Tech Support banner

Status
Not open for further replies.
1 - 2 of 2 Posts

·
Registered
Joined
·
1 Posts
Discussion Starter #1
For those of you who do not know, the W32 Supernova Virus is a nasty little thing that pretends to be a different program and is transmitted via programs like Kaaza. Unfortunetly, my main computer has recently contracted it. :(

My Norton Antivirus caught 55 infected files when I ran it the first time. Unfortuently, my computer crashed while it was quaratining those 55. When I restarted and scanned again, Norton only found 20 infected files. The where abouts of the original 55 are completely unknown, as their existance was never recorded in the .log file.

Norton now reports my computer being completely clear of viruses, even when run from Safe Mode. The locations in my Registry that the W32 Supernova Worm supposedly writes to are likewise clean. However, I believe the virus is not, in fact, gone (or perhaps there is another one that is undetectable.)

My computer now (as it did before I used Norton Antivirus and deleted the 20 infected files) begins to slow down the longer it remains on. Eventually, it reaches a point where I must reset it in order to do anything. In the Ctrl+Alt+Delete Close Menu, there are two instances of Run32Dll listed as running (normally there are zero.) If I leave it on long enough, a program called sysupd.exe crashes. The error message from it cannot be closed (it pops back up as soon as it is closed.) After sysupd.exe crashes, my computer gains what appears to be regular activity again.

I am currently considering two options.

1) Re-install Norton Antivirus, with the assumption that the program itself has somehow become compromised. This also assumes that there are still some 35-55 infected files on my computer that are somehow being ignored by Norton Antivirus. This does not seem in line with W32 Supernova Worm's modus operendi, but then, it could be a deviant version.

2) Delete sysupd.exe, with the assumption that it is the file home of the virus. My main concern, of course, being that this is actually a real file that is somehow being abused.

For your info, I am running a Pentium 4 2.0 ghz using Win 98SE. I have 256 MB of RAM. I am connected to the Internet through a Cable connection. If there are any
other details you feel are important, please feel free to ask.

Thank you all for your time in reading this. If you can lend any help at all, please do. I very much want to get my main computer back into working order.

I am going to cross-post this thread in the Win98 Forums, simply because this Forum seems to get little traffic. I apologize for this, but would like for the greatest audience to be able to help me with my problem.
 

·
hey
Joined
·
10,189 Posts
Hmmm... sysupd.exe seems to be for norton. I would try unistalling it and re-installing norton first.

Also check to see if you have the following registry key:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\
Run\Supernova=C:\WINDOWS\BLAARGH.exe

Becareful when going into the registry. if that key is still there the virus has not been properly removed.
 
1 - 2 of 2 Posts
Status
Not open for further replies.
Top