Virus recovery Help

  • Thread starter Thread starter Jman
  • Start date Start date
J

Jman

I did what you said to do. I opened my notepad and pasted the abov
text. I saved it as FixReg.REG on my desktop. when I double clicked it
it asked if I wanted to add the contents to the registry and I clicke
ok, then I got the message cannot import C:\Documents: Error openin
the file. There may be a disk or file system error. I tried saving th
documents as ANSI and all the other options for file types, but ther
was no change
 
I had the SAME error.....I tried saving as UTF-8 and it came back as an
error. I ran all of the scans and it still will not work. I removed all of
the virus and the spyware and i also retrieved my task manager, but the
desktop still does not work?>? I am EXTREMELY frustrated with this...help?
 
From: "Jman" <[email protected]>

| I did what you said to do. I opened my notepad and pasted the above
| text. I saved it as FixReg.REG on my desktop. when I double clicked it,
| it asked if I wanted to add the contents to the registry and I clicked
| ok, then I got the message cannot import C:\Documents: Error opening
| the file. There may be a disk or file system error. I tried saving the
| documents as ANSI and all the other options for file types, but there
| was no change.
|
| --
| Jman
| ------------------------------------------------------------------------
| Jman's Profile: http://extremetechsupport.com/forum/member.phtml?userid=1882 View this
thread: http://extremetechsupport.com/forum/showthread.phtml?t=267766

The line with REGEDIT4 must the the first first line in the REG file.

Right click on the FixReg.REG file and choose "Edit"

Make sure REGEDIT4 is on the first line and there are no blank lines before it.
 
David H. Lipman said:
From: "Jman" <[email protected]>

| I did what you said to do. I opened my notepad and pasted the above
| text. I saved it as FixReg.REG on my desktop. when I double clicked it,
| it asked if I wanted to add the contents to the registry and I clicked
| ok, then I got the message cannot import C:\Documents: Error opening
| the file. There may be a disk or file system error. I tried saving the
| documents as ANSI and all the other options for file types, but there
| was no change.
|
| --
| Jman
| ------------------------------------------------------------------------
| Jman's Profile: http://extremetechsupport.com/forum/member.phtml?userid=1882 View this
thread: http://extremetechsupport.com/forum/showthread.phtml?t=267766

The line with REGEDIT4 must the the first first line in the REG file.

Right click on the FixReg.REG file and choose "Edit"

Make sure REGEDIT4 is on the first line and there are no blank lines before it.
Click to expand...

mine does look like that and it still doesnt work. it says there is an
error.............
 
From: "Sarah" <[email protected]>

| mine does look like that and it still doesnt work. it says there is an
| error.............

Copy and Paste from the file you have in your reply and we'll see if there are any bugs in
it...
 
David H. Lipman said:
From: "Sarah" <[email protected]>

| mine does look like that and it still doesnt work. it says there is an
| error.............

Copy and Paste from the file you have in your reply and we'll see if there are any bugs in
it...
Click to expand...

REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"Start_EnableDragDrop"=dword:00000001

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop]
"NoChangingWallPaper"=-

[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Group Policy
Objects]

[-HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\TaskManager]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\General]
"WallpaperFileTime"=-
"WallpaperLocalFileTime"=-
"Wallpaper"=-

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Desktop\General]
"WallpaperFileTime"=-
"WallpaperLocalFileTime"=-
"Wallpaper"=-

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoActiveDesktopChanges"=-
"ForceActiveDesktopOn"=-
"NoSaveSettings"=-
"NoChangeStartMenu"=-
"NoSetTaskbar"=-
"NoStartMenuSubFolders"=-
"NoStartMenuMFUprogramsList"=-
"NoStartMenuMorePrograms"=-
"NoToolbarsOnTaskbar"=-
"NoViewContextMenu"=-
"NoFind"=-
"NoRun"=-
"NoSetFolders"=-
"NoDesktop"=-
"NoControlPanel"=-
"NoSMHelp"=-
"NoWinKeys"=-
"NoThemesTab"=-

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoActiveDesktopChanges"=-
"ForceActiveDesktopOn"=-
"NoSaveSettings"=-
"NoChangeStartMenu"=-
"NoSetTaskbar"=-
"NoStartMenuSubFolders"=-
"NoStartMenuMFUprogramsList"=-
"NoStartMenuMorePrograms"=-
"NoToolbarsOnTaskbar"=-
"NoViewContextMenu"=-
"NoFind"=-
"NoRun"=-
"NoSetFolders"=-
"NoDesktop"=-
"NoControlPanel"=-
"NoSMHelp"=-
"NoWinKeys"=-
"NoThemesTab"=-

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"NoDispAppearancePage"=-
"Wallpaper"=-
"WallpaperStyle"=-
"NoDispBackgroundPage"=-
"DisableRegistryTools"=-
"DisableRegedit"=-
"DisableTaskMgr"=-
"NoDispSettingsPage"=-
"NoDispScrSavPage"=-
"NoDispCPL"=-
"SetVisualStyle"=-

