MSN Messenger hacked

[lucille]

I just ran VBA32 in safe mode and it found:

AdWare.Win32.Dm.n in the location D:\j386\Apps\App07888\luregwmi.exe

TR.Spy.Banco.FR.2.C in the location C:\WINDOWS\system32\SMTP.ocx

Is it safe to delete these?
What else do I need to do to keep my computer safe?

Thanks!

[unlovedwarrior]

dont open anything that you dont trust without scanning it first.

[Fed]

I hate to say this but I'd reformat and start again. *OUCH!*
I wouldn't save anything that he has sent you.
Then go and change every password you have ever used.
Even if you rid your computer of everything he sent you, he still knows too much already.

[GX1_Man]

[highlight]I hate to say this but I'd reformat and start again. [/highlight]*OUCH!*
I wouldn't save anything that he has sent you.
Then go and change every password you have ever used.
Even if you rid your computer of everything he sent you, he still knows too much already.

Sorry, Fed. I know that does hurt you.  

[JPH]

Lucille, I don't know what you decided to do but yes it is safe for you to delete those two files. The SMTP.ocx file is the library file that your ex talked about that gives his malware the ability to e-mail information to him. I agree that reformatting and installing Windows again is the only way to be 100% certain that your computer is no longer compromised. If that simply isn't an option for you then you can still boot into safe mode and run HJT and post the logfile here and I will have a look at it for you.

- JPH