Crunchie,

You deserve a Gpld Medal for computer Guru. Isearch is all gone including the grayed out tool bar option. Thank you THANK YOU!!!

In reply to your question this is the info I got from HJT.



04 – HKLM\.. Run: {CPQ Back Web Monitor} C:\CPQS\TOOLS\BackMon.exe
Detailed information on item 04:

This part of the scan checks for several suspicious entries that autoload when Windows starts. Autoloading entries can load a Registry script, VB script or JavaScript file, possibly causing the IE start page, Search Page, Search Bar and Search Assistant to revert back to a hijacker’s page after a system reboot. Also, a DLL file can be loaded that can hook into several parts of your system.

Infected examples:

Regedit c:\windows\system\sp.tmp /s
KERNEL32.VBS
C:\windows\temp\install.js
Rundll32C:\Program Files\NewDotNet\newdotnet4_5.dll,NewDotNetStartup

Pag