I picked up something nasty yesterday. McAffee showed two files, one with "Generic dropper.i" and the other with "zquest" but couldn't fix either. I manually deleted them, but they returned. Some snooping suggested the Vundo trojan. FixVundo didn't find it, but VirtumundoBeGone did. THe popups have died down, but the system is still sluggish and there's lots of disk access. Spybot, AdAware, and McAffee all say I'm clean. However, I note that my HJT log I have an 02 and an 020 both showing vbkey.dll, which I understand may be an indication of Vundo. Oddly, google hasn't heard of vbkey.dll or the othe rfile in my Windows/Config diretory, ntp2.ini.
I'd welcome any help in getting to the bottom of this. Here's the log:
Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 4:55:53 PM, on 5/16/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal(Moderator edit: contents of logfile delete to save space. jgweed)
Edited by jgweed, 16 May 2007 - 06:10 PM.