Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

How to clean used system recently purchased


  • Please log in to reply

#1
joseph456

joseph456

    Member

  • Member
  • PipPipPip
  • 342 posts
I just got a backup system which is similar to the Gateway laptop I currently own except that it is a 17.1" w/ 3.0 GHz vs 2.80 Ghz. Since I have no personal information installed yet, I would like to set up this system the correct way.

  • I received the system with the Administrator named "Owner"
  • I have not set up any user account and am not sure how to do it
  • The system has "Total Defense Security Center" installed. Should I remove this and if so, what should I add? It also has CA Security Center (may be the same). Should I use Revo to uninstall? At what level?
  • What other cleaners should I run? I have run CCleaner, Slimcleaner, ATF, Spyware Blaster and used Auslogics to Defrag
  • What other items do you suggest I do before I begin using the system?
  • How else can I clean the system?
  • System runs hot - Any suggestions?
  • I have used Windows Update to update Windows files. "Windows Search" and "Microsoft Siverlight" have been added and I do not need them. Can I remove them?
  • The computer has WINRAR and two extremely large ISO fiiles ( 1 GB and 4 GB). I am not sure what they are for or what the program is for
  • I ran Malwarebytes and it came up with a couple of items but since these are registry items I am not sure what to delete. The list follows:

Registry Keys Detected: 3
HKCR\CrossriderApp0000498.BHO (PUP.CrossFire.Gen) -> No action taken.
HKCR\CrossriderApp0000498.BHO.1 (PUP.CrossFire.Gen) -> No action taken.
HKCU\SOFTWARE\CROSSRIDER (Adware.GamePlayLab) -> No action taken.

Registry Values Detected: 1
HKCU\Software\Crossrider|215AppVerifier (Adware.GamePlayLab) -> Data: 105a3fa633265283fd66dbea9e01ee1c -> No action taken.

Registry Data Items Detected: 2
HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKLM\SOFTWARE\Microsoft\Security Center|UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.


Thanks for your help!

Edited by joseph456, 15 May 2012 - 10:42 PM.

  • 0

Advertisements


#2
Macboatmaster

Macboatmaster

    7k

  • Member
  • PipPipPipPipPipPipPipPip
  • 7,237 posts
May I ask from where you obtained the computer AND was it obtained with the means to reinstall the system.

I am NOT qualfied to advise on Malware.

Only certified advisors in our Mlaware forum may do so. That is to ensure you receive the best advice.

What I can tell you is that PUM - is potentially unwanted modification and relates to the issue of security being turned off - in your case

PUP is potentially unwanted program.

From the evidence at this time, and I wish to stress that this is not malware advice, your best course of action is to start again.
  • 0

#3
joseph456

joseph456

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 342 posts
I purchased it through Ebay from an individual. The system says it has verified that this is an authentic copy and there is Win XP Professional key on the case. All files are up to date. I received nothing but the computer. The system was "cleaned" at Staples and seems to run fairly well.
  • 0

#4
Macboatmaster

Macboatmaster

    7k

  • Member
  • PipPipPipPipPipPipPipPip
  • 7,237 posts
I am uncertain as to if you mean YOU have had it cleaned at Staples OR you mean it has been cleaned at Staples by the seller to remove his personal files.

If the recovery partition is still on the laptop and works then you can start again, from there.

Of course you will lose all the programs installed, and be left with the setup as it was when the computer was sold and you will have all updates and SP to install

As it stands now, to proceed with the actual procedures you have outlined, is not a course that can be taken here in this forum

If you wish to proceed as indicated in your post then go to our Malware forum

Follow the advice in this link please, posting as indicated, by creating a new topic.
http://www.geekstogo...cleaning-guide/

Please be patient as the malware experts are always busy

In addition to posting with the log, , you need only briefly explain that you have purchased a system etc and have been referred to Malware from this topic please then include a link to this topic.

Thank you
  • 0

#5
godawgs

godawgs

    Teacher

  • GeekU Moderator
  • 8,228 posts
joseph456,

I concur with Macboatmaster

Research indicates that Total Defence Security Center and CA Security Center are the same thing. You should see this page to decide if you want to keep it.

These entries:

Registry Data Items Detected: 2
HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKLM\SOFTWARE\Microsoft\Security Center|UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.

indicate that the Firewall monitoring function in the Security Center has been disabled. PUM means Potentially Unwanted Modification.

The other entries are Potentially Unwanted Programs. MalwareBytes should be allowed to fix all of the things it found.

Registry Keys Detected: 3
HKCR\CrossriderApp0000498.BHO (PUP.CrossFire.Gen) -> No action taken.
HKCR\CrossriderApp0000498.BHO.1 (PUP.CrossFire.Gen) -> No action taken.
HKCU\SOFTWARE\CROSSRIDER (Adware.GamePlayLab) -> No action taken.

Registry Values Detected: 1
HKCU\Software\Crossrider|215AppVerifier (Adware.GamePlayLab) -> Data: 105a3fa633265283fd66dbea9e01ee1c -> No action taken.

If MalwareBytes found these on the system, other malware might be present as well.

godawgs
  • 0

#6
joseph456

joseph456

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 342 posts
The previous owner advised that he had it "cleaned" at Staples. However, if you recommend I am willing to do a clean install although have no idea how to do it. I have not installed any programs or personal information except for certain utilities (no registry cleaners!) like CCleaner, Slim Cleaner, Malwarebytes, etc. I thought it would be a good idea to come to this forum first.

Here is what I have also found out:

*The Windows XP key on the machine is the same key I get from Belarc Advisor which provides info on all the keys for the programs installed (among other things)

*I purchased Windows XP with SP2 in September 2005 from Gateway. I used it to install Windows XP on a computer that had Windows 98 on it. That computer is no longer accessible (hard drive died).

