Having Fun-do with Vundo

Hello Abri and Chasling. You may recall about a month ago you both helped me remove vundo. Somehow I have become reinfected.

The first symptom I noticed was that I began having a delay of about 5 seconds when I would start IE, the same delay I had with the previous infection, where the program starts but nothing appears in the address bar and the homepage does not appear for about 5 seconds. I am also experiencing slow browsing.

I ran malwarebytes antimalware and it found and deleted vundo from the registry, however the browser problems, delay and slow browsing, still persist.

During the previous infection, deleting the following files fixed the slow browser startup, but I do not currently have any of these files:

c:\windows\newcamerapix.zip
c:\windows\game.exe
c:\programfiles\uninstall.exe
c:\programfiles\uninstall.dat

You may also remember I began having some issues with McAfee during the previous cleaning. I have since been able to reinstall McAfee and have not experienced any of the previous problems. Mafee's firewall is not installed.

The Norton I have currently installed is the Utilities portion only and not the antivirus portion of the program. I use the Norton utilities since the defragmenter is better than window's defragmenter. Since I have utilities only installed, and not antivirus or firewall, I did not think I had to delete it. Please let me know if I have to do so anyway.

I am going to post my logs. You will see that SASlog is missing. This is because I still cannot install superantispyware, as I still get the same error 1606. I hope you can still help me. Please let me know if there is an alternate program I can run that will accomplish what superantispyware does.

The logs included are from malwarebytes, combofix, mglogs and smitfraudfix. I did not run the smitfraudfix cleaner because I can't tell if it found anything. I have include a combofix about quarantined files.

Thanks.

 

Other logs

 

I forgot to say earlier that, unlike the first infection where the first symptoms were all sorts of bogus popups, then only symptoms I have had this time are the browser delay and slow browsing. I also forgot to say I ran Spybot, but it did not find anything.

 

Thanks for your reply chaslang. I guess I lucked out this time in that Vundo didn't spread from the registry before malwarebytes antimalware removed the registry entry. So that is good.

I'm going to use hijackthis to kill the extra symantec and roxio processes. If the programs no longer work, I will remove them.

In either case, can you recommend a standalone program similar to Norton utilities that has a defrager that is superior to windows defrag, without all the extra junk processes? Can you also recommend something similar to Roxio that has excellent DVD backup and audio capture, which are the only two reasons I use Roxio.

Thanks again. I'll post again in a few minutes to let you know what happens after I use hijackthis.

 

Chasling,

I removed Norton using the removal tool, and then removed Roxio using add/remove programs. I then ran CCleaner and registry cleaner.

I still have the same delay when starting IE. If it is something unique to my computer, I can live with it. I just want to be sure, since malwarebytes did find vundo, that it's not malware related. I have attached a fresh set of mglogs. Thanks for your help.