These are the last things (i think) from an infection i got last night. Have run up to date Spybot, adaware, and System Mech 6 on a fully patched XP system.

To get rid of the various infection files i had to use Autoruns and the instructions from this site. Cant get rid of efcya.dll though and IE is still occasionally opening popups when any browser is open.

Anyone have any info on these dll??

Thanks!

Hello imacca

Please see the self-help tutorial How To Remove Winfixer/Virtumonde/Msevents/Trojan.vundo.

When done, download and scan with Ewido Anti-Spyware v4.0 in "SAFE MODE".
Print out the Ewido Install and Scan Instructions.

Post back if your still having problems afterwards.

Did as you suggested and all is well. Ran the Vundo fix and if found a few files i had no idea about, and gopt rid of them. 2 files were still there so into Safe and ran Vundanudobegone. When i checked System 32 the two diles that were left from Vunofix were there. 1 deleted no probs, and the other had been renamed and it deleted as well. Various cookies and some other things were found and either deleted or quaratined by Ewido.

So, i think all is well. Which is just as well since my other PC chose yesterday to die a death. Have a mate whos good with harware looking it over, but since 8/10 times it wont even try to post, i think it may be headed for the bin.

Anyhow, thanks for the help!

Seeyahs!

Good job.

Now you should SET A NEW RESTORE POINT to prevent reinfection from an old restore point. Any malware you picked up could have been saved in System Restore. Since System Restore is a protected directory, your tools can not access it to delete these bad files which can reinfect your system. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state.

The easiest and safest way to set a new RESTORE POINT:
1. Go to Start > Programs > Accessories > System Tools and click "System Restore".
2. Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
3. Then go to Start > Run and type: Cleanmgr
4. Click "OK".
5. Click the "More Options" Tab.
6. Click "Clean Up" in the System Restore section to remove all previous restore points except the newly created one.

To protect yourself against malware and reduce the potential for re-infection , you may want to read "Simple and easy ways to keep your computer safe" and "How to Prevent Spyware".