Mumia W. wrote:
> On 04/04/2010 04:01 PM, David Kaye wrote:
>> [...]
>> I noted the file date/time and have looked back on this. The exploit
>> appears to have come from foxnews, officedepot, or officemax -- the
>> time stamps are within a few seconds of each other and show up right
>> before the time stamp that was written to the temp directory in my
>> documents and settings tree.
>> [...]
>
> See this:
> http://www.broadbandreports.com/foru...ime=1240194878
>
>
>
The last post in that thread was most telling! Viz:

"Please note people - you may think you removed it, but really did not.
Malwarebytes and others do not detect Rootkits. You should run
ROOTKITREVEALER. I thought I had cleaned this, and I had really not.
There was a deep and nasty rootkit involved here. Only way to remove was
to boot off a Windows CD, and delete hidden drivers. I would be willing
to bet that half the people think they clean this stuff and its not
really clean."

--
Dave