Vundo & Sheur found

[willydawg]

Hello,

I did the 8 step instructions from these boards. Attached are the logs needed.

Thanks in advance,
Will

 

[willydawg]

Can anyone help with this please? The computer is running slow again, I think I'm infected again. Please....

 

[sagor]

Clean out the BHO files that hijack this shows as missing. Scrambled file names with upper/lower case mixed are seldom legitimate system files.
Clean (at least):
O2 - BHO: (no name) - {388DB672-542D-4FCA-9913-7B2C96CBDD7E} - C:\WINDOWS\System32\qoMccYRl.dll (file missing)
O2 - BHO: (no name) - {e16dce08-1b23-450f-be3b-13bd4b27605e} - C:\WINDOWS\System32\xmfixu.dll (file missing)

As well, anything else that has a file missing, delete them with hijackthis and re-do the 8 steps

 

[willydawg]

Thanks sagor, I'll try that and report back...

 

[cubyong]

i think you forgot this ones:

O9 - Extra button: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\user\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\user\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk (file missing) (HKCU)
O20 - Winlogon Notify: tfpfmc - C:\Program Files\Internet Explorer\Uninstall Information\tfpfmc.dll (file missing)

maybe there are a couple more you should get rid of with hijackthis but i'm not sure. you'll have to wait for someone more professional here in techspot to guide you what to do next