I have NOD32 latest ver. installed on Windows XP SP2. All of a sudden I cant access msconfig, taskmanager, regedit and other sys. options. As soon as I open them, they exit without a warning. I have scanned the sys. thoroughly but no virus is seen. So what is the solution? Is this some kind of a virus/worm?

EDIT: Solution found at http://www.thinkdigit.com/forum/showthread.php?t=3471. Trying it out.

EDIT: That solution doesnt help. The tools fail to detect the virus/worm. Renaming msconfig/regedit works but as soon as I kill syswin.exe, sys32kern.exe, sysmgr.exe, they reappear in taskmgr. After every restart, syswin and syskern entry appears in registry and msconfig.

Have you tried booting in safe mode to figure out the problem? In safe mode, you should delete the files, the registry entries, and then delete the earlier system restore points also...

Arun

u will not be able to do it in safe mode i had the same problem finally i had to format my c drive to get rid of tht....
if possible try to look out for some file named 'svccihost.exe' tht appication would be having folder icon....or sum thing in ur c:\windows drive ...i think tht could be the prob...

I installed Zone Alarm on my laptop. On 1st reboot, ZA asked whthr winsys.exe should be allowed to run and dat winsys is trying to prevent msconfig frm starting, etc. etc. So after denying access to winsys.exe thru ZA, my system has come bak to normal though none of the tools have yet removed the worm/virus.

So as long as ZA is active, the worm wont possibly strike but dat doesnt seem to be d solution. I want to remove the worm/Trojan/virus.

Booting in safe mode & deleting files, editing registry doesnt help.

Download HijackThis and post its log file...

Arun

use some utility program like system mechanic2006,07 or tune up utilities and edit ur explorer.exe file in registry...
and goto windows folders and delete the new files creatd in