paulr

Hi,
Eveytime i open Internet Explorer i get this warning.



I move it to the vault but it keeps coming back.
I found it and its here. I delete it but it returns.

http://homepage.ntlworld.com/paul123/paul123/schll.jpg

I've got AVG and zone alarm, windows xp.

Any advice.

thanks
Paul.

Markus

Reboot into safe mode then run your AVG software and get it to remove the item and then see if it comes back. You could also try healing the file, or if possible actually get it deleted.

paulr

None of that worked. It came back when i opened IE.

ScuuBdoo

you need to open the system registry. Then navigate your way to where the file is and delete it manually. That should fix the problem.

D16GER

Best thing I can suggest is to download the trial of Kaspersky AV here.... Kaspersky Anti-Virus free trial download

and also download the updates for it here.... Setting Updater

Then, disconnect from the internet and turn off AVG and Zone Alarm completely, even uninstall them if you have to.

Once done, install Kaspersky and update it, then let it do it's thing, it's an awesome piece of kit. Oh and maybe even consider buying it, AVG is a useless pile of dung in my experience. I know lots swear by it, but I swear at it

You may also need to run a Spyware remover, you can't beat Spybot for that job.... The home of Spybot-S&D!

And finally, once you have ran those programs, go get HijackThis.... http://download.hijackthis.eu/hijackthis_199.zip

...run it, and paste the log here for analysis.... HijackThis Logfileauswertung

And finally, if after all of this you still can't get the little bugger because the file is locked or whatever, then you could try Killbox to just remove the file.... KillBox.Net

mart360

Youve got a BHO... Browser helper object...

run spybot search and destroy followed by ad aware....

and then run hijack this

this should kill the little ******

then and this is very important


DONT intstall Yahoo/google or whatever else superduper toolbar thats offered to you.......

why people use these is beyond me


and finally......the best move of all



Get rid of IE and use firefox, ...far better than IE

and update your virus proggy and firewall as well

Avast & comodo are free and pick up ore than the others ive used

Mart

jowl

I've just switched to Comodo from Kerio - much better and more stable!

boomer

Any more info??

Been using Kerio for a while, and mistakenly upgraded to Sunbelt with it's nag screens. What are the pros & cons of Comode (oh, and shame it doesn't work on Windows 98!).

mb

paulr

Thanks for the great advice.

Deano_P1

You could also try Avast antivirus

jowl

Well I find it doesn't crash out, doesn;t hang on shut down and always starts on login.

It seems to have many options - not all of which I've fully explored yet and it's all free.

I like the control I have over it and the way it works. For example, if you have an App which wants to connect to net or changes 3 files (say on install), you set Comodo to allow the action for all 3 files. With Kerio you had to click 3 times. Of course, you can turn the 'training' mode off too. I also used to have annoying requests from Kerio when shutting down to install Windows Updates. If I forget it would mean my machine wouldn't turn off.

But best of all for me, it seems much faster - especially on startup.

paulr

http://homepage.ntlworld.com/paul123/paul123/virus2.jpg

Here is the file but i cant delete it. I've tried most of the stuff recommended, even Killbox but they all say, "cant delete this file".

Its in WINDOWS\System32 folder.

Cant even delete it manually.

paulr

What if i just turn of my anti-virus and leave the virus on the PC. My only concern is internet banking, can it get my details?

stevebt

iTrader: (8)

Have you not considered paying for a different AVG I use kaspersky and I dont have any bother with any virus's or trojans ever??? I used to be bothered when I ran blueyonders free virus scan ??? But once I started paying for a proper service I never seem to worry about anything any more

Beastie

iTrader: (2)

I had this problem not long ago. Tried everything, solution was fresh install.
Back your files up to the second hard drive or a portable hard drive and re-install. Problem will be fixed and will have taken you less time than all the programmes you have been trying.

Kaspersky didnt find my Trojan
AVG did and deleted it but it came back
Spybot did and deleted it and it came back
Other stuff didnt find it
Norton was installed and fully up to date

paulr

I'm coming round to that way of thinking.

Alan C

Paul. Try this mate...

SDFix by Andy Manchetser..

It needs to be run in safe mode with Admin rights, but may mean the difference between a re-install..

SDFix

Before you do, run 'Hijack This' as suggested below and compare some of the entries on your log to the entries on the list from the link above.
(Note: you may spot stuff in the Hijack This log that look tempting to manually remove. Unless you really know what you're doing, be very careful as you can do some damage and you'll end up doing a re-install anyway!!)

The link above gives an extensive list of Trojans it can find and remove and you may some of them on your log.

MJW

Its highly likely the virus is exploiting system restore to re-instate itself. Right click My Computer, select Properties from the bottom of the menu, then click the System Restore tab. Check the 'Turn off System Restore' box and run your AV again, then reboot. You can switch system restore back on again later when the virus has been zapped.

Chris L

Om the subject of paying for some of this stuff - Webroot is the best anti spyware program that I have come across. Only about £15 / 20 a year. Well worth it. And again, based on my own personal experience, the only freeware AV that comes close to the fully paid versions is Avira - well worth looking at.

Once you've cleaned up your system I would also suggest using Advanced WindowsCare V2 Personal - which is free and highly effective!

I agree with what MJW is saying as well.

InvisibleMan

run in safe mode, find all the associated files in c: & system32, rename them so main prog doesnt run (each time they are deleted & auto rerun theyll have a different name), delete registry entries, delete virus files

deleted that sch162.dll file too?