Run-Msconfig and Run-Regedit

G

Guest

I have been attempting remove a virus W32.Spybot.Worm from my Windows XP in
accord with the Symantec removal instructions. During the removal process I
need to use Start-Run-msconfig (to restart in Safe Mode) and later, also
Start-Run-regedit (in order to open the Registry Editor and delete values the
virus may have created). In both cases the desired window opens but
immediately goes away. I thought my wireless network connection may have
something to do with it, and disabled it, but the situation continues. Any
ideas how to make these windows stay open so I can work in them?
Thank You.
 
B

Bruce Chambers

Bowdrie said:
I have been attempting remove a virus W32.Spybot.Worm from my Windows XP in
accord with the Symantec removal instructions. During the removal process I
need to use Start-Run-msconfig (to restart in Safe Mode) and later, also
Start-Run-regedit (in order to open the Registry Editor and delete values the
virus may have created). In both cases the desired window opens but
immediately goes away. I thought my wireless network connection may have
something to do with it, and disabled it, but the situation continues. Any
ideas how to make these windows stay open so I can work in them?
Thank You.
Click to expand...

The type of behavior you describe is typical behavior of more than
one virus/worm, the three below being the most common:

W32.Klez
http://securityresponse.symantec.com/avcenter/venc/data/[email protected]

W32.Yaha
http://securityresponse.symantec.com/avcenter/venc/data/[email protected]

W32.Spybot.Worm
http://securityresponse.symantec.com/avcenter/venc/data/w32.spybot.worm.html

Because many of the newer viruses and worms, such as the
Spybot mentioned above, can disable antivirus applications whose
definitions aren't kept up-to-date, try using one or more of the free
on-line scanners to double-check your system.

Trend Micro - Free online virus Scan
http://housecall.trendmicro.com/

McAfee Security - FreeScan
http://www.mcafee.com/myapps/mfs/default.asp

Symantec Security Check
http://security.symantec.com/ssc/home.asp

Panda ActiveScan - Free online scanner
http://www.pandasoftware.com/activescan/com/activescan_principal.htm


--

Bruce Chambers

Help us help you:



You can have peace. Or you can have freedom. Don't ever count on having
both at once. - RAH
 
M

Malke

Bowdrie said:
I have been attempting remove a virus W32.Spybot.Worm from my Windows
XP in
accord with the Symantec removal instructions. During the removal
process I need to use Start-Run-msconfig (to restart in Safe Mode) and
later, also Start-Run-regedit (in order to open the Registry Editor
and delete values the
virus may have created). In both cases the desired window opens but
immediately goes away. I thought my wireless network connection may
have
something to do with it, and disabled it, but the situation continues.
Any ideas how to make these windows stay open so I can work in them?
Thank You.
Click to expand...

You need to clean the computer first. Disconnect the infected computer
from the Internet and any lan. From a different, known-clean computer
(that was not on the same network as the infected computers) with a cd
burner, get Sysclean. You will download it, burn it to cd-r, and take
it to the infected computer.

TrendMicro's Sysclean is an extensive antivirus tool which has the
advantage of not needing to be installed. It requires two parts - the
scanning engine and the virus pattern files.

1. Create a new folder on your Desktop or the C: drive named something
useful like "Sysclean".
2. Go here and download the two parts of the program to that folder:

http://www.trendmicro.com/download/dcs.asp - Sysclean
http://www.trendmicro.com/download/pattern.asp - virus pattern files

The pattern files will be zipped - extract them with your unzipper (like
WinZip) or if you have XP, you can just open the folder. You need to
put the extracted files in the Sysclean folder you made.

3. Restart your computer in Safe Mode. Get into Safe Mode by repeatedly
tapping the F8 key as the computer is starting up to get to the proper
menu.
4. Go to the Sysclean folder you made and double-click on sysclean.com.
Start the scan. After the scan is finished, look at the log. You may
need to make a note of where any viruses were found if they were not
able to be removed so you can manually delete them.

After running Sysclean, install a full-featured antivirus such as EZ-AV
from http://www.my-etrust.com/microsoft. Before you connect to the
Internet to update its virus definitions, make sure you have a firewall
in place. Update the av and do a full system scan with it in Safe Mode.

Malke
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

cannot start msconfig, task mgr, regedit,... 8
msconfig 5
msconfig, regedit, task manager not run 2
Unable to open task mgr regedit msconfig 4
regedit, msconfig,open for .5 seconds and close 3
Problem with opening msconfig and regedit 2
Task Manager, msconfig and regedit wont run. 3
w32spybot.worm 2

Top