Vundo virus

Go to Add/Remove programs uninstall old HJT.

Reboot

Run CCleaner again both Temp and Registry until the come up clean.

Now install new HJT.

What were the results of the DAF and JavaRa operations?

Mike

BTW,

DAF, gave me this error....

2147319780 encountered trying to register c:\windows\system32\shdocvw.dll
error accesing OLE registry

Java log cleared ...

OK Due to items in your new HJT log we need to run another cleaner.

ComboFix

NOTE: If you have had ComboFix more than a few days old delete and re-download.

Get it here: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Or here: http://subs.geekstogo.com/ComboFix.exe

Double click combofix.exe follow the prompts.

When finished, it will open a log.
Attach the log and a new HJT log in your next reply.

Note: Do not click combofix's window while its running. That may cause it to stall.

Mike

EDIT: We will handle the DAF errors after the comob fix.
Do you have or had a Norton product on this computer?

MIke,

attached logs as rqstd...

combo seemed to run ok..

had norton ages ago....

been deleted for some time !
caused more probs than it solved to be honest

Oh yeah!

Reboot run it again post new log and neew HJT log!

You were eat up!

See edit in my last post!

Mike

run combo again and HJT..??

whats "eat up"

Totally infested like a dog with so many fleas it is being "eat up"!

An American saying!

Mike

EDIT: yes both!

Mike,

rebooted,

ran Combofix again

then HJT...

results attached

One more thing I am surprised is still there.

So 1 more tool!

Download SD Fix to Desktop among other things Catchme to look for RootKits.

http://downloads.andymanchesta.com/RemovalTools/SDFix.exe

On Desktop run SDdFix It will run (install) then close.

Then reboot into Safe Mode

As the computer starts up, tap the F8 key several times.

On the Boot menu Choose Safe Mode.

Click thu all the prompts to get to desktop.

At Desktop
My Computer C: drive. Double-click to open.

Look for a folder called SD Fix. Double-click to enter SD Fix.

Double-clickto RunThis.bat. Type Y to begin.

SD Fix does its job.

When prompted hit the enter key to restart the computer

Your computer will reboot.

On normal restart the Fixtool will run again and complete the removal process then say Finished,
Hit the Enter key to end the script and load your desktop icons.

Once the desktop is up, the SDFix report will open on screen and also be saved to the SDFix folder as Report.txt.
Copy and paste the Report.txt file to your next post.

Mike

Mike,

here is SDfix log...

please tell me i'm fixed !!

wife to be threatennig divorce already ! lol !

Hopefully after I see a new HJT log.

Have you had a Norton - Symantec product before?

And a status report how is it running.

mike

I had Norton over 2yrs ago and delted it due to errors....

HJT attached...

just found out, i got now system restore point...

no entry in regedit either...
linked to vundo you think ?

HJT remove below
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} - https://www-secure.symantec.com/techsupp/asa/ctrl/SymAData.cab

Ahhh

Copy all in box then paste to open command prompt!

Still have a bad file.

Code:

cd\
attrib /s qnlifb.dll >"%USERPROFILE%"\Desktop\attrib.txt
exit
exit

Now paste me the attrib.txt from on desktop.

Mike

See edit above

Mike,
bit lost on that paste bit you posted...
deleted the cab fiel from HJT ref symantec..

""
File not found - qnlifb.dll

"
that was response from paste to desktop !

Ok

HJT Remove below

O20 - AppInit_DLLs: qnlifb.dll

OK for wife to go now but you and I will finish a few detials tommorow.

I will post.

Run another MBAM and SAS but only while sleeping or at work!

Mike

just deleted another 1 from HJT...
refernce to BTinternet...
old service provider..!!

now gonna run MAM n SAS....

Wife 2 B can hang slack bud..

this pc is linked to ptr for daughters homework on printer..
i want it running tip top !

We will get it that way but for now i am headed to Dinner and a movie!

It has a few performance issues but you should be clean.

I will look at new logs when I return.

Mike