0

I was writing a batch file that was supposed to automatically set up a computer to receive "psexec" remote commads. Unluckly i didn't really pay attention to what i was writing and i wrote this command and then ran It:

setx /M Path "C:\Windows\System32\PSTools"

You can imagine what happened... I erased all the other path variables! Then, panicking, mis-reading an online-forum, I restarted the computer. I had no backups, no saving points and neither, obviously, opened cmd's or powershell's session. My questions are:

  1. Is there still a way to recover the path variables i lost or they're gone forever?
  2. If they're gone, is there a way for me to like "re-write" them or just get a list of the missing ones?

I know that my questions will seem stupid to the experienced programmers and i apologise for that, but I actually started this project with almost zero skills in bat, cmd, and the other stuffs... Thanks to everyone that will help <3

Updated: Ok, i have found in "C:\" a folder called "Windows.old", is It possible that inside It are still stored the path variables? Inside this folder there are mostly the same folders and files as "C:\Windows" one and is full of ".mui" files, but if I do the "advanced start-up" the computer says there are no restore points. What should I do?

Xcode
  • 1

1 Answers1

1

First of all, the system path environment variable is stored in the registry at:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Environment\Path

You may have a backup of this value under

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager\Environment\Path

or ControlSet002 or ControlSet003, but most likely the value will be the same as under CurrentControlSet.

The Path value should be of type REG_EXPAND_SZ and the default value looks like:

 %SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;

if you have additional values, they are appended, or sometimes unfortunately prepended to the list. Semicolons separate each entry.

A lot of software including some by Microsoft itself, uses incorrect commands to add a new entry to this value and you end up with a value of type REG_SZ and a value like:

C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0;

While this works in most cases, it breaks in others. Always better to use a REG_EXPAND_SZ type.

After changing this value using regedit.exe you should reboot your OS, especially if that value was incorrect before.

Peter Hahndorf
  • 13,763
  • 3
  • 37
  • 58