Spyware, Viruses, & Security forum

General discussion

MSConfig, Regedit, Task Manager won't remain open

by giddne / March 28, 2004 8:45 AM PST

This has to be some kind of virus. I've run EZ Antivirus for years and update it consistently. I also run SpyBot and thought I was covered. Any ideas thoughts etc? Appreciate your help.
David

Discussion is locked
You are posting a reply to: MSConfig, Regedit, Task Manager won't remain open
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: MSConfig, Regedit, Task Manager won't remain open
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Re:MSConfig, Regedit, Task Manager won't remain open
by Grif Thomas Forum moderator / March 28, 2004 8:51 AM PST

David,

There are lots of possibilities. Just to make sure, please run the free online scan at the link below. Delete any infected files that it finds.:

Trend Micro's Housecall Online Scanner

Next, because spyware and some viruses can damage the registry that causes .exe files to execute, please download the "Undo.reg" file from the link below to your desktop. Once it's there, shut down all background programs, then double click on the file to allow it to "merge" with your registry. It should fix the problems and allow .exe files to run again.

Undo.reg File for Cleaning Up Trojans
http://download.nai.com/products/MCAFEE-AVERT/stand_alone/undo.reg

Hope this helps.

Grif

Collapse -
Re:Re:MSConfig, Regedit, Task Manager won't remain open
by auggief / March 28, 2004 5:36 PM PST

Grif, can Housecall scan be done while Norton Av is enabled?

Collapse -
Auggie....
by Grif Thomas Forum moderator / March 29, 2004 2:34 AM PST

Yes, It should work fine. I've run the Housecall while Norton was enabled (McAfee too) and I don't believe the site requires the user to disable their antivirus. BUT, the scan seems to run much faster/better if you disable ALL background programs from running while the scan is in process.

Hope this helps.

Grif

Collapse -
Re:MSConfig, Regedit, Task Manager won't remain open
by giddne / March 28, 2004 9:47 AM PST

Thanks for the response. Housecall found malware.worm_nachi and cleaned it. It also found Reg winshow.a virus @ c:\windows\sys.reg It couldn't clean it and I didn't delete it until I'm sure it's OK to do so. I ran Undo.reg but again it comes up and goes away too fast.

Can I delete that file?

I'm really surprised that EZ Antivirus couldn't locate it.

Thanks for your insight and time.
david

Collapse -
Re:Re:MSConfig, Regedit, Task Manager won't remain open
by Marianna Schmudlach / March 28, 2004 10:16 AM PST

Here is a write-up:

TROJ_WINSHOW.A

Description:


This Trojan is dropped by either the Visual Basic Script malware VBS_WINSHOW.A or VBS_INOR.F.

It downloads the file WINSHOW.DLL into the infected system and edits the registry to modify the infected system's Internet Explorer?s start page and search page to the following URL:

www.searchv.com
It runs on Windows 95, 98, ME, NT, 2000, and XP.

Solution:

here > http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=TROJ_WINSHOW.A

Collapse -
Giddne, You Might Want To Save The
by Grif Thomas Forum moderator / March 28, 2004 11:09 AM PST

Yes, you can delete it any time you want, but you may need it later to correct the registry so the .exe files will run correctly. It's your choice.

After cleaning all of the virus infections from the computer, and if you still can't open "regedit.exe" to correct the registry, here is a tool that should help you get it done. The "Trial" version at the bottom of the page is free.

Winguides Tweak Manager
http://www.winguides.com/tweak/

Hope this helps.

Grif

Collapse -
Re:Giddne, You Might Want To Save The
by giddne / March 29, 2004 1:13 PM PST

This is getting fuzzier. I sent the file (reg.sys) to EZ Antivirus and they say the file is clean. I downloaded Tweak Manager but - repair the registry editor - is only included in the full version. Now what?

I also don't understand about saving the file is my choice and remember UNDO also does not stay open. Something's going on. Would you please lead me through the process? Thanks.
david

Collapse -
Giddne, First Of All....
by Grif Thomas Forum moderator / March 30, 2004 4:02 AM PST

...the "Undo.reg" file isn't supposed to "stay open". When you double click on it, the file will simply "run" and cause the registry to be corrected. You don't get any choices with it.

Next, with the "Tweak Manager" program, the trial version DOES allow you to correct alterations that cause the registry to misfunction. You don't need the "Full" version to do that. Here'a how. Open the "Tweak Manager program, then looking on the left side, scroll down and click on the + sign next to the
"Security" listing. Now click once on the listing labeled: "Disable Registry Editing Tools" which will display a selection box on the right side. If either of the "Disable Registry Tools" boxes are CHECKED, please UNCHECK them, then click on the "Apply Changes" button. You will now need to restart the computer.

If you have UNCHECKED the boxes and restarted the computer, then you'll need to run the "Undo.reg" file again. In addition, there are other registry entries that could have been changed by the virus. Click on the link below to read a discussion I had with a user named "Kathy" about those items plus other possible ways to open "regedit". If you can get "regedit" to work, then you may need to make a few edits to the registry per the instructions there.:

http://forums.mcafeehelp.com/viewtopic.php?p=113819#113819

Hope this helps.

Grif

Popular Forums
icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

CNET FORUMS TOP DISCUSSION

Help, my PC with Windows 10 won't shut down properly

Since upgrading to Windows 10 my computer won't shut down properly. I use the menu button shutdown and the screen goes blank, but the system does not fully shut down. The only way to get it to shut down is to hold the physical power button down till it shuts down. Any suggestions?