I tried downloading music; when I think it all started yesterday. Now when I open any website via FireFox or Internet Explorer; unnecessary pop ups show up even though I have a pop-up blocker and is enabled. Eventually number of explorer windows open up if you try to close the first one and the computer shows "low on virtual memory" and everything hangs up or slows down. Please help to fix this... I will really appreciate it!!!

Try to scan with Malwarebytes' Anti-Malware http://www.malwaresupport.com/mbam/... or Scan with eset online Scanner http://download.eset.com/special/eo...

Log after running Malware and removing affected files - Malwarebytes' Anti-Malware 1.34 Database version: 1887 Windows 5.1.2600 Service Pack 3 3/22/2009 9:09:32 PM mbam-log-2009-03-22 (21-09-32).txt Scan type: Full Scan (C:\|D:\|) Objects scanned: 169536 Time elapsed: 1 hour(s), 25 minute(s), 13 second(s) Memory Processes Infected: 0 Memory Modules Infected: 9 Registry Keys Infected: 12 Registry Values Infected: 6 Registry Data Items Infected: 7 Folders Infected: 0 Files Infected: 16 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: C:\WINDOWS\system32\givubowa.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS\system32\revudahe.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS\system32\hozutoza.dll (Trojan.Vundo) -> Delete on reboot. C:\WINDOWS\system32\nitukito.dll (Trojan.Vundo) -> Delete on reboot. C:\WINDOWS\system32\bemubuse.dll (Trojan.Vundo.H) -> Delete on reboot. c:\WINDOWS\system32\heyovoki.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS\system32\lbryvo.dll (Trojan.Vundo) -> Delete on reboot. C:\WINDOWS\system32\subalavi.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS\system32\nukavuso.dll (Trojan.Vundo) -> Delete on reboot. Registry Keys Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{dd6d02be-697c-4cbd-b4e8-0eeb2d19c21c} (Trojan.Vundo.H) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{dd6d02be-697c-4cbd-b4e8-0eeb2d19c21c} (Trojan.Vundo.H) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\UAC (Rootkit.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2524bf80-2df2-4ee7-9110-4045a31a3550} (Trojan.Vundo.H) -> Delete on reboot. HKEY_CLASSES_ROOT\CLSID\{2524bf80-2df2-4ee7-9110-4045a31a3550} (Trojan.Vundo.H) -> Delete on reboot. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2524bf80-2df2-4ee7-9110-4045a31a3550} (Trojan.Vundo.H) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.Vundo.H) -> Delete on reboot. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{dd6d02be-697c-4cbd-b4e8-0eeb2d19c21c} (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully. Registry Values Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\6c2584ac (Trojan.Vundo.H) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cpm6f16b730 (Trojan.Vundo.H) -> Delete on reboot. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\gatulesafe (Trojan.Vundo.H) -> Delete on reboot. HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\gatulesafe (Trojan.Vundo.H) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\ssodl (Trojan.Vundo.H) -> Delete on reboot. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.Vundo.H) -> Delete on reboot. Registry Data Items Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: c:\windows\system32\heyovoki.dll -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: c:\windows\system32\revudahe.dll -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\revudahe.dll -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: system32\heyovoki.dll -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: system32\revudahe.dll -> Quarantined and deleted successfully. Folders Infected: (No malicious items detected) Files Infected: C:\WINDOWS\system32\lbryvo.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS\system32\givubowa.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS\system32\nukavuso.dll (Trojan.Vundo) -> Delete on reboot. C:\WINDOWS\system32\subalavi.dll (Trojan.Vundo.H) -> Delete on reboot. c:\WINDOWS\system32\heyovoki.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS\system32\bemubuse.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS\system32\revudahe.dll (Trojan.Vundo.H) -> Delete on reboot. C:\WINDOWS\system32\nitukito.dll (Trojan.Vundo) -> Delete on reboot. C:\Documents and Settings\Owner\Local Settings\temp\UACc601.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{84F2CF0F-B74A-4119-8E77-185CADB63906}\RP63\A0008241.sys (Rootkit.TDSS) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{84F2CF0F-B74A-4119-8E77-185CADB63906}\RP64\A0008321.dll (Rootkit.TDSS) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{84F2CF0F-B74A-4119-8E77-185CADB63906}\RP64\A0008323.dll (Rootkit.TDSS) -> Quarantined and deleted successfully. C:\WINDOWS\system32\hozutoza.dll (Trojan.Vundo) -> Delete on reboot. C:\System Volume Information\_restore{84F2CF0F-B74A-4119-8E77-185CADB63906}\RP64\A0008320.dll (Trojan.TDSS) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{84F2CF0F-B74A-4119-8E77-185CADB63906}\RP64\A0008322.dll (Trojan.TDSS) -> Quarantined and deleted successfully. C:\WINDOWS\system32\UACbufcnqva.dat (Trojan.Agent) -> Quarantined and deleted successfully. -------------------------------------------------------------------------------------- Do I need to run anything else ... or am I safe now?

as the malwarebytes log shows, you pc has got VUNDO trojan, there are two ways to gett ride of VUNDO trojan. 1: go to http://darfuns.com/remove-vundo-tro... and follow manual removal instructions and remove Vundo trojan : go to http://darfuns.com/download-super-a... and download the super anti spyware program (FREE) to remove Vundo trojan automatically from ur pc by using this tool

