BankerFox.A and Win32/Nuqel.E

I ran it again, took out the "code" part at the top and tried that, then ran it twide again. Same result.

Hello.

Now open a new notepad file.
Input this into the notepad file:

File::
c:\windows\DUMP7294.tmp

Registry::
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
[-HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"8085:TCP"=-

Save this as CFScript.txt, save it to your desktop also.
Then drag and drop CFScript.txt into combofix as seen below:


This will open combofix again, agree to it's terms and allow it to run.
It may want to reboot after it's done. (It will warn you if it wants to)
Post the resulting log back here.

I don't know if it's connected but while on here about ten tabs opened in my internet explorer and then closed with a box saying it had to close due to something about SDHelper.dll
Company Name: Safer Networking LTD

anyhow here is the first half of the log

ComboFix 09-06-29.01 - Administrator 06/29/2009 13:00.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.895.654 [GMT -5:00]
Running from: c:\documents and settings\Administrator.XPPROSP3\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Administrator.XPPROSP3\Desktop\CFScript.txt
* Created a new restore point

FILE ::
"c:\windows\DUMP7294.tmp"
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\DUMP7294.tmp

c:\windows\system32\proquota.exe . . . is missing!!

.
((((((((((((((((((((((((( Files Created from 2009-05-28 to 2009-06-29 )))))))))))))))))))))))))))))))
.

2009-06-27 19:05 . 2009-06-27 19:06 -------- d-----w- c:\documents and settings\Administrator.XPPROSP3\Application Data\Media Player Classic
2009-06-27 19:04 . 2009-06-27 19:04 -------- d-----w- c:\documents and settings\Administrator.XPPROSP3\Local Settings\Application Data\WMTools Downloaded Files
2009-06-26 15:29 . 2009-06-26 15:29 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2009-06-26 15:28 . 2009-06-29 17:28 -------- d-----w- c:\documents and settings\Administrator.XPPROSP3\Application Data\skypePM
2009-06-26 15:23 . 2009-06-29 17:50 -------- d-----w- c:\documents and settings\Administrator.XPPROSP3\Application Data\Skype
2009-06-26 15:23 . 2009-06-26 15:23 -------- d-----w- c:\program files\Common Files\Skype
2009-06-26 15:23 . 2009-06-26 15:23 -------- d-----r- c:\program files\Skype
2009-06-26 15:22 . 2009-06-26 15:23 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Skype
2009-06-26 13:19 . 2009-06-26 13:19 -------- d-----w- c:\windows\system32\wbem\snmp
2009-06-26 13:19 . 2009-06-26 13:19 -------- d-----w- c:\windows\system32\oobe
2009-06-26 13:19 . 2009-06-26 13:19 -------- d-----w- c:\windows\srchasst
2009-06-26 13:19 . 2009-06-26 13:19 -------- d-----w- c:\windows\system32\xircom
2009-06-26 13:19 . 2009-06-26 13:19 -------- d-----w- c:\windows\msagent
2009-06-26 13:19 . 2009-06-26 13:19 -------- d-----w- c:\program files\microsoft frontpage
2009-06-26 03:16 . 2009-06-26 03:16 -------- d-----w- c:\windows\system32\KB905474
2009-06-26 03:16 . 2009-03-11 03:26 1403264 ----a-w- c:\windows\system32\KB905474\wganotifypackageinner.exe
2009-06-26 03:16 . 2009-03-11 03:18 453512 ----a-w- c:\windows\system32\KB905474\wgasetup.exe
2009-06-26 03:12 . 2008-04-14 10:42 221184 ----a-w- c:\windows\system32\wmpns.dll
2009-06-25 11:48 . 2009-06-25 11:48 -------- d-----w- c:\program files\Trend Micro
2009-06-25 08:18 . 2008-06-13 11:05 272128 ------w- c:\windows\system32\drivers\bthport.sys
2009-06-25 08:18 . 2008-06-13 11:05 272128 ------w- c:\windows\system32\dllcache\bthport.sys
2009-06-25 08:15 . 2008-05-08 14:02 203136 ------w- c:\windows\system32\dllcache\rmcast.sys
2009-06-25 08:15 . 2008-10-24 11:21 455296 ------w- c:\windows\system32\dllcache\mrxsmb.sys
2009-06-25 08:15 . 2008-12-11 10:57 333952 ------w- c:\windows\system32\dllcache\srv.sys
2009-06-25 08:15 . 2008-05-01 14:33 331776 ------w- c:\windows\system32\dllcache\msadce.dll
2009-06-25 08:15 . 2008-04-11 19:04 691712 ------w- c:\windows\system32\dllcache\inetcomm.dll
2009-06-25 08:11 . 2008-12-16 12:30 354304 ------w- c:\windows\system32\dllcache\winhttp.dll
2009-06-25 08:10 . 2008-10-03 10:02 247326 ------w- c:\windows\system32\dllcache\strmdll.dll
2009-06-25 08:10 . 2008-10-15 16:34 337408 ------w- c:\windows\system32\dllcache\netapi32.dll
2009-06-25 08:10 . 2008-09-04 17:15 1106944 ------w- c:\windows\system32\dllcache\msxml3.dll
2009-06-25 07:43 . 2009-06-25 07:43 -------- d-----w- c:\documents and settings\Administrator.XPPROSP3\Application Data\Malwarebytes
2009-06-25 07:43 . 2009-06-17 16:27 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-06-25 07:42 . 2009-06-25 07:42 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Malwarebytes
2009-06-25 07:42 . 2009-06-17 16:27 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-06-25 07:42 . 2009-06-25 07:43 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-06-25 06:48 . 2009-06-25 07:00 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
2009-06-25 04:58 . 2009-06-25 06:48 -------- d---a-w- c:\documents and settings\All Users.WINDOWS\Application Data\TEMP
2009-06-24 23:07 . 2009-05-14 04:25 40552 ----a-w- c:\windows\system32\drivers\mfesmfk.sys
2009-06-24 23:07 . 2009-05-14 04:25 79816 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
2009-06-24 23:07 . 2009-05-14 04:25 35272 ----a-w- c:\windows\system32\drivers\mfebopk.sys
2009-06-24 23:07 . 2009-04-09 19:23 120136 ----a-w- c:\windows\system32\drivers\Mpfp.sys
2009-06-24 23:05 . 2009-06-24 23:07 -------- d-----w- c:\program files\Common Files\McAfee
2009-06-24 23:05 . 2009-06-24 23:05 -------- d-----w- C:\mcafee_mcpr
2009-06-24 23:05 . 2009-06-24 23:06 -------- d-----w- c:\program files\McAfee.com
2009-06-24 23:05 . 2009-06-25 08:39 -------- d-----w- c:\program files\McAfee
2009-06-24 22:54 . 2009-05-14 04:24 34248 ----a-w- c:\windows\system32\drivers\mferkdk.sys
2009-06-24 18:21 . 2009-06-24 18:21 -------- d-----w- c:\documents and settings\Administrator.XPPROSP3\Local Settings\Application Data\AOL OCP
2009-06-24 18:20 . 2009-06-24 18:20 370496 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\AOL Downloads\ccu_suite\4.3.38.1\ccu_suite_4.3.38.1\CCUInst.exe
2009-06-24 18:20 . 2009-06-24 18:20 94256 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\AOL Downloads\ccu_suite\4.3.38.1\ccu_suite_4.3.38.1\instph.dll
2009-06-24 18:18 . 2009-06-24 18:18 10800 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\AOL Downloads\ccu_suite\4.3.38.1\ccu_suite_4.3.38.1\wsfixchk.dll
2009-06-24 18:18 . 2009-06-24 18:18 174752 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\AOL Downloads\ccu_suite\4.3.38.1\ccu_suite_4.3.38.1\stmninst.exe
2009-06-24 18:18 . 2009-06-24 18:18 142040 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\AOL Downloads\ccu_suite\4.3.38.1\ccu_suite_4.3.38.1\alsetup.exe
2009-06-24 18:18 . 2009-06-24 18:18 67120 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\AOL Downloads\ccu_suite\4.3.38.1\ccu_suite_4.3.38.1\instSup.dll
2009-06-23 18:15 . 2009-06-23 18:15 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Flood Light Games
2009-06-23 18:15 . 2009-06-23 18:15 -------- d-----w- c:\documents and settings\Administrator.XPPROSP3\Saved Games
2009-06-23 18:15 . 2009-06-23 18:15 -------- d-----w- c:\documents and settings\Administrator.XPPROSP3\Application Data\Flood Light Games
2009-06-23 02:54 . 2009-06-24 17:59 -------- d-----w- c:\documents and settings\Administrator.XPPROSP3\Application Data\uTorrent
2009-06-23 02:16 . 2009-06-23 02:16 -------- d-----w- c:\documents and settings\Administrator.XPPROSP3\Local Settings\Application Data\Help
2009-06-23 02:04 . 2002-09-12 21:48 270336 ----a-w- c:\windows\system32\atiiiexx.dll
2009-06-23 02:04 . 2002-11-08 04:57 4063312 ----a-w- c:\windows\system32\atioglxx.dll
2009-06-23 02:04 . 2002-11-08 04:07 656725 ----a-w- c:\windows\system32\ati3duag.dll
2009-06-23 02:04 . 2002-11-08 03:56 1025367 ----a-w- c:\windows\system32\ati3d2ag.dll
2009-06-23 02:04 . 2002-11-08 03:26 32768 ----a-w- c:\windows\system32\atitvo32.dll
2009-06-23 02:04 . 2002-11-08 03:42 832951 ----a-w- c:\windows\system32\ati3d1ag.dll
2009-06-23 02:04 . 2001-09-04 22:24 28672 ----a-w- c:\windows\system32\Ati2mdxx.exe
2009-06-23 02:04 . 2002-11-08 04:21 243328 ----a-w- c:\windows\system32\ati2dvag.dll
2009-06-23 02:04 . 2002-11-08 04:20 540288 ----a-w- c:\windows\system32\drivers\ati2mtag.sys
2009-06-23 02:03 . 2009-06-23 02:04 -------- d-----w- c:\program files\ATI Technologies
2009-06-21 00:25 . 2009-06-21 00:25 -------- d-----w- c:\program files\Incomplete
2009-06-18 13:16 . 2009-06-24 04:23 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Fitness Assistant
2009-06-18 13:16 . 2009-06-18 13:16 -------- d-----w- c:\program files\Fitness Assistant
2009-06-16 22:09 . 2009-06-16 22:09 -------- d-----w- c:\documents and settings\Administrator.XPPROSP3\Application Data\Skunk Studios
2009-06-16 22:09 . 2009-06-16 22:09 4096 ----a-w-

the second half

c:\windows\d3dx.dat
2009-06-16 18:54 . 2009-06-16 18:54 2829 ----a-w- c:\windows\DiabUnin.pif
2009-06-16 18:54 . 2009-06-16 18:54 118784 ----a-w- c:\windows\DiabUnin.exe
2009-06-16 18:54 . 2009-06-19 18:51 -------- d-----w- c:\program files\Diablo
2009-06-16 18:54 . 2009-06-16 18:54 6122 ----a-w- c:\windows\DiabUnin.dat
2009-06-16 16:09 . 2009-06-16 16:09 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll
2009-06-16 16:03 . 2009-06-25 03:13 -------- d-----w- c:\program files\THQ
2009-06-16 15:38 . 2009-06-16 15:38 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\DAEMON Tools Lite
2009-06-16 15:29 . 2009-06-16 15:55 721904 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-06-16 15:29 . 2009-06-16 16:00 -------- d-----w- c:\documents and settings\Administrator.XPPROSP3\Application Data\DAEMON Tools Lite
2009-06-16 12:20 . 2009-06-16 12:20 -------- d-----w- c:\documents and settings\Administrator.XPPROSP3\Application Data\FileMaker
2009-06-15 22:45 . 2009-06-15 22:47 -------- d-----w- c:\program files\InterActual

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-27 19:19 . 2009-02-24 04:23 -------- d-----w- c:\documents and settings\Administrator.XPPROSP3\Application Data\Ahead
2009-06-26 12:58 . 2009-01-11 22:48 -------- d-----w- c:\program files\Java
2009-06-25 07:00 . 2009-01-12 00:58 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-06-25 03:43 . 2009-01-12 01:14 -------- d-----w- c:\program files\Common Files\AOL
2009-06-25 03:13 . 2009-01-12 00:21 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-06-24 23:16 . 2009-02-04 13:38 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\McAfee
2009-06-24 18:21 . 2009-02-04 03:35 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\AOL OCP
2009-06-24 18:20 . 2009-02-04 03:28 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\AOL Downloads
2009-06-24 18:20 . 2009-06-24 18:19 2439824 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\AOL Downloads\ccu_suite\4.3.38.1\ccu_suite_4.3.38.1\ocpinsti.exe
2009-06-24 18:08 . 2009-02-03 03:17 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\DriverScanner
2009-06-23 03:07 . 2009-02-04 05:07 1 ----a-w- c:\documents and settings\Administrator.XPPROSP3\Application Data\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2009-06-21 00:26 . 2009-02-04 16:36 -------- d-----w- c:\documents and settings\Administrator.XPPROSP3\Application Data\LimeWire
2009-06-14 18:43 . 2009-02-04 03:35 -------- d-----w- c:\program files\AOL 9.1
2009-06-08 23:57 . 2009-02-23 14:53 -------- d-----w- c:\program files\Download Direct
2009-05-14 04:25 . 2009-05-14 04:25 214024 ----a-w- c:\windows\system32\drivers\mfehidk.sys
2009-05-07 15:32 . 2008-04-14 10:41 345600 ----a-w- c:\windows\system32\localspl.dll
2009-04-29 04:56 . 2008-04-14 10:42 827392 ----a-w- c:\windows\system32\wininet.dll
2009-04-29 04:55 . 2008-04-14 10:41 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-04-17 12:26 . 2008-04-14 06:00 1847168 ----a-w- c:\windows\system32\win32k.sys
2009-04-15 14:51 . 2008-04-14 10:42 585216 ----a-w- c:\windows\system32\rpcrt4.dll
.

((((((((((((((((((((((((((((( SnapShot@2009-06-26_13.20.37 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-11-04 17:48 . 2009-06-26 12:50 39124 c:\windows\system32\perfc009.dat
+ 2008-11-04 17:48 . 2009-06-29 17:33 39124 c:\windows\system32\perfc009.dat
- 2009-02-02 09:25 . 2009-06-26 12:53 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2009-02-02 09:25 . 2009-06-29 17:34 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2009-02-02 09:25 . 2009-06-26 12:53 16384 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2009-02-02 09:25 . 2009-06-29 17:34 16384 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2009-02-02 09:25 . 2009-06-26 12:53 32768 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2009-02-02 09:25 . 2009-06-29 17:34 32768 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2008-11-04 17:48 . 2009-06-29 17:33 309662 c:\windows\system32\perfh009.dat
- 2008-11-04 17:48 . 2009-06-26 12:50 309662 c:\windows\system32\perfh009.dat
+ 2009-06-26 15:23 . 2009-06-26 15:23 364726 c:\windows\Installer\{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}\SkypeIcon.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-12-24 143360]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-06-02 24264488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HostManager"="c:\program files\Common Files\AOL\1233718513\ee\AOLSoftware.exe" [2008-06-24 41824]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-01-05 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-01-06 290088]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-05-16 335872]
"mcagent_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2009-05-01 645328]
"ATIModeChange"="Ati2mdxx.exe" - c:\windows\system32\Ati2mdxx.exe [2001-09-04 28672]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"_nltide_3"="advpack.dll" - c:\windows\system32\advpack.dll [2009-04-29 124928]

c:\documents and settings\All Users.WINDOWS\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2009-2-19 113664]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"=hex(2):6c,6f,67,6f,6e,75,69,63,2e,65,78,65,00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R3 ALiIRDA;ALi Infrared Device Driver;c:\windows\system32\drivers\alifir.sys [2/1/2009 10:09 PM 26624]
R3 DP83815;National Semiconductor Corp. DP83815/816 NDIS 5.0 Miniport Driver;c:\windows\system32\drivers\DP83815.sys [10/17/2003 1:38 PM 16512]
.
Contents of the 'Scheduled Tasks' folder

2009-06-24 c:\windows\Tasks\McDefragTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2009-06-24 13:57]

2009-06-24 c:\windows\Tasks\McQcTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2009-06-24 13:57]

2009-06-29 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2009-06-26 03:18]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Connection Wizard,ShellNext = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-29 13:03
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2009-06-29 13:04
ComboFix-quarantined-files.txt 2009-06-29 18:04
ComboFix2.txt 2009-06-26 13:23

Pre-Run: 52,417,609,728 bytes free
Post-Run: 52,453,318,656 bytes free

205 --- E O F --- 2009-06-26 03:17

Hello.

Please download this file: Click here

1. Download the zip file to your Desktop, then extract it.
2. A "proquote.exe" will appear on your Desktop, DO NOT run it!!!
3. Right click proquota.exe on your Desktop, select COPY!!!

Now using Windows Explorer (Windows key + E), navigate to the system32 folder: C:\Windows\system32

4. Now in the Windows Explorer window, go to the Edit menu, and select PASTE.

It will jump to the end of files and you should see proquota.exe appeared in system32 folder.

Now re-run Combofix.

it is telling me that i need my windows xp cd, should i continue without it and risk windows stability or not?

No, don't continue.
Looks like you might need to get an XP disc.

would i new xp disc mess up whats on here, or would any xp pro disc work for what i need? If not how would I go about getting what i need?

and also how do i get rid of the windows file protection box warning about possible windows instability?

If it's possible for you, I would get a new XP disc and just format it, it would replace the missing file and remove any infection that's still hiding.

Would I then need to give you anymore info after that or would that handle my problems?

A format would fix everything, no need for anything else.

ok then well you sir rock indeed, and one last thing to ask, and that is what all do i need to delete if any of the programs i downloaded from the help here? System look, proquota, hijack this. Any of these and also what about the warning box that popped up from putting the proquota in the system 32 folder? I can't get that to go away.

Delete that proquota.exe again.