[KyadCK]

If the virus infects the ghost partition, then it will be useless, right?  Or I'll have to burn to DVDs, I guess.  I'm gonna play with Norton Ghost on my own time to get familiar with the software...see if it has improved since.

Burning to DVD is just a waste of time, and very slow when you want it back. Which is why I use drive to drive. Make them pay for a drive atleast close in size to the one they use (yes, ghost can resize the partitions to fit a smaller drive assuming the 'removed' area is blank and up to fill a whole drive) and keep it in your desk drawer so you can copy it back when they break it. For a 500gb drive it is going to take a couble hours (a fresh win install should be perhaps 30-60 mins, possibly 90 after updates and drivers, etc), so be sure to charge for time spent and/or say they have to bring the computer to you where you can just have it running on the side.

I perfer to boot an OS with ghost from a usb drive though so I can get the full IO of both hdds, windows doesnt get in the way of the copy, and better any viruses hit the usb OS then the clean drive.

And having a working harddrive means that should you decided it is necessary, you can update the ghosted drive whenever you want to, not just when they mess up theirs.

(This all obviously works best if they keep pictures, music, videos, etc on another drive or an external one)

[jr2]

Most viruses now change the association of "exefile" and sometimes ".exe" in HKEY_CLASSES_ROOT ... normally, .exe should be:

Name       Type      Data

(Default)  REG_SZ  exefile
Content   REG_SZ  application/x-msdownload

exefile\shell\open\command   should be:

Name                        Type               Data

(Default)                   REG_SZ          "%1" %*
IsolatedCommand   REG_SZ           "%1" %*




They change it from "%1" %* to the path to their fake AV soft so that whenever you try to open a program, it opens the fake AV and runs a fake scan.

EDIT: PS, the exefile is listed after the .zip or whatever extensions (the . makes all extension entries higher).... so scroll past the .z whatever file extensions and the alphabet begins again.

BTW, since regedit.exe is an .exe file, copy it (use Windows + E to get windows explorer, it's in \windows\system32 ), then rename the extension from .exe to .com  .. it works.  Same goes for any other program you want to run, change the extension... until you fix that registry key back to it's default value.  FYI, you will have to set explorer to view system folders, hidden files, and also to display extensions of common file types. (so you can see and change the .exe extension)

[S-99]

Display known file type extensions i wish was default 

[Davros]

heres the reg file

save it as anyname.reg

Windows Registry Editor Version 5.00
[-HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command]
[-HKEY_CURRENT_USER\Software\Classes\secfile\shell\open\command]
[-HKEY_CLASSES_ROOT\.exe\shell\open\command]
[HKEY_CLASSES_ROOT\.exe]
@="exefile"
"Content Type"="application/x-msdownload"
[-HKEY_CLASSES_ROOT\secfile]

then merge it

[Achillion]

Display known file type extensions i wish was default 

By far one of the biggest mistakes introduced in an OS. I understand wanting to hide some stuff from the illiterate users, but showing the extension and making it difficult to change would have worked so much better!

PS: Sorry for going off topic!

[jr2]

It sort of does that anyways... when you display the extensions and try to change them, it says that it might cause things to stop working.

[MachManX]

Well, I tried Davros' reg file but it changed nothing.  Also, I tried renaming the .exe to .com as jr2 suggested and open the file, but it would simply give me the administration prompt, which I click yes, and then nothing.  So not even regedit.com would run.  This must be some nasty virus or viruses, lol.  I'm just gonna reformat and install Kubuntu.  Ideally, I would like to run an antivirus program on the data drive before installing Kubuntu.  Gonna run Kubuntu LiveCD and see if I can find an antivirus program there.

[jr2]

Problem is UAC (the prompt for the OK) is itself a program IIRC... so yeah, you're FUBAR...

Except, try tapping F8 on boot, go to repair your computer, open System Restore (NOT system recovery, that wipes your drive) and go back to before the infection.

[Achillion]

Why specifically Kubuntu? Not that I have any problem with KDE, just curious as to why you are so particular?

[S-99]

Hmmm, kubuntu...well, not a bad choice if you don't like unity

[MachManX]

Well, the KDE interface is the one most similar to Windows.  So the "OS shock" (kinda like culture shock from going to one country to another) of transitioning to a linux OS would be least felt with the KDE GUI.  I am dealing with a family of novices here, after all   Besides, from what I read, Unity is more designed for touch screens and netbooks.  I dunno the reason but the kids prefer their 15" LCD over a larger unit.  If I start to even think about why, my brain would probably have a reactor meltdown (kids....) .

I've used Kubuntu and Ubuntu in the past, so I am somewhat familiar with them.  Otherwise I've never used any other linux OSes besides Telnet (is Telnet an OS?) .  Also there's so much Ubuntu support out there and I know I NEED support as I would consider my knowledge level a 3 on a scale of 1-10 for Ubuntu.

BTW, I've already installed Kubuntu for them and so far they've adjusted to it just fine.  Handbrake works for their dad.  Internet browsing is the same and most required software comes preinstalled.  I installed Edubuntu software package for KDE so that the kids can use the educational software.  The only small downfall I'd say is the Wine support for windows games.  They can't play Sonic Adventure because the sound doesn't work, so I gave up on it.  The internet usage can be controlled by parents now + game usage, so parents actually like this OS.  Had to get a printer that supported Linux, but they're happy with the new printer.  Oh, NO VIRUSES YET!!   So I'm happy!