Hi there, and thank you for this site. My laptop/Windows XP (professional) has been infected with a couple variants of the Vundo Virus and something mcAfee calls "spyware-agent.bw.gen.e. I am having most of the problems your other forum members are experiencing (slow start up; looping and repetitious IE pop ups telling me to install mcAfee site advisor on a yahoo tool bar which I dont use; constant 100% process load in task manager, unable to boot in any form of safe mode, inability to run various malware removal tools) I found your website while researching the issue and began to try to remove the viruses. I disabled system restore, In normal mode because I cannot access safe mode). Then I backed up my personal files, ran mcAfee virusscan, emptied its quarantine file of over 35,000 (not a typo) files sitting there, emptied recycle bin. Then I used cCleaner. One of the first problems I encountered was not being able to access msconfig, in any way you or other sites suggested. i never resolved the problem, but I ran hijackthis. Next I ran Superantispyware (log attached) I ran Malwarebyte's antimalware (log attached) and encountered bad image errors. At the end of my MBAM scan it identified about 30 infected files and I hit "remove the files" it began to do so then indicated about 5-6 could not be removed, and asked me to restart my laptop again to remove them. So I did immediately. Before, during and after windows was loading on reboot I began to get "Bad Image" errors associated with many programs and a dll file "wifufulu.dll". MBAM identified the wifufulu.dll as malware in the scan. I assume this means the trojan/virus was trying to load at start up, and am wondering if that is right, and if so, has MBAM gotten rid of it? Here are the bad image files: c:/windows/system32/Lsass.exe c:/windows/system32/services.exe c:/windows/system32/wifufulu.dll c:/windows/system32/mbamgui.exe c:/windows/system32/hkcmd.exe c:/windows/system32/igfxtray.exe c:/windows/system32/igfxpers.exe c:/windows/system32/nerocheck.exe c:/windows/system32/syntpenh.exe c:/windows/system32/mcagent.exe c:/windows/system32/WLtray.exe c:/windows/system32/QTTask.exe c:/windows/system32/iTunesHelper.exe c:/windows/system32/Rundll32.exe c:/windows/system32/ctmon.exe c:/windows/system32/adobeupdate.exe c:/windows/system32/reader_sl.exe c:/windows/system32/MBAM.exe Is this normal? I restarted my laptop later, without getting the bad image error messages, and re-ran malwarebyte's. it turned up one infected file- a trojan.vundo in c://windows/system32/- another "dll" file with the random name. I chose remove, but it seems obvious this trojan is embedded deep and not going anywhere. What now? Some people say run combofix, but that scares me. thank you soo much.