Protect Yourself From Tech Support Scams
October 14, 2019
Protect Yourself From Tech Support Scams
Tech support scams are an industry-wide issue where scammers trick you into paying for unnecessary technical support services. You can help protect yourself from scammers by verifying that the contact is a Microsoft Agent or Microsoft Employee
and that the phone number is an official Microsoft global customer service number.
Help! I've been using Windows 7 for a couple of days and this problem has been driving me mad. At random times, when a user logs in, it comes up with a temporary profile. This is all on a single machine with 4 user accounts (2 of which are admin). The
only cure is a reboot. It's bad enough when it's my account or my wife's, but my children shouldn't have to know how to sort this out :-/
I was using Vista for a couple of years on the same machine and never had this problem. I had the same user profiles. When I installed 7, I set up new profiles and copied the data across from my Vista backup.
It is obviously not a permanently corrupted profile as it goes for periods without any problems. Any help would be appreciated.
This thread is locked. You can follow the question or vote as helpful, but you cannot reply to this thread.
Subscribe to RSS feed
Last updated January 11, 2020
I ran Sysinternals' Process Monitor and logged only registry events for "RegLoadKey" and "RegUnloadKey" and
found the culprit: "GoogleUpdater.exe"
I wish I could upload an image of Process Monitor so everyone could see, but in my case, the problem is
without a doubt caused by one of the several Google Update services. I left it logging in my login and went to work, then when I came home, one of my kids tried to login and got the temporary profile, so I switched users back to mine and looked at
Process Explorer: sure enough, at 9:57am GoogleUpdater.exe loaded every single users' profile and
never unloaded them! As I mentioned in my earlier post, I can unload their registry hives manually using RegEdit, since they are not logged in.
I can see that a few other processes have loaded and quickly unloaded the profiles as well, such as CarboniteService.exe and MsMpEng.exe. Restated for clarity: Carbonite is
not the problem.
I have Google Chrome, Google Earth, and Picasa 3 installed; I do not have the Google Toolbar installed, but I've read (now) that it also installs the Google Updater service(s).
There are several threads on external web sites on how to uninstall and/or disable Google Update services. I think the easiest method is to use another Sysinternals' tool, AUTORUNS.exe, and search for all the "Google" entries and uncheck them. There are
two different Google Updater Windows Services as well as several Google Update Scheduled Tasks. It may be overkill to disable them all, but I'm sick and tired of this temporary profile problem.
Of course, now that I know what to look for, there are several posts across the web regarding "Google Update" and "Temporary Profile" issues, with the suggestion to uninstall/disable Google Update to fix the temporary profile problem. <sigh>
If you want to know whether Google Update is causing your problem, run RegEdit and expand "HKEY_USERS" and look at the names of the keys (they look like folders) on the left. If you see some keys named COMPUTERNAME_USERNAME (with your computer name and
users' names of course) then those are the ones loaded by Google Updater services. When real users login, their profiles are loaded into keys name "S-1-......." with a bunch of letters and numbers.
If you disable all the Google Updater services and scheduled tasks and still have the problem, try running Sysinternals' "Process Monitor" (it's free) and logging
only registry events "RegLoadKey" and "RegUnloadKey" and see who is causing your problem. Note that you may have to leave Process Monitor running for several hours or even days in order to catch the culprit.
NOTE: It's not sufficient to run Process Explorer or other programs to determine which process has the users' profile files locked (NTUSER.DAT) because when a program requests a users' profile to be loaded then the SYSTEM process actually does the loading,
not the process that requested that the profile be loaded.
Google Updater is behaving badly, and Google needs to fix it, which is apparently why the problem arises in Windows XP, Vista, and Windows 7. My apologies to Microsoft for my earlier ugly comment about Apple and MAC OS X.
I hope this helps some of you fellow sufferers.
1 person was helped by this reply
Did this solve your problem?
Sorry this didn't help.
Great! Thanks for marking this as the answer.
How satisfied are you with this reply?
Thanks for your feedback, it helps us improve the site.