Well just recently my virus software AVG Pro alerted my about a virus i had, it was Nachi.B. I tried to heal, delete and move to vault all to no avail. To make matters worse my system is having lots of trouble with certain programs not opening at all and I.E. is very buggy. For some reason AVG cannot fix this worm. I have tried many other virus software on line and no other program / service could even find a virus. The worm is found under two locations: C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\T5YBB0G9 (WksPatch1) & C:\WINDOWS\system32\drivers\svchost.exe (svchost.exe) When i touch either the WksPatch1 or the svchost.exe my virus scanner immediately comes up and wants to heal it. That is only temporary as they come back after boot up. ALso if i delete them manually they come back after boot up. I then turned off system restore and tried to find them in my registy (regedit-edit-find) but could not find either one. I tried a registry cleaner but it does not work either. Any suggestions please???

From what I can gather - if you have already gotten the windows updates and critical patches(fixes), you will probably have to cut your losses and reformat and reinstall. First try the reinstall(repair) option...failing that you may be saying goodbye to any information already stored unless previously backed up (then attempt to reload them)and you know those files are not infected too. Good luck.

Try running> Stinger http://val.nai.com/vil/stinger

from my experince AVG sucks the big one, was totally useless, i dont have any real help other then to say, get rid of that crap and get nortons or something

Give AVG a break I run both AVG and Norton and I find that AVG is quicker to respond and heal infected files Norton ever was. It was Norton that prompted me to look elsewhere to begin with.

You have to disable(translation>delete) the restore points on your system. The little bugger is hiding out in the saved restore points. Dump them!!!!! Then run a anti-virus program. You're saying they come right back so try killing the restore points and leave them off while you run your anti-viral program. Stinger is made to zap what others have trouble getting to. Try it.

Lyland, Setishock is right about the restore points. In fact, not only should you disable system restore, but you should boot in safe mode to assure the worm is not an active process. and your Nachi B worm is a variant of W32.Welchia.B.Worm...AKA...W32/Nachi.worm.b [McAfee], W32/Nachi-B [Sophos], Win32.Nachi.B [Computer Associates], WORM_NACHI.B [Trend], Worm.Win32.Welchia.b Norton has a removal tool for this found here. Best of luck to ya... SullyD Experience is what you get when you don't get what you want...