Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Can't get into registry to fix horrible problem

  • 06-09-2008 12:09pm
    #1
    The Denouncer
    Closed Accounts Posts: 435 ✭✭


    On Wednesday I got the 'XP Antivirus 2008' virus. It displays a message everytime you log on and prevents you from doing anything other than what you can run from the task manager.
    I ran spybot - it got rid of this false 'wall' but replaced it with a blue screen.
    I ran antivir - it found a virus and killed it but to no avail.
    I got Malwarebytes anti-malware and I think it got rid of the virus but I can't get rid of this blue screen when I boot up because when I run regedit it flashes up for a split second with some error about space then vanishes.
    I downloaded Doug Knoxs Emergency Config, Regedit and Task Manager utility but the file was a zip, I couldn't open it from the task manager. I downloaded a file to unzip using DOS and it still wouldn't work. So I went to an internet cafe and got the exe from the zip and went back to the house, and ran it. First it wouldn't recognise my USB key, then eventually it ran and created the backup_of_Regedit.com I wanted in C:\Emergency Utils. But when I ran this backup it just flashed up for a second and nothing happened. I tried renaming this backup file and nothing happened.
    The problem is I can't get rid of this blue wall, or reset the PC to factory settings because I can't get into the registry. I don't have a windows CD. I just want to get intot he registry and if I could do that I could solve this problem. Its absolutely driving me insane. Any suggestions?


Comments

  • #2
    Karoma
    Registered Users, Registered Users 2 Posts: 19,396 ✭✭✭✭Karoma


    Run regedit direct from Task Manager?
    Reboot into Safe Mode and try? [Tap F8 on boot-up]


  • #3
    The Denouncer
    Closed Accounts Posts: 435 ✭✭The Denouncer


    OK I'll try safe mode but I don't think it'll work. That's the problem I can't run regedit from the task manager the virus prevnts me from doing it. I need to change a parameter in restoreopenlssafe to allow me to restore the PC. I'm over 5 hours trying to fix this between today and wednesday and the wife is goign mad!


  • #4
    The Denouncer
    Closed Accounts Posts: 435 ✭✭The Denouncer


    No safe mode didn't work..I have tried everything and get access the registry so I either need to go to computer doctor or get a new PC.


  • #5
    Hank Scorpio
    Closed Accounts Posts: 11,631 ✭✭✭✭Hank Scorpio


    The Denouncer wrote: »
    No safe mode didn't work..I have tried everything and get access the registry so I either need to go to computer doctor or get a new PC.

    format?:X


  • #6
    The Denouncer
    Closed Accounts Posts: 435 ✭✭The Denouncer


    I didn't have an XP disc but got one off a chap in work. Booted past the 'joke blue screen', and created a .reg and imported the improved settings into the registry. Ran Malwarebytes anti-malware and Avira antivir. Picked up a few viruses and deleted them. Installed BO Clean to run in the background and rebooted without the XP disc, it went ok. Created a restore point called 'Clean PC'. Think I still have a problem with the restorign to factory settings but at least I have the XP disc on me.


  • Advertisement
  • #7
    Biggins
    Banned (with Prison Access) Posts: 34,567 ✭✭✭✭Biggins


    This might help:

    http://www.bleepingcomputer.com/malware-removal/remove-antivirus-xp-2008

    or try the below:

    First you need to stop the program from loading on startup. This is what you do to stop it:

    Start, run

    Type msconfig

    Go to Startup tab

    Uncheck lphc35dj0e1an
    Uncheck rhc75dj0e1an

    Click apply, then ok
    Restart computer


    Then you need to delete the main files this program uses. Delete the following file:

    C:\windows\system32\lphc35dj0e1an.exe

    Delete the following folder and all contents:

    C:\program files\rhc75dj0e1an

    This should remove the program from your system but you probably still have a warning message displayed as your wallpaper in Windows and the virus removed the ability to change the wallpaper or your desktop settings.

    To restore ability to change your desktop settings and select a different wallpaper and screen saver do the following:

    Start, run

    type Gpedit.msc

    Navigate to User configuration, Administrative Templates, Control Panel, Display

    Right click on Remove Display in Control Panel
    Click on Properties and select Disabled

    Do the same steps to change the following attributes to disabled:

    Hide Desktop Tab
    Prevent changing wallpaper
    Hide Apperance and Themes tab
    Hide Settings tab
    Hide Screen Saver tab

    You should now be able to use your computer normally and change the wallpaper to something other than the warning message Antivirus XP 2008 set it to.

    That fails, get a copy of PcTools System Doctor. I find it better (have it on two of my machines) than Nortons for getting rid of this malware/spyware stuff.


Advertisement