JayCully, you have to delete it out of the registry too.
I'm having the problem too. Here is an email my ISP just sent me.
As you may have heard by now in the news there is a new virus that
is exploiting a security flaw in Windows XP, NT and 2000. The
virus is known as "W32.Blaster.Worm" or "MSBlast." The virus does
not come through email. It is sent to your computer through a Remote
Procedure Call, or RPC, meaning that an infected computer scans
other computers for a certain open port, and then sends itself
through that port. This security flaw is not in Macintosh, Linux or
Unix operating systems. To read more about the security flaw,
please go to
To keep from getting this virus, you should go to
and scan for all patches available for your
computer. After it scans, you should download all the security
patches. This will keep you from getting the virus.
NOTE: If you are infected, you will see an error saying "...NT
authority must shut down your computer in 30 seconds."
BEWARE! Some users who have the virus have reported that while they were
attempting to download the patches from Microsoft, the virus rebooted
their computer. There is little chance of damage from this and it will be
possible to eventually receive the patches from Microsoft even if you are
infected and the virus reboots your computer. Just keep trying to get the
XP users can prevent this from happening by turning on Internet Connection
Firewall in their connection profile. IF YOU ARE AN XP USER, right click
on your connection icon, left click on Properties, click the Advanced
Tab, and place a checkmark next to "Internet Connection Firewall." This
will allow you to download the patches without the virus rebooting your
To fix this, you must edit your Windows registry. It is extremely
important that you follow these set of instructions very carefully.
Enter.net is not responsible for any damage to your computer from
following these instructions. If you don't feel competent to perform
this service, you should contact your computer dealer/consultant, or
Enter.Net's in-house service department.
1. Click Start, and then click Run. (The Run dialog box appears.)
2. Type regedit
3. Then click OK. (The Registry Editor opens.)
4. Navigate to the key by clicking on the plus next to each section:
5. In the right pane, delete the value:
"windows auto update"="msblast.exe"
6. Exit the Registry Editor by click the x in the top right corner.
You should then be able to go to www.windowsupdate.com
and get the
patch to keep your computer safe. You should also then go to
Click on Scan Now listed under
the Customer Advisory. Press yes to any boxes that pop up. You will
then see the Active Update windows where it is downloading an
updated engine and pattern file. Once this is done, put a checkmark
next to your C: drive and a checkmark next to Auto Clean. Then click
Scan. This will scan your computer for viruses and automatically clean
any that it can. It will also give you the option to delete the
infected files that it was not able to clean. This online virus
scanner is free.
Please make sure to update your antivirus programs and your windows
updates at least twice a month. This will keep your computer updated
against any viruses and security flaws.