Posted 30 March 2006 - 08:23 AM
As you can see from the F-Secure Spyware Information Pages, Apropos can be difficult to detect and remove. Usually nothing is visible in normal mode or a HJT log. If the rootkit is present, files and registry entries are hidden by a kernel-level driver the rootkit installs.
Sometimes there will be an uninstall entry in Add/Remove Programs for ContextPlus. However you may need to run a scan with Root Kit Revealer or Blacklight to find all the related hidden files and get help with determining what files are bad.
If Apropos is present, it can be identified and removed using AproposFix in Safe Mode. This fix tool utilizes a batch file which creates a log.txt file in the folder it is run in. It would be better doing this in the HJT forum where the team can see a hjt log and logs from these other tools for a closer examination of what's present in your system.
.Windows Insider MVP 2017-2018Microsoft MVP Reconnect 2016Microsoft MVP Consumer Security 2007-2015 Member of UNITE, Unified Network of Instructors and Trusted EliminatorsIf I have been helpful & you'd like to consider a donation, click