I had the Security Toolbar 7.1 virus. I battled it for a week, searching the web for ANY answers. Found one that worked, tried to find
it again to thank them, so I felt that this information needed to be shared. I feel so strongly about it that I am going to put my email
address here for anyone to email me if they would like to make sure I am a real person and not another trick. I KNOW how frustrating
this can be. I WILL NOT RESPOND TO EMAILS ASKING FOR MORE TIPS/TRICKS ON HOW TO RID YOUR
COMPUTER OF THIS. I followed these steps and my computer is working and I want to share this information with as many
people as possible. I would, however, understand if you wanted to make sure I am real - antisecuritytoolbargirl-AT-gmail.com
Anyone looking to remove Security Toolbar 7.1 should know that I used a metric %&@#-ton of other programs first, I can't
guarantee that this will work for you, but it DID work for me. Until I ran SUPERantispyware all other programs would find anywhere
from 150-800 suspicious files EVERY time I ran their scans, never getting a clean scan. Now I get nothing.
This is THE WORST virus/malware/spyware infestation I have ever seen, and it happened QUICKLY. I scoured the web and found
a lot of suggestions that just didn't work, and a LOT of (what I believe to be) fake people lying and saying "I used xxxx(random
spyware program) and it was free and it fixed my computer!" then I would DOWNLOAD it and it would either be another piece of
malware OR it would be free to SCAN but not CLEAN your computer.
WARNING!!!!! If you don't know what you are doing(and most people don't) THEN YOU SHOULDN'T DELETE HIJACKTHIS!
ENTRIES. Do a search for a forum to post your reports in and there are a lot of awesome people willing to help you sort through it.
Same goes for your registry.
Step 1) Going into Start->Control Panel->Internet Options->Programs->Manage Ad-ons and disabling The Security Toolbar 7.1 and
any other sketchy items that may be there.
(My own Optional)Step 2) TURN OF WINDOWS RESTORE so that it deletes your restore point, BECAUSE IT WOULD SUCK
TO RESTORE YOUR COMPUTER TO AN INFECTED STATE.
Step 3)SUPERantispyware (superantispyware.com/) - I LOVE them and cannot thank them enough for this amazing program
that too me WAY to long to discover and will never leave my personal arsenal of AV programs.
Step 3)Hijackthis report and cleanup. (trendsecure.com/portal/en-US/tools/security_tools/hijackthis) Then uploaded the
report to a forum for consultation from knowledgable Geeks willing to help us lesser mortals.
(My own Optional) step 5)Re-ran some of my other fave AV/AS programs like Ad-aware and Avast and Search And Destroy - I did
this because I felt like other virus/spy/malware/s may have gotten in while my computer was not in peak performance. They each
found one or two things hanging around. Then I would re-scan my main drive a second time with each program to make sure the
bastards weren't duplicating like Mogwai in a swimming pool.
(My own optional) step 6)Ran about 4 free registry cleaning programs found on download.com. BE CAREFUL CLEANING
YOUR REGISTRY YOU CAN FORCE YOURSELF INTO AN O/S REINSTALL IF YOU AREN'T CAREFUL WHAT YOU
DELETE!
(My own optional) step 7)Since everything was working better than it has in a LONG time I created a new restore point by turning it
back on.
I sincerely hope this works for you.
I wish I could find the person I got steps 1-3 from because I love them and send many zen-hugs their way.
I am going to go and post this all over the internet tonight(11/15/2007), anyone who is helped by this information, I URGE you to
pass it on to any others in need. If you do PLEASE copy and paste this entire message (so we don't play a bad game of telephone)
Please make sure to leave the keywords at the bottom so that people can find this if they need it!
Good Luck People!
Love -antisecuritytoolbargirl
(these files are all found to be associated with The Security Toolbar 7.1) (incomplete list, this is all that I KNOW of)
Keywords: unable to use safe-made, task manager closes, security toolbar 7.1, homepage changed, IE pop-ups while using firefox,
pcontech.com, Trojan.Zlob., ZLOB, Video ActiveX Access, Security Troubleshooting.lnk, Online Security Guide.lnk, Online
Security Test.url, isamonitor.exe, pmmon.exe, pmsngr.exe, iesplugin.dll, iesuninst.exe, isaddon.dll, isamini.exe, isamonitor.exe,
pmmon.exe, pmsngr.exe, pmuninst.exe, dxovx.dll, vgibz.dll, psndz.dll, cqsfk.dll, wzhtjqo.dll, lrnjnzf.dll, zpuwriz.dll,tkrsw.dll,
afzdbl.dll, bgwttyl.dll, dyrwls.dll, ugofuq.dll, gtawclv.dll, vjxwnn.dll, khtbpdl.dll, cfqbw.dll, fdpzgi.dll, gusur.dll, Cyberlog-X
infections, Trojan-Spy.win32@mx,
Security Toolbar Registry Entries: (incomplete list, this is all that I KNOW of)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Messenger Service
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D61D7E1A-6613-49CA-B6F9-51DB248E209D}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper
objects\{D61D7E1A-6613-49CA-B6F9-51DB248E209D}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IExplorer Security Plug-in
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Internet Explorer Secure Bar
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{aa6d4f53-4c8d-4549-84d2-02d584acc4e9}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5574E139-F59C-4bee-9A61-150B0D3A16C7}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A6790AA5-C6C7-4BCF-A46D-0FDAC4EA90EB}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6DEEE498-08CC-43F0-BCA0-DBB5A25C9501}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{967A494A-6AEC-4555-9CAF-FA6EB00ACF91}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{9692BE2F-EB8F-49D9-A11C-C24C1EF734D5}
