Cleaning the Register

Discussion in 'other software & services' started by toploader, Aug 23, 2005.

Thread Status:
Not open for further replies.
  1. toploader

    toploader Registered Member

    Joined:
    Aug 19, 2005
    Posts:
    707
    Cleaning the Registry

    as someone who is a total novice in this area i would appreciate some help on this.

    my machine is still relatively new but already i've had spybot delete another program before i had a chance to uninstall it and it still comes up with references to remnants. also i've installed and uninstalled quite a few other programs, so i'm wondering how much junk i'm accumulating.

    the question is Does it matter? if i just leave the registry to it's own devices will the only problem i have with junk accumulation be a slight degrading of performance?

    will a reg cleaner detect entries put there by spyware and trojans? and do spyware and trojans put entries in the registry - if so why? - don't they want to run anonymously?

    if the registry is corrupted by a registry cleaner can it crash windows requiring a reinstallation of XP?

    for now i'm leaving it well alone but all feedback most welcome on this sensitive issue.
     
    Last edited: Aug 23, 2005
  2. tm6527

    tm6527 Registered Member

    Joined:
    Jun 26, 2004
    Posts:
    40
    Registry cleaners won't clean everything. From the task bar, go Run > type 'regedit.'

    Now see these areas:
    HKEY_LOCAL_MACHINE\SOFTWARE\[Removed Program]
    HKEY_CURRENT_USER\Software\[Removed Program]

    Maybe you'll see folders for old programs. Right now I see, Blizzard Entertainment, in one of these, viewpoint, America Online, Apple Computer Inc., all which I deleted. There's also a bunch of stuff I'm using and others I don't recognize. o_O

    Keep using registry cleaners. It's easier.
     
  3. toploader

    toploader Registered Member

    Joined:
    Aug 19, 2005
    Posts:
    707
    thanks tm - there's a lot of stuff to check thru in that there registry - as long as the machine's working ok i think i will leave it. :D
     
  4. Ailric

    Ailric Guest

    Probably. You may also receive system errors.

    No, a reg cleaner cannot identify good and bad entries.

    Yes they do because they must in order to run. Most people don't know how to search and clean the registry.

    I have never seen this happen but if a registry entry is removed and a program no longer works, most cleaners backup all changes. It's simple to restore.

    Recommended Freebies:
    Regcleaner
    http://www.321download.com/LastFreeware/index.html#RegCleaner

    RegSeeker
    http://www.hoverdesk.net/freeware.htm
     
  5. toploader

    toploader Registered Member

    Joined:
    Aug 19, 2005
    Posts:
    707
    thanks Ailric - interesting that you say they must have an entry to enable them to run - does that mean if Advanced keylogger was in the system it would have an entry in the Registry that would be detectable by an anti-trojan program scanning the reg - would it have a signature or can it call itself what it likes?

    i think i saw a reference to regdefend somewhere? - does that succeed in protecting the registry from Malware?
     
    Last edited: Aug 23, 2005
  6. Ailric

    Ailric Guest

    Most programs need a registry entry in order to run. A malware program that starts with Windows would have to have an entry in the Startup folder or in one of the Run catagories in the registry.
    Most anti-trojan programs scan the registry as well as all folders for malware. A program like Microsoft Antispyware would likely find keyloggers. Spysweeper is good too, but not free.

    Yes. Regdefend stops programs from adding themselves to run registry and protects other parts of the registry as well.
     
  7. toploader

    toploader Registered Member

    Joined:
    Aug 19, 2005
    Posts:
    707
    i'm wondering if a virus or a trojan or an ActiveX can run without a registry entry if this is not the case then all one needs is a registry defender and nothing else?

    i don't know how windows sees a trojan - i get the impression that they are often already a part of a program and therefore would have legitimate registry entries??

    there's a lot i need to learn about how code get's to run on a windows system
     
  8. Ailric

    Ailric Guest

    RegDefend can protect you from an unwanted program adding itself to the registry but cannot protect you from a trojan or ActiveX that you allow to be entered to the registry. Think of it as a registry firewall - only what you want gets added.

    Most AV's and AT's use signatures to find trojans.
     
