When i first realized the defender virus was on my pc i did a scan with norton, but norton didn't find a thing. So i went looking in my program files and saw some strange files i never saw before. I deleted the most of them but can't get rid of one. The defscangui.exe file. I'm pretty sure this file creates that link which makes that defender virus pupping up all the time. So i went looking in my reports in norton anti-virus, and i found i had been infected with a js.menger.worm and an w32 kleze@mm. So i put that worm in quarantaine and removed it later on. I'm not sure it's totally gone, but it wans't detected anymore. Then i came on this site and asked if someone could help me with this. They gave me some advice and links to sites which were very helpfull. So i found out that i had to download a removal tool To remove the other virus. I went downloading the klez.gen removal tool and followed the instructions. So i started my computer in safe mode, let the klez removal tool work but it didn't found a thing, i still get that defender virus popping up and that file defscangui.exe still is in my program files under the subdirectory acceleration software\anti-virus. I can't remove it 'cause when i try to remove it in dos, it says i can't get access to that file. I guess norton was infected by that time too 'cause norton didn't worked either so i re-installed it and did a live-update. Then i ran a scan again, but still didn't found a thing. I even downloaded a free scanner of worms, trojans and backdoors, but that scanner didn't find a thing either. So if it's not a w32 kleze@mm what could it be then? And what should i do about it?

did you try scanning on norton's webstie

hi rudy, what scanner are you talking about? "Then i ran a scan again, but still didn't found a thing. I even downloaded a free scanner of worms, trojans and backdoors, but that scanner didn't find a thing either." Try downloading from TDS a program called "Worm Guard". If the worm is still in your system it will find and destroy it. To re-install norton use the norton's RNAV program to remove norton, then re-install norton and get the latest defs, then do a complete scan. if that doesn't work and if you can get into dos, download a free copy of F-Prot for dos from wilders.org and scan in dos. also see if you can remove the file in your registry by doing a find for defscangui.exe. if the find in the registry comes up with any values for that file delete the defscangui.exe value. hope this helps, murve

hi murve, Those scanners are norton and swat it. I already re-installed norton and did an update, but that still didn't worked. So now i'm going to try the things you told me to do. Downloading those and hoping that'll work. I'll let you know

Well, i did all of those things. But none of them worked. I downloaded f-prot, but it couldn't find a thing. I searched for that file in my regestry, found two items of it. deleted one value, but couldn't delete the other value in my regestry. It always says it's in use by another user or program, but that's impossible 'cause i'm the only one working on this pc and there wasn't a single program working. I'm realy wondering what that file could be and how i can get rid of it.

hi rudy, sorry to see that you can't find a solution. can you check your directories and see if you have these files:Ms Spool32 & MS SPOOL32.exe and Ms Spool32.dat and also in your registry. if you do delete them as they are part of the trojan backdoor assasin. also check to see if you have these files in your directories and in your registry. they are hiding somewhere in your registry in a subdirectory in your run files: tvp and mgneyu4 if found delete the subkeys containing these values. for more info on trojans go to www.thepublicworks.com security section and link to simovits consulting>trojans by name, and by file. hope this helps,all the best, murve

checked my directories and registery for those files. But i can't find any of those. And when i do delete the defscangui file in my regestry it keeps coming back all the time. I realy don't know what to do anymore. I can't find any related files to a backdoor asassin or trojan. I guess the only thing to do now is to clean my disc and do a formatation and defragmentation. Well thx anyhow for your help.