adware/winfix problems

Note: you did not follow guidelines for installing and running HJT per the sticky thread step 7.

You should have read some of the other links in the READ ME. For example in step 6 where it says:

See the reference to Virtumundo aka WinFixer! Virtumundo is what you really have. You can use the procedure in the Special Removal Procedures thread or you can use the below:

These steps must be run exactly as specfied.

1) Download this Symantec Trojan.Vundo Removal Tool to a location where you can find it later
2) Make sure you do not run anything but what is specified. DO NOT OPEN any browsers during this process below so print or save these unstructions locally so you know what to do while offline.
3) Boot into safe mode and physically unplug your cable to the internet
4) Run the fixvundo.exe tool downloaded above and save the log
5) Immediately reboot in normal mode and run the fixvundo.exe tool again. Save the log.
6) Immediately reboot again into normal mode and now reconnect your cable to the internet.
7) Now run HJT and save a new log
8) Open a browser and come back here and post your logs from running fixvundo and also the new HJT log. Also tell me how these steps went. Any problems?

 

You're welcome. The Vundo/Winfixer problem is gone now. Just do the below minor items to fix.


Run HijackThis and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)

After clicking Fix, exit HJT.

After that you should have your daughter work thru the below to help keep the PC clean:

How to Protect yourself from malware!