Hi All,
Every time I come online I get a virus.
I've just come online been to windows site and then came here, I've picked up three viruses.
How are they getting through, I'm running the latest versions of Kerio & Avg.
The only recent change is that I'm no on Broadband and it only started since then.
I'm using my old Alcatel usb modem with updated drivers.

Thanks,

kfh.

Are you sure that you are getting a new virus or are you being notified that you have a virus? What viruses are you getting?

Hi,

This is two of them and the message is "While opening file system32 smc.exe trojan horse sdbot 29am & worm agobot 23bs". I clicked on heal to heal the file.

thanks,

kfh.

just poped up again I've now sent to the vault.

If you are using XP it could be in the system restore files. Unless you completely close System restore and then reboot and then open it again this could keep happening. This might be the case with Win me also, not sure.
I had that happen with my anti virus and a trojen also.
If Win 98 don't know.
Mark

The sdbot trojan sets a registry entry that must be cleared, try Trojan Hunter (30 day free trial)

Also do an online scan at Trend Micro Housecalls.

kfh,

Give us some info. Operating System? Is it AVG that is giving you the warning? Where does it say the problem is located?

Try PrntRhd's suggestion and do a Trend Micro scan.

Also, you should make sure your Windows OS is updated and all the security patch's fixed.

Hi All,

I've done the system restore part, but windows won't update I click on install and nothing happens.
OS XP Pro.

Thanks,

kfh.

Edit: When downloading, try it this way:

After you get the download (M$ does not always structure its downloads so you can’t do this if you are on automatic download with M$), after manual download, AS SOON AS YOU SEE THE INSTALL SHIELD, BEFORE YOU CLICK THE INSTALL ICON, #1. log off the net, #2. disable AV (right click tray icon), #3. then ctrl-alt-delete to close AV in close-program, THEN (and only then) #4. click on the install procedure. Otherwise your AV might read the install as an invader and mess with it. Then reboot. I manually shut down for two full minutes. That definitely works better on this Me system. It's optional of course.

If you have done a system restore disable/re-enable, did you celan out your cookies, and TIF and %TEMP% files? Expose hidden files/folders?

In Win Xp:

Make sure your settings allow you to view "Hidden files". Open up any explorer windows and click on "Tools" => "Folder Options" => "View" and be sure to check off "Show Hidden Files and Folders".

Some people have posted that the above method is not enough, so try this in addition, I'm not Xp so I have no experience doing this. Perhaps the other can elucidate on this aspect:

http://www.davehigham.zen.co.uk/downloads/xphidden.zip

Download xphidden.zip. Extract xphidden.reg and save it to ‘desktop.’ Double-click the xphidden.reg and when prompted to ‘merge’ > yes.

Here's some more tools:

Trojan Hunter trial version:

http://www.misec.net/

Trojan Scan:
http://www.windowsecurity.com/trojanscan/

SWATIT:

http://swatit.org/download.html

System diagnostics once you get clean:

Jason’s Browser Security Test:

http://www.jasons-toolbox.com/BrowserSecurity/

Gibson tests:

http://www.grc.com/default.htm

I use LeakTest, UnplugnPray, DCOMbobulator, and ShieldsUp

The question remians --how did it get in? How are your F-wall settings? Is Kerio right for your system? some of us use Sygate, Ihaven't had any trojan or virus problems since using it:

Free Sygate firewall:

http://smb.sygate.com/products/spf_standard.htm

Hi All,

Still having problems, I can't open up either msconfig, regedit taskmaneger. So I cant reformat the drive, I installed Partition Magic 6 to format the C drive it started ok then I got a error message. Error 504 file Missing now rebooting but the problem is it did not reboot. I can no longer boot. It boots so I can enter bios I get no mem check or posting just a flashing cursor. I've got partition magic rescue disks and XP boot Disk but neither work any ideas.

Os XP Pro
Acer Ferrari 3000lmi Laptop.

Thanks,

kfh.

If you simply want to reformat the drive, download the hard drive maker's utilities and use them to do so.....

Hi,

I can now boot to the A:\> prompt from the xp start up disk.
What do I type from here to boot.

Thanks,

kfh.

You don't need a startup floppy to format your machine. Just follow the instructions from your XP Pro cd, boot to the CD and do a new install.
Instructions, step-by-step can be found here.
http://www.pcworld.com/howto/article/0,aid,105866,pg,1,00.asp

If you want to start out fresh, simply delete the existing partition and then set up another, then follow the instructions. XP installation is very simple, you just follow the steps. The instructions at PC World are pretty good, someone else may have a better guide to link to.

Variable

Hi All,

I think your miss reading my post "I can no longer boot. It boots so I can enter bios I get no mem check or posting just a flashing cursor",I can now boot to the A:\> prompt What do I type from here to boot.

Thanks,

kfh.

There is no XP Boot floppy disk, it's a 4 floppy set. I wonder if this isn't some start up disk provided with the machine, if that is the case it will probably let you move to the D:\ or E:\ whichever is your CDROM. Can you insert the CDROM boot to the A: prompt then type E: and get a E:\?

Look here, too. This has instructions for you booting from disk
http://www.webtree.ca/windowsxp/clean_install.htm#a

Hi Variable,

All up and running again, still can't upgrade windows but I'll work on that at a later date.

Thanks,

kfh.

np, post back when your ready.