April 14, 2004
Fun with viruses
Most of you who know me in personal life know that I have a small... hard drive. I am ecstatic when I can free up more than 100 megs of free space to run Photoshop without running into, "You have run out of scratch disk" error messages.
In any case, I've been doing some freelance work, and I had to open one of the documents sent by the client outlining the work load. Eudora downloads all attachments (whether they are viruses or legitimate viruses... I think Eudora should delete the attachment when I delete the email, but that's another story) ... long story short, I opened website01.doc instead of web site improvements.doc. And guess what? website01.doc was actually a virus (W32.Netsky.P).
So I trudged on over to the UNC software download site to download Norton. But the stupid website decided that downloading the Managed Norton Client should be the default option ... and left only a small hyperlink to download the Unmanaged client.
But of course, I didn't realize this until I had spent about 20 minutes clearing out the required 150 megs to install the program ...
So I went back and downloaded the Unmanaged version and found out I had Netsky. Not really being the patient type, I reconnected my computer to the internet (I left it disconnected to limit the virus' capabilities) and found out how to manually remove the virus.
One thing I will never understand is why some websites just don't publish EASY steps on how to remove these viruses.
So if you have Netsky.P, here is how to remove the virus: WARNING: THIS WILL NOT REMOVE THE VIRUS FROM YOUR SYSTEM COMPLETELY; IT WILL SIMPLY DISABLE IT SO IT STOPS USING YOUR COMPUTER AS ITS PRIVATE MAIL SERVER
1.) Find all the nasty .exe's it leaves around (since it replicates a lot on your hard drive, it may take you a while... use a scanner to get rid of them... you can use Microcall's Housecall Free Online Virus Scanner)
2.) Go to your Task Manager (Ctrl+Alt+Del) and locate FVProtect.exe. Close it.
3.) Go to Start, Run, regedit
Select HKEY_LOCAL_MACHINE
Select Software
Select Microsoft
Select Windows
Select CurrentVersion
Select Run
4.) Delete the value "Norton Antivirus AV"="%Windir%FVProtect.exe" on the left side.
5.) Go to your Windows folder (most likely C:Windows and delete the following files:
FVprotect.exe
base64.tmp
zip1.tmp
zip2.tmp
zip3.tmp
zipped.tmp
This should stop the virus from working ... but you still need to remove it using the link below.
Edit: Symantec also has a link to a free removal tool.
Woo. That was fun... time to go do some work now.
In any case, I've been doing some freelance work, and I had to open one of the documents sent by the client outlining the work load. Eudora downloads all attachments (whether they are viruses or legitimate viruses... I think Eudora should delete the attachment when I delete the email, but that's another story) ... long story short, I opened website01.doc instead of web site improvements.doc. And guess what? website01.doc was actually a virus (W32.Netsky.P).
So I trudged on over to the UNC software download site to download Norton. But the stupid website decided that downloading the Managed Norton Client should be the default option ... and left only a small hyperlink to download the Unmanaged client.
But of course, I didn't realize this until I had spent about 20 minutes clearing out the required 150 megs to install the program ...
So I went back and downloaded the Unmanaged version and found out I had Netsky. Not really being the patient type, I reconnected my computer to the internet (I left it disconnected to limit the virus' capabilities) and found out how to manually remove the virus.
One thing I will never understand is why some websites just don't publish EASY steps on how to remove these viruses.
So if you have Netsky.P, here is how to remove the virus: WARNING: THIS WILL NOT REMOVE THE VIRUS FROM YOUR SYSTEM COMPLETELY; IT WILL SIMPLY DISABLE IT SO IT STOPS USING YOUR COMPUTER AS ITS PRIVATE MAIL SERVER
1.) Find all the nasty .exe's it leaves around (since it replicates a lot on your hard drive, it may take you a while... use a scanner to get rid of them... you can use Microcall's Housecall Free Online Virus Scanner)
2.) Go to your Task Manager (Ctrl+Alt+Del) and locate FVProtect.exe. Close it.
3.) Go to Start, Run, regedit
Select HKEY_LOCAL_MACHINE
Select Software
Select Microsoft
Select Windows
Select CurrentVersion
Select Run
4.) Delete the value "Norton Antivirus AV"="%Windir%FVProtect.exe" on the left side.
5.) Go to your Windows folder (most likely C:Windows and delete the following files:
FVprotect.exe
base64.tmp
zip1.tmp
zip2.tmp
zip3.tmp
zipped.tmp
This should stop the virus from working ... but you still need to remove it using the link below.
Edit: Symantec also has a link to a free removal tool.
Woo. That was fun... time to go do some work now.
Comment with Facebook
Want to comment with Tabulas?. Please login.
Anonymous (guest)
\"Most of you who know me in personal life know that I have a small... hard drive\"
HARD DRIVE, LMAO....
Anonymous (guest)
I think the worst thing about it is the screen, seems fairly small to me but I bet it\'s a lot smaller than my laptop so at least there is some advantage.
Twelve GB isn\'t that bad actually, I can tell you that on my desktop I\'m only using about 7GB....
I guess for me personally all the extra space is only useful when I\'m too lazy to take things off, for example I backup a DVD movie and don\'t delete the files, or aquire *cough* some music and get too lazy to tag everything and upload it to my DAP, or when I have ISO files that I just let sit there...
I guess I\'d better quit while I\'m ahead and you don\'t think I\'m a total warez monkey.... ;-)
Anonymous (guest)
I\'d imagine someone that does the things that you do would want to have a fairly good computer.
Actually if I recall you were talking about how your parents had gotten a new computer and mentioned yours.
I\'d be interested in knowing your specs....
And check your damn Neopages forum messages !
tonylee