After a viral run in from a friend using my comp. - they went to a web - page and it started a pop-up cascade as well as loading some "helpful" programs.
I cut off net access, used windows add/remove programs to get rid of all but one program which I got out with ccleaner.
scanned and removed 3 trojans.
did a file check to verify windows in safe mode.
THEN did a system restore to two days previous.
THEN scanned again (clean) with 2 other virus checkers and spybot.
Everything seems fine but UAC is now twitchy.
When I try to load torrents, start ccleaner, and running puush I have to approve it all.
Is there anyway to get things "back to normal"?
(Win 7 not looking to reinstall )
Revert to an earlier time period. CCleaner is a program that likes to fuck with the registry. NEVER, EVER touch the registry. I don't care what they promise, it's like removing 3cm^2 portions of the human body at random and hoping all is well.
Just use an average antivirus, like Avast or Kaspersky. All will be fine, and you won't have to worry about it again.
>>143976
CCleaner is just an example.
I get the same thing when I try and add a torrent file.
or run puush or the little alarm clock program that *should* run at startup but doesn't now.
(all of them are run as administrator - supposedly)
What exactly do you mean "revert to an earlier time period"?
As I said I did a system restore. (this was all about two weeks ago.)
>>143978
Your registry is just that - it registers all data on your computer. Permanently.
The value of this is the existence of a shadow of your entire computer in Windows proprietary form. When your computer's registry is altered or damaged, so are all future backups, and all information "confirmed" to exist.
Imagine you're a crippled blind person in a fucking gigantic library. Your guide in braille, tells you where all the braille books are. Some asshole goes in your library cuts a piece of that book out, so all the information you would have been able to find must be manually found by hand by a person otherwise incapable of doing so.
The registry is your guide book, and your computer and you, as a non programmer, are that poor crippled blind fellow. As long as that part is cut out, that book "doesn't exist."
>>143979
Now imagine all books, by your computer, have been split into a hundred little pieces and scattered everywhere, and the guide book tells it how to place it back together. Once a small sliver of whatever the whole was is cut out by a registry cleaner, one of two things will happen.
A: The entire file will corrupt and be unopenable, for instance a broken jpeg file.
B: The program will malfunction and certain parts will cease to work
In this case, a windows file, maybe even just 1 byte, was altered by the registry edit. That's a viable reason as to why UAC is being a cunt atm.
Source: I've been stupid enough to do this before.
>>143982
The only stuff I added as "new" to the registry were windows virus definitions.
(for scanning the crap I was getting rid of)
so do you have any suggestions on how to sop the nagging?
- without totally lowering my UAC?
>>143986
desu, UAC is only for you, the user. The registry thing is only one hypothesis. I've never trusted CCleaner. What it does appears to be completely random to me.
Unless you have little kids who like to mess with your computer, I highly suggest you get rid of or lower UAC; you'll start to learn how unnecessary it is. It really isn't any better than a good antivirus and some decent weekly scans.
They're like pc training wheels.
>>143987
>>I highly suggest you get rid of or lower UAC
Seems a bit drastic.
Wondering if there are any other work arounds for select programs?
>>143971
Not looking at the CCleaner thing..
anyone?
Try running Combofix. You can get it at bleepingcomputer.com in the downloads section.
If that doesn't work let me know. I'll get you a link to superfix.
>>144530
combofix cleared up the problem.
BUT: - it removed a TON of my files
from intel HD data manager to my little alarm clock.
I have no idea how to do a file by file restore of stuff it stopped without doing a system restore.
>>144544
it got rid of classic shell and a ton of other things.
This woudl be terrific if I wanted to go faster / more bare bones.. but I want some of those programs running.
>>143979
that's like saying all shitposting is also important
>>143976
No it isn't.
You're flat wrong about this.
Restore points uses Transactional NTFS snapshots. The registry is a file (technically it's a bunch of files, each called a "hive"), and gets snapshotted by Transactional NTFS just like any other file.
>>143979
>>143974
Again, you're flat-wrong about this too.
The registry is a key/value store that every program that uses Windows is expected to store settings in. It's exactly analogous to the filesystem, because (from an Information Theory perspective) it *is* a filesystem.
If you delete random files, these files will be deleted. No more, no less.
If you delete random keys from the registry, these keys will be deleted. No more, no less.
If you don't have permission to delete a file, the OS won't let you delete it.
If you don't have permission to delete a key, the OS won't let you delete it.
As long as you're accessing the registry through the registry API (which is the only way you *can* access it, so long as Windows is running), you can't "corrupt" or "damage" it. All you can do is create, delete or modify keys, just as you would files on a filesystem.
>>144776
>>144773
>>144759
All very helpful in clarifying registry use..
But any idea what's fucking with my security settings?
I mean after using Combofix the problem was solved and the UAC security setting was unchanged.
But after I went back to the old system restore point it was back again (no surprise)
