I have been having problems with some trojan virus's that continually reload themselves even after being detected with AVG 7.0 and deleted....I have posted on another forum but have yet had an answer....but checking out registries and using the msconfig on xp sp1..i have noticed that two suspicious files exist:-

Kmed.dat
80LPBT.exe

both are set to run in the startup list and both search the C:\Documents and Settings\(nyname)\Local Settings\Temp directory.......

also when i check the registry for HKEY_LOCAL_MACHINE>SOFTWARE>MICROSOFT>WINDOWS>CURRENTVERSION>RUN

the Kmed.dat is refered to by a file called Cyberfree.exe which is cannot find on my machine.....i did notice this was listed on the startup list page as not required........but the other file 80LPBT.exe is not......

Is it safe for me to just delete these entries from the startup list and registry? and are these causing the re-occurance of the trojan viruses...

Thanks

Wiithout details about your configuration it's impossible to say what's what; I suggest you proceed as follows:

Go to our downloads section, and download Hijack This.

Unzip, doubleclick HijackThis.exe, and hit "Scan".

When the scan is finished, the "Scan" button will change into a "Save Log" button.
Press that, and save the log somewhere.

NOTE: Most of what Hijack This lists will be harmless or even required, so do NOT fix anything yet.

Next, go to the Hijackthis - Spyware, Viruses, Worms, Trojans section of this board.

Press "New Topic", explain your problem, and copy and paste the contents of the Hijack This log into your new message.

Reply to this topic including a link to the new topic you posted, and we'll have a look!

Cheers

_________________
Tony CLSID List