Please download
Vundofix.exe to your desktop.
* Double-click
VundoFix.exe to run it.
* Put a check next to
Run VundoFix as a task.
* You will receive a message saying vundofix will close and re-open in a minute or less. Click
OK
* When VundoFix re-opens, click the
Scan for Vundo button.
* Once it's done scanning, click the
Remove Vundo button.
* You will receive a prompt asking if you want to remove the files, click
YES
* Once you click yes, your desktop will go blank as it starts removing Vundo.
* When completed, it will prompt that it will shutdown your computer, click
OK.
* Turn your computer back on.
* Please post the contents of C:\
vundofix.txt and a new
HiJackThis log.
Note: It is possible that VundoFix encountered a file it could not remove. In this case, VundoFix will run on reboot, simply follow the above instructions starting from "Click the Scan for Vundo button" when VundoFix appears at reboot.
Please let Vundo finish, sometimes it can take multiple passes
--------------------
* Run the
F-Secure Online Scanner
* Then click the
Start Scanning button at the bottom of the page.
* You should get a notification (bar on top) to install the activeX. Click on it and select to install the ActiveX.
* Once the ActiveX is installed, you should accept the License terms by clicking
OK below to start the scan.
*
In case you are having problems with installing the ActiveX/starting the scan, please read here.
* Click the
Full System Scan button.
* It will start to download scanner components and databases. This can take a while.
* The main scan will start.
* Once the scan finished scanning, click the
Automatic cleaning (recommended) button
* It could be possible that your firewall gives an alert - allow it, because that's a connection you establish to submit infected files to F-Secure.
* The cleaning can take a while, so please be patient.
* Then click the
Show report button and add the
results in your next reply. (you will want to save the report in notepad to your desktop as a text
(.txt) file)
Next post please attach
vundofix.txt
F-Secure txt
New HijackThis log