Hello,

I know this topic had been discussed just previously but I was told to start a new thread for my case. I'm a newbie and at my wit's end on how to fix my computer which had been Vundoed recently. Actually, this is the second time I had this infection...the first one being a few months before. The first time it happened, I scanned my computer with AVG, ad-aware and Malwarebytes. I also turned off the system restore and this seems to work.

Last week, my computer started slowing down again so I scanned using the AVG, ad-aware and Malwarebytes again and turned off the system restore. While it seems to take out the vundo infection, it now mutated to something else. Now, everytime I turn on my computer or start a program, a "bad image" pop up comes out and it seems to affect the .exe files. The actual message is "the application DLL C:\WINDOWS\system32\mgbswk.dll is not a valid windows image"

I followed the 8 Steps Preliminary Removal Instructions and attaching the hijackthis, SuperAntiSpyware and Malwarebytes log file. I had a problem with the CCleaner though. The program has been running for half a day already and it's still 98% complete. I cancelled it two times and ran it again but it's the same thing. Is this normal? Is it okay if I didn't finish the clean up and proceeded to the next step? If not I'll do it again.

I hope someone can help me with this. Please be patient if I need to clarify some of the suggestions because I'm not very adept in the tech language so it might take a few explanation before I get it. I'll try not to be annoying though.

Tks

Hello again

Please download Combofix:
http://subs.geekstogo.com/ComboFix.exe
And save to the desktop.


Open notepad and copy/paste the text in the quotebox below into it:
Name the file as CFScript
and Save it on the desktop

http://www.fromsej.saknet.dk/billeder/cfscript.gif

Once saved, refering to the picture above, drag CFScript.txt into ComboFix.exe.

Combofix will create a logfile and display it after your computer has rebooted. Usually located in c:\combofix.txt, please attach it to your next post

Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall

If in doubt, just ask

Hi Touch,

Thanks for your reply. I did what you suggested and so far no annoying "bad image" pop up since the computer rebooted (yey). I'm attaching the log file as asked.

So, what do you think happened there? what's that .dll file that wrecked havoc on my computer?

Tks

I´m not sure, as I can´t find any info about, but it looks like a vundo (infection) file, to me.

Please attach fresh hijackthis log.

I'm attaching the latest hijackthis log as asked. Tks.

Looks clean

Now your computer problems are solved, it is time for the clean-up procedure
You should Create a New Restore Point to prevent possible reinfection from an old one.
The easiest and safest way to do this is:
Go to Start > All Programs > Accessories > System Tools > System Restore
Select Create a restore point, and Ok it.
Next, go to Start > Run and type in cleanmgr
Select the More options tab
Choose the option to clean up system restore and OK it.

This will remove all restore points except the new one you just created.

Please download OTCleanIt
Save it to desktop.
This will remove all the tools we used to clean your computer.
Double-click OTCleanIt.exe. Click CleanUp. Say Yes to the "Begin cleanup Process?"
When asked if you want to proceed with the cleanup process, click Yes. Restart your computer when prompted.
Please note. It will NOT remove Mbam, Ccleaner and SuperAntispyware.

To learn more about how to protect yourself while on the internet, please read Tony Klein´s guide:
How did I get infected in the first place

Hey Touch, thanks a lot. I don't know how you do it but it you've been heaven sent. And I can see that you've been very very busy saving the day for a lot of people. :approve::grinthumb