Well, the Help menu is the poorest place of the RunAlyzer- having only About section, where even the version no. is not given.
I realize that this is still beta version of the program and I greatly appreciate the general idea of this utility. Nevertheless, as a newbie in the area - many questions have arisen in my poor mind when starting the program :sad:.

My first questions concern the dialog welcoming (splash)window, which appear at the beginning. What do mean the options displayed:

Save a log file - what log file and for what reasons they should be saved ?.
Speedy load (ignore zone domain entries) - what does it mean and what are "zone domain entries" ?
Take a full tour - when should I apply this option ? Only first time of my usage of the program - in order to save the found entries in some cache memory . And - at the next launches of the RunAlyzer it is advantageous to run the Speedy Load (or may be - Save a log file) ?

The next general questions are:

When to run the option Analysis => On line Analysis ?
Is it enough to do it - say - one time per month in order to update the cache file (memory).
When to clean the cache file - every time before starting the On line Analysis mentioned ?

Well, being sorry for perhaps naive questions, I would be happy receiving some (even short) reply.

Slightly OT, but where did you download 0.7.1.6? I can only find links to 0.7.1.

Should be the same, the fourth digit is just the build counter we recently introduced to better handle things on the server side (re: online analysis).

Regarding the version number, yes, that about dialog should be improved, I'll think of something that'll make that easier for all our apps, see this (http://forums.spybot.info/project.php?issueid=59).

Option 1 (save log file) is to use it similar to HijackThis, for example. You've got a problem and come to a board like this, some expert will probably ask you to post a log. This option will get you the log you need.

Option 2 displays everything except for those ZDEs. ZDEs are entries in Internet Explorer telling IE which sites are trustworthy and which are not. Since those are not really startup-related things, you often can ignore them.

Option 3 takes longer to load. A cache wouldn't be any good, since to find security problems, the most current snapshot is important.

Second Question 1: The results of an Online Analysis are cached locally. When you're trying to find problems and are unsure about some entries that are neither displayed green nor red, you can try again.

Second Question 2: yes, probably. If you install new software every second day and want to see what this registered for startup, you probably should do it more often. If you just install new software from time to time, and where you're sure that it's not bad, you probably have to check rarely.

Second Question 3: you don't really need to clean the cache, since entries that were not a 100% classified will be updated on next online analysis. If you think some classification of something you know as good is displayed as bad, that would be a place where you could clean the cache and let it look up again, to see if that classification was a mistake.

Special thanks for your broad explanation - especially, in view that you are presently extremely busy.
Nevertheless, as a newbie in the area I will formulate - with some hesitation (or even shyness) - three questions more :):

1. What does mean the action: File => Save system to .reg file ? Does it mean that the Windows Registry will be backed up after performing this action ? Or ...

2. What can I do using "Toggle" (see Toolbar) ? Is it a "refresh" operation ? But refreshing what ? - initial state of processes, services and programs initiated at the start-up ?

3. Could you please clarifying (in short) the basic options belonging to the area Search & Filters; especially what and why we are filtering ? Could you give some explanation of the following items related:

(a) Please enter a filter term.
(b) Type of search: Search on all items (new), Search on visible items ("AND"), Add search results to visible items ("OR").
(c) Show all entries.
(d) Shaw all but legit entries.

Well, I realize that these are some elementary questions and in principle I can guess the answer to some of them - but not having any build-in Help in your program I am not very sure - how to use the mentioned above options.
I would be thus grateful for your explanation of the above.

1. Saving will not do a real "backup" - it'll store only most of those entries shown in the lists to a registry file. If you know a bit about .reg files, you could probably use it as a backup before doing changes, or if you want to replicate settings to a different machine.

2. Toggle is the same as clicking the checkboxes in front of entries. It toggles between an Active and Inactive state.

3. The filters and searches just control what exactly gets displayed. E.g. if you're looking for all entries related to Picasa, you type in "Picasa". You can use regular epxressions (http://en.wikipedia.org/wiki/Regular_Expressions) there for very complex things.

3.b. Once you've done a filtering, you might want to control what your next filtering operation should do. the text already described it - "Search on visible items" will only display those already visible AND also matching your new filter term. Adding to the visible items means that what will be displayed next will be the currently visible items as well as those from the new filter (anything fitting either the first OR second filter action).

3.c. and 3.d. These should really be self-explanatory! I don't think I really have to explain what "Show all entries" means after you'VE learned hwo to hide some ;)

Thank you for your prompt reply. You are right - referring to my last two questions 3c and 3d - the mentioned options are in fact self-explanatory. Thus, sorry for for asking for any explanation of it. It was my stupidity :laugh:

However, I have some more serious question:

The first option given at the dialog welcoming window of RunAlyzer is: Save a log file. On the other hand, we have at our disposal the bookmark Logs and options related: Create SBSD log, Create HJT log. So, what is the difference between these two possibilities, i.e. "Save a log" and "Logs". Is it some duplication of the program functions or ... ?

The welcome dialog is just an option to speed things up. If you only need a log file, it'll skip loading those parts that are not part of the log file anyway. So while the welcome dialog log option does the same as creating an sbsd compatible log and allowing you to save it, it's not a useless duplicate since it allows you to get there quicker.

The welcome dialog is just an option to speed things up. If you only need a log file, it'll skip loading those parts that are not part of the log file anyway. So while the welcome dialog log option does the same as creating an sbsd compatible log and allowing you to save it, it's not a useless duplicate since it allows you to get there quicker.eu falo portugues