Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Need to restore cmd.exe to its original state...


  • Please log in to reply
7 replies to this topic

#1 phasmos

phasmos

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:05:34 PM

Posted 12 May 2014 - 09:56 AM

Hello all -

 

Long story short: My Dad's computer (an HP 2000 laptop running Windows 7 Home Premium) began acting up after a power outage a few weeks ago; it reverted to "User must login at Startup" mode and would not recognize his password, so he was effectively locked out of his own computer. (Trying to talk him through possible repairs by phone was a hell I cannot begin to describe. He still has trouble remembering what "desktop" or "icons" mean.)

 

I'm visiting my folks in person now, so with actual physical access to the computer I am able to try fixing the problem myself. As this was one of those "Windows is installed and licensed, but we won't include a system CD in the package" bargain deals, I was forced to use a hack I found online (on my phone, in case you're wondering) to reset his password and actually get to the desktop, which included accessing the command line from a Notepad link and using this trick:

 

"Lastly, select File - > Open - > Files of Type "All Files" - > Local Disk - > Windows - > System 32. We are almost done, once you have your system 32 folder open scroll down until you find the file "sethc" and rename it to anything, now scroll up until you find the application "cmd" and copy it, paste it and rename it to sethc. We are now done, what this has done is replaced the sticky keys function with a administrator privileged command prompt, in other words when you are at your log in screen press shift 5 times rapidly and a command prompt will open."

 

(The entire process may be seen here: http://www.lifepunch.net/forums/archive/index.php?thread-23249.html)

 

This worked perfectly - I'm on his laptop now and scanning it for malware to be safe - but now that I've renamed "cmd" to "sethc" (and sethc, whatever that is, to something else) the shortcut to cmd.exe in the Applications folder no longer works...and I cannot restore the original names of either of those files now that I'm in "Dad" user mode, which apparently is not the same as "Trusted Installer" mode.

 

(I did finally get the command window open when I remembered that cmd.exe is now called "sethc" so if it's something I need to fix from there, I can actually use the prompt.)

 

My question is this: Now that I've restored the password and disabled the "Login at Startup" setting, how do I restore the original names to these files so that I can access the command prompt from where I'm supposed to (and presumably un-bugger anything else that renaming them might have done)?

 

ADDENDUM: It occurs to me that I may have missed the "copy & paste" part of the process in my weary state last night and actually renamed the original cmd.exe rather than a duplicate of it! In any case, it seems to be a matter of permissions. Any ideas?

 

Thanks in advance for your assistance!


Edited by phasmos, 12 May 2014 - 10:09 AM.


BC AdBot (Login to Remove)

 


#2 Kilroy

Kilroy

  • BC Advisor
  • 3,479 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Launderdale, MN
  • Local time:03:34 PM

Posted 12 May 2014 - 10:08 AM

So, instead of copying and pasting you skipped right to the rename?  You should be able to make a copy of SETHC and rename it to CMD.  You may need to create an Administrative account to accomplish this.



#3 JohnC_21

JohnC_21

  • Members
  • 24,829 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:34 PM

Posted 12 May 2014 - 10:08 AM

Hello, and Welcome

I would thing it could easilly be done offline wilth a small linux distro like Puppy; Burn the iso by doubleclicking it. It may ask for a program to burn it. Microsoft Burner should be listed in available programs. Boot the Puppy CD and then click on the hard drive in the lower left once to mount it. A file manager will open. Browse to the file you changed, sethc, right click it and rename it to cmd.

 

I would download Puppy 5.2.8

 

Edit: I would follow Rkilroys advice.


Edited by JohnC_21, 12 May 2014 - 10:09 AM.


#4 phasmos

phasmos
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:05:34 PM

Posted 12 May 2014 - 10:12 AM

RKilroy, you hit the nail on the head. I'll try it now...how do I go about creating an Admin account?

 

Thanks to you also, John C!


Edited by phasmos, 12 May 2014 - 10:12 AM.


#5 phasmos

phasmos
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:05:34 PM

Posted 12 May 2014 - 10:16 AM

Wow, it worked! It gave me permission for the copy, paste, & rename.

 

Do I need to delete the original sethc/cmd file?



#6 Kilroy

Kilroy

  • BC Advisor
  • 3,479 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Launderdale, MN
  • Local time:03:34 PM

Posted 12 May 2014 - 10:19 AM

Actually, looks like you can do this from the renamed command prompt.  Launch SETHC, type CD C:\Windows\System32 <ENTER>, type COPY SETHC.EXE CMD.EXE <ENTER>

 

Since I have local admin rights your mileage may vary.



#7 Kilroy

Kilroy

  • BC Advisor
  • 3,479 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Launderdale, MN
  • Local time:03:34 PM

Posted 12 May 2014 - 10:20 AM

Since you've already borked SETHC.exe just leave it as a second copy of CMD.EXE.



#8 phasmos

phasmos
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:05:34 PM

Posted 12 May 2014 - 10:27 AM

Gotcha. I just copied and pasted the original "sethc" (which I renamed ZEBRA for the purposes of that workaround) and tried to give it back its proper name, but it only permits me to call it "sethc (2)" since the alternate "sethc" (actually the renamed cmd file) is still in place. Is sethc (a.k.a. "sticky keys" or something like that) an important application that should be restored as well? Should I try to delete the (now secondary) copy of it and give the original ZEBRA/sethc back its proper name?

 

Thanks so much for your help!






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users