Bloody Security Toolbar Issue

[jhmed]

Father-in-law called me Sunday complaining about 2 infections on his laptop. Fixed one no problem but the Security Toolbar remained.

This was my 5th attempt to remove this toolbar following the steps outlined in the Sticky. It is proving quite stubborn. I am posting my logs here as a last resort... but I accidently deleted the AVG one. My bad 100%. I will re-run the procedure one last time and repost my logs tomorrow if you'd prefer (it's just getting late and I thought I'd post before going to bed). Panda shows no problems with my system.

After a grand total of 8.75hrs on this I'm beginning to think a re-install would have been a lot easier... LOL

Let me know about the missing log and THANK YOU VERY MUCH IN ADVANCE

 

[howard_hopkinso]

You might want to copy and paste these instructions into a notepad file. Then you can have the file open in safe mode, so you can follow the instructions easier.

Boot into safe mode, under your normal user name(NOT THE ADMINISTRATOR ACCOUNT). See how HERE.

In Windows Explorer, turn on "Show all files and folders, including hidden and system". See how HERE.

Go to add remove programmes in your control panel and uninstall anything to do with(if there).

Video Add-on

Close control panel.

Run HJT with no other programmes open(except notepad). Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).

O3 - Toolbar: IE Custom Tools - {23ED2206-856D-461A-BBCF-1C2466AC5AE3} - C:\Program Files\Video Add-on\ictmdl.dll

Click on the fix checked button.

Close HJT.

Locate and delete the following bold files and/or directories(if there).

C:\Program Files\Video Add-on<Delete the entire folder.

Reboot into normal mode and rehide your protected OS files.

Post a fresh HJT log as well as the AVG Antispyware log.

Regards Howard

This thread is for the use of jhmed only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[Bobbye]

Howard, I have a question for you. I know you don't like me to interfere when you're going through the logs, but I notice a couple of consistencies> many users are running the Adobe Reader toolbar and jusched.exe., which is the process that checks for Java updates- meaning it will 'call home' several times a day looking! Neither of these needs to be running in the background and should be discouraged.

Occasionally I look at the hijack logs and see at least these two very often. I'm wondering why so many users think they need these on startup at boot and to have running in the background.

Any thought on this?