Got a Worm with Registry Mechanic, need help opening Windows

[macx]

AFter I got that worm by running RM, I can no
longer get past the Windows setup box where it
requires the product code.

I've tried going into safe mode, and into safe mode command prompt only, and trying the various options
such as restoring a pre-incident registry, using the
FIX option, etc, and it always comes back to that
stopping point.

Any ideas or suggestions?

Is there a way to go directly from safe mode startup
menu into the C drive, the Program Files folder where
the RM app is located so it could be uninstalled or deleted?

Appreciate any/all help!

Another thought - I'm building a new computer -
could I take the problem HD (which is partitioned into C and D) and physically plug it into the other computer and, using the XP on the new system, get into C\Program Files that way? And without the new system "catching" the worm or whatever it is? The problem system is 98SE, the new one will be XP. That way I wouldn't be trying to
start 98SE on that C drive, but would use the XP on the
other system to go into that C drive and do away with
that thing - would that work?

 

[Vigilante]

I would not classify Registry Mechanic as a "bad" program, certainly not one containing "worms". As I've used it myself on occasion to clean up a registry.

Chances are good it just deleted a key it thought was bad, but was actually needed.

If it wants a "product code", are you talking about the 25-digit license key for Windows? What exactly does it say and what does the screen look like? If it's the 25-digit code, can't you just type yours in? I'm not sure what all this means.

I would not get rid of RM just yet, as it's backup may be your only hope.
---------

In other news. YES you can plug that HDD into your other PC as a "slave". As long as the other PC doesn't try to boot from it.
Should you actually have some kind of virus, it won't "jump" to the other PC. But if the other PC has an up to date Antivirus, it would be good to scan your drive with it. And look for a backup from RM in the form of a *.REG file. Although I don't know how RM stores backups. And then you should be able to input this REG file from Recovery Console. At least I think you can.

good luck

 

[macx]

That idea of RM containing a worm came from the
MS Tech who was helping try to get into Windows.
At least that was his opinion.

To review, I first ran the "free " part of RM, where it
fixed about 1/2 of the problems it listed. It was
after I purchased the full program and re-ran it
and "fixed" the remainder that it started doing
this.

The problem is that when I enter my prod code,
it comes back saying it's invalid. I called MS,
and they gave me a couple diff what must be
"master" prod codes (like a "master key")
and they wouldn't work either. Then the tech
had me go to the Windows startup menu in
safe mode and try restoring a previous known
good registry. It installed it and everything
no problem, but then it lead me right back to
that PC window.

I also tried, from Safe Start, and from Safe Start
Command Prompt Only, the "FIX" and the "RESTORE"
approaches. It would say the registry has been
fixed, but then it still would lead me back to that
PC window. Just like there was something in there
that was blocking my attempt to access windows
and had been programmed to anticipate and block
the usual fixes like restoring a previous good registry
etc.

The Tech is supposed to call me again tomorrow
(today actually) and hopefully he's got some other
ideas. If not, I'll have to get my new system up
and running and try that approach. Before I even
hook to the net the very first time, I'll have some
type of spyware and anti-virus loaded into it.
One I've read about that's supposed to be quite
good for XP is the Kaspersky suite. I have also
read about others, plus the fact that many folks
recommend having more than one spyware program
as none of them catch everything and with two of
the better ones, you're likely to "overlap" and catch
things between the two of them. I think I'll do the
AVG Free in the new system, too, as Kasp doesn't
work w/98SE. I've got the AVG in my existing system.

Although the MS tech said that the Registry should
never be messed with using these kinds of tools,
I have had other knowledgeable folks say that RM
works well and has repeatedly for them. If that's
the case, I would question why it would have deleted
something I need in my registry unless it is corrupted
somehow, and why it blocks the usual methods of
fixing, such as restoring/reinstalling a previous known
good registry.

Time will tell.

Thanks for the info etc!

 

[Vigilante]

I wish I had a screen shot of the screen where this happens.
So this problem is on Win98? I assumed XP.

I suppose the MS tech had you run scanreg /fix from command prompt? If not then try that.
Also the Windows 98 scanreg or whatever it is, makes a backup of your registry on each successfull bootup. So you aught to have backups from before running RM. But it's been so long I don't remember off the top of my head how to do it.

If you are in "true" DOS mode and not in Windows with a DOS box, there is no Windows "worm" or bug that can prevent you from restoring the registry. Unless the registry files themselves are so corrupt, it can't be done. And thus the scanreg /fix command.
Also from DOS, you may want to run this command as well: scandisk /nosave /autofix /surface which will fully test your HDD.

Could you sort of describe the screen where it stops? And what it says exactly? Cause I don't think I've ever come across a screen like that in 98.

 

[macx]

When Win first starts up, it goes to a dialogue box
that looks just like the box that you get when you
first install a new Win. It even says Win Setup Wizard
at the top.

It has the boxes for the Prod Code, and as you type
the code into the boxes in the 5 letter/digit groupings,
it automatically moves to the next box.

When you get finished and Enter, it comes back and
says the prod code is invalid.

As I said, Win Supt gave me 2 diff Prod Codes to
try, probly something like a "master key", but neither
of them worked, either. That's when I got the MS Tech
involved.

I contacted both MS Supt/Tech and pctools.com, they both
pointed me in the same direction. I started up in
Safe Mode, (also tried Safe Mode Command Prompt Only)
and tried the FIX (it came back saying the registry
was fixed but when I tried to start Win it came right
back to that same Prod Code screen), and RESTORE,
using a registry created before the problem happened.
It seemed to install the previous good registry OK, but
then when trying to open Win, it still brought me to
that Prod Code page.

The MS Tech says there's nothing to do but to reformat
the drive and reinstall everything. (!!!)

I just happen to be building a new system with XP,
and the tech agreed with my idea of hooking the
corrupted existing drive into the new system as a slave,
being sure to boot with the new system & XP & not off
of the corrupted drive of course, then retrieving my
data off the D partition. He agreed that simply removing
the corrupted RM from Program Files would likely not
solve the problem as he says the registry itself is so
corrupted that nothing else would work except reformatting
the whole drive, then reinstalling everything. ARGGHHH!

Well, if nothing else, I'm going to take this opp to upgrade
to XP while I'm at it. SE was getting a little long in the
tooth regarding support of newer stuff anyway. We're
going to keep the old system, upgraded w/XP, and my
wife is going to use it for some work-at-home. It's
still plenty functional as I've kept it fairly well upgraded
(cpu, RAM, drive cap).

I just didn't NEED to have this problem right now!
First computer casualty I've had in several years
since I learned the hard way about viruses and had
to reformat/reload once, then shortly after a brand new
drive went blue screen on me. THEN I got anti-virus
and have been relatively problem free ever since.

Let me know where the next hacker convention is -
like "they" say - what a place for a bomb!!! People
that do stuff like that ought to be slapped every morning
before they get up, then have their bag slit and
their leg run thru it!

 

[Vigilante]

Well you must be the lucky one, to not have to reload but once in many years. Reloading PCs is daily life of a person like me. Windows is made up of thousands of problems, er, I mean pieces, and sometimes it just ain't worth the time to try and fix it.

Hope you get back in the swing of things soon. And good luck!