Hi malware fighters,
Tweaking and analyzing the registry becomes more and more important with recent malware, esp. spy- & adware.
What do you do in this line? What programs do you use?
For info read:
http://www.softpanorama.org/Unixification/free_registry_tools.shtml
polonus
Just my opinion:
Although this contains a wealth of information, it’s not designed for the novice or
average computer user.
If you don’t know what you’re doing, you can do more harm than good if you make
changes to your registry.
Changing a critical part of the registry incorrectly could result in you having to re-install
your operating system.
Carefully ;D
I leave the analysis of the registry for malware to the likes of adaware, spybot S&D and Ewido.
I check validity with RegSeeker and occasionally EasyCleaner.
I also try to keep fragmentation/empty keys to a minimum using RegCompact.NET.
Other than that I leave it well alone ;D
Much like David, I normally only tweak the registry by whatever malware programs might find. There have been occations where I have searched through the registry for certain words … like several years ago when trying to rid my old computer of Nortons before there was a removal program and again to get rid of McAfee on the old computer. There have also been a few other programs/utilities/games that left junk in the registry that I went after.
I must caution anyone who searches the registry with Find to be extremely careful to not delete anything you are not 1000% sure of. Deletion of the wrong word(s) can totally ruin your computer. Above all, make a backup of the registry before you even use Find!
I usually use TweekNow RegCleaner Std version 2.6.7 once a month or when I have removed a program of some type that does not uninstall correctly. I only delete what is judged by the program to be safe to delete. Another nice feature to this one is that it has a Restore backup … just in case something goes wrong. This one also works with all versions of Windows back to W98.
Hi folks,
Yes advanced user know that whenever they fiddle with the registry in a wrong way, this can lead to drastic results, as dramatic as to loose the functionality of programs or your computer. What is this “legendary” registry?
Very interesting read here:
http://www.emsisoft.com/en/kb/articles/tec060411/
polonus
With great care
;D Very True !
Hi Polonus 
I have quite an arsenal of Registry tools , the latest was that "mysterious " UnHackMe program which isn’t a Reg.Tool as such , rather a Rootkit revealer.
I find SysInternals has some interesting software such as , RootkitRevealer , RegMon , PageDefrag .
Also jv16 PowerTools 1.3 (1.3.0.195) .
Plus ERUNT - The Emergency Recovery Utility (RegBackup ) & NTNTREGOPT (Optimizer).
Also " Karen’s powertools " Registry Pruner , Karen’s Registry Ripper , http://www.karenware.com/powertools/powertools.asp
I hasten to add that I never edit anything in the Registry without extreme caution and a trusted source to guide me. Even Auto applications require a thorough analysis before commiting to suggested safe tweaks or cleansing .
For DavidR:
Hi,
is this the program you use? http://experimentalscene.com/download.php?list.2
Do you recommend it? Is it safe? Are there any known problems with it?
Sorry for the questions but I can find very little info on that web site.
Edit:
Just found the forums and there is very little feeback on there as well.
Yes this is the one I was talking about.
There isn’t much on the forums as you say, that can be a good or bad thing, good as there aren’t many issues or bad no one is using it. There is little on source forge either (getting included in the sourceforge is no bad thing either) but since this is open source and the source code is available experienced people can study that. Did you read this on the site http://experimentalscene.com/download.php?view.1 ?
Like anything to do with the registry it can seriously damage your health and shouldn’t e entered into without a system recovery plan, disk back-ups, etc. However I have been using it for a while now with no problems. You do need to have MS .NET Framework 1.1 or higher installed for it to work.
Hi,
thanks for the reply
I hadn’t found the link you posted so thank you for that as well
There seem to have been a lot of downloads but very little feedback so, as you said, it is hard to tell whether it works well or not.
Thanks for pointing out the .net framework is needed as well. As for it being open source I’m afraid I only know how to program in BASIC so anything harder than “Hello World!” in other languages is beyond me.
Being open source has its advantages (and some would also say disadvantages too), the code is accessible for those more knowledgeable than us to inspect for flaws/poor coding, etc. so this should get rid of any kinks/bugs in short order. I’m sure if there were any major issues people would be screaming the house down.
Hi folks,
The registers can also be used for forensic analysis, read here:
http://www.forensicfocus.com/forensic-analysis-windows-registry
Interesting read, isn’t it?
polonus