Member Panel

Here is my logfile and i have run spyware programs, virus programs, gone in safe mode and use said programs and this little monster is still lurking. I am about to lose what sanity i have, please help. Thank you. All my programs are current on the virus, spayware programs.

Hya Shadow63 , welcome to PCHF.

Looks pretty clean and youre Mcafee A S , either blocked or removed a "Trojan.Elitebar" and a "Zango Toolbar" infection. O0

But you do have a Vundo infection on there im afraid. The second of today but we'll remove that ****** easely. :smiley:





Please download Process Explorer by Systernals from HERE

Also download KillBox by Option^Explicit from HERE

Then boot up in SAFE MODE and stay in safe mode untill the entire fix is done.(hit f8 when booting up)

Unzip Process Explorer and double click on procexp.exe
In the top section of the Process Exlporer screen double click on winlogon.exe to bring up the winlogon.exe properties screen. Click on the Threads tab at the top.
Once you see this screen click on each instance of vturq.dll once and then click the kill button.
After you have killed all of the vturq.dll's under winlogon click OK.

Next In the top section of the Process Exlporer screen again , double click on explorer.exe and again click once on each instance of vturq.dll then click the kill button.
Once you have done that click OK again.

Next run HijackThis and place a check beside each of the following.

Now click fix checked and close HijackThis.

Please copy the text in the quote below, and paste it into a blank notepad window.
Save it as vundo.reg and in the save as type box choose all files.

Once you have saved it double click it and allow it to merge with the registry.


Double click on Killbox.exe and then check the delete on reboot button.
Enter the following filepath and filename into the Full path of file to delete box

C:\WINDOWS\system32\vturq.dll

Click the red circle with the white x and allow your computer to reboot.

After your computer has rebooted please run Hijackthis again and post a new HijackThis log.

Thanks for the help. Everything went great until I got to the Killbox.exe and put in the filepath and clicked on the red circle with the white x. It would not do anything and the computer would not reboot. I ended up exiting the program and rebooting. Below is the new log. Please advise as to if I need to redo anything. Thanks again for your help.

The infection is gone , and youre log is clean. :smiley:


You can have a look if this file is still present:

C:\WINDOWS\system32\vturq.dll

and try to delete it manually ,but it doesn't do anything anymore so its harmless now , i don't know why killbox didn't want to delete it though.



Do you still experience any problems?

No I am not experiencing any problems what so ever :hello2: . Thank you so much for your help O0 . I thought I was going to lose it . I don't know why the last part did not work but hey everything else did and I am one happy camper :-) . Thanks again for all your help, this is an awesome site .

Good work Joe5, and thanks for the compliments shadow63.

Remember to bookmark us and tell all your mates. :evil:

Marking as fixed.

No prob Shadow :azn: , glad i could help.

You know where to find us if you run in to anything else. O0