You might be able to use AVG Anti-rootkit to extract that one. Sophos also 
makes a good rootkit remover. You can also google for that little message 
you get each time, and see if someone developed a tool specifically to 
remove the bug in question. At least this one is kind enough to identify 
itself. Best of luck with finishing the job. Sounds like you got most of it 
licked already.

----- Original Message ----- 
From: "Donald DeWitt" <[log in to unmask]>
To: <[log in to unmask]>
Sent: Monday, April 28, 2008 4:16 PM
Subject: Re: [PCBUILD] Virus Infection


> Thank you Don and Tom for your input with this problem. I believe I have a
> better understanding of the situation now.  I did exactly as you 
> suggested.
> I turned off system restore, then booted up in safe mode. There I ran
> Spybot, Ad-AWare, SuperAntiSpyware and AVG several times. SuperAntiSpyware
> and AVG seemed to do the best job of identifying and securing the problem
> areas. However there is one glitch that all of the above programs did not
> address. Now when I open my browser or my email, on the bottom right-hand
> corner of the monitor, a small pop-up window appears briefly with the
> message, "Add served by FBrowser Advisor" immediately followed by a full
> page advertisement. This thing has apparently planted itself deep into the
> system and concealed itself so all the above programs cannot find it. Do 
> you
> think it is somehow possible to clean this thing off the computer without
> doing the format procedure? This I would like to avoid if at all possible. 
> I
> forgot to mention before that I am running XP on a Dell computer.
>
>
>
> Don DeWitt
>
>
> On Mon, Apr 28, 2008 at 10:45 AM, Thomas Mayer <[log in to unmask]>
> wrote:
>
>> As an added safeguard to what Don has suggested, I would not only
>> temporarily turn off the system restore but, with the system restore off, 
>> I
>> would restart in Safe mode and do a complete virus scan and spyware scan
>> with up to date definitions. Then restart in standard mode and turn the
>> system restore back on. This measure may not find anything else, but, 
>> other
>> than using time, it can't hurt.
>>
>> Tom
>>
>>
>> Donald DeWitt wrote:
>>
>> > In Need of Virus Help
>> >
>> > I have been running AVG on my computer for several years and never had
>> > to
>> > use it until now. After downloading some files I ran a scan and it
>> > detected
>> > a problem and I'm not sure just what I should be doing to prevent a
>> > serious
>> > infection here. The AVG program is informing me that I have several
>> > backdoor
>> > Trojan Generic5 infections in my Documents and Settings and a Ms-Dos
>> > virus
>> > in the System32\drivers and also a change in the shell32.dll file. I
>> > think
>> > the program placed these things into a "Volt". Before I shut the
>> > computer
>> > down is there something I should be doing with these files? When I try
>> > to
>> > delete the files from the "Volt" I get a warning message, "Do you 
>> > really
>> > want to remove the file from the virus volt?" I'm not sure what to do
>> > here.
>> > I ran the program a second time and it states there are no threats. 
>> > What
>> > is
>> > going to happen with the infected files? Should they be replaced?
>> >
>> > Help,
>> >
>> > Don DeWitt
>> >
>> >
>> >
>> >
>> >
>>
>>        PCBUILD maintains hundreds of useful files for download
>>                    visit our download web page at:
>>                 http://freepctech.com/downloads.shtml
>>
>>
>
>         PCBUILD maintains hundreds of useful files for download
>                     visit our download web page at:
>                  http://freepctech.com/downloads.shtml
> 

         PCBUILD maintains hundreds of useful files for download
                     visit our download web page at:
                  http://freepctech.com/downloads.shtml