I have been fighting worms, trojans and virus for a couple of months now, you think you have gotten them all and then I do a scan and there are even more. My office has three computers networked, all are windows 98. I've got Mcafee virus scan 7.0 on all of them. It took forever to get it installed on them because it kept saying the files had been corrupted. Today, I ran a program (can't recall the name of it)to detect worms, trojans & viruses and it said I had Opasoft, Bymer and Backdoor and that it removed them. I ran it several more times on all computers until it said they were clean. I did disconnect them from the network before I did this. I then uninstalled virus scan and reinstalled it because I was afraid it might have been infected too since it wasn't detecting any of this. I ran the mcafee virus scan and it listed about 100 files infected with a Dupator or W32 Dupator virus. I was able to quarantine them all with the exception of kernal32.dll. The scan could not clean any of them and it could not delete or quarantine the kernal32.dll. I have also noticed on the firewall, also Mcafee that it is blocking outgoing ICMP to 224.0.0.2 and incoming from various others. Sorry, I'm a newbie here. I would appreciate any help as I'm about to really lose it with these computers. Thank you!

The fact that you are getting re-infected with virus means that you have not learned the basics of fighting virus, worms and trojans. The most important thing is prevention not cleaning.

You must secure your systems. And not the easy way with an Anti-Virus program and Firewall. These are just the final step in the process, not the first.

1) Start with a clean system and install ALL of the Windows Security updates from Micro$oft's
Windows UpDate. These will block most of the exploits virus, and worms use.

2) Remove all traces of Micro$ofts OUTLOOK from your systems (don't install it), if e-mail is REQUIRED, use something else. Outlook's code is the entry point for most virus, and they can use it even if you don't, if its installed.

3) Go to GRC.com and run his Shields UP program against your system. Read all his pages and learn how to setup your network configuration with all PORTS closed (except 135) and with strong password security. Don't share more than is necessary.

4) Once they are reasonably secure without special software, select and install a Firewall program to close all ports, and an AV of your choice.

5) Download, install, update online and run SpyBot_S&D to detect and remove Spyware_AD-ware.

6) Then keep all Windows Updates and Virus updates current on a weekly basis. Run AV and SpyBot scans once a week.

7) Then consider a hardware firewall between your network and the Internet connection.

I have never been "infected", yet have no firewall or AV running. I do have a collection of many e-mail files that I have received with virus and worms in them. I do Scan suspect e-mail with an an Online AV to confirm they are infected. By having all Security fixes up to date and not using OUTLOOK, they don't get through and infect.

try online scan at panda anti virus allso

Do a file search for kernel32.dll. With W32.Dupator, There should be two.. One in C:\Windows and one in C:\Windows\System.
First, make sure that there is one in C:\Windows\System, If not, you will have to extract a copy from your Windows CD.
To delete the copy in C:\Windows you will have to boot into DOS from a boot disk and at the A:\> prompt type:
del c:\windows\kernel32.dll
Then boot into safe mode and run a full system scan.