|
AI Project Updater: Insatlling...
|
|
|
Stupot1
Newbie
|
30. April 2011 @ 09:56 |
Link to this message
|
Hi
I have a feeling that my system may be infected with a virus or malware.
Everytime i start my system up, i have a pop up that starts called "AI Project Updater:Installing...". I have no idea what it is related to, but it comes up every time i boot it. It remains there for about 10 minutes, and then disappers.
I cannot close it, etc, but have a feeling it isnt supposed to be there!
I ran Malwarebytes, ad-aware and virus scan, but it still keeps coming back.
Any ideas would be very welcome..
Thanks in advance!
bradders
|
|
Advertisement
|
 |
|
|
AfterDawn Addict
|
30. April 2011 @ 16:38 |
Link to this message
|
|
Run msconfig to see if it's listed and see if it gives any information, then Google it.
|
|
Stupot1
Newbie
|
1. May 2011 @ 05:27 |
Link to this message
|
Originally posted by attar:
Run msconfig to see if it's listed and see if it gives any information, then Google it.
I ran the config, but nothing is listed under any of the tabs.
Yesterday, i ran my Malwarebytes again, and it found a few infected files which i have removed since. Virus scanner shows nothing still.
When i booted up this morning, the AI Project updater came on again ....
When i open a new tab in Internet Explorer, i get ad popups such as
http://media.mynewswheel.com/dsnrestate.html
I have a feeling its virus/malware related .. any other scanners i could use?
Sorry i cant give anymore information!
|
AfterDawn Addict
|
1. May 2011 @ 08:04 |
Link to this message
|
|
Do you have a Restore Point that predates this problem.
|
|
Stupot1
Newbie
|
1. May 2011 @ 08:22 |
Link to this message
|
|
After looking on the web yesterday, I turned off my restore point, but yes, it would predate the problem. At the moment, my restore point is not enabled.
Bradders
|
AfterDawn Addict
|
1. May 2011 @ 10:08 |
Link to this message
|
No restore point and scanning doesn't show anything.
Hijackthis might show what's causing it - but interpreting the results is kind of technical.
You can run it and post the log here and someone might be able to help.
In the meantime you might want to post at the Videohelp site and ask for assistance.
http://forum.videohelp.com/forums/37-Computer
|
|
Stupot1
Newbie
|
1. May 2011 @ 10:15 |
Link to this message
|
|
I have run a new Malware scan and the log is below. There were some infected files, and everytime i run Malwarebytes, there are always infected files now ...
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Database version: 6482
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
01/05/2011 11:19:32
mbam-log-2011-05-01 (11-19-32).txt
Scan type: Full scan (C:\|)
Objects scanned: 237048
Time elapsed: 49 minute(s), 26 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 1
Registry Keys Infected: 5
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 3
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
c:\WINDOWS\system32\fjlfixbubud.dll (Trojan.Agent) -> Delete on reboot.
Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{07588A81-6C32-116A-1F8F-8685EA777F4D} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07588A81-6C32-116A-1F8F-8685EA777F4D} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07588A81-6C32-116A-1F8F-8685EA777F4D} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07588A81-6C32-116A-1F8F-8685EA777F4D} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\aujpvdjfnkv (Trojan.Agent) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\jhvouvxmeuhl (Trojan.Agent) -> Value: jhvouvxmeuhl -> Quarantined and deleted successfully.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
c:\documents and settings\Stuart\local settings\Temp\drivers_pack_v4.55.63_fix.exe (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\drivers_pack_v4.55.63_fix.exe (Adware.Agent) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\fjlfixbubud.dll (Trojan.Agent) -> Quarantined and deleted successfully.
|
|
Stupot1
Newbie
|
1. May 2011 @ 10:19 |
Link to this message
|
Originally posted by attar:
No restore point and scanning doesn't show anything.
Hijackthis might show what's causing it - but interpreting the results is kind of technical.
