is much worse than a simple scam. It has only been partially corrected as the security/win update problems still exist. For several days Avast scans detected nothing. Today, though, a couple more files got caught and quarantined. I DO have a restore point about a week prior to the infection if that would suffice to clear my system. Otherwise, awaiting your advise. Thank you. |
:OTL
O2 - BHO: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - D:\Program Files\Search Toolbar\SearchToolbar.dll ()
O3 - HKLM\..\Toolbar: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - D:\Program Files\Search Toolbar\SearchToolbar.dll ()
O3 - HKU\S-1-5-21-515967899-1957994488-682003330-1003\..\Toolbar\WebBrowser: (Search Toolbar) - {9D425283-D487-4337-BAB6-AB8354A81457} - D:\Program Files\Search Toolbar\SearchToolbar.dll ()
[2012/01/17 23:53:16 | 000,007,884 | ---- | M] () -- D:\Documents and Settings\All Users\Application Data\3610a7a7
[2012/01/17 23:53:16 | 000,007,825 | ---- | M] () -- D:\Documents and Settings\Owner\Local Settings\Application Data\xxx68800e80
[2012/01/17 23:53:16 | 000,007,770 | ---- | M] () -- D:\Documents and Settings\Owner\Application Data\fad217ea
:Files
ipconfig /flushdns /c
D:\Program Files\Search Toolbar
:Commands
[purity]
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]
Ever since I removed the Registry key for class "exe" and for the name that key had containedWhat was the actual key removed ?