Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Bagle Worm, cant access Antivirus/hijackthis!plz help [RESOLVED]


  • This topic is locked This topic is locked

#76
RatHat

RatHat

    Ex Malware Expert

  • Expert
  • 7,829 posts
Did you copy the I386 folder across and run the registry script; FixReg.reg?
  • 0

Advertisements


#77
verve

verve

    Member

  • Topic Starter
  • Member
  • PipPip
  • 71 posts
yep the folder is there and i ran the script..shyould i do it again?
  • 0

#78
RatHat

RatHat

    Ex Malware Expert

  • Expert
  • 7,829 posts
Yes run the FixReg.reg script, remove the CD from the drive, reboot your computer, and try running SFC /SCANNOW again.

When you run the FixReg.reg script, you should get a message asking you if you want to merge it with your registry, allow it, the it should tell you it has been merged successfully.

Let me know if this went OK.
  • 0

#79
verve

verve

    Member

  • Topic Starter
  • Member
  • PipPip
  • 71 posts
it doesnt work

still asks for cd, still get resolution and settings reset on every startup. something is really wrong in this system....would hijack log help?
  • 0

#80
RatHat

RatHat

    Ex Malware Expert

  • Expert
  • 7,829 posts
Copy the contents of the code box below using Ctrl and C at the same time:

CMD /C Reg Query HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup >"%Userprofile%\Desktop\Report.txt

Now click Start, then Run, and paste it in using Ctrl and V at the same time. Then hit OK.

You will now find a notepad file on your desktop named Report.txt

Open that up and paste the contents back here.
  • 0

#81
verve

verve

    Member

  • Topic Starter
  • Member
  • PipPip
  • 71 posts
! REG.EXE VERSION 3.0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup
DriverCachePath REG_EXPAND_SZ %SystemRoot%\Driver Cache
BootDir REG_SZ C:\
PrivateHash REG_BINARY CDF388BF44BB559BB027CC16B669AADB
Installation Sources REG_MULTI_SZ C:\Drivers\SonyUSB\0C:\WINDOWS\OPTIONS\CABS\0D:\\0\0
SourcePath REG_SZ C:\
ServicePackSourcePath REG_SZ D:\
CDInstall REG_DWORD 0x1
LogLevel REG_DWORD 0x0
ServicePackCachePath REG_SZ c:\windows\ServicePackFiles\ServicePackCache

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\BaseWinOptions

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Oc Manager

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\OOBE

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\OptionalComponents

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\WindowsFeatures



its doing the weirdest things..sometimes starting one program at startup and now a different one...
  • 0

#82
RatHat

RatHat

    Ex Malware Expert

  • Expert
  • 7,829 posts
Lets see if this fixes it. Please copy the entire contents of the codebox below into Notepad:
  • Open Notepad
  • Copy the contents of the codebox below using CTRL C

REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup]
"ServicePackSourcePath"="C:\\WINDOWS\\ServicePackFiles"
  • Now return to Notepad and use CTRL V to paste the script
  • Verify that you have pasted the complete script
  • Save the Notepad file to your Desktop as FixReg2.reg using Save as Type: All files
  • Locate FixReg2.reg on your desktop
  • Double click to run, and when prompted Allow the file to merge with your registry
  • OK your way out.

After that, Reboot, and lets see if SFC /SCANNOW will run.
  • 0

#83
verve

verve

    Member

  • Topic Starter
  • Member
  • PipPip
  • 71 posts
same thing. doesnt work.

this is quite worrying, I need to be online to read your messages, but that also means that for the past 3 days im completely volnerable to attacks and viruses.... is there no way to at least protect my pc temporairly... would running a new windows install help at all?
  • 0

#84
RatHat

RatHat

    Ex Malware Expert

  • Expert
  • 7,829 posts
Hey Dave,

It may be that a Repair Install of Windows is going to be the only way that we can resolve this. This may mean that some of your programs will need to be re-installed to ensure they function properly. Now I know you have said that you do not want to reformat, and that you are constrained by time, so this may be the best alternative.

Let me know if you would like to proceed this way, and if so, I'll give you instructions on how to go about it.

Regards,
RatHat
  • 0

#85
verve

verve

    Member

  • Topic Starter
  • Member
  • PipPip
  • 71 posts
i know how to reformat my pc, but that is LITERALLY the last option. I have way too many settings/programs/and files to allow a reformat. I have no where to back things up, and I dont want to pull everything from C: to E:, that's not a healthy option.

I dont understand what has happened to the pc from the point that the Bagle was cleaned, to now? is reinstalling windows without reformating not an option?
  • 0

Advertisements


#86
verve

verve

    Member

  • Topic Starter
  • Member
  • PipPip
  • 71 posts
sorry for being difficult but im far too busy and too reliant on my pc to reformat it right now. I've got deadlines, and these 3days i've lost have already cost me much.
  • 0

#87
RatHat

RatHat

    Ex Malware Expert

  • Expert
  • 7,829 posts
I am not talking about reformatting the drive Dave, I am talking about carrying out a Windows Repair Install.

See this post for details of what I am talking about.
  • 0

#88
verve

verve

    Member

  • Topic Starter
  • Member
  • PipPip
  • 71 posts
that's fine, i can do that,

but why would i need to reinstall anything if i do a repair?

also,


is the virus issue now done? meaning, if i do a repair, will i be able to run my sofwares like my antivirus and all that? or is there still a virus issue?


thanks
  • 0

#89
verve

verve

    Member

  • Topic Starter
  • Member
  • PipPip
  • 71 posts
hi rathat.

did the repair. nothign seems to have changed.

still doesnt startup most of what should startup. avast is not a valid win32 application... when will this end :)

any suggestion for next step?
  • 0

#90
verve

verve

    Member

  • Topic Starter
  • Member
  • PipPip
  • 71 posts
SFC /SCANNOW is workign now....


almost done
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP