I have the following problem: I must have picked up malware from the internet. I first realized there was a problem when I kept getting a lot of advertisements and pop-up windows when using Internet Explorer. Sometimes I would open Internet Explorer and instead of going to my homepage, I would go to another site.
A couple of days ago I tried running various anti-spyware software, and some of them found viruses are removed them (either completely or partially), but the problem remained. Some of the names of viruses that the software told me I had were: Savenow, Downloader, Virtumonde, Vundo Variant.
Also, at certain points when I was using the computer, everything on the desktop and the taskbar of Windows would disappear for a couple of seconds and then reappear again.
I went to your page http://www.geekstogo...-Log-t2852.html
and tried to follow the steps, but when I was scanning using some of the software, everything except those would disappear for a couple of seconds and then reappear, so I am not sure whether the anti-spyware were effective or not.
I also installed some of the antivirus software that are mentioned in that page, namely the Zone Labs Security firewall and the AVG Anti-virus, and after that whenever I opened Windows Explorer, the following two warnings would appear, one after another, coming from the Zone Labs firewall:
1) Repeat Program
Internet Explorer is trying to access the trusted zone.
Identification: Unknown
Application: iexplore.exe
Destination IP: 127.0.0.1: Port 1082 (or some other port)
2) Dangerous Behavior
Internet Explorer is trying to monitor your mouse movements and keyboard strokes
Application: iexplore.exe
How can I resolve this problem? Today, before writing this message, again I tried to follow the instructions on the page
http://www.geekstogo...-Log-t2852.html
and here are the outcomes:
1) Everything went smoothly with ATF Cleaner, System Restore
2) Everything OK with AVG Anti-spyware. Here is the report:
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - - - - - - - - - - - -
A V G A n t i - S p y w a r e - S c a n R e p o r t
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - - - - - - - - - - - - -
+ C r e a t e d a t : 1 0 : 4 4 : 4 8 P M 2 / 5 / 2 0 0 8
+ S c a n r e s u l t :
N o t h i n g f o u n d .
: : R e p o r t e n d
3) Here is the report from SuperAntiSpyware, which was saved as SUPERAntiSpyware Scan Log - 02-05-2008 - 23-15-11.log:
SUPERAntiSpyware Scan Log
Generated 02/05/2008 at 11:15 PM
Application Version : 3.6.1000
Core Rules Database Version : 3190
Trace Rules Database Version: 1200
Scan type : Quick Scan
Total Scan Time : 00:22:45
Memory items scanned : 426
Memory threats detected : 1
Registry items scanned : 950
Registry threats detected : 4
File items scanned : 1950
File threats detected : 1
Adware.Vundo Variant
C:\WINDOWS\SYSTEM32\SSTTU.DLL
C:\WINDOWS\SYSTEM32\SSTTU.DLL
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser
Helper Objects\{5EDB5811-3367-4122-8BB0-0E32888E7990}
HKCR\CLSID\{5EDB5811-3367-4122-8BB0-0E32888E7990}
HKCR\CLSID\{5EDB5811-3367-4122-8BB0-0E32888E7990}\InprocServer32
HKCR\CLSID\{5EDB5811-3367-4122-8BB0-0E32888E7990}
\InprocServer32#ThreadingModel
4) Online Panda ActiveScan: I couldn't run it. I tried running it from
Firefox but in the page they said that minimum requirements were to have
Internet Explorer 5.0 or later. I didn't want to use the Internet
Explorer because of all the warnings from the firewall. In fact, at this
point I uninstalled Internet Explorer and installed it again, but the
problem still remained!
5) AVG Antivirus: I ran this again, it showed that everything was
alright.
6) Windows Update: When I had tried to download SP1a a couple of days
ago, I wasn't able to because I must have SP2 according to the website.
Today I wasn't able to download anything, when I went to the webpage it
displayed a message saying that I must have Microsoft Internet Explorer
in order to download updates from them. Although it gave a link to the
Microsoft Download Center (if I insisted on using another browser), I
still didn't find anything I could download from Firefox.
7) I rebooted the computer but the firewall keep issuing me the same
warnings.
8) HijackThis: I did not scan the computer using any of the anti-spyware,
but I do have Ad-Watch and SpywareGuard running right now. I hope that
this is not a problem.
Here is the log file:
---------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:18:38 PM, on 2/16/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\a-squared Anti-Malware\a2service.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Apoint\Apoint.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Apoint\Apntex.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Lavasoft\AD-AWA~2\Ad-Watch.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.dell4me.com/myway
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://mysearch.mywa...idebar.jsp?p=DE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://us.rd.yahoo.c...p://www.yahoo.c
om
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.dell4me.com/myway
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://us.rd.yahoo.c...p://www.yahoo.c
om
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://us.rd.yahoo.c...p://www.yahoo.c
om/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://us.rd.yahoo.c...p://www.yahoo.c
om
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.dell4me.com/myway
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
http://us.rd.yahoo.c...p://www.yahoo.c
om
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
Settings,ProxyServer = 194.154.128.65:80
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-
0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-
784B7D6BE0B3} - C:\Program Files\Common
Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} -
C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [IntelWireless] C:\Program
Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1
\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program
Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1
\SNDMon.exe /Enterprise
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec
Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AWMON] "C:\PROGRA~1\Lavasoft\AD-AWA~2\Ad-Watch.exe"
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe
/RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe
/RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe
/RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe
/RUNONCE (User 'Default user')
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program
Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program
Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program
Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program
Files\Yahoo!\Common/ycsms.htm
O16 - DPF: {02466323-75ED-11CF-A267-0020AF2546EA} (VivoActive Control) -
http://www.iicm.edu/.../vivo/vvweb.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine
Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus
scanner) -
http://security.syma...bin/AvSniff.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) -
C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner
Class) - http://www.symantec....abs/tgctlsr.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo
Uploader Control) -
http://upload.facebo...otoUploader.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility
Class) -
http://security.syma...n/bin/cabsa.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime
Environment 1.6.0) - http://javadl-esd.su....0/jinstall-6u3
-windows-i586-jc.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program
Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: ssqqppm - ssqqppm.dll (file missing)
O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi
Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation -
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program
Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. -
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. -
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program
Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision
Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel
32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. -
C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1
\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program
Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program
Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel
Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC -
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: WLANKEEPER - Intel® Corporation - C:\Program
Files\Intel\Wireless\Bin\WLKeeper.exe
--
End of file - 8423 bytes
Also, here is the uninstall list that you wanted me to provide:
---------------------------------------------------------------
Ad-Aware SE Professional
Adobe Flash Player ActiveX
Adobe Reader 8.1.2
Adobe Reader Japanese Fonts
AFPL Ghostscript 8.00
AFPL Ghostscript Fonts
Ahead InCD EasyWrite Reader
ALPS Touch Pad Driver
AOL Uninstaller (Choose which Products to Remove)
AOLIcon
a-squared Anti-Malware 3.1
AVG 7.5
AVG Anti-Spyware 7.5
Azureus
Broadcom Management Programs 2
Conexant D110 MDC V.9x Modem
CoreVorbis Audio Decoder (remove only)
Dell Digital Jukebox Driver
Dell Driver Reset Tool
Dell Media Experience
Dell Photo Printer 720
Dell Picture Studio v3.0
Dell Support 3.1
Digital Line Detect
Direct Show Ogg Vorbis Filter (remove only)
DivX
DivX Converter
DivX Player
DivX Web Player
DVD Shrink 3.2
EarthLink setup files
EasyCleaner
EZPhoto Browser
EZShowtime MMS
EZSuite For EZCam III
Get High Speed Internet!
