Solved

How to delete files in the Startup

Posted on 2008-06-14
4
1,458 Views
Last Modified: 2012-06-21
My Notebook was infected by virus. I run Combofix, and the virus was removed. But in the "Startup" of the MSCONFIG, is still showing the box "19496" that was the virus. Besides that I have deleted other programs, that are still in  the MSCONFIG.
How to remove those entries in the Msconfig  "Startup"?
Startup-System-configuration-Uti.JPG
ComboFix.txt
ComboFix-quarantined-files.txt
0
Comment
Question by:fcirillo
  • 3
4 Comments
 
LVL 7

Accepted Solution

by:
kanlue earned 250 total points
Comment Utility
while looking into this issue, i found the following link that might help:
---------
http://windowsxp.mvps.org/MSCONFIG.htm

[quote]
--------------------
Locations of the entries in MSConfig
The enabled/checked items are populated from the following registry locations:

HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ CurrentVersion \ Run
HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Run

-and-

HKEY_CURRENT_USER \ Software \ Microsoft \ Windows NT \ CurrentVersion \ Windows
Values named Run & Load

The disabled entries are present in these locations:

HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ MSConfig \ startupreg
HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ MSConfig \ startupfolder

To remove the entries, start the Registry Editor (regedit.exe) and navigate to the above paths. Backup the key before deleting it.
------------------
[end quote]
0
 

Author Comment

by:fcirillo
Comment Utility
The virus directory (or file) present in the Msconfig/startup is not in the two disabled entries you have quoted.
Could you tell?
0
 

Author Comment

by:fcirillo
Comment Utility
Please could you answer?
0
 

Author Closing Comment

by:fcirillo
Comment Utility
The files are there in the place quoted by kanlue, but inside a folder with different name than the virus
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
Dreamweaver 2000- After Validation 5 344
Access Report 5 389
how to make font larger 24 394
Select Empty with Bootstrap Page 8 79
When designing and editing page layouts in inDesign, fonts can become messy without the help of paragraph styles. How many times have you re-read through a document you created and noticed a sentence in the middle of a paragraph happened to be a dif…
The ability to automatically add page numbers to a layout is one of the many easy, convenient features InDesign has to offer. There are many reasons why you would want to automatically generate page numbers in your next project, so whether it’s a ma…
Learn how to automatically add page numbers in your next InDesign project. This can be very helpful in multi-page books and magazines that you are designing. Make sure your Pages window visible.:  In the document you wish to add page numbers to. Act…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now