Will do. Thanks.

Hi Ran Hijackthis, deleted both files after scan only.

Re started windows - Avast on-access protection won't run and internet connection won't work either. Message error 711 The remote access service manager could not start. Further detail - check plug and play or remote access connection manager. On checking plug and play was running but remote access wasn't. Tried to start but further error 1084 - "This service cannot be started in Safe Mode"

Hence not downloaded Vundofix.

Sorry note computer wasn't and isn't in safe mode.

Download the programs he requested while still online, Once you boot into safemode you will not have Internet connection or your anti-virus protection programs running. Don't worry though, in safemode many services do not run except the ones made by Microsoft to keep your computer stable.

Hi i'm only on-line on my laptop not on main computer. Also i wasn't in safe mode.

Also windows media won't play any music and some games (e.g. fifa08) won't load.

I cant say anything till I see the logs for those programs

Which programs? If your talkin abaout Vundofix, i can't download directly as i can't get on internet on main pc.

Can you download them on the laptop and then transfer them to the main pc? Also post a fresh HJT log.

Will try. Get back to you soon.

Tried to run Vundofix from cd, received message- runtime error 339, component "comdlg.32.ocx" or one of it's dependencies not correctly registered; a file is missing or invalid.

Please find logs of Virtumondo and HJT. Vundofix didn't find any errors. Therefore not tried going on internet or running any problem programs yet.

Sorry, here's the logs attached.

Attached Files

	VBG.TXT (5.5 KB, 1 views)
	hijackthis.log (9.1 KB, 2 views)

Ill look over your log now and get back to you.

Hi, did you find anything?

Go to start>run and type combofix /u

reboot if required

Fix entries using HiJackThis

• Launch HiJackThis
• Click the Do a system scan only button
• Put a check next to the entries listed below

O2 - BHO: (no name) - {C5AF49A2-94F3-42BD-F434-2604812C897D} - (no file)
O4 - HKLM\..\Run: [BM37097977] Rundll32.exe "C:\WINDOWS\system32\oidlmehb.dll",s
O16 - DPF: {395E58B9-090C-461A-8F27-087D1C727945} (Web Conferencing) - http://metastock.epopcentral.com/joinie.cab
O16 - DPF: {6697AFA6-1CD3-462E-AC0A-363EF8BCD102} (SyScan2 Control) - http://www.evga.com/Support/SyScan/SyScan.cab

• IMPORTANT: Do NOT click fix until you exit all browser sessions including the one you are reading in right now
• Click the Fix checked button and close HiJackThis
• Reboot HijackThis if necessary

Delete Files and Folders

• Right Click on the start button and chose explore
• Show all hidden files and folders, see how HERE
• Navigate to the following files and folders and delete them(if still present)

C:\WINDOWS\system32\oidlmehb.dll<---------This File
[/color]

• Empty the recycle bin.

If that does not work then repeat the process in safe mode. See how to boot into Safe mode HERE.
***DO NOT USE MSCONFIG TO BOOT INTO SAFE MODE***


Download and Run ComboFix

• Download this file from either of the two below listed places :
  
  HERE or HERE
  
• Then double click combofix.exe & follow the prompts.
• When finished, it shall produce a log for you. Attach that log in your next reply

WARNING: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Done HJK, couldn't find oidlehb file in normal mode. Will try in safe mode and then i'll download/run combofix.

if you cant find it in safe mode we'll get it with combo.

Hi, please find combofix log attached. Had to download using laptop as computer main computer still as before. Please note mentioned earlier that the oidlmehb.dll file error message was coming up on startup "error loading, module not found".

Attached Files

combofix1.txt (12.2 KB, 1 views)

Is combofix installed on the desktop? It needs to be there.