Results 1 to 6 of 6

Thread: Registry problem

  1. #1
    Member mrA's Avatar
    Join Date
    May 2004
    Location
    Tallinn - Estonia
    Posts
    66

    Registry problem

    Ok, here's the deal: My roommate used my laptop and started fiddling with the registry. He mostly knows what he's doing... He was testing out a reg "hack" that disables the use of certain programs on a given user profile. He was stupid enough to try it on his own. So what he ended up doing is disabling access to ALL programs but the one he tried to disable. Meaning, Winamp is the only program that can be opened. I know where this key is located, so what i'm wondering is if i can remotely access his accounts reg from the admin account.

    I tried opening up the reg through the admin account but that key and subkey is not there. He used this website to get his info:

    http://www.kellys-korner-xp.com/win_xp_logon.htm

    What he tried to do was Restrict Applications Users Can Run.
    He made a backup before hand but windows won't let him run the reg file.

    Quite a perdicament...

  2. #2
    Titanium Member efc's Avatar
    Join Date
    Sep 2002
    Location
    North Central Arkansas
    Posts
    2,103
    Run recovery.
    Linux Mint Debian Edition

  3. #3
    Member mrA's Avatar
    Join Date
    May 2004
    Location
    Tallinn - Estonia
    Posts
    66
    Tried that. He can't run any excecutable file. Last known good config did nothing. Is there any way to access the reg via the Admin account?

    According to Kellys-korner the damage is irreversable, but I'm positive the good people of Techzonez have a solution.

  4. #4
    Member mrA's Avatar
    Join Date
    May 2004
    Location
    Tallinn - Estonia
    Posts
    66
    Right, so going to HKEY_USERS gives me access to the reg keys that were added. Next time I use my head before posting Thanks for the help anyway

  5. #5
    Head Honcho Administrator Reverend's Avatar
    Join Date
    Apr 2002
    Location
    England
    Posts
    14,842
    Have you tried restoring the registry backup or using system restore in Safe Mode ?

    =========== Please Read The Forum Rules ===========

  6. #6
    Triple Platinum Member Curio's Avatar
    Join Date
    Nov 2004
    Location
    London
    Posts
    686
    His user registry is under his SID in the HKEY_USERS key you just need to identify his SID (looks like S-1-5-220-xxxxx...) or look through them all until you find the key you are looking for (use RegSeeker). You can also use LoadHive to load his registry in an external boot environment like BartPE.
    Enjoy.
    I'm using Windows 7 - you got a problem with that?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •