Do a HijackThis scan & place a check next to these items and select "Fix checked":
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZB
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
---------------
Quote:
C:\System Volume Information\_restore{CA2C60B8-5DCF-4D94-9864-248C47E4846E}\RP181\A0113126.dll ------> AdTool.Win32.MyWebSearch skipped
C:\System Volume Information\_restore{CA2C60B8-5DCF-4D94-9864-248C47E4846E}\RP182\A0113185.rbf ------> AdTool.Win32.MyWebSearch skipped
|
C:\System Volume Information\ is where System Restore's cache is stored. Whatever is in there can't harm you unless you choose to perform a manual restore. Nevertheless, we shall be reseting/clearing the cache.
Go to Start → Run → type
control sysdm.cpl,,4 & press Enter
- Tick on the checkbox - Turn off System Restore on all drives
- Click Apply
Turn it back 'On' by unticking the same checkbox & click OK
---------------
Tell me if Spybot S&D still nags about Rootkit.Dayoff.Process
__________________
Question - what have you done for the community today?