  9. HandsOff

    HandsOff Registered Member

    Joined:
    Sep 16, 2003
    Posts:
    1,946
    Location:
    Bay Area, California
    You ask some good questions TL.

    You wonder why the trojan needs into the registry...well, they probably wouldn't...if your computer was running 24-7. The problem for the trojan is that when the computer boots up it follows certain scripts that tell it what processes to load. Unless something loads the trojan after a reboot, it will not be running anymore.

    All programs running on the computer need to sort of get in line for CPU time. You can view the running processes with task manager (ctrl-alt-del_ You notice a few things looking at the processes.

    You probably don't know what most of the processes are for. How they started- who told them to start! Did they in turn start processes, or kill others?

    Do programs need to be in the registry? If they dont need an installer, or an autostart probably not. Take "TCPView" by SysInternals. It doesn't need to modify any keys. it is "free-standing". It runs when you tell it to run (or you can put it in autostart). when you delete it's folder it is gone - completely. that is the beauty of that kind of program. Of course it only has one job, and you tell it when ...

    ----

    The other part...will the non-malware garbage effect performance. Most of the time probably not. I used to never use them because i had no idea of what they were doing. You would do well to use some caution with them. do just a portion at a time.

    How good are you at restoring your system? Its a good thing to know.

    I will say that I have had aborted program installs the made it impossible to reinstall a program with out registry cleaning. I've had problems with bad uninstalls too. I'd wait till that happens before using a reg cleaner.


    -HandsOff
     
  10. toploader

    toploader Registered Member

    Joined:
    Aug 19, 2005
    Posts:
    707
    thanks Handsoff, i hear that keyloggers like advanced keylogger claim to be invisible - does that mean they have registry entries? if i had a keylogger trojan how does it get to start when i reboot? what loads it back into the system?

    questions questions always questions :D

    as far as restoring my system goes i don't even want to think about it, i didn't get any XP recovery disks with the computer - there is a recovery partition but that's gonna be a lot of use if the hard disk crashes - my computer prompted me to make some recovery disks but only 3 CD's in total - i don't know how to use them, when to use them and what they will recover :D

    if it crashes i think i will just throw the computer in the trash can and buy another :D
     
  11. HandsOff

    HandsOff Registered Member

    Joined:
    Sep 16, 2003
    Posts:
    1,946
    Location:
    Bay Area, California
    If you don't have a restore disk, surely you have at list a Windows operating system CD? If not I guess you probably want to leave system restore running...Unless...

    Maybe you have an extra hard drive lying around, and you can duplicate your working drive.

    If not you definitely want to have strong browser settings, and firewall settings. Lots of free apps out their but high firewall and browser settings are needed too. Post questions if you have them about browser settings. I just copy mine all from here:

    * HijackThis v1.99.1 *
    Written by Merijn - merijn@spywareinfoforum.com
    http://www.merijn.org/files/hijackthis.zip
    http://www.merijn.org/index.html

    download a program called XP-AntiSpy. What it does is lay out certain settings that you want to control, but rather than look all over the computer you can set them conveniently. Most people disable the messenger service, UPNP service, Remote desktop support, error reporting (to microsoft), MS Messenger, disable balloon tips, and increase their maximum connections, and definitely clear cache on shutdown. it's very user friendly, you can store old settings and you can always change stuff back.

    Yeah, apparrently there is "invisible" stuff. Morphing trojans, rootkits, dll - injection...just look around this site!
     
  12. toploader

    toploader Registered Member

    Joined:
    Aug 19, 2005
    Posts:
    707
    hi Handsoff - there is a tendancy for manufacturers not to bundle the operating system disks with their machines anymore - in my case there is a system restore partition on the disk which you can access thru the start\allprograms\system recovery if i click on it it says do i really want to do this - try Microsoft System Restore First.

    i shut down messenger quite a while back, trying to run the machine lean and mean - at the moment i feel the machine is reasonably well protected - i've had to go thru a steep learning curve over the last week or so trying to decide what security software i trust -system back ups and restore is another learning curve - i will take it at my own pace all my personal data is backed up so if i lose the system i just have the inconvenience of losing function rather than data.

    keyloggers are still the number one threat to my way of thinking if they get access to your bank details and can clean out your account - the bank is not going to take responsibility they are going to say - hey it's your fault - you didn't take precautions - no compensation for you matey boy.
     
