I need help

[drivex]

i tried deleting the 018 but it just returns every time my PC restarts
also when i am changing my users pic or user setting a internet explorer script error occurs
i tried 3 times as a matter of fact but to no avail

 

[MMDominator88]

It looks like you may have an infection from a variation of the Vundo virus.
as long as the administrators approve of this program (I have used it exclusively for fixing my clients' computers with this infection) I recommend you use it as well
http://vundofix.atribune.org/

 

[Bobbye]

Your system is heavily infected with malware. Running VundiFix alone isn't going to do it!

Let's do this:
1. Run VundoFix
2. Run ComboFix
3. Run SDFix
4. Follow with rescan in HijackThis.
The HJ log is not a 'normal' looking log, even with malware.

Here are the instructions:
VundoFix:

Please download VundoFix.exe HERE and save to your desktop.
Double-click VundoFix.exe to run it.
Click the Scan for Vundo button.
Once it's done scanning, click the ‘Fix Vundo’ button.
You will receive a prompt asking if you want to remove the files, click YES
Once you click yes, your desktop will go blank as it starts removing Vundo.
When completed, it will prompt that it will reboot your computer, click OK.
Please attach the C:\vundofix.txt

Note: It is possible that VundoFix encountered a file it could not remove.
In this case, VundoFix will run on reboot, simply follow the above instructions starting from "Click the Scan for Vundo button." when VundoFix appears at reboot.

ComboFix:

Please download ComboFix. HERE:
With ComboFix, at the download window, please rename it to Combo-Fix(.exe) before downloading it.

Please disable all security programs, such as antiviruses, antispywares, and firewalls.
Also disable your internet connection.

• Run Combo-Fix.exe and follow the prompts.
**Understand that things like your system clock changing and your desktop disappearing might happen. Do not worry, because all will be restored later.
• Wait for the scan to be completed.
• If it requires a reboot, please do it.
• After the scan has completed entirely, please post the log here. The log will be located at C:\ComboFix(.txt)

Do not click on the ComoboFix window, as it may cause it to stall.

CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.

SDFix:

Download SDFix HERE and save it to your Desktop.
* Double click SDFix.exe and it will extract the files to %systemdrive%
(Drive that contains the Windows Directory, typically C:\SDFix)

Boot into Safe Mode
* Restart your computer and start pressing the F8 key on your keyboard.
* Select the Safe Mode option when the Windows Advanced Options menu appears, and then press ENTER.
Run SDFix
* Open the extracted SDFix folder and double click RunThis.bat to start the script.
* Type Y to begin the cleanup process.
* It will remove any Trojan Services and Registry Entries that it finds then prompt you to press any key to Reboot.
* Press any Key and it will restart the PC.
* When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons.
* Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt
* Attach Report.txt back here

When you have finished 1,2 and 3, rescan with HijackThis. Attach reports from VundoFix, ComboFix, SDFix and new HijackThis log.