Monthly Archives: May 2011

May
28
2011 How to delete Event Log Section using PowerShell
by Q under Software

0
Event Logs are saved under [C:\WINDOWS\system32\config\] as [*.evt] files but are locked by [services.exe]. Therefore can’t be deleted and even if you do so are automatically recreated on next reboot. So if you need to delete one of the Event Log Sections under [Computer Management > System Tools > Event Viewer] the easy way to do that is Windows PowerShell tool.

WPS command: [system.diagnostics.eventlog]::Delete(“EventLogName”)

*EventLogName – that should be exacly as it is under Computer Management > System Tools > Event Viewer

May
19
2011 Microsoft Windows XP – Event ID: 7026
by Q under Software

0

Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7026
Description:  The following boot-start or system-start driver(s) failed to load: intelide

Resolution:

  • go to: Start > Run > regedit
  • find the following KEY: [HK_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IntelIde]
  • change the value of Start DWORD from 0 to 4

May
10
2011 How to remove – Malware Protection designed to protect !
by Q under Software

13

First of all what is Mallware Protection ?
It is a fake (rogue) antispyware application that perfom fake antivirus scan and uses false – positives  to scam you for money.

What it does ?
The problem with MP is that you can’t open any application that can close the process [defender.exe]. So no Task Manager, no Registry Editor (regedit), no Computer Management not even the browser, i’ve tested only with IE8 but i can safely asume that no other will launch. Any antivirus software you may have already installed on your system is now closed. So may seem that you need to workaround with Safe Mode or even reinstall your OS.

How to remove Malware Protection:
- download Process View v.5.2.15.1 (i suppose you need to do that with another PC since browser will not launch)
- unpack Process View and rename the [prcview.exe] to [explorer.exe]
- run the application, now you have fully functional “Task Manager”
- find and kill [defender.exe]

- also you can use [taskmgr.exe], just copy the file on desktop, rename it in explorer.exe (location c:\Windows\System32\taskmgr.exe)

I can guarantee that the [prcview.exe] works like described above, a presume that [taskmgr.exe] will do the same job but i didn’t tested. Anyway this is the simple way to get rid of MP.