Just done AVG scan and have a trojan: generic2.lpl in C:56546148.exe
Can't find much on the net and not sure how to remove it completely or what it's doing.

Any help appreciated before I decide to copy all my docs & pics and format it: obviously prefer to get rid of the trojan if I can.

 

run hijack this and post the logfile it creates, I can check that for Trojans for you

This is the information that AVG believe relates to you
http://free.grisoft.com/doc/7/lng/us/tpl/v5

Personally speaking I consider AVG to be not worth paying for which is why its free, it identifys so much that no other application identifys yet they provide minimal information on many of these files and less information regarding resolving the issues... false identification perhaps.

I would also suggest either double checking with the online scanner housecall by trend micro or download a trial of NOD32

 

i second that, just to be sure even if you get rid of it

 

Surely AVG removes it to the virus vault ? Then you just empty the vault and it's gone ??

 

Had hi-jack suggested from someone else. Will run Hi-jack and post results. Cheers

As for AVG: it put it in the vault and I emptied the vault, but it's still on the comp: curently hidden in C:_restore/temp somewhere. Have opened the file, but /temp files aren't shown anywhere.

Have also ran:

Spybot S&D: deleted results.
SuperAntiSpyware: deleted results.
VundoFix: did not find anything.

AVG says it is still there.
Checked "System Restore" to delete all restore points, but there are none to delete.

 

Bazooka Scanner Log: nothing detected

****************************************
Bazooka Scanner v1.13.03
http://www.kephyr.com/spywarescanner/
http://www.kephyr.com/spywarescanner/library/
support@kephyr.com
Log created 12:59:49.
OS: Windows 98
Database version: 2.730000
Database format version: 1.020000
Database date: 20050314
Current date: 2006-12-17 12:59


****************************************
Result when scanning:

No threats found.
****************************************
Auto start entries:
C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
C:\Program Files\Microsoft Office\Office10\OSA.EXE -b -l

Go here to analyse the startup entries and the associated files:
http://www.kephyr.com/filedb/index.php

****************************************
Run entries:
ScanRegistry C:\WINDOWS\scanregw.exe /autorun
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Run\ScanRegistry

TaskMonitor C:\WINDOWS\taskmon.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Run\TaskMonitor

SystemTray SysTray.Exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Run\SystemTray

Cmaudio RunDll32 cmicnfg.cpl,CMICtrlWnd
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Run\Cmaudio

CM-SmWizard C:\WINDOWS\System\SmWizard.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Run\CM-SmWizard

Hidserv Hidserv.exe run
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Run\Hidserv

PCHealth C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Run\PCHealth

TkBellExe "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Run\TkBellExe

snpstd C:\WINDOWS\vsnpstd.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Run\snpstd

LoadPowerProfile Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Run\LoadPowerProfile

Zone Labs Client C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Run\Zone Labs Client

AVG7_CC C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGCC.EXE /STARTUP
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Run\AVG7_CC

AVG7_AMSVR C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGAMSVR.EXE
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Run\AVG7_AMSVR

AVG7_EMC C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGEMC.EXE
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Run\AVG7_EMC

MSConfigReminder C:\WINDOWS\SYSTEM\msconfig.exe /reminder
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Run\MSConfigReminder

StillImageMonitor C:\WINDOWS\SYSTEM\STIMON.EXE
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\RunServices\StillImageMonitor

LoadPowerProfile Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\RunServices\LoadPowerProfile

SchedulingAgent mstask.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\RunServices\SchedulingAgent

*StateMgr C:\WINDOWS\System\Restore\StateMgr.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\RunServices\*StateMgr

TrueVector C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE -service
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\RunServices\TrueVector

MsnMsgr "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Run\MsnMsgr


Go here to analyse the run entries and the associated files:
http://www.kephyr.com/filedb/index.php

****************************************
Browser helper objects:

{53707962-6F74-2D53-2644-206D7942484F} C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}

{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} C:\PROGRAM FILES\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}


****************************************
Toolbars:

{8E718888-423F-11D2-876E-00A0C9082467} C:\WINDOWS\SYSTEM\MSDXM.OCX
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{8E718888-423F-11D2-876E-00A0C9082467}

