answer.

 

Hi, I've just got the Trial so I don't think I can post on forum, Thanks, ENT

 

All that you should need to do is edit the registry using regedt32.exe (C:\WINDOWS\system32\regedt32.exe). Make sure that you have backed up your registry before you do this.

Start regedt32.exe and locate the KEY that you wish to delete. Right-click on the key and select PERMISSIONS. Highlight the GROUP or User Name that you are useing and then put a tick in the FULL CONTROL option box. Then hit APPLY and then OK it. Wait a few seconds and you should now be able to delete it?

The only other thing I can think of, is that you have some other application that is protecting your registry.

Anyway, hope that it goes well .

Regards,
Jade.

 

Hi ENT,

If nothing else works, try running regedit via PowerPrompt. Extract powerprompt.exe to C:\WINDOWS\system32. Next go Start/Run, type cmd and press Enter. In the console window that pops up, type powerprompt and press Enter. In the powerprompt console that pops up, type regedit and press Enter. Regedit will start with SYSTEM privileges which should allow you to delete the locked keys. When you are finished, type exit in the powerprompt console and press Enter to shut it down. Hope it works for you. As always, back up your registry first (or at least export the keys so that you can restore them).

Nick

 

Nice utility Nick Let's hope it helps ENT - Thanks. Pilli

 

Hi, I'm getting embarrassed....I tried both and couldn't delete? They said I needed (net Framework) to use that utility so maybe I don't have it? When I tried regedt.exe I couldn't find LEGACY....?:-( I found Outpost & RegRun in there also! Are all of these engines starting up at startup? Thanks, ENT

 

Hi ENT,

PowerPrompt does require the .Net Framework to be installed. You can get it here: .NET Compact Framework 1.0 SP2 Redistributable (Re-release).

The registry key you are looking for is HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root. It contains subkeys named "LEGACY_*" that refer to device drivers (hardware and software) and services that may or may no longer be installed. Generally, those references to uninstalled programs are harmless.

Nick

 

WOW...I can't get windows installer to work. I went to microsoft's site and tried all of their suggestions and still can't get the installer to work. I really do give up..... Thanks for all of your help, ENT

 

Ent, I sounds as though you need to do a re-install or even a reformat as the behaviour you describe is definately not good, you may like to try a repair install before doing a full re-format but to be sure a reformat would be best.

Pilli.

 

Hi, I totally agree! Thanks for your patience and all of your help. ENT