Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Registry remnants, IE settings, recovering user file


  • Please log in to reply
6 replies to this topic

#1 alagrange

alagrange

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:07:20 AM

Posted 22 October 2013 - 05:53 PM

 

Windows 8.1

Just before upgrading from Windows 8 to 8.1, I deleted, I believe, all files for malware like delta, babylon and some other ones alike. Renmant remainin registry, I would be reassuring to safely delete them also.

Then:

1) Adwcleaner deleted the files from current user

[ File : C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\preferences ]

[ File : C:\Users\local account\AppData\Local\Google\Chrome\User Data\Default\preferences ]

So when I connect now to my default browser, Google signals that it cannot find my preferences neither save them for next time.

The upgrade to 8.1 did not solve this.

But the files seem to remain for Guest user.

What can I do, some way to copy them from GUEST user or other?

 

2) I only accepted some of the deletions proposed by Adwcleaner, you can find the details in this log

 

 https://skydrive.live.com/redir.aspx?cid=3e1f70db67fa3dc7&page=self&resid=3E1F70DB67FA3DC7%21153&parid=3E1F70DB67FA3DC7%21125&authkey=%21&Bpub=SDX.SkyDrive&Bsrc=Share

 

Should I delete also the rest of the keys (or at least manually delete their their values different from default or if safer replace reference to, i.e. yonwc.exe by QUyonwc.txt?) in spite of Windows 8.1 warnings against using Adwcleaner?

 

3)Should I accept any of the recommendations of the Panda scan?

 

Non valid link. File not found:HIDDENPROC to be deleted

 unknown. file: C:\PROGRAM FILES (X86)\REALTEK\REALTEK PCIE CARD READER\RICONMAN.EXE to be deleted

. unknown. Register key: HKLM\SYSTEM\CurrentControlSet\Services\IconMan_R. to be deleted.

Suspicious policy: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED[HIDEFILEEXT] replace by: 0

Suspicious policy: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED[HIDEFILEEXT] replace by: 0

 

Many thanks

Attached Files



BC AdBot (Login to Remove)

 


#2 czarboom

czarboom

  • Members
  • 608 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Central Texas
  • Local time:12:20 AM

Posted 21 November 2013 - 01:13 AM

log in as guest and copy and save the files to media like flash drive and log out.  login to your account and add them to the correct file.  you might have to give your guest account admin permissions or allow admin popup and password for system files and adding programs  copy n paste should work,but BACKUP the current files first in your file path so if it jacks up you can revert    yes accept them  but backup your reg just in case

also save your book marks and reinstall chrome?  see if that works  if your unsure about keys and files go to www.shouldiremovethis.com   Or google search it, it gives tips to almost anything in your computer and stats on use and users etc.


CZARBOOM 
 
"Never Stop Asking Questions, Question Your Environment, Question Your Government, above all Question Yourself.  We all lose when you Stop asking Why?

#3 alagrange

alagrange
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:07:20 AM

Posted 24 November 2013 - 09:06 PM

Many thanks,

1) for the chrome issue, it would be realistic to wait to see whether the upgrade to version (I think that 31) creates these files?

2) I installed Spybot free version 2.2 on the desktop, because Windows & Spybot say it is compatible with Windows 8.1.

However, I click right on the icon of spybot on the desktop and run windows compatibility tool, I got message (error 127 on line B...)

So I can safely launch spybot?



#4 czarboom

czarboom

  • Members
  • 608 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Central Texas
  • Local time:12:20 AM

Posted 25 November 2013 - 02:19 AM

Many thanks,

1) for the chrome issue, it would be realistic to wait to see whether the upgrade to version (I think that 31) creates these files?

2) I installed Spybot free version 2.2 on the desktop, because Windows & Spybot say it is compatible with Windows 8.1.

However, I click right on the icon of spybot on the desktop and run windows compatibility tool, I got message (error 127 on line B...)

So I can safely launch spybot?

Ok,

1.  I would just save my book marks, and delete the program.  Use http://www.bleepingcomputer.com/download/ccleaner/ and download this program.  IF you have it already, update it and run the registery cleaner, 2 or 3 times until results stop comming back.  Then find where crome is hidding in either programfiles or Program Files (x86) and MAKE SURE YOU HAVE YOUR BOOK MARKS in a different file, delete this file, and run CCleaner again to be sure.  Download a new copy and add your old book marks back to it if all is working well. 
Again I assue you are doing this in the desktop and not the tiles.  For what we are doing us the desktop for a bit, and remove Chrome browser from your tiles.

