TechSpot

Vundo & Sheur found

By willydawg
Feb 15, 2009
  1. Hello,

    I did the 8 step instructions from these boards. Attached are the logs needed.

    Thanks in advance,
    Will
     

    Attached Files:

  2. willydawg

    willydawg TS Rookie Topic Starter Posts: 26

    Can anyone help with this please? The computer is running slow again, I think I'm infected again. Please....
     
  3. sagor

    sagor TS Rookie

    Clean out the BHO files that hijack this shows as missing. Scrambled file names with upper/lower case mixed are seldom legitimate system files.
    Clean (at least):
    O2 - BHO: (no name) - {388DB672-542D-4FCA-9913-7B2C96CBDD7E} - C:\WINDOWS\System32\qoMccYRl.dll (file missing)
    O2 - BHO: (no name) - {e16dce08-1b23-450f-be3b-13bd4b27605e} - C:\WINDOWS\System32\xmfixu.dll (file missing)

    As well, anything else that has a file missing, delete them with hijackthis and re-do the 8 steps
     
  4. willydawg

    willydawg TS Rookie Topic Starter Posts: 26

    Thanks sagor, I'll try that and report back...
     
  5. cubyong

    cubyong TS Rookie Posts: 45

    i think you forgot this ones:

    O9 - Extra button: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\user\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk (file missing) (HKCU)
    O9 - Extra 'Tools' menuitem: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\user\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk (file missing) (HKCU)
    O20 - Winlogon Notify: tfpfmc - C:\Program Files\Internet Explorer\Uninstall Information\tfpfmc.dll (file missing)

    maybe there are a couple more you should get rid of with hijackthis but i'm not sure. you'll have to wait for someone more professional here in techspot to guide you what to do next :)
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...