When I restarted Windows, functionality of programs from the “Run” command or the icons in “Start” was lost. The dialog box opened that asked “What file do you want to use to open this file.” Well, they should be .exe’s, right?
I then restarted Windows in Safe Mode and did a system restore (All Programs/Accessories/System Tools/System Restore) back to an identified point per the routine, an hour or two before the incursion of this virus. (System restore seems to be capturing a point every day). I am still in Safe Mode. Because of Safe Mode, I think, Symantec is not running right now. The exe’s I have tried to open from the start menu (in safe mode) have opened normally and seem to be running OK.
I have now restarted normally, and the operation so far looks OK. I am hoping the restore back to the previous point will make it unnecessary to mess with the registry entries, so I haven’t gone into there. I took a backup of the system state (huge file, over 500MB) which seems to be what is recommended before going into regedit. I have just scanned the computer using the recommended OTL software and I have attached the log file.
I have seen and received some suggestions to run MALWAREBITES. Should I check with that routine?
Edited by Aluckett, 30 July 2011 - 02:15 PM.