Landlady just brought back her laptop & gave to me to update all.
Upon start-up, Tea Timer (which I keep active) threw up a reg warning re:
Reg Change deleting Spybots BHO (bad download blocker).....2484F!!
Only option offered was to Approve (deny change grayed out). Recognizing the BHO as S&D's I tried to just red X it. Soon as the pop-up disappeared, it immediately reappeared!
Opened S&D >Tools>Start-up and found 2 new start-up entries HK_LM Run (Blanks).
Info indicates Agobot-KU.
Questions:
1) Will ticking box in front of 2 and hitting Delete remove the worm or just remove the entry from the list? or Should I just "Highlight", not tick box & hit delete?
2) Can S&D in fact "Fix" this problem?? If so how do I do so?
3) Given the pop-up warning is clearly corrupted (grayed out deny option & constant re-appearance of same) does this mean my S&D installed version is now corrupted and I have to un-install and then install "clean"version? If so, what further steps need I take to ensure clean before new install?
4) After checking start list and un-ticking 2 boxes, I ran a full Spybot scan
(expecting "fix" option). Scan returned no problems!! How come??
5) Am currently running an AVG scan and so far nothing found (I expect it to at least find my Eicar test virus I keep to test AVG not corrupted) Is Agobot known for attacking AV's as well? Is it known under "other names" & which?
Sorry for the quantity of questions but it is very rare I catch any illness of this type. Additional info: XPPro SP1 + 20 hot fixes, AVG latest engine & defs,
AdawareSE, CCleaner. Help Soon Please as I don't want to connect this machine to net until solved!! Thanks in Advance for your Guidance!