start up error mgs.exe

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

Upon start up I recv the error msg: Windows cannot find the file C:
Windows/mgs.exe
Can anyone help guide me in fixing this or replacing that file. File not
found on search.
 
mgs.exe is part of a worm.

Win32/Trykid Family
http://www3.ca.com/securityadvisor/virusinfo/virus.aspx?id=43062

Apparently mgs.exe tries to start from this registry entry.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Windows Service Manager =
"mgs.exe"

UPDATE your antivirus software and run a full system scan.

UPDATE whatever anti-spyware applications that you have and run a full
system scan with each one.

You might want to start in Safe Mode to run your antivirus and anti-spyware
software.

Running a full system antivirus scan or anti-spyware scan in Safe Mode can
be a good idea. Some viruses and other malware like to conceal themselves
in areas Windows protects while using them. Safe mode can prevent those
applications access and therefore unprotect the viruses or other malware
allowing for easier removal.

''In safe mode, you have access to only basic files and drivers
(mouse, monitor, keyboard, mass storage, base video, default system
services), just the minimum device drivers required to start Windows.''

Because of that some malware does not load in Safe Mode and is easier to get
rid of.

How to start Windows in Safe Mode Windows XP
http://www.bleepingcomputer.com/forums/index.php?showtutorial=61#winxo

--
Hope this helps. Let us know.

Wes
MS-MVP Windows Shell/User

In
 
Wes,
Thanks for that info. i only have Norton internet security 2007. Is this
enough protection? I think it includes virus scan. I did a full sys scan in
safe mode and all that was found was some low-risk adware. The message is
still there on start up. Any other suggestions or should I have a spy-ware
downloaded? Thanks, Kris.
 
Kris said:
Wes,
Thanks for that info. i only have Norton internet security 2007. Is this
enough protection? I think it includes virus scan. I did a full sys scan in
safe mode and all that was found was some low-risk adware. The message is
still there on start up. Any other suggestions or should I have a spy-ware
downloaded? Thanks, Kris.
Click to expand...

The reference to the file was not removed from the registry when your
a/v software deleted the file.

Click Start, Run, type REGEDIT, click OK. Press the Home key, press F3,
type the name of the file into the search pane. Click "Find Next", and
when located, delete the reference to the file. Press F3 to continue
the search.

You can click File, Export, and save the entry to the Desktop, attach
the file to a post in this thread; someone might note whether it's safe
to delete first. If you remove it and there's a problem, double-click
the .reg file you exported to the Desktop and it'll be added to the
registry again. You can create a restore point before editing the
registry too.
 
Joe,
I did download another spyware and it did not detect anything
significant...I am goin to try ur suggestion...let you know...thanks. Krisl
 
Back
Top