Problem with a virus

[snizzle]

Hi all recently i had a virus on my computer which changed my registry. well i have reinstalled windows xp home and everything is fine but when i run Spybot it comes up with 2 things: 1. Windows Security antivirus override and the same for the firewall
Is the worm or virus still on my computer? How could i fix it, i have already tried deleting it from the registry?

 

[mechBgon]

If you told the Windows Security Center not to harrass you about your lack of antivirus or firewall protection, that would cause this alert in Spybot S&D. It basically means that the Windows Security Center has been told to supress the "hey! you have no protection!" messages, which some viruses will do in order to keep you in the dark.

Why does it matter? Check this out: http://vil.nai.com/vil/content/v_126083.htm

Trojan Characteristics:

Written in Visual Basic 6.0, this Trojan is intended for machines which have their Antivirus & Firewall products disabled. This Trojan spoofs the system tray icon for the following products:

• Agnitium Firewall
• Kaspersky AV Monitor
• Kaspersky AV Scanner
• McAfee Anti-Virus
• Norton Anti-Virus
• Norton Firewall
• Sygate Firewall
• ZoneAlarm Pro

When executed, this Trojan copies itself to C:\Windows\System32 folder, and also makes changes to the registry startup entries, so it can run at system startup.

By spoofing the system tray icon for a product which has been disabled, this Trojan gives the user a false impression that their security product is turned on.

Was your computer protected from the Internet by a firewall 100% of the time that you were reinstalling Windows, by either using a router, or by keeping its network connection unplugged until a firewall was installed, or both of these? If your Windows CD has Service Pack 2 built into it, then you'd be protected from the very start.

Also, do you have antivirus software now? If not, check the Consolidated Security Thread at the top of the Software forum for some free ones you could start with.