Wikipedia:Reference desk/Archives/Computing/2013 August 8

= August 8 =

Virus Removal
There's a search engine (delta search) that makes itself default on google chrome browser, I wanted to know what google chrome file you have to edit to change the search engine, it's possible I can find what programs are writting the file google chrome uses to know what is the default search engine, so what file is it, or where can I find that information?

Using Windows-7 probably last version of chrome. 181.50.178.92 (talk) 03:12, 8 August 2013 (UTC)


 * Its rather simpler to do than that, no direct file editing needed. Instructions are |here at support.google.com.

But, why is this section headed "Virus Removal", rather confusing. :-s --220  of  Borg 06:59, 8 August 2013 (UTC)
 * 1) Click the Chrome menu  (three bars in top right corner) on the browser toolbar.
 * 2) Select Settings
 * 3) In the "Search" section, select the search engine you want to use from the menu. If the search engine you want to use doesn't appear in the menu, click Manage search engines.
 * 4) In the Search Engines dialog that appears, select the search engine that you'd like to use from the list.
 * 5) Click the Make Default button that appears in the row.
 * @220 ...because Delta Search is malware.--Shantavira|feed me 07:52, 8 August 2013 (UTC)
 * Ah yes thanks Shatavira. Having Googled it now there's quite a bit on the net about it. I have not come across it before. ---220  of  Borg 11:17, 8 August 2013 (UTC)
 * (I didn't ask how to change default search engine on Google Chome) Each time Google Chrome is closed - opened, the default search engine file has been edited, and delta search becomes the new default search engine again, thanks for trying anyway.
 * PD: I forgot to mention that the reason why I need to know the file, is to track all the processes that may access the fille while chrome is closed, and probably guiding me to the removal of the executables. 190.60.93.218 (talk) 12:20, 8 August 2013 (UTC)
 * Try instructions here at malwaretips.com. This includes using AdwCleaner, Malwarebytes' Anti-Malware and HitmanPro. --220  of  Borg 13:10, 8 August 2013 (UTC)


 * Yeah I've seen delta search before - thankfully not on my laptop. It's certainly malware of a very annoying type. IIRC it appears in the add/remove programs menu (or whatever it's called in windows 7 - programs and features?) and all I had to do was click "remove" and it removed delta search from the computer (which btw was also windows 7.) If that doesn't work than you'll have to use some type of malware remover. --.Yellow1996.(ЬMИED¡) 16:18, 8 August 2013 (UTC)
 * Use SysInternal's Process Monitor. It is free and creates a log of everything every process on the system does. Load Chrome and get to the menu to change the search engine. Tell Process Monitor to start logging, then click the button to make the change, and tell it to stop loggin again. Apply a filter in ProcMon to show only actions by chrome.exe, and look through the log to see what it changes. Once you have figured out where the setting is saved, start logging and do whatever it is you need to do to get infected again. Filter the log for changes to the file or registry setting you identified earlier and see what changed it. 209.131.76.183 (talk) 12:38, 9 August 2013 (UTC)

Facebook question
I have lately noticed that whenever I click on a link to a specific Facebook page from outside Facebook, the page shows up completely empty. This happens with FireFox both at home (Linux) and at work (Windows). I have to go to the main Facebook page and click on a link from there for the page to show up. Is anyone else experiencing this? Is it a bug or a feature? J I P &#124; Talk 11:47, 8 August 2013 (UTC)


 * I'd say it's a bug - and after some searching it doesn't appear to be a common one (a lot of people having the problem within facebook, but not links coming in...) Since you're using Firefox my first reaction is that there's an extension causing this. Try disabling them one by one until the problem stops (or not.) You could also try using a different browser and see if it still happens. Good luck! --.Yellow1996.(ЬMИED¡) 16:23, 8 August 2013 (UTC)


 * Facebook could be checking the HTTP referer (sic). This should be easy enough to test if you know how to create a HTTP request manually, or if you can post such a misbehaving link here. Or copy and paste the link to your browser's address bar; if that behaves differently from clicking the link, that's referer checking (if copy&paste also produces a blank page that does not prove there is no referer check). 88.112.41.6 (talk) 15:31, 9 August 2013 (UTC)

