Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Windows Vista PC boots "normally" to CMD window

Posted on 2013-06-30
5
820 Views
Last Modified: 2013-07-01
A Vista PC was infected with the FBI virus.  I was able to remove it.  After that, it booted to a command window trying to run the virus application, which could not be found.

Ran regedit and removed the key HKEY_CURRENT_USER\Software\Microsoft\Command Processor.

Now, it boots to a blank command window. I can run Task Manager and type explorer at the prompt and everything starts up just fine.  I then have to exit the command window.

How can I change the registry so that it runs explorer without manual intervention?
0
Comment
Question by:splait
5 Comments
 
LVL 93

Expert Comment

by:John Hurst
ID: 39288795
First, you may not have gotten rid of the virus. Be prepared for that.

Next, you should be able to run System File Checker from the command window.

Run SFC /SCANNOW and allow to complete. If it runs, restart and see what happens. I normally suggest running SFC a second time but this is not a normal situation.

Please let us know what happens.

.... Thinkpads_User
0
 
LVL 24

Expert Comment

by:aadih
ID: 39288829
If the above suggestion does not work, try a repair install.

If instructions are needed, use:

http://www.vistax64.com/tutorials/88236-repair-install-vista.html >
0
 
LVL 80

Accepted Solution

by:
David Johnson, CD, MVP earned 500 total points
ID: 39288856
In the registry editor (run as administrator)
change the shell="cmd.exe" to the following:
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Shell"="Explorer.exe"

Like So.
0
 
LVL 92

Expert Comment

by:nobus
ID: 39289155
since this is a Vista system - running for 6 or more years, i suggest to backup everything, and do a fresh install
it takes time, but guarantees you a clean, fast running system in the end

**you may be able to run a factory reset - depending on the system
0
 
LVL 12

Author Closing Comment

by:splait
ID: 39289548
@ve3ofa, while this would have been the quickest solution, that variable was already set correctly.  However, the shell setting under HKEY_CURRENT_USER was "cmd.exe".  I changed that to "explorer.exe" and all is well.  Thank you! (I wish there was an "A-" selection in the grading!)

And thank you to all who responded here.  You are the vertebrae that comprise the backbone of this site!
0

Featured Post

Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
Provide an easy one stop to quickly get the relevant information on common asked question on Ransomware in Expert Exchange.
The Task Scheduler is a powerful tool that is built into Windows. It allows you to schedule tasks (actions) on a recurring basis, such as hourly, daily, weekly, monthly, at log on, at startup, on idle, etc. This video Micro Tutorial is a brief intro…
I've attached the XLSM Excel spreadsheet I used in the video and also text files containing the macros used below. https://filedb.experts-exchange.com/incoming/2017/03_w12/1151775/Permutations.txt https://filedb.experts-exchange.com/incoming/201…

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question