[accidentally deleted HKEY_USER .DEFAULT, S-1-5-18, S-1-5-19, S-1-5-19]

System Restore to a point prior to your actions?

I forgot to mention earlier that I temporary disabled system restore due to security concerns plus I disabled Simple folder shares due to security concerns.

But, in HKEY_USER, I left S-1-5-21 and S-1-5-21 Classes intact.

I was thinking, is it possible to get the stuff back by going back to either .DEFAULT or S-1-5-18 and exchange Guest with Admin.

But then, what else can I add in and which folders do I need to attach to them and how to do it properly and correctly without messing up the registries?

I also previously installed System recovery to the C:\ drive using combofix

I caution that using combofix is OK, but whatever registries I edited with be put back in default automatically. I would have to manually search these registries again and re-edit them to my liking.

I also caution that using Malwarebytes is also OK, but it will always give me a warning that using Registry Editor is a virus, but its not!

I always have to set it to IGNORE.

If I set it to DELETE, I can still use Registry Editor and the registries will be left intact even if I modified them to my liking beforehand.

Since I have system recovery at my disposal, is there a way to just ONLY recover/restore .DEFAULT , S-1-5-18, S-1-5-19, S-1-5-19 Classes, S-1-20 & S-1-20 Classes and recover the necessary folders including Microsoft and ZoneAlarm and leaving everything else intact without wiping and reload the C:\ drive and without reloading all the applications, licenses etc.?

I went to HKEY_USER and changed both .DEFAULT and S-1-5-18 from Guest to Admin

Then I enabled System restore & created today as Restore Point & then restore to an earlier operating state today.

Nothing changed. I still have to wait about 5 min for everything to load properly & be able to look at HDDs & go on to the Internet.

I bet I still would have problems installing Zone Alarm Pro.

So what is plan B (change of plans)?

I request step by step instructions without messing any further.

[accidentally deleted HKEY_USER .DEFAULT, S-1-5-18, S-1-5-19, S-1-5-19]

System Restore to a point prior to your actions?

I forgot to mention earlier that I temporary disabled system restore due to security concerns plus I disabled Simple folder shares due to security concerns.

But, in HKEY_USER, I left S-1-5-21 and S-1-5-21 Classes intact.

I was thinking, is it possible to get the stuff back by going back to either .DEFAULT or S-1-5-18 and exchange Guest with Admin.

But then, what else can I add in and which folders do I need to attach to them and how to do it properly and correctly without messing up the registries?

I also previously installed System recovery to the C:\ drive using combofix

I caution that using combofix is OK, but whatever registries I edited with be put back in default automatically. I would have to manually search these registries again and re-edit them to my liking.

I also caution that using Malwarebytes is also OK, but it will always give me a warning that using Registry Editor is a virus, but its not!

I always have to set it to IGNORE.

If I set it to DELETE, I can still use Registry Editor and the registries will be left intact even if I modified them to my liking beforehand.

Since I have system recovery at my disposal, is there a way to just ONLY recover/restore .DEFAULT , S-1-5-18, S-1-5-19, S-1-5-19 Classes, S-1-20 & S-1-20 Classes and recover the necessary folders including Microsoft and ZoneAlarm and leaving everything else intact without wiping and reload the C:\ drive and without reloading all the applications, licenses etc.?

[accidentally deleted HKEY_USER .DEFAULT, S-1-5-18, S-1-5-19, S-1-5-19]

I received an error message: C:\Windows\system32\zonelabs\vsmon.exe stating that "Validation failed for C:\Windows\system32\VSINIT.dll. You are probably are missing a necessary root certificate.

Plus, accidentally deleted S-1-5-19, S-1-5-19 Classes, S-1-5-20 and S-1-5-20 Classes folders which incluced ZoneAlarm in the HKEY_USER.

Also that .DEFAULT and S-1-5-18 folders are blank (only Default REG_SZ) and the permissions are set to Guest with Special Permission (Allow Read Control) and the owner is Admin in the HKEY_USER

How do I restore the HKEY_USER folders plus ZoneAlarm and how do I restore the necessary root certificate so that I can re-install Zone Alarm Pro properly?

One more thing, does that mean all my data will be erased on the C:\ drive and I would have to manually recover/restore them plus applications?

Besides, every time I boot my PC, the startup are slow. I have to wait 5min to see and use network connection and be able to see and use my HDDs.

After waiting about 5 min, everything works fine including shutdown and restart.

I also tried chkdsk - it stated that the HDD is clean.

URGENT