Hey guys, I need your help. I’ve Win XP Home, Avast 4. I update the virus DB regularly. Since the last 3 days a trojan horse is galloping on my system - Win32:Trojano-2365. I’ve installed Win XP SP2 but am not able to activate the windows firewall + when i switch users in XP it prompts for a “CODE” which i dont know. I don’t ahve any login specific password! Please help me remove the Trojan. The file that is affected is: C:\WINDOWS\system32\remon.sys
Prevention is the best means of defence, rootkits are nasty and very difficult to get rid of, if you can prevent it getting established in the first place it is likely to be easier to get rid of.
Many viruses/malware try to instal themselves in the system folders in XP you need permission to do that, however if you are logged on to an account with administrator privileges, they can inherit your priviliges.
Once you have drained the swamp, you might want to check out the DropMyRights link in my signature.