Posted on 09/15/2014 1:11:31 PM PDT by raybbr
I downloaded the trial version of Malwarebytes last week. I ran a complete scan and quarantined then removed all the malware found.
My PC is running W 8.1. I've had no issues till now.
After I restarted the computer I tried logging into my wife's account to check something and it would only allow me to log in as a temporary user. This happened to all the user accounts.
Also, I remember that after restarting my PC and logging into my account, which is an admin account, the desktop was blank and all my tiles were gone. I restarted again and logged in and it seemed okay. This is after running MB. The PC was okay till after I ran the scan and repair.
I have since had to go in and delete the profile registry keys for the users and reload data into the profiles. Luckily I saved data before I took actions. I am about 95% convinced that MB did something to the registry profiles. If not perhaps there is another explanation but I can't find it. If so, then perhaps the logs will show where the action took place. I still have two profiles that are affected and have not been changed yet. It seems that a .bak extension is added to the profile each time it's accessed for the first time post MB cleaning.
I should note that after the scans a "winspeed.dll" malware warning kept coming up. I tried uninstalling but it didn't seem to work. However, the alert has not come up again.
khan_abyss replied on February 11, 2013
In reply to DiagoFox's post on November 26, 2012
Actually, I JUST had this issue myself. I had to clone my partition to a new hard drive and this first messed up my c <-> d drive lettering. After a few hours to fix this, I started to have this same issue with the TEMP profile. I searched around within the Registry and found an entry here;I went to the same path and found my profile looked something like this:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList
If you look within one of the sub-keys within that (on mine it was called 5-1-5-21-557812858-3650550099-3850275229-1001), you will find a key called 'ProfileImagePath'. Ensure that key is pointing to the right directory. Once I pointed it to the right hdd, my TEMP profile issue was fixed.
Hope this helps you out.
It created new folders.
I DID run MS's scanner and MS Security essentials.
The data is still there but the user's profile points to the folders with the .OfficePC8 name. To get the data the user must find the folder without that extension.
I agree with cynwoody.
Wipe it and start over. THere is nothing like a fresh intall of an OS. Then you can scan your files on at a time as you restore them.
After you have the system restored to a state that you would be happy to return to, I use Norton Ghost to create an image of the OS and the complete file system to a removable source that you can store away for retrieval.
Then all of this poking and probing for malware and whatever comes to screeching halt. Keep your work on a NAS. That, you can scan and clean without it corrupting your system again.
Get infected, insert the Ghost bootable media, wipe and restore and you’re done. Good as new. Your NAS files reappear at reconnection.
“I did? Didn’t think I’d said that. No, the problem came after the scan.”
Yes. In your first sentence.
“. I ran a complete scan and quarantined then removed all the malware found. “
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.