Free Republic
Browse · Search 		General/Chat
Topics · Post Article

To: raybbr
Occasionally, malware will corrupt essential files within the user profile. Sometimes, it will change permissions on the registry keys that allow you access to the profile.

When the computer is "cleaned", occasionally these corrupted files are quarantined or removed completely.

Try going to this link, especially steps 2 and 3.

I've had to run sfc /scannow from an administrative command prompt occasionally after cleaning. Another thing is to check the permissions on the registry keys in HKLM\Sofware\Microsoft\WindowsNT\CurrentVersion\ProfileList. I've seen malware hijack the permissions of these keys which once cleaned, need to have permissions reset to allow the operating system to gain access to them.

Trouble with malware is that there could be several different causes for this problem. Just going to take some digging.
10 posted on 09/15/2014 1:24:38 PM PDT by mmichaels1970
[ Post Reply | Private Reply | To 1 | View Replies ]

To: mmichaels1970; cynwoody
I found some info on this on MS's site. I checked the registry entries and this:

khan_abyss replied on February 11, 2013See post history

ReplyIn reply to DiagoFox's post on November 26, 2012

Actually, I JUST had this issue myself. I had to clone my partition to a new hard drive and this first messed up my c <-> d drive lettering. After a few hours to fix this, I started to have this same issue with the TEMP profile. I searched around within the Registry and found an entry here;

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList

If you look within one of the sub-keys within that (on mine it was called 5-1-5-21-557812858-3650550099-3850275229-1001), you will find a key called 'ProfileImagePath'. Ensure that key is pointing to the right directory. Once I pointed it to the right hdd, my TEMP profile issue was fixed.

Hope this helps you out.
I went to the same path and found my profile looked something like this:
5-1-5-21-557812858-3650550099-3850275229-1001.bak
I removed the .bak and logged in my user account,no problem!
Hope this helps someone

From here helped me a bit.

I found the profile keys that had a .bak extension, deleted them and resigned in to each account. That created the new users as shown in the shot below:

It created new folders.

I DID run MS's scanner and MS Security essentials.

The data is still there but the user's profile points to the folders with the .OfficePC8 name. To get the data the user must find the folder without that extension.


21 posted on 09/15/2014 3:26:07 PM PDT by raybbr (Obamacare needs a death panel.)
[ Post Reply | Private Reply | To 10 | View Replies ]

Free Republic
Browse · Search 		General/Chat
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson