Nasty Malware on Comp

Hi there,

MS Windows XP Professional SP3 (computer was built in 2002)
AMD Athlon XP 2200+
256 MB RAM
NVIDIA Geforce2 mx/mx 400
I've mainly been running IE, but I have Firefox as well. After a lot of finaggling I was able to download Google Chrome which has been a huge help.

Last Wednesday I got hit all of a sudden by some sort of malware - the usual advertisements for fake anti-spywear software. I had to go out of town so I just shut it off. I began battling it on Sunday when I came home.
I have symantec installed.
I HAD spybot s/d installed as well as adaware but I've since uninstalled them as per directions from this site.
I was unable to do anything substantial from firefox or ie so I downloaded Google Chrome. This gave me access to all the websites I needed. I tried downloading malwarebytes (this was before I found this website), hjt, as well as spybot s/d. This is when I discovered that the malware would shut it down every time I tried to run it - HTJ gets to the scan and then cuts off (i tried installing it in different directories at different points but the song remains the same).

I was able to download ComboFix. The first and second time I ran it, my computer shut off and rebooted.
*Note, I am at this time unable to boot in safe mode or in recovery mode*
The third time I ran ComboFix I kept opening task manager to kill any programs that seemed like they were in the way (I dont know how effective this actually was). This time, it was successful. It isolated several .dll files that are associated with the Vundo trojan. This freed up my system substantially and I no longer had fake spyware popping up. I also deleted the Qoobox folder with CCleaner.
List of some of the files I wrote down:
nupanogo.dll
wawunego.dll
yebokafe.dll
feyujafi.dll
mivimoru.dll

something in windows/system32/terrapof32
As far as I know, ComboFix was able to kill these.

At this point I was referred to your forums and began following the guide to malware removal. I successfully got up to the point where I uninstalled & ran superantispyware (last night) - it identified 7 trojans (3 variants of the vundo trojan) and I cleared them and then shut off the computer since it was time for bed.
Today I booted up hoping to continue the instructions by installing malwarebytes (renamed to mb.exe). This took an EXTREMELY long time to load, install, and then boot after updating. I left to go play a game of frisbee while this was happening. When I returned, my symantec (awake for the first time in all of this) notified me that it had caught a virus and had quarantined it. I repeatedly tried to disable auto-protect. malwarebytes did succeed in loading but about 3 seconds into the scan it closed just like the other programs.

At this point, I reran ComboFix - interestingly this was the first time ComboFix succeeded in providing logs to me. I will paste them below.

I was unable to rerun superantispyware (same lack of permissions error as with the others) so I uninstalled & reinstalled in a different directory. It is currently performing a full scan - however, it is well after the point where it had located the vundo trojans and has not found anything. I also ran CCleaner for kicks.

**short update, at this point, superantivirus did spot:
adware.vundo/variant-Qheader (2 instances, this variant is different from the 3 types caught yesterday).

Symantec as the following two files in quarantine:

TrojanHorse (no filename or info)
TrojanHorse A0055617.exe C:\System Volume Information\_restore{3303FC3B-B7F4-4352-8873-AF2AF47C2C50}RP280\A0055617.exe

Please Help! That's about as thorough as I can get.

 

Superantispyware finished, only found the 2 vundo trojans.

Ran MGtools, attached the log.