VBS.Solow.B - Need help to remove

Operating System : Window XP SP2
Infected with Virus : VBS.Solow.B

- Performed Full System scan but cannot detected by symantec anti-virus.
- Run had been disable
- Cannot view hidden file at folder option
- Tried to Fix with hikackthis - No GO

Navigate to and delete the following registry entries by Symantec website but how to run the regedit as the run button is disable?

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\"FS6519" = "%Windir%\FS6519.dll.vbs"
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\"Window Title" = "TAGA LIPA ARE!"

Kindly advise how to remove this virus. Thanks so much in advance.

newbies1512Asked:
Who is Participating?
 
rpggamergirlConnect With a Mentor Commented:
Hi,

That's a Flash drive infection!
Flash_Disinfector will take care of it.
http://www.techsupportforum.com/sectools/sUBs/Flash_Disinfector.exe

This infection will also impose the following Group policy restrictions:
- NoFind
- NoRun
- DisableRegistryTools
- DisableTaskMgr
- NoFolderOptions
- SystemRestore - DisableConfig
- SystemRestore - DisableSR
0
 
hongjunCommented:
0
 
orangutangCommented:
0
Worried about phishing attacks?

90% of attacks start with a phish. It’s critical that IT admins and MSSPs have the right security in place to protect their end users from these phishing attacks. Check out our latest feature brief for tips and tricks to keep your employees off a hackers line!

 
MereteCommented:
Name VBS/Solow-B  Low threat..
Type Worm
 How it spreads>>> Removable storage devices << do you have any storage devices plugged in? Remove all external usb devices and hardware where possible, any slaved hdd?

 Affected operating systems Windows
 Side effects Installs itself in the Registry.
 Protection available since 14 February 2007 08:05:47 (GMT)  

that said and done try scanning in safemode, check the regestry keys in safe mode also,
often times success is higher when windows is not using anything.
if all fails slaving the hdd can also work wonders but you woudl need a second desktop.
0
 
rpggamergirlCommented:
The tool will also create a bogus folder, autorun.inf in every partition to stop the spread of infection.
It wont stop the infected file from getting in, but it does prevent the loading point from getting created.
0
 
MereteCommented:
Do you still require assistance,
Your question is still open?
Is your account still active
You can now close your own question use the delete link
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.