Steve, I have norton antvirus and yes my definitions are up to date. The problem I am having is that my harddrive went down for some reason unknown to me back in June and since I had a warranty, Dell sent me a new one. After installing the new one and reinstalling all my programs the this past summer somehow a virus got through. Most of the programs had to be updated,because they were back from 2002 and then I had to sign up for antivirus all over again and everything else, I guess it was like getting a new computer in a way. But somehow some viruses got through and I keep trying to get them off but I get frustrated and quit and then do not use the computer for 1 or 2 months and then try again and quit again. So it is now November and I want to get it off, but it is not that simple you have to go through all these steps and the last step is what is confusing me, Delete the value that was added to the registry....Yeah I do not know how to do that. I wish there was a removal tool like other viruses have...hahahaha. Is this virus more complex or something, and if I do by some miracle get it removed how do I prevent it from coming back?
Viruses will generally keep infecting your computer unless you keep the virus defintions up to date and the antivirus software continuously running on your computer. Some, like this one, are not easy to eradicate while the system is running in normal mode. That's why it suggests deleting some files while in Safe Mode and editing the registry while in Safe Mode. Editing the registry, as instructed in step 4, is not all that difficult. First follow the instructions in the Symantec document to make a back up of the registry. When it says to Navigate to the following keys, just keep clicking the + sign next to the values in the left hand pane of the registry editor until you get to the key that contains the bad value. The value will appear in the right-hand pane, and when you find it, click on it to select, then right click on it and select Delete. Do this for each key listed and for each value that it says to delete.
Thanks for all the info, I am working on it right now. I am just having a hard time determining what the bad value it. I am confused. So do I need to be in safe mode, because I am not. It let me delete it without being in safe mode. And when I do get it done, is it better to always keep my computer on to keep it updated, rather than turning it on and off each day for updates? and also do I need more than Norton Antivirus to keep from getting viruses or is there a better program available?
The value you need to delete for each of these registry keys is
"MsWindows SysDate" = "sysmsvc.exe"
You need to do this in Safe Mode.
You do not need to keep your computer on all of the time to get the updates. New virus definitions are usually released each Wednesday, but, if there is new critical attack that is detected they are released more often. You should also be careful opening e-mail attachements unless you know exactly what they are. The safe approach is when you get an e-mail with attachment, do not open it unless it is one you are specifically expecting. If you have doubts, contact the person who sent the e-mail and ask them if they have sent you a message containing a legitimate, virus free, attachment. Note also that the senders address in virus infected e-mail is often spoofed by the virus, so you can never be sure that the e-mail is really from the person that is listed as the senders e-mail address. See also the Recommendations section in the link on the Symantec site.
trishze
5 Posts
0
November 14th, 2004 19:00
volcano11
2 Intern
•
28K Posts
0
November 14th, 2004 19:00
It's easy if you have some computer ability. What antivirus software do you have? Are you up to date with virus definitions?
Steve
trishze
5 Posts
0
November 14th, 2004 19:00
volcano11
2 Intern
•
28K Posts
0
November 14th, 2004 19:00
See the following:
http://securityresponse.symantec.com/avcenter/venc/data/w32.spybot.fcd.html
Steve
volcano11
2 Intern
•
28K Posts
0
November 14th, 2004 20:00
Viruses will generally keep infecting your computer unless you keep the virus defintions up to date and the antivirus software continuously running on your computer. Some, like this one, are not easy to eradicate while the system is running in normal mode. That's why it suggests deleting some files while in Safe Mode and editing the registry while in Safe Mode. Editing the registry, as instructed in step 4, is not all that difficult. First follow the instructions in the Symantec document to make a back up of the registry. When it says to Navigate to the following keys, just keep clicking the + sign next to the values in the left hand pane of the registry editor until you get to the key that contains the bad value. The value will appear in the right-hand pane, and when you find it, click on it to select, then right click on it and select Delete. Do this for each key listed and for each value that it says to delete.
Steve
trishze
5 Posts
0
November 14th, 2004 21:00
volcano11
2 Intern
•
28K Posts
0
November 14th, 2004 21:00