OK, I’ve read that decompression bombs are only dangerous when executed (which makes me think, “why not just delete them?”), but what about if Avast! told me I have one, but upon searching my c:\ drive, explorer can’t find it. I did check the options to search system and hidden files as well as subfolders. Another thing is that it’s an .exe from RegCure, which I believe is a utility that has been recommended in other message threads.

One of the problems I’m having locating the file is that Avast! didn’t give the full path, but only C:\Documents and Settings\Joe.…\RegCure.exe, so not sure where to search manually.

Thanks for your help. I’ve been trying to figure out a poor performance issue on my system for weeks (have a 2.53 Celeron with 1GB RAM and the CPU regularly hits 100% and causes delays when going window to window, or loading web pages), so want to see if this could be a cause.

Where are you reading that trunked path? Can’t you adjust the column width with the mouse and see the entire path? Did you check avast logs?

OK, so I’m lazy scum ::). Sorry about that - not expanding the column. It’s in the temporary internet files directories c:\Documents and Settings\Joe\Local Settings\Temporary Internet Files\Content.IE5\PBIXFA4K\RegCureSetup_RW[1].exe$INSTDIR\RegCure.exe . Still don’t understand why search didn’t find it. Also, \Local Settings\ isn’t shown in my windows explorer, but I did use the command prompt to find the path down to the PBIXFA4K directory, where RegCureSetup_RW[1].exe is located as a file. The odd thing is that’s date and time are this morning, 3/05/09 at 12:58am - 7 hours before I turned the PC on (what is that, Hawaii time? I’m on EST). Also, why would an .exe be in my temp internet files?

Thanks again!

I forgot to include, what should I do with this file / directory? Does anyone know about RegCure? If it’s supposedly a cure for my registry, I may as well delete the whole thing, as I don’t need it. ??

This is the file you’re looking for RegCureSetup_RW[1].exe
The other one is packed inside of this one.

Thanks for the explanation, Tech. I’ll just go ahead and delete it. … Still wondering how it got into my temp internet files. ???

If you were not downloading it… maybe a malware behavior… Do you use RegCure? Do you know what RegCure is?

No, I don’t know what Regcure is, though I have been trying to debug my system for the slow performance and did download a registry cleaner tool, CCleaner. Haven’t installed any other. I did also have SpyBot S&D, and I know that monitors the registry. I have since uninstalled it. So…don’t know what it is - I basically never click execute/run unless it’s from download.com. I’m kind of paranoid about loosing time & $$ from installing malicious SW and having to correct it.

I would not use RegCure:
http://www.siteadvisor.com/sites/regcure.com

Stick with CCleaner.

I also recommend Malwarebytes MBAM:
http://www.malwarebytes.org/mbam.php

Download it then update it with its built in Update function then run a Quick scan and let it remove whatever it finds and a reboot may be necessary to remove locked files if found.

Why not, SiteAdvisor is giving a green light for it ???

Well although siteadvisor indicates Green, there are a number of adverse comments, but we know how good siteadvisor site reviews are (not).

I’m switching to Web of Trust (WoT):
http://www.mywot.com

There are high drawbacks also… FUD, prejudices, etc.

I would not use RegCure: http://www.siteadvisor.com/sites/regcure.com

Stick with CCleaner.

I also recommend Malwarebytes MBAM:
http://www.malwarebytes.org/mbam.php

Download it then update it with its built in Update function then run a Quick scan and let it remove whatever it finds and a reboot may be necessary to remove locked files if found.

I’ve run both. I believe it was Malwarebytes that found the RegCure file. I guess the bottom line question is, “why don’t I just delete it?” I don’t think that will fix my PC performance problem (2.53GHz CPU regularly maxing out and making me wait), but it would be good to get rid of this pest, I guess.

I should also say that Malwarebytes did find some BHO registry trojan horse malwares that have been cleaned.

Wise Registry Cleaner can clean deeper that CCleaner with safety. No problems using it. If you have any, you can restore the registry key backups. No problems whatsoever.

1st of all 2 important facts. All programs have specialties, and different users prefer different programs to use. Use the right program for the problem you are seeking.

Lets do the easy first: The reason you found the “RegCure” file in the Temporary Internet Files Folder is because the files were used to setup. After you install a program, many if not most of the time, those files will remain in the Temp folder. You can clean the Temp folder (without harm) at any time. Various firms place the installation files in different places.
Some under the Local Settings\Temporary Internet
Others in the Local Settings\Temp
Other make a New Folder under Local Settings\XYZW and some delete themselves.

2nd:
(1) RegCure is a Registry Cleaner. But it does a different job than CCleaner. CCleaner will not compare System Files nor any loaded Programs with Registry, Obsolete File entries nor deleted file entries – nor will it repair the registry comprehensively.
I use CCleaner to simply clean out standard information which accumulates in the registry. That’s all its good for. But a wonderful program and we can’t complain, because its free.

(2) MalwareBytes is a spy program (Not a Registry Cleaner nor does it do a Registry Repair) nor is MalwareBytes a Anti-Virus Program. I use MalwareBytes to find “Trojans & Malware”. It is an excellent program. In addition to MalwareBytes, I use Trojan Hunter. The reason is: Not all programs will find the same infection(s).

(3) To find a Virus you must use an “AntiVirus Program” [not that a Trojan Program will not find any, but it is severely restricted to find all]. I myself use NOD.

(4) Adware is often considered Malware - and programs that specialize in Malware & Trojans usually will also find Adware.

(5) Make it habit to back-up your Registry at least once a month, and prior to installing a new program. I suggest using a very simple with a small footprint a program called: ERDNT
It’s been around for ages and re-installs the prior registry (your choice by date) in Real DOS mode.
So all you need to do is to boot to a floppy disk – go to where the backup is located and run it.
When you boot up you are running in the older saved registry. Sweet as pie – it just takes one click to save a good registry, and one click to replace the defective registry.

(6) Last: Everyone has its favorite programs, try them and determine which will be your favorite.
Take suggestion but beware there is a lot of bad advise on the web.
The only important part is that various programs do various things.
For instance “JV16 Registry cleaner & repair” allows you to do manual repairs which is a big plus. While with some others you must use a pencil to write down which one you want to do manually or trust the program.
I also use “Registry Mechanic”, (besides JV16). But before you use any of them, back-up your registry before you allow any Registry cleaner [besides CCleaner (which will clean your temporary files)] to go wild.

I have a habit of trusting no program so I take extra precautions - but be your own judge.

demaX