Tech Off Thread

6 posts

Can I restore one of my user's profiles in Vista?

Back to Forum: Tech Off
  • User profile image
    Doctor Who

    My youngest daughter uses my 4 year old laptop, which has Windows Vista installed.  Somehow she got some Trojan (Vista Internet Security).  (I'd love to know how that happened, seeing as how she is a standard user, and I have VIPRE as my AV.)  Anyway, I ran a deep anti-virus scan using VIPRE, which identified it.  I decided to delete everything that it identified.  Now she cannot use anything in her profile.  If she tries to bring up the browser, it recycles over and over again a dialog box asking which program to use.  If I try to run any program at all, it doesn't know what to do.  For example, it is totally lost trying to run the command line.  If I bring up Windows Explorer and navigate to Windows\System32 and try to run the command line, or anything at all from there, it goes "Huh?"

     

    What in heck has happened?? Is it possible to fix this, and if so, how?

     

    As an aside, I can log into my account (my account on that machine is an administrator) and it works fine.

  • User profile image
    W3bbo

    Sounds like a problem one of my housemates had earlier this year, they caught some malware that deleted the file association for *.exe.

     

    There was a trick I employed to force-open RegEdit (I think if you create a *.reg file on the desktop you can invoke the RegEdit process that way) where I then re-set the HKCR\exefile entry.

     

    You'll want to reset the following keys/values (unescape as necessary):

     

    exefile\(Default) = "Application"

    exefile\EditFlags = 38 07 00 00

    exefile\shell\open\command\(Default) = "\"%1\" %*"

     

     

  • User profile image
    cheong

    W3bbo said:

    Sounds like a problem one of my housemates had earlier this year, they caught some malware that deleted the file association for *.exe.

     

    There was a trick I employed to force-open RegEdit (I think if you create a *.reg file on the desktop you can invoke the RegEdit process that way) where I then re-set the HKCR\exefile entry.

     

    You'll want to reset the following keys/values (unescape as necessary):

     

    exefile\(Default) = "Application"

    exefile\EditFlags = 38 07 00 00

    exefile\shell\open\command\(Default) = "\"%1\" %*"

     

     

    Additional tips for regedit.exe: If it won't run, rename / copy it to regedit.com and it should run as usual.

    Recent Achievement unlocked: Code Avenger Tier 4/6: You see dead program. A lot!
    Last modified
  • User profile image
    Doctor Who

    W3bbo said:

    Sounds like a problem one of my housemates had earlier this year, they caught some malware that deleted the file association for *.exe.

     

    There was a trick I employed to force-open RegEdit (I think if you create a *.reg file on the desktop you can invoke the RegEdit process that way) where I then re-set the HKCR\exefile entry.

     

    You'll want to reset the following keys/values (unescape as necessary):

     

    exefile\(Default) = "Application"

    exefile\EditFlags = 38 07 00 00

    exefile\shell\open\command\(Default) = "\"%1\" %*"

     

     

    Do I have to use your little trick of editing the registry for exefile, for each application?

     

  • User profile image
    W3bbo

    Doctor Who said:
    W3bbo said:
    *snip*

    Do I have to use your little trick of editing the registry for exefile, for each application?

     

    Eh? There's only one key "HKEY_CLASSES_ROOT\exefile", and that's all you need to reset. Everything should be back to normal after that.

  • User profile image
    Matthew van Eerde

    > she is a standard user

     

    First, good for you.  Running as a standard user is an excellent thing to do, and it probably saved your system.

     

    > I can log into my account (my account on that machine is an administrator) and it works fine

     

    Good.

     

    > she cannot use anything in her profile

     

    The nuclear option is to delete and recreate her profile.  Is there data she wants to save?  It may be easier to log into your account, copy everything she wants to save, delete her profile, and recreate it (putting the stuff she wanted to save back) then to try to repair all the damage caused by the virus.

Comments closed

Comments have been closed since this content was published more than 30 days ago, but if you'd like to continue the conversation, please create a new thread in our Forums, or Contact Us and let us know.