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"NoDispAppearancePage"=-
"Wallpaper"=-
"WallpaperStyle"=-
"NoDispBackgroundPage"=-
"DisableRegistryTools"=-
"DisableRegedit"=-
"DisableTaskMgr"=-
"NoDispSettingsPage"=-
"NoDispScrSavPage"=-
"NoDispCPL"=-

[HKEY_CURRENT_USER\Control Panel\Desktop]
"Wallpaper"=-
"WallpaperStyle"=-

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\ThemeManager]
"ThemeActive"="1"
"DllName"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,25,00,5c,00,72,00,65,00,73,00,6f,00,75,00,72,00,63,00,65,00,73,00,5c,\
00,54,00,68,00,65,00,6d,00,65,00,73,00,5c,00,6c,00,75,00,6e,00,61,00,5c,00,\
6c,00,75,00,6e,00,61,00,2e,00,6d,00,73,00,73,00,74,00,79,00,6c,00,65,00,73,\
00,00,00
 
From: "Sarah" <[email protected]>

Replies are inline...

| REGEDIT4

<-- should be an empty line here -->

| [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
| "Start_EnableDragDrop"=dword:00000001

<-- should be an empty line here -->

| [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop]
| "NoChangingWallPaper"=-
|
| [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Group Policy
| Objects]
|

<-- The above need to be on ONE line and not be wrapped -->


| [-HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\TaskManager]
|
| [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\General]
| "WallpaperFileTime"=-
| "WallpaperLocalFileTime"=-
| "Wallpaper"=-
|
| [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Desktop\General]
| "WallpaperFileTime"=-
| "WallpaperLocalFileTime"=-
| "Wallpaper"=-

<-- should be an empty line here -->


| [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
| "NoActiveDesktopChanges"=-
| "ForceActiveDesktopOn"=-
| "NoSaveSettings"=-
| "NoChangeStartMenu"=-
| "NoSetTaskbar"=-
| "NoStartMenuSubFolders"=-
| "NoStartMenuMFUprogramsList"=-
| "NoStartMenuMorePrograms"=-
| "NoToolbarsOnTaskbar"=-
| "NoViewContextMenu"=-
| "NoFind"=-
| "NoRun"=-
| "NoSetFolders"=-
| "NoDesktop"=-
| "NoControlPanel"=-
| "NoSMHelp"=-
| "NoWinKeys"=-
| "NoThemesTab"=-

<-- should be an empty line here -->


| [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
| "NoActiveDesktopChanges"=-
| "ForceActiveDesktopOn"=-
| "NoSaveSettings"=-
| "NoChangeStartMenu"=-
| "NoSetTaskbar"=-
| "NoStartMenuSubFolders"=-
| "NoStartMenuMFUprogramsList"=-
| "NoStartMenuMorePrograms"=-
| "NoToolbarsOnTaskbar"=-
| "NoViewContextMenu"=-
| "NoFind"=-
| "NoRun"=-
| "NoSetFolders"=-
| "NoDesktop"=-
| "NoControlPanel"=-
| "NoSMHelp"=-
| "NoWinKeys"=-
| "NoThemesTab"=-
|
| [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
| "NoDispAppearancePage"=-
| "Wallpaper"=-
| "WallpaperStyle"=-
| "NoDispBackgroundPage"=-
| "DisableRegistryTools"=-
| "DisableRegedit"=-
| "DisableTaskMgr"=-
| "NoDispSettingsPage"=-
| "NoDispScrSavPage"=-
| "NoDispCPL"=-
| "SetVisualStyle"=-
|
| [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
| "NoDispAppearancePage"=-
| "Wallpaper"=-
| "WallpaperStyle"=-
| "NoDispBackgroundPage"=-
| "DisableRegistryTools"=-
| "DisableRegedit"=-
| "DisableTaskMgr"=-
| "NoDispSettingsPage"=-
| "NoDispScrSavPage"=-
| "NoDispCPL"=-
|
| [HKEY_CURRENT_USER\Control Panel\Desktop]
| "Wallpaper"=-
| "WallpaperStyle"=-
|
| [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\ThemeManager]
| "ThemeActive"="1"
| "DllName"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
| 74,00,25,00,5c,00,72,00,65,00,73,00,6f,00,75,00,72,00,63,00,65,00,73,00,5c,\
| 00,54,00,68,00,65,00,6d,00,65,00,73,00,5c,00,6c,00,75,00,6e,00,61,00,5c,00,\
| 6c,00,75,00,6e,00,61,00,2e,00,6d,00,73,00,73,00,74,00,79,00,6c,00,65,00,73,\
| 00,00,00



Make sure the account that nees to be fixed has administrative rights.
If it doesn't, give it administrative rights, login with the account, merge the repaired REG
file.
Then logout and restore the orginal rights to that user.
 
