If I do scanreg/restore after getting a virus/trojan to take me back to the day before it happened will this be ok? I have looked and looked and can't seem to find the source of infection. I scanned for virus's....have AVG. I got a whole lot of pop up after visiting some site and I keep getting this window that says do I want to makie some site my start page and instead of closing it I ctrl+alt+del. Then there is the freezing I get after being on the net for 3 hours. I dunno. Too many progs installed and I don't know what they are also. JV16 power tools shows them. Now I can only boot into Safe mode and the display is 16 colors. With a red cross in Device manager. I have done a scan with Bazooka as well and nothing. Got any suggestions? Thanks everyone.

Only if you are very lucky. Many virus/trojan/worm packets actually use SYSTEM RESTORE files as a place to hide. If need to use virus/trojan/worm manual removal instructions,(from Grisoft, Symantec, Trend Micro, McAffee) because the packet is "in use" or "protected". The first step is almost always to turn SYSTEM RESTORE off, then to restart the computer and during the boot sequence enter the SAFE MODE to use your antivirus software to scan and clean the system. HTH

Forget Scanreg/ restore. Since your OS is Win 98 SE I don't believe you have a System Restore function. As far as I understand that is only in Me and Xp. How is your firewall working? If you are getting trojans--either you need one, or need to reconsider the one you have, updgrade teh settings, etc. I use this one, it is free, simple and effective: Free Sygate firewall: http://smb.sygate.com/products/spf_standard.htm What you could do is run the proper scans, in Safe Mode, which looks grainy and bleached out, 16 colors...that's ok. First thing I would say is, since you are getting up on the net, UPDATE everything: Windows, IE, Outlook (settings afect IE even if you do not use Outlook), your AVG updates about every three days. Check it for UPDATES. Here ares some free scans: http://housecall.trendmicro.com/ security.symantec.com/ (security.symantec.com) www.ravantivirus.com/scan/ www.ravantivirus.com/scan) http://www.bitdefender.com/scan/licence.php http://www.pandasoftware.es/actives...ivescan-com.asp http://security2.norton.com/ssc/vc_scan.asp http://housecall.antivirus.com/ Then, if you are not yet using them, download and UPDATE Spybot and Adaware--very effective tools against malware. Here are the settings I use (in safe mode): Spybot: Download and Read the SpyBot tutorial here: http://s89223352.onlinehome.us/mirror/spybot/index1.php Download it, Unzip the program, and immediately check for updates, install the updates and then do the scan. Let it fix everything marked in red. Reboot but not with restart, shut it down for two full minutes. You’ve got two measely minutes and it’s worth it, and let Spybot run if it indicates. To add an item to your ‘Ignore List” click on the little ‘+’ sign next to the item and left click it to highlight it, then right click it and a menu appears, select the function you want. When you are done reboot again same way. Two full minutes shut sown is best. Also, go to the update page. Notice 3 icons across the top. Between "Search For Updates" and "Download Updates" there is an icon for the download mirror location. After you click on ‘search for updates,’ the one in the middle will change. If it doesn't say "Spybot.US by Rootboxen.net USA" click on the dropbox arrows and click on Rootboxen, and use only that one. If you got a "checksum error" trying to download --that's why. Ad-Aware: Download AdAware from http://www.lavasoft.de/ check for updates at "webupdate". I use these settings (green check) From main window click "Start" then make sure " Activate in-depth scan" has a green check next to it. Put a black dot nest to "Use custom scanning options” and click Customize" next to it, then green check these options: "Scan within archives" ,"Scan active processes", "Scan registry", "Deep scan registry" ,"Scan my IE Favorites for banned URL" "Scan my host-files" At the top of the “STATUS” page notice the Tweak (gear) icon. Click on it. The first setting is “Scanning Engine.” Click on the little plus sign next to it, and in the drop-down green check "Unload recognized processes during scanning", and “include basic Ad-Aware settings in log file”. Next click on the ‘+’ next to "Cleaning Engine" and in the drop-down green check "Let windows remove files in use at next reboot" and Delete quarantine objects after restoring” Click "proceed", that will save those settings. Click "Scan" When the scan finishes, mark everything for removal and delete it. Right-click the window and choose "select all" from the drop down menu, press ‘next’ and then ‘yes’ to the prompt: “remove all these entries”. However, if you have certain programs running that will give a false indicator of a browser hijack attempt, such as Script Sentry, which places a monitoring function in the registry and looks like a browser hijacker but is not, then you may want to add that to the ignore list because you want to keep it there to do it’s job. To add an item to the ignore list, put the a cursor on the file it reveals and left click it to highlight it, then right click it and a menu appears. Click on ‘ignore list.’ I always shut down for two full minutes, it is optional for you of course,, and let Adaware run on reboot if it indicates. Here are some free scans for trojans, run them also from safe mode: Trojan Hunter trial version: http://www.misec.net/ reboot back to safe mode Trojan Scan: http://www.windowsecurity.com/trojanscan/ reboot back to safe mode If you find a virus run: SWATIT: http://swatit.org/download.html reboot. What I would do at this point is download HiJackThis here: http://www.subratam.org/?page=removal and post it here: http://www.pcguide.com/vb/forumdisplay.php?s=&forumid=34 After gettingg a clean log read, you might want to do a general clean-up: TIF, cookies, %TEMP%, recycle bin, Disk Clean-up, Scan Disk, Defragmenter. Remember that if you are using Windows and IE your best first protection is UPDATES and MAINTENANCE. AVG, Spybot and Adaware update about every three days. When it is all cleaned up check yourself with these diagnostics: Jason’s Browser Security Test: http://www.jasons-toolbox.com/BrowserSecurity/ Gibson tests: http://www.grc.com/default.htm I use LeakTest, DCOMbobulator, ShieldsUp, and UnplugNpray It seems like a lot, but the idea these days, with all this malware around, is to be THOROUGH.... Thresher