*I do not know if there is something to restore back to on this system because I do not know what it would look like. As I mentioned there are two very large ISO files and I am not sure what they are there for.

Please advise if I should proceed with clean install (and how) or if I should try to salvage this operating system.

Thanks for your help and comments Macboatmaster and godawgs.

Edited by joseph456, 16 May 2012 - 06:52 PM.

  • 0

#7
Macboatmaster

Macboatmaster

    7k

  • Member
  • PipPipPipPipPipPipPipPip
  • 7,237 posts
It is my recommendation that you go to our Malware forum

I know I orignally suggested starting again, but on reflection, the better course I think is to stay with what you have, at this time.

If they are able to declare your system clean, you can then, if they so advise, come back here and continue.
  • 0

#8
starjax

starjax

    Global Moderator

  • Global Moderator
  • 6,591 posts
As Mac stated, we have trained malware removal people that can best assist you. However, that being said if you have or are willing to acquire a legal windows operating system (or factory restoration media), then I would recommend doing a fresh install (wiping all existing data). Point blank, I don't trust someone else's handy work.
  • 0

#9
joseph456

joseph456

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 342 posts
Thanks. Posted as suggested along with OTL Logs.
  • 0

#10
joseph456

joseph456

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 342 posts
Starjax -

Will what I have qualify? This is a legal copy I purchased which is no longer in use. Also the system itself has a legit copy.
  • 0

Advertisements


#11
starjax

starjax

    Global Moderator

  • Global Moderator
  • 6,591 posts
I belive that should work. Any drivers that windows can't find (even through windows update) you will need to visit gateway's site to download them.
  • 0

#12
joseph456

joseph456

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 342 posts
Dakeyras helped out quite a bit, declared the system clean and resolved all of the malware issues. My initial list that follows has been reduced through his recommendations.

1.I received the system with the Administrator named "Owner". How do I change it back to Administrator. Do I need the letters that come after "Owner."

2.I have not set up any user account and am not sure how to do it

3.The system has "Total Defense Security Center" installed. Should I remove this and if so, what should I add? It also has CA Security Center (may be the same). Should I use Revo to uninstall? At what level?

4.What other cleaners should I run? I have run CCleaner, Slimcleaner, ATF, Spyware Blaster and used Auslogics to Defrag

5.What other items do you suggest I do before I begin using the system?

6.How else can I clean the system?

7.System runs hot - Any suggestions?

8.I have used Windows Update to update Windows files. "Windows Search" and "Microsoft Silverlight" have been added and I do not need them. Can I remove them? If so, how?

9.The computer has WINRAR and two extremely large ISO files ( 1 GB and 4 GB). I am not sure what they are for or what the program is for

10.I ran Malwarebytes and it came up with a couple of items but since these are registry items I am not sure what to delete. The list follows:

At this point, I have not placed any personal information on the computer in the event we have to delete certain programs. Please let me know if you would like to see a detailed list of programs which I have assembled using Belarc Advisor.

Thanks for your help.
  • 0

#13
Macboatmaster

Macboatmaster

    7k

  • Member
  • PipPipPipPipPipPipPipPip
  • 7,237 posts
1 When XP is installed a system admin account is established.
Once a User account with Admin rights is establshed the sysgtem admin account is then not used and is basically a hidden acount.

You shoould not use the system admin account on a general basis to log in, as it should be kept for troubleshooting purposes,
If the profile of an established user account with admin rights becomes corrupted, then gthe system admin account will still allow you to log on to windows.

UNLESS someone has created a password for the system admin account it is by default blank.

To access the system admin account, if it is XP professional, you may do so by keying Ctrl Alt Delete - twice
If it is XP home you may access it in Safe Miode
as explained here

a. . The first option is to press [Ctrl][Alt][Delete] at the Welcome Screen twice This will change the Welcome Screen login so you can now see the System Administrator Account
b. . The second option is to boot in safe mode, under which the Welcome Screen will display only accounts with Administrator privileges, including the original Administrator account

If you go start run and type
control userpasswords2

you will see all the accounts.
Be extremely careful about making any changes there.

2. If having established what actually exists, and you go Control panel User Accounts, you can then create a User account with Admin rights, if you are logging in with the system admin account.

You cannot change details of the account you are currently logged into.

See this for further help
http://support.micro...kb/279783/en-us

3. System runs hot
Download Speedfan and install it. Once it's installed, run the program and post here the information it shows, as a screenshot please

Posted Image

4. Windows Search and Silverlight

Unless you are short on free space it is not worth uninstalling.
I will deal with those two issues when we have sorted the rest.

  • 0

#14
joseph456

joseph456

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 342 posts
Thanks for the prompt response.

Will attend to setting up user account. So if I understand correctly there is no way to change "Owner" to "Administrator?"

Speed Fan info attached. Apparently unable to read fan settings. I have another computer like this one (that you helped with) and not able to read fan settings on that one either. Note this is a different version that the one you posted? Should I uninstall and use that version?



How do I make this a larger size (similar to photo in response?)

Edited by joseph456, 28 May 2012 - 02:43 PM.

  • 0

#15
Macboatmaster

Macboatmaster

    7k

  • Member
  • PipPipPipPipPipPipPipPip
  • 7,237 posts
Does not matter goes larger when you click on it.

Try this one - the free one.
Be careful please it is the download on the right no the one on top that is 3 east steps to faster PC. I am sure YOU would not have made that mistake but someone did the other week. That is why I now include the cautionary note
http://www.cpuid.com.../hwmonitor.html

and YES you can change the name to admin
<LI>Click Change the name to change the name that appears on the Welcome screen for the account.

Have you checked that you are NOT using the system admin account.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP