Dear Forum:
Avast is a fantastic anti-virus program. Over the past few days I have cleaned about 400 infected files on a Dell Dimension 1100 notebook computer. All have been quarantined, deleted, moved, or otherwise disabled, except for one or two that reside in memory.
Dell Dimension 1100 Notebook
OS Windows XP SP1 (I will upgrade to SP2 after viruses are gone!)
128 MB RAM
Avast! 4.6 home version
Malware Name: Win32:SdBot-194-B
Malware Type: Trojan
VPS Version: 0534-1, 08/23/2005
File Name: C:\WINDOWS\System32\msconfig.exe[UPX]
Available Action: Move, Rename, Delete
Recommended Action: Move to chest
Actions taken: I clicked on the NO ACTION button.
The virus remains constant throughout repeated runs using Avast, online virus checkers, etc. I followed your advice (in other posts) and rescanned the HD using the boot scan. Each time I did, the same virus showed up. The Avast scan running in the background also found the same virus.
After the boot scan, I tried the REPAIR option, and received repair error 42060. When I tried to MOVE it to the chest or DELETE it, I received this warning:
“File is in Windows folder; are you sure? 1-yes, 2-yes all, 3-no, ESC Exit.”
That’s my problem, I am not sure, so I took no further action.
This virus is very active and I want it dead! The problem here is that the infected file is in Windows. If I delete, move, or repair the file I might lose the use of Msconfg or in other ways interrupt the Windows OS.
What is the best course of action to eliminate this virus without destroying my OS?
Thanks
Trojan Hearse