Apparently, this file does not exist, even though a computer might tell you that it does. Certainly, I couldn’t find it. I even removed the laptop hard drive and attached it to another system, just in case there was something hiding it in the host OS.

From what I can gather, it is a vestige left over from the installation of a rogue anti-virus program. Somebody had been working at removing the problem and, by the time that I was called in, the rogue AV program had gone.

Unfortunately, it left a trail of a destruction which no XP or free third party utility could fix.

  1. It disabled the incumbent AV program
  2. It prevented Windows Update or any other update which may have helped fix the problem
  3. It replaced core files and would not allow the replacements to be removed

There is no shortage of help to remove the infections. One of the sites was blocked by NOD32, and the others all want payment for the removal. Personally, I think that it is cheaper and more effective to back up important user files and start over, and that is what I did.

Sometimes it is not worth the time or cash cost to try to rectify virus/Trojan/worm infections.

One thought on “

  1. Congratulations! You’ve probably got a rootkit (I’m thinking TDSS), some rogue registry keys and DNS redirector. Fun isn’t?

Leave a Reply

Your email address will not be published. Required fields are marked *