Infected with vundo - need removal help

[xavier100]

my pc is infected with the vundo virus (vundo!grb). I need help removing it. Please, if you can help me, I would appreciate it very much.

Thanks

 

[kritius]

I need you to follow all the steps HERE and then post back with the three requested logs as attachments

• Malwarebytes
  
• SAS
  
• Hijackthis

Dont forget to make sure that Malwarebytes is set to remove the results.

 

[xavier100]

Ok, done with the 8 steps

attached are the logs

Thanks

 

[kritius]

Fix entries using HiJackThis

• Launch HiJackThis
  
• Click the Do a system scan only button
  
• Put a check next to the entries listed below
  

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://mysearch.myway.com/jsp/dellsidebar.jsp?p=DE
O3 - Toolbar: (no name) - {8D911181-10AA-4B3E-BC7F-8D4AD359921B} - (no file)
O4 - Startup: PowerReg SchedulerV2.exe
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe"
O20 - AppInit_DLLs: C:\WINDOWS\system32\saduyome.dll c:\windows\system32\niresibu.dll

• IMPORTANT: Do NOT click fix until you exit all browser sessions including the one you are reading in right now
  
• Click the Fix checked button and close HiJackThis
  
• Reboot HijackThis if necessary

Download random's system information tool (RSIT) by random/random from HERE and save it to your Desktop.

• Double click on RSIT.exe to run.
  
• Click Continue at the disclaimer screen.
  
• Once it has finished, two logs will open.
  
• log.txt <will be maximized and info.txt <will be minimized
• Please post the contents of both logs in the next reply.
  

 

[xavier100]

Done. attached are the two logs

Thanks!

 

[xavier100]

everything seems to be back to normal.

Thanks Kritius