Making a multi-language site crawlable
I have a multi-language website (Polish, English, German). Language preference is stored in a cookie. The language cookie is set by URL parameters, adding "?lang=en_US" (for English) to the URL. Unfortunately URL for different languages are identical, which language version to present is determined only by the value of the language cookie. So a URL www.mydomain.com will be either English, German or Polish depending on the cookie value. For human users this works fine, but apparently it is a problem for googlebot and other search engine bots which don't understand cookies. Because of this google is only indexing 1/3 of my pages (of default language Polish), even though I added all pages to my sitemap file. So, because of this, I would like to make my website crawlable. I can see the following two options:

1. Adding "?lang=..." (with language equal to the current language) to all internal links except for the language-switching links

2. Restructuring the whole website to use for instance sub-domains or directories for different languages.

"1" would be easiest, but I am wondering whether there is any issue concerning SEO (ugly URL) or performance (re-setting cookies whenever clicking a link) or any other problem with it? "2" would be a lot more work. bamse (talk) 12:12, 8 August 2013 (UTC)


 * I think you can implement 2 And 1, for example you can use mod_rewrite (Assuming you're using Apache, in the case that you're not using it, try finding a rewriting module, or an 'option' that allows you to do that) to rewrite urls, so when someone types example.com/english/intro.html it gets rewritten (not redirected) internally to example.com/intro.html?lang=english, However I do not know if this is the standard way of adding multiple languages, or if it helps SEO engines (But certainly using cookies is not, I ALWAYS disable cookies), Hope that helps! 190.60.93.218 (talk) 12:31, 8 August 2013 (UTC)

Chroot for offline windows
Chroot is often assimiled to be a kind sandbox. But in Unix, it also allow use of programs on certain non-bootable installation. When I search chroot for windows: I see things like sandbox. I don't want security, I want a way to rescue the system. By example, if I disabled syskey with ntpasswd, running C:\windows\system32\syskey.exe with a such utility would modify the registry entries of the of the offline installation, not the current one

What it means for windows? Well, there is winre which allow having the same drive letters of your windows installation. There is an example: compact.exe is not present on winre installs. if you cd to \%Windir%\system32 (the directory of the offline install) and run compact, it won't work (except if you use it with /?). If you run

X:\sources\>path C:\Windows\System32\ You now use the files present in your offline windows. Base dlls such as ntdll.dll or eventually gdi.dll are those from C:\Windows\System32 instead of X:\%windir%\system32 and running compact will work.

But Programs runned by this way will use the current registry. The main keys (HKLM; HKCC; HKCR; HKCU; HKU; HKEY_PERFORMANCE_DATA) with their contents, are those of the current winre/pe installation, not those you have when you booted in your windows. So, if a program want to modify some registry entries, it will modify the Hives of X:\windows\system32\config not those of located in the C:\ systemdrive.

It is possible to mount the Hives of your offline windows under HKLM and edit them, but the programs which have their informations in HKLM\Software would still look at HKLM\Software and not at the name you mounted it.

The utility I am looking for would (partially?) hide the registry of winpe/re in favour of the one present in the offline install. The expected effect is that if you launch the registry editor with the utility, you will see the keys as if you would have booted into windows. (Maybe with some exceptions?)

The application would still use the Microsoft services of the current windows. I'd like launching services installed on the offline windows that are not installed on the current one. It would be nice to do this even for kernel ones. By this way, you would have the same behaviour when you launch sysv daemons in unix. Except here some mechanism for avoiding dual instances could be necessary, because the problems would be more critical on windows

The user access rights are an important part in the Microsoft systems. Specifying a user name and password in the parameters of the command line could be necessary. Some problems occurs with a bad User database configuration and prevent windows to boot. If want to enable Syskey again, It would need to have the authentication informations which couldn't be used. But in some case like syskey problems, it make windows in endless reboots. I think one possibility would be to find a way to mount the user Hives by providing their path instead of login informations. Or if it is impossible, try to keep the user keys/informations of the current booted windows.

I don't know if a utility like this exist. I'd like help for programming it with mingw from linux (I can't have Visual Studio). It would be good if it don't need to be installed. I would like it don't use .NET or the full windows API, because I would like to see it working under winre. I write for C/C++ under linux, but I never done it for windows. The only experience I have is provided by the fact I managed to build 7-Zip with winebuilder. I just know that the main function is called "main" for console programs and "WinMain" for windows ones. I am not familiar with WINAPI nor nt API. I just know there are not real equivalent to the chroot of the Unix API.

I hope this is possible, thanks in advance. 2A02:8422:1191:6E00:56E6:FCFF:FEDB:2BBA (talk) 12:51, 8 August 2013 (UTC)