{01E04581-4EEE-11D0-BFE9-00AA005B4383} C:\WINDOWS\SYSTEM\BROWSEUI.DLL
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ShellBrowser\{01E04581-4EEE-11D0-BFE9-00AA005B4383}

{0E5CBF21-D15F-11D0-8301-00AA005B4383} C:\WINDOWS\SYSTEM\BROWSEUI.DLL
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ShellBrowser\{0E5CBF21-D15F-11D0-8301-00AA005B4383}

{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} Error when opening a registry key, the key doesn't exist. Key: HKEY_CLASSES_ROOT\CLSID\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}\InprocServer32

System error message: The system cannot find the file specified.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ShellBrowser\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}

{01E04581-4EEE-11D0-BFE9-00AA005B4383} C:\WINDOWS\SYSTEM\BROWSEUI.DLL
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{01E04581-4EEE-11D0-BFE9-00AA005B4383}

{0E5CBF21-D15F-11D0-8301-00AA005B4383} C:\WINDOWS\SYSTEM\BROWSEUI.DLL
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{0E5CBF21-D15F-11D0-8301-00AA005B4383}

{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} Error when opening a registry key, the key doesn't exist. Key: HKEY_CLASSES_ROOT\CLSID\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}\InprocServer32

System error message: The system cannot find the file specified.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}

{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} Error when opening a registry key, the key doesn't exist. Key: HKEY_CLASSES_ROOT\CLSID\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7}\InprocServer32

System error message: The system cannot find the file specified.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7}

{4D5C8C25-D075-11d0-B416-00C04FB90376} C:\WINDOWS\SYSTEM\SHDOCVW.DLL
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{4D5C8C25-D075-11d0-B416-00C04FB90376}

{EFA24E61-B078-11D0-89E4-00C04FC9E26E} C:\WINDOWS\SYSTEM\SHDOCVW.DLL
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{EFA24E61-B078-11D0-89E4-00C04FC9E26E}

{30D02401-6A81-11D0-8274-00C04FD5AE38} C:\WINDOWS\SYSTEM\BROWSEUI.DLL
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{30D02401-6A81-11D0-8274-00C04FD5AE38}

{32683183-48a0-441b-a342-7c2a440a9478} C:\WINDOWS\SYSTEM\BROWSEUI.DLL
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{32683183-48a0-441b-a342-7c2a440a9478}

{EFA24E62-B078-11D0-89E4-00C04FC9E26E} C:\WINDOWS\SYSTEM\SHDOCVW.DLL
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{EFA24E62-B078-11D0-89E4-00C04FC9E26E}

{C4EE31F3-4768-11D2-BE5C-00A0C9A83DA1} C:\WINDOWS\SYSTEM\SHELL32.DLL
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{C4EE31F3-4768-11D2-BE5C-00A0C9A83DA1}

{EFA24E64-B078-11D0-89E4-00C04FC9E26E} C:\WINDOWS\SYSTEM\BROWSEUI.DLL
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{EFA24E64-B078-11D0-89E4-00C04FC9E26E}


****************************************
All processes:

C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\WINDOWS\SYSTEM\HIDSERV.EXE
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
C:\WINDOWS\VSNPSTD.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\ZONE LABS\ZONEALARM\ZLCLIENT.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGCC.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGAMSVR.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGEMC.EXE
C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE
C:\PROGRAM FILES\OUTLOOK EXPRESS\MSIMN.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAM FILES\BAZOOKA SCANNER\SPYWARESCANNER.EXE

Go here to analyse the running processes:
http://www.kephyr.com/filedb/index.php

****************************************
Internet Explorer Settings:

Default_Page_URL http://www.microsoft.com/isapi/redir...5.5&ar=msnhome
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL

Default_Search_URL http://www.microsoft.com/isapi/redir...ie&ar=iesearch
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL

Local Page C:\WINDOWS\SYSTEM\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page

Search Page http://www.microsoft.com/isapi/redir...ie&ar=iesearch
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page