GSview 4.3
Haali Media Splitter
HijackThis 2.0.2
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB914440)
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB926239)
Intel® Graphics Media Accelerator Driver for Mobile
Intel® PROSet/Wireless Software
InterActual Player
Internal Network Card Power Management
Internet Explorer Default Page
Japanese Fonts Support For Adobe Reader 8
Java 2 Runtime Environment, SE v1.4.2_03
Java 6 Update 3
Learn2 Player (Uninstall Only)
LiveUpdate 1.80 (Symantec Corporation)
Macromedia Flash Player
Macromedia Shockwave Player
Magma 2.12-19
Matroska (remove only)
Matroska Pack
MatroskaProp (remove only)
mCore
mDrWiFi
mHlpDell
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Professional Edition 2003
Microsoft Plus! Digital Media Edition Installer
Microsoft Plus! Photo Story 2 LE
Microsoft User-Mode Driver Framework Feature Pack 1.0
MiKTeX
mIWA
mIWCA
mLogView
mMHouse
Modem Helper
Mozilla Firefox (2.0.0.12)
mPfMgr
mPfWiz
mProSafe
MSN
mSSO
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
mToolkit
Musicmatch for Windows Media Player
mWlsSafe
mXML
mZConfig
Nero 6
Nero Media Player
NeroVision Express 2
NetWaiting
NetZeroInstallers
oggcodecs 0.69.8924
OpenSource OGG Splitter (remove only)
Pcast VOD Control 1.0
PeerGuardian 2.0
PowerDVD 5.5
Qualxserve Service Agreement
QuickSet
QuickTime
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893066)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB896688)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899588)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901190)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB905915)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB908531)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912812)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913446)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB916281)
Security Update for Windows XP (KB917159)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921503)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922760)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925454)
Security Update for Windows XP (KB925486)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926247)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB933729)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB936021)
Security Update for Windows XP (KB938829)
Security Update for Windows XP (KB941202)
Security Update for Windows XP (KB941568)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB941644)
Security Update for Windows XP (KB943055)
Security Update for Windows XP (KB943460)
Security Update for Windows XP (KB943485)
Security Update for Windows XP (KB944653)
Security Update for Windows XP (KB946026)
Skype 2.5
Sonic Audio module
Sonic DLA
Sonic MyDVD LE
Sonic RecordNow Copy
Sonic RecordNow Data
Sonic Update Manager
Spybot - Search & Destroy 1.4
SpywareBlaster v3.5.1
SpywareGuard v2.2
SUPERAntiSpyware Free Edition
Synacast Plug-in 1.1.0.7
SYSTRAN Premium 4.0
TeXnicCenter Version 1 Beta 6.31 (Firenze)
Update for Windows XP (KB894391)
Update for Windows XP (KB896727)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB904942)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB927891)
Update for Windows XP (KB929338)
Update for Windows XP (KB930916)
Update for Windows XP (KB931836)
Update for Windows XP (KB933360)
Update for Windows XP (KB936357)
Update for Windows XP (KB938828)
Update for Windows XP (KB942763)
VanDyke Software SecureCRT 5.5
VanDyke Software SecureFX 4.5
Viewpoint Media Player
WebCyberCoach 3.2 Dell
WinAce Archiver
Windows Defender
Windows Genuine Advantage v1.3.0254.0
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 10
Windows Media Player 11
Windows Media Player 11
Windows XP Hotfix - KB873333
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB893086
WinEdt
WinRAR archiver
WinSCP 4.0.4
XviD MPEG-4 Video Codec
Yahoo! extras
Yahoo! Messenger
Yahoo! Toolbar
ZoneAlarm
Zoom Player (remove only)
Could you please tell me what to do? I don't think the problem is just Vundo, because I tried running VundoFix.exe but the problem remained. I think the first malware that was detected on my computer after all the ads started popping up was Downloader. Before installing AVG Antivirus, I had an antivirus from Symantec, so I looked at the website of Symantec concerning these viruses (Downloader, Vundofix, Virtumonde) but it didn't help. It said that I should look try to find certain keys in the registry, but I found none of those.
Oh, another thing that I forgot to say but might be important is that in the beginning the pop up ads would appear in both Internet Explorer and Firefox. After some point though they only appear in Internet Explorer. Moreover, lately when I went to the Internet Explorer and tried to clear the history (all the cookies, temporary files, data from forms, passwords etc) it seemed that it didn't really delete anything.
Any help would be greatly appreciated. Thank you in advance.