You can run it and post the log here and someone might be able to help.
In the meantime you might want to post at the Videohelp site and ask for assistance.
http://forum.videohelp.com/forums/37-Computer
Here is the log file from the Hijakthis scan:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:17:59, on 01/05/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\ZoomingHook.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\TCtrlIOHook.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Microsoft Shared\Web Components\messenger.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\GTCO CalComp InterWrite\IWStarter.exe
C:\Documents and Settings\sbradley\Local Settings\Temp\Password .exe
C:\Program Files\SMART Board Software\SMARTBoardTools.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\SMART Board Software\Aware.exe
C:\Program Files\SMART Board Software\Marker.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\SMART Board Software\SMARTBoardService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: BitTorrentBar Toolbar - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\tbBit0.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngin0.dll
O2 - BHO: SMART Notebook Download Plugin - {67BCF957-85FC-4036-8DC4-D4D80E00A77B} - C:\Program Files\SMART Board Software\NotebookPlugin.dll
O2 - BHO: BitTorrentBar Toolbar - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\tbBit0.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: BitTorrentBar Toolbar - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\tbBit0.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngin0.dll
O4 - HKLM\..\Run: [Zooming] ZoomingHook.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TCtryIOHook] TCtrlIOHook.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [messenger.exe] C:\Program Files\Common Files\Microsoft Shared\Web Components\messenger.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Startup: OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: InterWrite Starter.lnk = ?
O4 - Global Startup: Password .lnk = C:\Documents and Settings\sbradley\Local Settings\Temp\Password .exe
O4 - Global Startup: SMART Board Tools.lnk = C:\Program Files\SMART Board Software\SMARTBoardTools.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1279103420687
O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-31-0.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1B987F89-9FA1-41A2-B966-9E3884135D18}: NameServer = 62.171.194.104,62.171.194.105
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: SMART Board Service - SMART Technologies Inc. - C:\Program Files\SMART Board Software\SMARTBoardService.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
--
End of file - 9174 bytes
|
AfterDawn Addict
|
1. May 2011 @ 11:39 |
Link to this message
|
|
|
|
Stupot1
Newbie
|
2. May 2011 @ 05:36 |
Link to this message
|
Originally posted by attar:
Try booting into safe mode and run malwarebytes.
You can post the HiJackthis log here.
http://www.bleepingcomputer.com/virus-removal/
Hi
Posted on the forums you mentioned, but no joy yet.
Just thought i would add a little more detail. I keep running the malwarebytes scan, and it keeps coming up with the same files, even though it tells me it has removed them. The last log i di is posted below:
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Database version: 6490
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
02/05/2011 10:26:37
mbam-log-2011-05-02 (10-26-37).txt
Scan type: Full scan (C:\|F:\|)
Objects scanned: 238789
Time elapsed: 50 minute(s), 23 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 3
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\jhvouvxmeuhl (Trojan.Agent) -> Value: jhvouvxmeuhl -> Quarantined and deleted successfully.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
c:\documents and settings\Stuart\local settings\Temp\drivers_pack_v4.55.63_fix.exe (Adware.Agent) -> Quarantined and deleted successfully.
c:\program files\drivers_pack_v4.55.63_fix.exe (Adware.Agent) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\fjlfixbubud.dll (Trojan.Agent) -> Delete on reboot.
The four files it found were found in the previous scan as well. Not sure if that helps any, but thought i would mention it.
cheers
|
|
species235
Newbie
|
4. May 2011 @ 03:19 |
Link to this message
|
|
I have the same problem with the same infected files. My anti-virus and malwarebytes says they quarantined and removed it already but everytime I scan its still there. And this annoying AI PROJECT UPDATE keeps on popping out when I turn on my laptop. I think its a new breed of malware of some sort.
We definitely need help!
|
|
vadeo
Newbie
|
5. May 2011 @ 09:36 |
Link to this message
|
|
I have the same problem with the same infected files.
