Solved

XP Home Security 2013 and Registry issue

Posted on 2013-01-17
10
483 Views
Last Modified: 2013-01-22
Say, I think Ive found a bogus removal link:

http://www.bleepingcomputer.com/virus-removal/remove-xp-security-2013

Associated XP Security 2013 Windows Registry Information:

HKEY_CURRENT_USER\Software\Classes\.exe "(Default)" = ''
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command "(Default)" = "%LocalAppData%\.exe" -a "%1" %*
HKEY_CLASSES_ROOT\
HKEY_CURRENT_USER\Software\Classes\ "(Default)" = 'Application'
HKEY_CURRENT_USER\Software\Classes\\DefaultIcon "(Default)" = '%1'

How can I recover from this!

Any program I try run has nothing ascociated with it. Can't even run regedit or do  System restore

OS is XP
0
Comment
Question by:shaunwingin
  • 5
  • 3
  • 2
10 Comments
 
LVL 94

Accepted Solution

by:
John Hurst earned 100 total points
ID: 38787017
Run online Malwarebytes to see if you can correct this. Try that and let us know.

If you have the XP install DVD, you can back up your system and try the repair function in XP install to see if that helps.

... Thinkpads_User
0
 

Assisted Solution

by:shaunwingin
shaunwingin earned 0 total points
ID: 38787127
It sais choose a program you want to open this file....
Can one edit the registry from a remote PC? or put drive in another PC and edit registry this way?
0
 

Assisted Solution

by:shaunwingin
shaunwingin earned 0 total points
ID: 38787145
Then I can restore the settings...
See above instrucitons. They call for removal of important keys!

OOPS, Ignore above link: This is it and these are the keys!!! They are in hindsite important keys!
http://www.2-viruses.com/remove-xp-home-security-2013

HKEY_CURRENT_USER\Software\Classes\.exe "(Default)" = ''
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command "(Default)" = "%LocalAppData%\.exe" -a "%1" %*
HKEY_CLASSES_ROOT\
HKEY_CURRENT_USER\Software\Classes\ "(Default)" = 'Application'
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 94

Expert Comment

by:John Hurst
ID: 38787157
Can one edit the registry from a remote PC? or put drive in another PC and edit registry this way?

I haven't seen that. The registry is a very live file.

What you might be able to do is boot from a bootable CD and scan the problem drive.

... Thinkpads_User
0
 

Author Comment

by:shaunwingin
ID: 38787190
Please reveiw my quesiotn. There must be a simpler solution!
0
 
LVL 94

Expert Comment

by:John Hurst
ID: 38787218
I did review your question. On line advertising links ("Let me fix your PC") usually completely screw up the user's computer.

If scanning the drive offline cannot repair it, then the operating system may be completely corrupted.

... Thinkpads_User
0
 
LVL 44

Assisted Solution

by:Darr247
Darr247 earned 400 total points
ID: 38788061
Follow the instructions in this Experts Exchange Article by younghv.

Note that a lot more has happened than what you can currently see, so after you get rid of that malware, backup all your data, then do a full format and reinstall windows (or use the recovery partition or disks that came with your computer).
0
 

Author Comment

by:shaunwingin
ID: 38791854
pls send link to: Run online Malwarebytes
0
 
LVL 44

Expert Comment

by:Darr247
ID: 38791868
Did you try following the steps in that article?
0
 

Author Closing Comment

by:shaunwingin
ID: 38804852
Solved by Getting into CMD shell and launching programes from there and download malwarebytes
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article we will discuss all things related to StageFright bug, the most vulnerable bug of android devices.
#Citrix #POC #XenDesktop #vCenter #VMware #ESX
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question