Start Page http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SU B_PVER}&ar=home
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page


HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\

SearchAssistant http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant

CustomizeSearch http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch

http://
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\URL\DefaultPrefix\

www http://
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\URL\Prefixes\www


HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\

provider
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\provider

Local Page C:\WINDOWS\SYSTEM\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page

Search Page http://www.microsoft.com/isapi/redir...ie&ar=iesearch
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page

Start Page http://www.brainkiller.it/
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page


HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\

User Stylesheet
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Styles\User Stylesheet


****************************************

 

Logfile of HijackThis v1.99.1
Scan saved at 13:13:06, on 17/12/2006
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v5.50 (5.50.4134.0100)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\WINDOWS\SYSTEM\HIDSERV.EXE
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
C:\WINDOWS\VSNPSTD.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\ZONE LABS\ZONEALARM\ZLCLIENT.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGCC.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGAMSVR.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGEMC.EXE
C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE
C:\PROGRAM FILES\OUTLOOK EXPRESS\MSIMN.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAM FILES\HIJACKTHIS.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.brainkiller.it/
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [CM-SmWizard] C:\WINDOWS\System\SmWizard.exe
O4 - HKLM\..\Run: [Hidserv] Hidserv.exe run
O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGCC.EXE /STARTUP
O4 - HKLM\..\Run: [AVG7_AMSVR] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGAMSVR.EXE
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGEMC.EXE
O4 - HKLM\..\Run: [MSConfigReminder] C:\WINDOWS\SYSTEM\msconfig.exe /reminder
O4 - HKLM\..\RunServices: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O4 - HKLM\..\RunServices: [TrueVector] C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE -service
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE10\EXCEL.EXE/3000
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab
O16 - DPF: {1842B0EE-B597-11D4-8997-00104BD12D94} (iCC Class) - http://www.pcpitstop.com/internet/pcpConnCheck.cab
O20 - Winlogon Notify: !SASWinLogon - C:\PROGRAM FILES\SUPERANTISPYWARE\SASWINLO.DLL

 

MSIE: Internet Explorer v5.50 (5.50.4134.0100) <---- This version of internet explorer has serious issues you should at least upgrade to Internet Explorer. Version : 6.00.2800.1106!

Other than this your hijack this log is clean... pretty good actually

 

The files will be hidden system files... tell me the exact location identified by AVG and I will tell you how to view the files there

 

I have IE6, but it won't install correctly. I had a thread on this a while back in here....

 

I ran AVG again to get the file location, but it has come back all clear.

Thanx for all your help over the thread.

 

ok well heres a rough indication of what I was going to do for the file location incase you encounter the problem again...
Some files can be hidden in Windows using attributes these files are not visable in Windows at all... what you need to do under these situations is boot into the command prompt and then navigating to the specific directory (folder).. when in this directory you type attrib *.* this will show you the details (attributes) of all files located in that directory or folder.
you will see files that have attributes in a format such as this :-

S H filename.exe

The S means its a system file and as such can not be deleted in Windows, while the H attribute means it is hidden... many viruses and trojans use these attributes to make removal harder.

to remove these attributes you would type the following

attrib -S -H filename.exe

when you now view the contents of this directory or folder the file will be visable and can be deleted with the command del filename.exe

obviously you have to have have some knowledge of DOS (Disk Operating System) commands to know how to negotiate through the file system using commands, but I thought It would be usefull to explain how these files hide from you while the Antivirus states they exist

 

your system processes look good too

If your having trouble installing newer versions of I.E boot into safe mode and install from there, should work

 

you got a link to that ie thread so I can have a read

 

IE6 thread:> https://passionford.com/forum/viewto...188&highlight=

For that first bit, do you mean go "start, run" then insert "c:" ? I'm not sure how to get to "boot into the command prompt and then navigating to the specific directory".

I kinda know my way around a computer and how they work..but don't know much about the way they operate as such on the codes & how to interpret hi-jack, etc.

 

Do what i said mate, im interested to know if it works for ya

 

posted in the Internet Explorer thread