Discovered: November 30, 2000
Updated: February 13, 2007 11:48:19 AM
Type: Worm
To remove W32.Music.A.Worm:
CAUTION: We strongly recommend that you back up the system registry before making any changes to it. Incorrect changes to the registry may result in permanent data loss or corrupted files. Be sure to modify the specified keys only. See the document
How to back up the Windows registry before proceeding.
To edit the registry:
- Click Start, and click Run. The Run dialog box appears.
- Type regedit and click OK. The Registry Editor opens.
- Navigate to the following subkey:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MCM
- Press Delete, and click Yes to confirm.
- Navigate to the following subkey:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
- In the right pane, select and delete the value
SysDrv c:\windows\system\sysmcm.exe
- Exit the Registry Editor, and then restart the computer.
- Using Windows Explorer, delete the \Windows\System\Sysmcm.exe file.
- Run a full system scan with Norton AntiVirus, and delete any files infected with W32.Music.A.Worm.
Writeup By: Cary Ng
Technorati
Digg
Delicious
Reddit
StumbleUpon
Yahoo Buzz
Twitter
Facebook
Newsvine