Jump to content

Samoreen

Members
  • Content Count

    35
  • Joined

  • Last visited

About Samoreen

  • Rank
    New Member
  • Birthday 04/26/1948

Profile Information

  • Location
    Samoreau, France
  • Interests
    Photography
  1. OK, I see that these files are copies of the user registry hives and I guess they can't be deleted while they are loaded. But if MB was able to load them, it should be able to unload them as well before deleting the corresponding files. Maybe it's related to UAC ? UAC is disabled on my system.
  2. The log excerpt that you are showing is related to files, not to registry keys. What is the relationship between both ? As explained above, I am former system engineer and software developer. So, you can get technical.
  3. I'm also running ESET NOD32. Could this be a problem ?
  4. Thanks. However, I'm a former system engineer and I can differentiate legitimate entries in HKU. Anyway, I used the MB cleanup tool to uninstall it and these ghost entries had disappeared after the reboot. Everything is OK. I'm not sure I will reinstall. Should I be confident in a protection software that is able to do such things in the system registry ?
  5. I guess I should delete all the keys in the form of S-1-5xx-{xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx}-xxxxxxxxxxxxxxxxx ?
  6. By the way, I'm not sure I like the idea of uploading to a public forum a file containing a lot of information about my system. Could you please delete after downloading it ?
  7. Hi, Is MB using a cache ? It seems that is is able to detect problems with registry values that do not exist. It just reported this "threat" : Registry Value: 1 PUM.Optional.LowRiskFileTypes, HKU\S-1-5-21-xxxxxxxxxx-xxxxxxxxx-xxxxxxxx-500\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\ASSOCIATIONS|LOWRISKFILETYPES, No Action By User, 6665, 251589, 1.0.14826, , ame, But this registry value just does not exist. I had deleted it before the scan. I'm using 2 different registry editors and none of them is even able to find a LowRiskFileTypes value in my registry. I have deleted all of them. Even after exiting MB, relaunching it and re scanning, it continues to detect this "threat". If I quarantine this item, it no longer detects it but what did it quarantine since the value doesn't exist ? A true false positive, so to say.
  8. Hi, Please look at the screen capture below. This is the MB3 window after a scan. There are 2 threats detected, related to the registry. The registry path is too long to be read. There's no tooltip showing when hovering the location column. The registry value in question is not displayed (why no column for the registry value ? - or did I miss something ?). Right-clicking one of these two lines doesn't make any command available that could give more information about the threat. So complicated manipulations are necessary in order to decide whether these threats should be quarantined. This is an old problem and I think that the fix is easy. Thanks in advance.
  9. Hi, Let's assume that after a scan, one gets the result displayed in the attached screen capture. Usually, when a column is not wide enough to display the full information, the software displays a tooltip when hovering the field and/or allows to copy the field contents when right-clicking it. With MWB 3, my only choice is to increase the window width until I see all information, which sometimes involves extending the window over my secondary display. In the provided example, I cannot even copy the registry key name in order to look at it in the registry. Did I miss something ?
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.