  13. Beefcarver

    Beefcarver Registered Member

    Joined:
    Jan 23, 2005
    Posts:
    263
    Location:
    michigan
    wow you asked some pretty advanced questions. glad there is experts here.

    a program called crapcleaner is free and helps clean out alot of junk to keep your system running good. www.ccleaner.com. also tune up utilities is nice.
    www.tune-up.com or goto www.pcpitstop.com and run the tests with IE.
     
  14. HandsOff

    HandsOff Registered Member

    Joined:
    Sep 16, 2003
    Posts:
    1,946
    Location:
    Bay Area, California
    Hi TL -

    It sounds like you are being very methodical about it which is good. I was my aim just to point out a couple of things that are free and easy, and can stay with you, no matter what products you end up using. I don't mean to push any solutions on you though. Because I hate spyware with a passion I have some strong oppinions on apps. Guess it goes with the territory.

    Stay vigilent on those credit accounts. I actually feel safer now because I can monitor my accounts online.


    - HandsOff
     
  15. toploader

    toploader Registered Member

    Joined:
    Aug 19, 2005
    Posts:
    707
    Hey Handsoff i appreciate you taking the time to contribute - i always take note of what people say - this is a very complicated business we all need all the help we can get from each other. - there's only so much i can swallow each day before my brain starts to hurt :D

    will check out x-antispy -thanks :)
     
  16. toploader

    toploader Registered Member

    Joined:
    Aug 19, 2005
    Posts:
    707
    thanks for the links Beefcarver - so much to learn - the more i learn the more i realise how little i know :D
     
  17. Beefcarver

    Beefcarver Registered Member

    Joined:
    Jan 23, 2005
    Posts:
    263
    Location:
    michigan
    Well the best ways to be safe and keep things from going bezerk is to limit downloading everything. use and keep updated antivirus, firewall, spyware detectors, and etc. Goto: www.spywarewarrior.com and see and use the programs that are listed as safe. dont download any Rouge programs listed.
    run Online scanners like trend micro housecall. highly reccomend downloading
    A2 Free a squared it has great detection and updated daily huge definitions.
    you will love this program its great. Spywareblaster and spywareguard...
    www.javacool.com and read lots of wilders.

    Good Luck my friend and may you be safe in your web travels.
     
  18. HandsOff

    HandsOff Registered Member

    Joined:
    Sep 16, 2003
    Posts:
    1,946
    Location:
    Bay Area, California
    I'm going to backpeddle a bit on my advice only to use registry cleaners if you are having problems (especially with un/installing programs)

    Since you have an interest in learning about the mysteries of the computer I would say go ahead, but with the cautions i think were already mentioned

    -always be able to undo the actions. most programs will save backups of the changes you make unless you tell them not to.

    -do not panic when you see possibly hundreds of errors. I'm not sure how many keys there are, but clearly it is over 500,000. my point being a couple hundred in the grand scheme of things might not cause any problems at all.

    -do not fix hundreds at a time to reduce risk

    - have some idea how criticle the problem is

    if you post some questions about the puzzling one's then maybe a lot of people, including me, will learn something.

    -----------------
    Then why do I knock them? It shakes my confidence when...

    - You run 3 different regcleaner programs and get results that are completely different.

    - You are told a file is missing but you can find it

    - You are told something is an obsolete entry for software that you run every day

    - you are told there are missing uninstalls, and they are right where they should be

    and this is the one that bugs me the most:
    you clean the remnants of a program that you uninstalled ages ago...and that causes the computer to stop working right.

    but I tend to panic sometimes so go ahead. I think it comes down to how much you want to learn, and if you are willing to let your programs run around unsupervised


    -HandsOff
     
  19. Green Giant

    Green Giant Registered Member

    Joined:
    Jun 18, 2003
    Posts:
    252
    Suggest you have a look at RegVac from www.superwin.com - free for 30 days, with a section for novices so that you can clean the registry safely. This program has many tools, but starting with the 'novice' setting should prevent problems.
     
