Currently use Mcafee but recently got stung by the Duster virus which Mcafee has not detected. I have found it and deleted the virus program but on startup Windows XP is looking for the dust.exe and carnt find it -- Anyone have any ideas how I can edit the sytem.ini to stop this happening. ?

START --> RUN --> msconfig.exe

Untick the relevant box in the startup tab.

HTH
amofw

Jet A1,

Here are a few other things you can try for getting rid of it:

Removing Autostart Entries from System Files


A malware modifies system files so that it automatically executes at every Windows startup. These startup entries must be removed before the system can be restarted safely.

Open the SYSTEM.INI file. To do this, click Start>Run, type SYSTEM.INI, then press Enter. This should open the file in your default text editor (usually Notepad).
Under the [boot] section, locate the line that begins with:
Shell=Explorer.exe
From the same line, delete the malware path and file name:
DUST.EXE
Close the SYSTEM.INI file and click Yes when prompted to save.

Restoring AUTOEXEC.BAT

Open AUTOEXEC.BAT using Notepad. Click Start>Run, type this text string in the Open input box then press Enter:
notepad c:\autoexec.bat
Delete these entries created by the malware:
DUST.EXE
Close AUTOEXEC.BAT and click Yes when prompted to save.

Take Care,

Richard

Thanks for the replies -- Still got it....I can't edit the system.ini in Windows XP it doesnt have the explorer.exe prompt and it is hidden when using msconfig at the Start>run option.

Spybot (http://security.kolla.de/), download, run, and then donate the man some money when it works. It's free but worth showing your appreciation.

Jet A1,

I can't edit the system.ini in Windows XP it doesnt have the explorer.exe prompt and it is hidden when using msconfig at the Start>run option.

Duster is not a destructive virus. It sounds like you either have other viruses on your computer and/or you had a destructive virus at one time. You can mess with your system and spend a lot of time trying to fix it, but in the long run your best bet is a fresh install. Your system has been corrupted.

Give Trend Micro's HouseCall (http://housecall.trendmicro.com/) a run to see if you have other viruses currently on your computer. (I am wondering whether or not McAfee was disabled by a virus and even though it looks like it is scanning your system, it is in fact not doing anything.)

Take Care,

Richard

There is a registry item that needs editing in REGEDIT for this. As someone said the virus is not destructive but when removed using AV Scanners (Kaspersky here) it leaves this annoying 'error'

Start - Run - type "REGEDIT" and browse in there for:

Hkey_local_machine...software...microsoft...windowsNT...cure ntversion. Once there, search for dust.exe and it will select one of the entries. Double click (or right click - edit) this entry and remove the dust.exe leaving only explorer.exe in the box.

Let me know if that helps.

Ian B

GWK and all others --

Thanks for your advice...Did as you said GWK and that cleared the annoying error on start-up...Thanks to all -- Saved a few quid sending laptop off to PC Doctor !

Thanks again

Regards

Jet A1

Not a problem A1,

Take care.

Ian