2.  Stop alll that you are doing with this.  Not because the program is bad I just need a settled point. 

  If you go to http://www.av-test.org/en/tests/home-user/  it will give you all the ratings for the avtivirus out there today and what they do, and how they perform, they are the industry go to for the ratings of antivirus right now.

But before you do this we need to run a few online scanners if your computer scanners are not up to snuff.

So I would like you to do all of these, and some will install tools, but we will remove them later.

NOTE:  SOME OF THESE CAN TAKE SOME TIME,


CZARBOOM 
 
"Never Stop Asking Questions, Question Your Environment, Question Your Government, above all Question Yourself.  We all lose when you Stop asking Why?

#5 czarboom

czarboom

  • Members
  • 608 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Central Texas
  • Local time:12:20 AM

Posted 25 November 2013 - 02:25 AM

SORRY hit enter, here is the list of scanners

Save ESET for last, it will take 5 or 6 hrs to run maybe more.  Do it before bed is a good option or bring the computer to workin if its a laptop, and have at it.  Some can produce false positives but in any case unless you know the program is yours, let them do what they do and leave them default.  Let me know if you find something

 

 

Online scanners:  Do this once a month, and Turn off your antivirus before you start
NOTES READ ME:  Save results if you can, DISABLE your current antivirus before you download these.  There might be some reboots needed let it happen.  ESET found two or three issues that noone else found, solved my issue.  Then when all online ones are done we will clean up and get you programs back on.

ESET Online scanner.  (this is a great tool, all online, just do this last I quit it one time after 4 hrs and only 50% of my 225GB drive was finished)
http://www.eset.com/us/online-scanner/

BitDefender
http://quickscan.bitdefender.com

Trend Micro Housecall
http://housecall.trendmicro.com/

F-Secure Online Scanner
http://support.f-secure.com/enu/home/ols.shtml

Microsoft Safety Scanner
http://www.microsoft.com/security/scanner/en-us/default.aspx

Panda ActiveScan
http://www.pandasecurity.com/homeusers/solutions/activescan/


CZARBOOM 
 
"Never Stop Asking Questions, Question Your Environment, Question Your Government, above all Question Yourself.  We all lose when you Stop asking Why?

#6 alagrange

alagrange
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:07:20 AM

Posted 02 January 2014 - 09:10 AM

Many thanks, dear expert.

 

Currently everything works fine.

The only issue is compatibility of AV with Windows 8.1

After I upgraded to 8.1 Panda and others deleted too many files, etc I removed these AV. 

In order to have a complement to Mcaffee, I downloaded Spybot because it was the only one explicitlely claiming compatibility with Windows 8.1 . Nevertheless Windows compatibility tool (just right click on AV on desktop + click run) gives me those messages of incompatibility.

So I am scared of running other AV, given that I already had problems and many like Esset does not even claim compatibility wint Win 8.1



#7 czarboom

czarboom

  • Members
  • 608 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Central Texas
  • Local time:12:20 AM

Posted 25 January 2014 - 01:14 AM

Usually with antivirus scanners you can pick your primary and include protection for items like Malewarebytes, etc. 

The scanners I listed are online tools, so if you’re ok with it, just disable your active scanner, and run the online ones. 

Don’t forget Windows Defender, which is always on your computer.  Most of the time a 3rd party antivirus will disable it, but it could be active.  Just disable the others, and run Windows Defender see what it finds?

It works with 8.1; well because it’s Microsoft’s go to product.  When you’re done just disable it again, don’t want to run two antivirus at the same time. 

Another option is Malewarebytes.  It’s not a active scanner, but works with 8.1 and 8 and all others.  It’s probably the best FREE detector that you can find out there.  It’s a plus that with such a great tool the company there still offers the free versions without a sign up or anything like that. 

Hope some of this helps if not let me know, sorry I’m late here, been away for awhile on work.

Good luck


CZARBOOM 
 
"Never Stop Asking Questions, Question Your Environment, Question Your Government, above all Question Yourself.  We all lose when you Stop asking Why?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users