  20. egghead

    egghead Registered Member

    Joined:
    Aug 27, 2005
    Posts:
    443
    Location:
    The Netherlands
    Be very careful with cleaning the registry, especially when you are a novice. Also don't rely blindly on those registry cleaners.

    Before messing around with the registry I advice you to install Lard Hederers ERUNT (emergency recovery utility NT). This program makes a copy of your entire registry. In case of problems you can copy back your registry to the state when it was working. More good news: it's a freebee.
    Also from the same programmer: NTREGOPT (registry optimizer).

    http://www.larshederer.homepage.t-online.de/erunt/

    :eek: :eek: :eek: :eek:
     
  21. HandsOff

    HandsOff Registered Member

    Joined:
    Sep 16, 2003
    Posts:
    1,946
    Location:
    Bay Area, California
    Green Giant -

    I like that idea. I wasn't just giving hypothetical advice. I have actually used three different registry programs, wait, maybe four today. Wait, actually it's five! I have to goals 1) to understand it a bit more and my personal holy grail project. To make it so my computer actually shuts down instead of restarts...and yes, they do all have different (often conflicting advice)

    anyway might be nice to get an idea what RegVac says I should do.

    To Egghead, I actually back up the entire system before I go shooting down registry keys. Regediting is sort of fun, but I know its just a matter of time before I edit it to death.

    I'll throw another idea out there:
    I am starting to like to do the deletions manually with regedit. When you say delete in some of these programs it's not entirely clear what they want to delete. Some keys associate an application to a list of different targets, and I just want one deleted, not all. Anyone go along with this?


    - HandsOff
     
  22. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,698
    Hi,
    If you want to tamper with your computer and make sure you are able to boot after that no matter what, then perhaps I could suggest you make a bootable live cd for windows.
    This may take some time from you, but it could be worthwhile.
    Download BartPE builder at http://www.nu2.nu/pebuilder/
    Install the program.
    Download ultimate boot cd for windows plugin and drivers from here: http://ubcd4win.com/index.htm
    Place them instead of the existing folders plugin and drivers in the pebuilder folder (into which you installed it).
    You also need your windows installation disk (preferably sp2, if not slipstream one, if you don't know how ask me).
    Now, in pebuilder, create an iso, which will include the windows installation plus the plugins and drivers you downloaded above. You will have an iso about 350mb in size, which will include about 100 applications including:
    full network support
    firefox browser
    disk diagnostics and repair tools (checkdisk, partition, backup, restore etc.)
    anti-virus and anti-spware (antivir, stinger, mcafee, adaware, cwshredder, hijackthis etc.)
    mail client, pdf reader, cd burning, and dozens more, I can't recall them by heart.

    Full list can be found on the ubcd4win site.

    Now, burn the iso and you have a bootable windows disk that you can run on any computer. You will boot from the disk and have a small ram disk (depending on your ram) to write to and do things as you like.
    This will also allow you to access your hard drivers, no matter what happens to the operating system. If you have data you need to backup, you'll always be able to access from the cd, even try to repair a broken disk, and definitely back up your data, since this utility (boot cd) also supports cd burning and usb flash devices.

    Now, after you test your BartPE disk, you can start destroying and experimenting as much as you like.

    Cheers,
    Mrk
     
  23. toploader

    toploader Registered Member

    Joined:
    Aug 19, 2005
    Posts:
    707
    thanks MrK - didn't realise you could make a live cd for windows thought only linux could do that - that's really useful to know - cheers
     
  24. toploader

    toploader Registered Member

    Joined:
    Aug 19, 2005
    Posts:
    707
    thanks HandsOff - i will go real slow with registry cleaning - i think the - if it ain't broke dont fix it rule is a good one for registrys. :D

    i do like to understand my machine though - just so i know what to touch and what not to touch.
     
  25. toploader

    toploader Registered Member

    Joined:
    Aug 19, 2005
    Posts:
    707
    cheers GG
     
Loading...
Thread Status:
Not open for further replies.