We definitely need help!
This message has been edited since posting. Last time this message was edited on 5. May 2011 @ 09:41
|
|
vadeo
Newbie
|
5. May 2011 @ 09:40 |
Link to this message
|
|
Im having the same problem... I dont want to see this same old AI project Updater popping up again, I need your help guys, Please this is really killing me HELP !!!!!
|
|
Stupot1
Newbie
|
7. May 2011 @ 09:39 |
Link to this message
|
|
Hi,
Just an update..
Still no joy removing what ever it is .. Computer now occasionally starts up, boots as normal, then shows a blue screen and restarts itself... a repetative cycal. It doenst however do this all the time, just sometimes...
Really stuck guys!
Anyone else had any joy?
|
AfterDawn Addict
|
7. May 2011 @ 10:30 |
Link to this message
|
|
|
|
freddy29
Newbie
|
10. May 2011 @ 05:09 |
Link to this message
|
|
me to any know yet, been trying to delete it now for over 8 weeks, it think it came down with a key gen, but not 100% sure, anyone help?
|
Newbie
|
23. May 2011 @ 05:45 |
Link to this message
|
|
|
Newbie
|
23. May 2011 @ 06:30 |
Link to this message
|
|
It was still there, so I used Task manager to find it and removed with Unlocker(great tool, free download) look here: C:\Program Files\Common Files\microsoft shared\Web Components\messenger(?).
All the really great minds here, but I found this despite them.
millerralf
|
|
cmdmss
Newbie
|
23. May 2011 @ 08:49 |
Link to this message
|
Help! I'm also with this sittuation! I open the msconfig and dissable all related with messenger.exe... it was in the same path as the friend above said! I already run my antivirus, it's got something but the problem still persisting!
I also see regedit and delete all related with messenger.exe... but nothing!
Please, any tips? Thanks...
|
|
neenzz
Newbie
|
1. June 2011 @ 13:57 |
Link to this message
|
I am having this issue as well. Has anyone figured out how to resolve this issue? I run my Malware and i delete thei nfected files. Also My microsoft security essentials does not work either. I tried to keep enabling it but it doesnt allow me. Please help!! I am about to throw my laptop out of the window
|
Newbie
|
6. June 2011 @ 12:02 |
Link to this message
|
Hello everyone!
Everyone who has this problem, I was going to 'msconfig' and in the Boot tab, I have disselected the following things:
- messenger
- msmsgs
And I choose Close, the computer asked me if I would reboot, and I say Yes.
After reboot, no problem with AI Project Installer.
But if you want that you can never startup one of those, if it does the same for you as for me, then I recommend EasyCleaner, search for it on Google. Install it, and click on the Boot button. There you can remove the startup stuff.
Hope I helped you out,
MrYoranimo
|
|
favelaboy
Suspended due to non-functional email address
|
25. June 2011 @ 20:45 |
Link to this message
|
|
i guess this haunting ai project updater has its origin in ares. i uninstalled ares but searching gave as result that the folder was still present. now i disabled messenger.exe in the msconfig.exe and hope i will get rid of it then.
|
|
sorihn
Newbie
|
24. September 2011 @ 08:50 |
Link to this message
|
|
press ctrl + alt + del, task manager appears, click on-aplications, there appears to''run''of the updater, right click on it and press the-go to trial, is the process, right click on process and press on-open the file location windows executable opens a problem that you delete with shift + del but first we turn to open task manager where our process and press end Process''''then delete the file. sorry for my English
|
|
Advertisement
|
|
|
|
mfx2009
Newbie
|
18. December 2011 @ 18:47 |
Link to this message
|
Hi All,
Just a quick one to say i had this issue. Removed it from MSCONFIG the located it under C:\Program Files x86\Common Files\microsoft shared\Web Components\messenger. And deleted all the folder by using Shift + Delete. Restart and presto. Run AVG and Malwares just to be sure.
|
