I was wondering if somone can shed some light on this tough predicament that one
of my clients ran into. While troubleshooting a virus issue, the user
inadvertently set the permissions for the entire HKEY_CLASSES_ROOT reg hive to
deny for the Everyone and Administrator group.

If you have a test machine you can try this and it will render the machine
useless because you won’t be able to execute anything. I was wondering if there
is had a tool to fix this or any workarounds possible. Tests though Active
Directory GPO’s have proven possible but this is not an option for the client who
is NOT on a Domain.

Is it possible that something can/may be done in the "Safe Mode with Command
Prompt" mode ?

Thanx in advance !

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm

Dave,

I created a similar situation in my test system. And none of the
applications ran. Safe Mode Command Prompt did not load either.

However, with BartPE I could revert the permissions for the hive to
defaults. Allowed "Full Control" to Administrators and "Everyone" group, and
is fine. I was thinking about using SubInACL, but that was not needed.

Loading a hive (example):
http://windowsxp.mvps.org/peboot.htm

--
Ramesh, Microsoft MVP
Windows XP Shell/User

Windows XP Troubleshooting
http://www.winhelponline.com


"David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message
news:%23gybJ1bBGHA.3604@TK2MSFTNGP09.phx.gbl...
I was wondering if somone can shed some light on this tough predicament that
one
of my clients ran into. While troubleshooting a virus issue, the user
inadvertently set the permissions for the entire HKEY_CLASSES_ROOT reg hive
to
deny for the Everyone and Administrator group.

If you have a test machine you can try this and it will render the machine
useless because you won't be able to execute anything. I was wondering if
there
is had a tool to fix this or any workarounds possible. Tests though Active
Directory GPO's have proven possible but this is not an option for the
client who
is NOT on a Domain.

Is it possible that something can/may be done in the "Safe Mode with Command
Prompt" mode ?

Thanx in advance !

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm

From: "Ramesh, MS-MVP" <ramesh@XOX.mvps.org>

| Dave,
|
| I created a similar situation in my test system. And none of the
| applications ran. Safe Mode Command Prompt did not load either.
|
| However, with BartPE I could revert the permissions for the hive to
| defaults. Allowed "Full Control" to Administrators and "Everyone" group, and
| is fine. I was thinking about using SubInACL, but that was not needed.
|
| Loading a hive (example):
| http://windowsxp.mvps.org/peboot.htm
|
| --
| Ramesh, Microsoft MVP
| Windows XP Shell/User
|
| Windows XP Troubleshooting
| http://www.winhelponline.com
|

Thank you Ramesh !

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm

You're welcome anytime! Dave.

--
Ramesh, Microsoft MVP
Windows XP Shell/User

Windows XP Troubleshooting
http://www.winhelponline.com


"David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message
news:%23m7R3VkBGHA.1372@TK2MSFTNGP14.phx.gbl...
From: "Ramesh, MS-MVP" <ramesh@XOX.mvps.org>

| Dave,
|
| I created a similar situation in my test system. And none of the
| applications ran. Safe Mode Command Prompt did not load either.
|
| However, with BartPE I could revert the permissions for the hive to
| defaults. Allowed "Full Control" to Administrators and "Everyone" group,
and
| is fine. I was thinking about using SubInACL, but that was not needed.
|
| Loading a hive (example):
| http://windowsxp.mvps.org/peboot.htm
|
| --
| Ramesh, Microsoft MVP
| Windows XP Shell/User
|
| Windows XP Troubleshooting
| http://www.winhelponline.com
|

Thank you Ramesh !

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm