TechSpot

Got a Worm with Registry Mechanic, need help opening Windows

By macx
Oct 20, 2005
  1. AFter I got that worm by running RM, I can no
    longer get past the Windows setup box where it
    requires the product code.

    I've tried going into safe mode, and into safe mode command prompt only, and trying the various options
    such as restoring a pre-incident registry, using the
    FIX option, etc, and it always comes back to that
    stopping point.

    Any ideas or suggestions?

    Is there a way to go directly from safe mode startup
    menu into the C drive, the Program Files folder where
    the RM app is located so it could be uninstalled or deleted?

    Appreciate any/all help!

    Another thought - I'm building a new computer -
    could I take the problem HD (which is partitioned into C and D) and physically plug it into the other computer and, using the XP on the new system, get into C\Program Files that way? And without the new system "catching" the worm or whatever it is? The problem system is 98SE, the new one will be XP. That way I wouldn't be trying to
    start 98SE on that C drive, but would use the XP on the
    other system to go into that C drive and do away with
    that thing - would that work?
     
  2. Vigilante

    Vigilante TechSpot Paladin Posts: 2,120

    I would not classify Registry Mechanic as a "bad" program, certainly not one containing "worms". As I've used it myself on occasion to clean up a registry.

    Chances are good it just deleted a key it thought was bad, but was actually needed.

    If it wants a "product code", are you talking about the 25-digit license key for Windows? What exactly does it say and what does the screen look like? If it's the 25-digit code, can't you just type yours in? I'm not sure what all this means.

    I would not get rid of RM just yet, as it's backup may be your only hope.
    ---------

    In other news. YES you can plug that HDD into your other PC as a "slave". As long as the other PC doesn't try to boot from it.
    Should you actually have some kind of virus, it won't "jump" to the other PC. But if the other PC has an up to date Antivirus, it would be good to scan your drive with it. And look for a backup from RM in the form of a *.REG file. Although I don't know how RM stores backups. And then you should be able to input this REG file from Recovery Console. At least I think you can.

    good luck
     
  3. macx

    macx TS Maniac Topic Starter Posts: 745

    That idea of RM containing a worm came from the
    MS Tech who was helping try to get into Windows.
    At least that was his opinion.

    To review, I first ran the "free " part of RM, where it
    fixed about 1/2 of the problems it listed. It was
    after I purchased the full program and re-ran it
    and "fixed" the remainder that it started doing
    this.

    The problem is that when I enter my prod code,
    it comes back saying it's invalid. I called MS,
    and they gave me a couple diff what must be
    "master" prod codes (like a "master key")
    and they wouldn't work either. Then the tech
    had me go to the Windows startup menu in
    safe mode and try restoring a previous known
    good registry. It installed it and everything
    no problem, but then it lead me right back to
    that PC window.

    I also tried, from Safe Start, and from Safe Start
    Command Prompt Only, the "FIX" and the "RESTORE"
    approaches. It would say the registry has been
    fixed, but then it still would lead me back to that
    PC window. Just like there was something in there
    that was blocking my attempt to access windows
    and had been programmed to anticipate and block
    the usual fixes like restoring a previous good registry
    etc.

    The Tech is supposed to call me again tomorrow
    (today actually) and hopefully he's got some other
    ideas. If not, I'll have to get my new system up
    and running and try that approach. Before I even
    hook to the net the very first time, I'll have some
    type of spyware and anti-virus loaded into it.
    One I've read about that's supposed to be quite
    good for XP is the Kaspersky suite. I have also
    read about others, plus the fact that many folks
    recommend having more than one spyware program
    as none of them catch everything and with two of
    the better ones, you're likely to "overlap" and catch
    things between the two of them. I think I'll do the
    AVG Free in the new system, too, as Kasp doesn't
    work w/98SE. I've got the AVG in my existing system.

    Although the MS tech said that the Registry should
    never be messed with using these kinds of tools,
    I have had other knowledgeable folks say that RM
    works well and has repeatedly for them. If that's
    the case, I would question why it would have deleted
    something I need in my registry unless it is corrupted
    somehow, and why it blocks the usual methods of
    fixing, such as restoring/reinstalling a previous known
    good registry.

    Time will tell.

    Thanks for the info etc!
     
  4. Vigilante

    Vigilante TechSpot Paladin Posts: 2,120

    I wish I had a screen shot of the screen where this happens.
    So this problem is on Win98? I assumed XP.

    I suppose the MS tech had you run scanreg /fix from command prompt? If not then try that.
    Also the Windows 98 scanreg or whatever it is, makes a backup of your registry on each successfull bootup. So you aught to have backups from before running RM. But it's been so long I don't remember off the top of my head how to do it.

    If you are in "true" DOS mode and not in Windows with a DOS box, there is no Windows "worm" or bug that can prevent you from restoring the registry. Unless the registry files themselves are so corrupt, it can't be done. And thus the scanreg /fix command.
    Also from DOS, you may want to run this command as well: scandisk /nosave /autofix /surface which will fully test your HDD.

    Could you sort of describe the screen where it stops? And what it says exactly? Cause I don't think I've ever come across a screen like that in 98.
     
  5. macx

    macx TS Maniac Topic Starter Posts: 745

    When Win first starts up, it goes to a dialogue box
    that looks just like the box that you get when you
    first install a new Win. It even says Win Setup Wizard
    at the top.

    It has the boxes for the Prod Code, and as you type
    the code into the boxes in the 5 letter/digit groupings,
    it automatically moves to the next box.

    When you get finished and Enter, it comes back and
    says the prod code is invalid.

    As I said, Win Supt gave me 2 diff Prod Codes to
    try, probly something like a "master key", but neither
    of them worked, either. That's when I got the MS Tech
    involved.

    I contacted both MS Supt/Tech and pctools.com, they both
    pointed me in the same direction. I started up in
    Safe Mode, (also tried Safe Mode Command Prompt Only)
    and tried the FIX (it came back saying the registry
    was fixed but when I tried to start Win it came right
    back to that same Prod Code screen), and RESTORE,
    using a registry created before the problem happened.
    It seemed to install the previous good registry OK, but
    then when trying to open Win, it still brought me to
    that Prod Code page.

    The MS Tech says there's nothing to do but to reformat
    the drive and reinstall everything. (!!!)

    I just happen to be building a new system with XP,
    and the tech agreed with my idea of hooking the
    corrupted existing drive into the new system as a slave,
    being sure to boot with the new system & XP & not off
    of the corrupted drive of course, then retrieving my
    data off the D partition. He agreed that simply removing
    the corrupted RM from Program Files would likely not
    solve the problem as he says the registry itself is so
    corrupted that nothing else would work except reformatting
    the whole drive, then reinstalling everything. ARGGHHH!

    Well, if nothing else, I'm going to take this opp to upgrade
    to XP while I'm at it. SE was getting a little long in the
    tooth regarding support of newer stuff anyway. We're
    going to keep the old system, upgraded w/XP, and my
    wife is going to use it for some work-at-home. It's
    still plenty functional as I've kept it fairly well upgraded
    (cpu, RAM, drive cap).

    I just didn't NEED to have this problem right now!
    First computer casualty I've had in several years
    since I learned the hard way about viruses and had
    to reformat/reload once, then shortly after a brand new
    drive went blue screen on me. THEN I got anti-virus
    and have been relatively problem free ever since.

    Let me know where the next hacker convention is -
    like "they" say - what a place for a bomb!!! People
    that do stuff like that ought to be slapped every morning
    before they get up, then have their bag slit and
    their leg run thru it!
     
  6. Vigilante

    Vigilante TechSpot Paladin Posts: 2,120

    Well you must be the lucky one, to not have to reload but once in many years. Reloading PCs is daily life of a person like me. Windows is made up of thousands of problems, er, I mean pieces, and sometimes it just ain't worth the time to try and fix it.

    Hope you get back in the swing of things soon. And good luck!
     
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.