I picked up something nasty yesterday. McAffee showed two files, one with "Generic dropper.i" and the other with "zquest" but couldn't fix either. I manually deleted them, but they returned. Some snooping suggested the Vundo trojan. FixVundo didn't find it, but VirtumundoBeGone did. THe popups have died down, but the system is still sluggish and there's lots of disk access. Spybot, AdAware, and McAffee all say I'm clean. However, I note that my HJT log I have an 02 and an 020 both showing vbkey.dll, which I understand may be an indication of Vundo. Oddly, google hasn't heard of vbkey.dll or the othe rfile in my Windows/Config diretory, ntp2.ini.

I'd welcome any help in getting to the bottom of this. Here's the log:

-----

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 4:55:53 PM, on 5/16/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

(Moderator edit: contents of logfile delete to save space. jgweed)

At the present time, our HJT team does not accept the BETA version of HJT, and any log should be posted in the Team Forum. Please read the following directions for posting a log (there is a link to the "approved" HJT version in the Preparation Guide):

http://www.bleepingcomputer.com/forums/topic34773.html

I am sure that our volunteer team of experts can help you once you submit a new log.

Regards,
John

My apologies. I've been looking at too many different forums apparently. I'll post a non-beta log over there promptly.

No problem. I see you wasted no time in posting your log. Just remember to make no changes to your computer that might invalidate its contents until a team member has a chance to work with you to resolve any problems the log finds.
Thanks again!
John