W32.Navidad aka Navidad Removal.

McAfee, Inc

GoToMyPC Free Trial + $10 Off


Home\|Virus\|Hoax\|Chain Letter\|Trojan Horse\|Macro Virus\|Computer Worms\|Email Bombs\|Software\|News
Trend Micro Internet Security 2008

DOWNLOAD: Freeware or BUY: AV Software + PC Utility Software

W32.Navidad aka Navidad Removal.
To remove W32.Navidad (on a Windows 95/98 system): Step 1. On the Windows taskbar, click Start > Programs > MS-DOS Prompt. The command prompt will display the current directory, which should be the Windows directory. In most cases that will be displayed as: C:\WINDOWS> Step 2. Type ren REGEDIT.EXE REGEDIT.COM. Step 3. Press Enter. Step 4. Type REGEDIT. Step 5. Press Enter. Step 6. Modify the following Registry value: HKEY_CLASSES_ROOT\exefile\shell\open\command and change "C:\WINDOWS\SYSTEM\winsvrc.exe "%1" %* to "%1" %* For clarity, these seven characters are the following: double quote, percent sign, the numeral one, double quote, space, percent sign, and asterisk. Don't forget the space. Step 7. Delete the registry key: HKEY_USERS\.DEFAULT\Software\Navidad Step 8. Delete Win32BaseServiceMOD from HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Step 9. Restart your computer. Step 10. Using Windows Explorer, delete the \WINDOWS\SYSTEM\winsvrc.vxd file. To remove W32.Navidad (on a Windows NT / Windows 2000 system): On your Windows Desktop, double-click on your My Computer icon. Press CTRL-F. A Find: All Files window should pop up. This will allow you to search for a specific file. In the Named: field, type REGEDIT.EXE. After it finds this file successfully, right-click on the filename REGEDIT.EXE. This will pop up a menu. Select Rename. Type: REGEDIT.COM. This should rename the file to REGEDIT.COM. Double-click on this program REGEDIT.COM. Modify the following Registry value: HKEY_CLASSES_ROOT\exefile\shell\open\command and change "C:\WINNT\SYSTEM32\winsvrc.exe "%1" %* to "%1" %* For clarity, these seven characters are the following: double quote, percent sign, the numeral one, double quote, space, percent sign, and asterisk. Don't forget the space. Delete the registry key: HKEY_CURRENT_USER\Software\Navidad Delete Win32BaseServiceMOD from : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Restart your computer. Using Windows Explorer, delete the \WINNT\SYSTEM32\winsvrc.vxd file. Note: Once you have sucessfully rid your computer of this worm, you should rename regedit.com back to its original name of regedit.exe.

MENU.

Latest Worms (MS)

Latest Worms (Linux)

Removal Information

Search the Site:

Advertisements

Only for DUTCH visitors

Use 'Buy-N-Send' for ease package sending!

Ad-Aware 2008 Plus - 1 year license - $26.95

TDS-3 Anti-Trojan,
WormGuard &
Port Explorer

New! Download Spy Sweeper v3.2 Now!

Download ZoneAlarm Pro Here

© Copyright 1997 - 2008. Mark W. Brouwer - Netherlands. Disclaimer - Privacy Policy Contact: webmaster