Corrupted Registry

B

Boufeez

Posts: 166   +0
After disinfecting malware on the machine, I am having a little trouble trying to repair the registry the malware has caused.

When I boot into repair mode, I get to the screen with select language and there is no keyboard or mouse.

I read somewhere that windows does not like usb 3 ports so I plugged into usb 2.0 and still no luck.

I get errors such as :
" C:\windows\system32\config\system: The process cannot access the file because it is being used by another process"

Seeking guidance on how I can repair the registry for the most part. Be able to boot into repair mode with a working keyboard and mouse. Or just instructions on how I can repair the REG.

Much appreciated

Here is the link with the logs from the Disinfection process I went thru with Broni. Great guy.

https://www.techspot.com/community/topics/maleware-detected.222347/#post-1515798
 
I've read a few cases where malware removal has taken a huge amount of time and effort but resulted in a system with serious issues. If you can't correct the problems quickly with something like CCleaner or Glarysoft Utilities you might be better off reinstalling Windows.
 
There's a backup set of files for the registry (Win/7Pro sp 1, but should be universally true)
  • the primary files are {DEFAULT,SAM,SECURITY,SOFTWARE,SYSTEM}
  • the active registry is in \windows\system32\config\
  • the backup copies are in \windows\system32\config\RegBack\
to work on these files you must boot into SAFE MODE, and login as admin
*RUN NO OTHER PROGRAMS* *DISCONNECT FROM THE INTERNET*

get a command prompt and CD \windows\system32\config\RegBack

  • verify these exist DIR DEFAULT,SAM,SECURITY,SOFTWARE,SYSTEM
  • if so, copy thus
  • COPY /U /Y DEFAULT,SAM,SECURITY,SOFTWARE,SYSTEM ../
should be no errors

THEN, do not reboot or shutdown, instead BE BRUTAL and HARD POWER OFF.
If you were to reboot or shutdown, the new files would be corrupted too.
 
Ok there is a software made perfect for this after a invasion of malware. Good Ole Combo Fix. (I WILL SAY PLEASE USE AT YOUR OWN RISK) it will edit the registry and fix corrupted items. I would take a back up of your registry just in case something happens but in all honesty I never had an issues using it. It is amazing software and my last resort when items are really messed up. You can download this software here: http://www.bleepingcomputer.com/download/combofix/

While doing this scan it can take some time to complete. You also may lose internet connectivity but this ok just reboot and everything will be ok. If you get an error saying cannot open this was marked for deletion dont worry just reboot your pc and it will finish the combo fix. Let me know if you have any success. Or any issues? I would not think you will run into any issues just a fixed computer.

NOTE: I have has to run Combofix twice before to resolve a really infected machine.
 
verneronomous said:
Ok there is a software made perfect for this after a invasion of malware. Good Ole Combo Fix. (I WILL SAY PLEASE USE AT YOUR OWN RISK) it will edit the registry and fix corrupted items. I would take a back up of your registry just in case something happens but in all honesty I never had an issues using it. It is amazing software and my last resort when items are really messed up. You can download this software here: http://www.bleepingcomputer.com/download/combofix/

While doing this scan it can take some time to complete. You also may lose internet connectivity but this ok just reboot and everything will be ok. If you get an error saying cannot open this was marked for deletion dont worry just reboot your pc and it will finish the combo fix. Let me know if you have any success. Or any issues? I would not think you will run into any issues just a fixed computer.

NOTE: I have has to run Combofix twice before to resolve a really infected machine.
Click to expand...
Sorry about my English in my last sentence I blew it there.
 
That sounds interesting but there still seem to be compatiblity issues. The page you link to says it works with W8 but not W8.1. Most of us are on or about to upgrade to Windows 10.
 
If you have the dir \windows\system32\config\RegBack, the instructions above are system independent :)
 
Hi all, Have anyone tried using Windows Registry Offline repair option. You will be able to repair your corrupted Windows Registry by using the same Windows Operating system DVD. I have attached a PDF file document with the screenshot step by step guide, I insist to read the document carefully before attempting to perform the steps.

Have Fun....!
 

Attachments

  • Offline Modify Windows Registry.pdf
    678.2 KB · Views: 6
You must log in or register to reply here.

Similar threads

Jess_123
My num pad + doesn't work ...
Replies
0
Views
300
Jess_123
Jess_123
Daniel Sims
Modder crams a working Windows 11 PC into a mouse with a screen
Replies
8
Views
270
amghwk
amghwk
R
No Keyboard or Mouse
Replies
1
Views
1K
EmmaBarr
EmmaBarr

Latest posts

Back