David H. Lipman said:
From: "Sarah" <[email protected]>

Replies are inline...

| REGEDIT4

<-- should be an empty line here -->

| [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
| "Start_EnableDragDrop"=dword:00000001

<-- should be an empty line here -->

| [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop]
| "NoChangingWallPaper"=-
|
| [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Group Policy
| Objects]
|

<-- The above need to be on ONE line and not be wrapped -->


| [-HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\TaskManager]
|
| [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\General]
| "WallpaperFileTime"=-
| "WallpaperLocalFileTime"=-
| "Wallpaper"=-
|
| [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Desktop\General]
| "WallpaperFileTime"=-
| "WallpaperLocalFileTime"=-
| "Wallpaper"=-

<-- should be an empty line here -->


| [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
| "NoActiveDesktopChanges"=-
| "ForceActiveDesktopOn"=-
| "NoSaveSettings"=-
| "NoChangeStartMenu"=-
| "NoSetTaskbar"=-
| "NoStartMenuSubFolders"=-
| "NoStartMenuMFUprogramsList"=-
| "NoStartMenuMorePrograms"=-
| "NoToolbarsOnTaskbar"=-
| "NoViewContextMenu"=-
| "NoFind"=-
| "NoRun"=-
| "NoSetFolders"=-
| "NoDesktop"=-
| "NoControlPanel"=-
| "NoSMHelp"=-
| "NoWinKeys"=-
| "NoThemesTab"=-

<-- should be an empty line here -->


| [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
| "NoActiveDesktopChanges"=-
| "ForceActiveDesktopOn"=-
| "NoSaveSettings"=-
| "NoChangeStartMenu"=-
| "NoSetTaskbar"=-
| "NoStartMenuSubFolders"=-
| "NoStartMenuMFUprogramsList"=-
| "NoStartMenuMorePrograms"=-
| "NoToolbarsOnTaskbar"=-
| "NoViewContextMenu"=-
| "NoFind"=-
| "NoRun"=-
| "NoSetFolders"=-
| "NoDesktop"=-
| "NoControlPanel"=-
| "NoSMHelp"=-
| "NoWinKeys"=-
| "NoThemesTab"=-
|
| [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
| "NoDispAppearancePage"=-
| "Wallpaper"=-
| "WallpaperStyle"=-
| "NoDispBackgroundPage"=-
| "DisableRegistryTools"=-
| "DisableRegedit"=-
| "DisableTaskMgr"=-
| "NoDispSettingsPage"=-
| "NoDispScrSavPage"=-
| "NoDispCPL"=-
| "SetVisualStyle"=-
|
| [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
| "NoDispAppearancePage"=-
| "Wallpaper"=-
| "WallpaperStyle"=-
| "NoDispBackgroundPage"=-
| "DisableRegistryTools"=-
| "DisableRegedit"=-
| "DisableTaskMgr"=-
| "NoDispSettingsPage"=-
| "NoDispScrSavPage"=-
| "NoDispCPL"=-
|
| [HKEY_CURRENT_USER\Control Panel\Desktop]
| "Wallpaper"=-
| "WallpaperStyle"=-
|
| [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\ThemeManager]
| "ThemeActive"="1"
| "DllName"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
| 74,00,25,00,5c,00,72,00,65,00,73,00,6f,00,75,00,72,00,63,00,65,00,73,00,5c,\
| 00,54,00,68,00,65,00,6d,00,65,00,73,00,5c,00,6c,00,75,00,6e,00,61,00,5c,00,\
| 6c,00,75,00,6e,00,61,00,2e,00,6d,00,73,00,73,00,74,00,79,00,6c,00,65,00,73,\
| 00,00,00



Make sure the account that nees to be fixed has administrative rights.
If it doesn't, give it administrative rights, login with the account, merge the repaired REG
file.
Then logout and restore the orginal rights to that user.
Click to expand...

I have it saved in the file EXACTLY how you have it and it still will not
work. Is there anything else I can do to repair this problem?
 
From: "Sarah" <[email protected]>


| I have it saved in the file EXACTLY how you have it and it still will not
| work. Is there anything else I can do to repair this problem?


Download SmitFraud.exe from the URL --
http://www.ik-cs.com/programs/virtools/SmitFraud.exe

Execute; SmitFraud.exe { Note: You must accept the default of C:\McAfee }
Choose; Unzip
Choose; Close

NOTE: You may have to disable your software FireWall or allow WGET.EXE to go through your
FireWall to enable WGET.EXE to download the needed McAfee related files.

Execute; c:\mcafee\clean.bat
{ or Double-click on 'Clean Link' in c:\mcafee }

A final report in HTML format called C:\mcafee\ScanReport.HTML will be generated. At the
end of the scan, it will be displayed in your browser (Opera, FireFox or Internet Explorer).
It is suggested that you move the report out of c:\mcafee before performing another scan.


Please Copy and Paste the contents of the HTML Log file; C:\mcafee\ScanReport.HTML in your
reply.

* * * Please report back your results * * *
 
Back
Top