*Laura*

If you have a "real" MSN account, telephone support from MSN has been very helpful for us. Look for a phone number under "Support" and/or "Contact us." Just hope you get an English speaking agent. If you are working via a Hotmail account, the ONLY support offered is via email. (So if your email doesn't work, send us an email?)

Your descriptions sound like you may be dealing with Spyware rather than a virus. These are two distinctly different things, and your AntiVirus (AV) program may not be much help. Since you did say you saw what might be a virus, a little(?) on that first:

A virus received via Messenger presents a sort of special problem. In the normal setup, Messenger starts when you boot up, so it always has its own files in RAM. Most Anti-Virus programs are unable to delete or modify a file that is open (in RAM), and some don't even scan open files since they can't delete them.

Note that there is a "Windows Messenger" and a separate program "MSN Messenger" and it is possible to have both running at the same time. It's not always clear which one you're using if you don't look carefully. KB 330117: Running Both gives some details.

IF you're using WinXP, you can turn off Windows Messenger: KB 302089 so that it won't have files open, and your AV may be able to find an infection on your drive and clean or delete the main infected files.

I don't have anything on turning off MSN Messenger, if that's what you use; and the method(s) for turning off Windows Messenger may differ if you're using something other than WinXP.

The process for preventing Windows Messenger from starting is a little bit picky and requires editing your Registry, so you probably would be better off just booting to Safe Mode and running your AV - full scan - from there. Safe Mode starts Windows without starting most other processes, but a few do get loaded. Your AV should run normally in Safe Mode. For WinXP, hit F8 while the machine is starting, and follow instructions to open in Safe Mode.

If an AV scan in Safe Mode doesn't find anything and you still think there might be something there, the next step would be to Boot to DOS and run your AV in DOS, if your program can be run there. You may need to visit your AV maker's website for instructions.

You should always update your AV to be sure you have the latest virus signatures immediately before scanning if you suspect an infection.

If you're using one of the Windows versions that offers System Restore (WinXP and I believe WinME) you must turn it off before cleaning up most viruses that your AV doesn't remove automatically. When you turn it off, it deletes all old copies of your System Files from the System Restore hidden folder. If System Files are left there that contain your virus, it could be put back after you remove it, the next time you start up. In Windows Explorer (NOT Internet Explorer or MSN Explorer) right click on My Computer, Click Properties, select the System Restore tab, and put a check mark in the box where it says "Turn off System Restore on all drives." When you close the Properties box, old and possibly infected System copies should be deleted.

It's recommended that you remember where this setting was so you can turn it back on after you get your system clean. New "Restore Files" will be created the next time you shut down after you turn System Restore back on by removing the check mark.

If your AV finds a virus, you should write down the name of the virus found, and anything else it gives you in the way of identifying information. It is highly recommended that you go to the web site for your AV and look for instructions on complete removal before proceding beyond the steps your AV can do automatically. Since different AV products may use different names for the same virus, the site for the program that finds it is the best place to look. If you don't find instructions at your own AV site, you should look at one or two of the other makers' sites before proceding.

After you verify that any virus infection has been removed, if your program still doesn't work it's possible that one or more files were corrupted by the virus. You may need to uninstall and then reinstall any affected programs. You should always use your Control Panel Add-Remove Programs first, if the program appears there. For web and/or email programs reinstalling will likely mean resetting all your connection and login info. In WinXP, Start – Settings – Network Connections should show most of what will need to be reset if you want to make notes before removing/reinstalling.

In the U.S., MSN telephone support has been quite good about doing walk-through fixes on setup; but I haven't had to contact them recently. A current phone number for telephone support should be on the MSN website, possibly unde "Contact Us" in the "Support" area. In the past there have been "800" numbers available, but it may be a toll call now and the best number may depend on your location.

More to follow on Spyware

John