UPERAntiSpyware Scan Log http://www.superantispyware.com Generated 03/23/2009 at 11:17 AM Application Version : 4.25.1014 Core Rules Database Version : 3809 Trace Rules Database Version: 1763 Scan type : Complete Scan Total Scan Time : 02:11:21 Memory items scanned : 539 Memory threats detected : 1 Registry items scanned : 6604 Registry threats detected : 6 File items scanned : 85112 File threats detected : 61 Adware.Vundo/Variant-PEC2 C:\WINDOWS\SYSTEM32\GZROWR.DLL C:\WINDOWS\SYSTEM32\GZROWR.DLL Adware.Tracking Cookie C:\Documents and Settings\Owner\Cookies\owner@content.yieldmanager[1].txt C:\Documents and Settings\Owner\Cookies\owner@traffic-go[1].txt C:\Documents and Settings\Owner\Cookies\owner@advertising[3].txt C:\Documents and Settings\Owner\Cookies\owner@media.adrevolver[1].txt C:\Documents and Settings\Owner\Cookies\owner@bs.serving-sys[2].txt C:\Documents and Settings\Owner\Cookies\owner@questionmarket[3].txt C:\Documents and Settings\Owner\Cookies\owner@dynamic.media.adrevolver[1].txt C:\Documents and Settings\Owner\Cookies\owner@tacoda[1].txt C:\Documents and Settings\Owner\Cookies\owner@stopzilla[2].txt C:\Documents and Settings\Owner\Cookies\owner@tribalfusion[3].txt C:\Documents and Settings\Owner\Cookies\owner@evenmorestats[1].txt C:\Documents and Settings\Owner\Cookies\owner@specificclick[1].txt C:\Documents and Settings\Owner\Cookies\owner@www.stopzilla[1].txt C:\Documents and Settings\Owner\Cookies\owner@apmebf[2].txt C:\Documents and Settings\Owner\Cookies\owner@fastclick[2].txt C:\Documents and Settings\Owner\Cookies\owner@richmedia.yahoo[1].txt C:\Documents and Settings\Owner\Cookies\owner@at.atwola[1].txt C:\Documents and Settings\Owner\Cookies\owner@atdmt[3].txt C:\Documents and Settings\Owner\Cookies\owner@msnportal.112.2o7[1].txt C:\Documents and Settings\Owner\Cookies\owner@hypertracker[1].txt C:\Documents and Settings\Owner\Cookies\owner@specificmedia[1].txt C:\Documents and Settings\Owner\Cookies\owner@adrevolver[1].txt C:\Documents and Settings\Owner\Cookies\owner@ads.pointroll[2].txt C:\Documents and Settings\Owner\Cookies\owner@mediaplex[1].txt C:\Documents and Settings\Owner\Cookies\owner@doubleclick[3].txt C:\Documents and Settings\Owner\Cookies\owner@ad.yieldmanager[3].txt C:\Documents and Settings\Owner\Cookies\owner@serving-sys[3].txt eas.apm.emediate.eu [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\hu0cp5ph.default\cookies.txt ] www.accountonline.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\hu0cp5ph.default\cookies.txt ] .adopt.specificclick.net [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\hu0cp5ph.default\cookies.txt ] .specificclick.net [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\hu0cp5ph.default\cookies.txt ] .specificclick.net [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\hu0cp5ph.default\cookies.txt ] .specificclick.net [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\hu0cp5ph.default\cookies.txt ] .specificclick.net [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\hu0cp5ph.default\cookies.txt ] .specificclick.net [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\hu0cp5ph.default\cookies.txt ] .specificclick.net [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\hu0cp5ph.default\cookies.txt ] .specificclick.net [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\hu0cp5ph.default\cookies.txt ] .atwola.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\hu0cp5ph.default\cookies.txt ] media.hotels.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\hu0cp5ph.default\cookies.txt ] .indiads.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\hu0cp5ph.default\cookies.txt ] .media6degrees.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\hu0cp5ph.default\cookies.txt ] .insightexpressai.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\hu0cp5ph.default\cookies.txt ] .insightexpressai.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\hu0cp5ph.default\cookies.txt ] .insightexpressai.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\hu0cp5ph.default\cookies.txt ] .insightexpressai.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\hu0cp5ph.default\cookies.txt ] .insightexpressai.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\hu0cp5ph.default\cookies.txt ] .apmebf.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\hu0cp5ph.default\cookies.txt ] C:\Documents and Settings\Owner\Cookies\owner@ad.yieldmanager[1].txt C:\Documents and Settings\Owner\Cookies\owner@ads.pointroll[1].txt C:\Documents and Settings\Owner\Cookies\owner@advertising[1].txt C:\Documents and Settings\Owner\Cookies\owner@atdmt[2].txt C:\Documents and Settings\Owner\Cookies\owner@bs.serving-sys[1].txt C:\Documents and Settings\Owner\Cookies\owner@doubleclick[2].txt C:\Documents and Settings\Owner\Cookies\owner@questionmarket[1].txt C:\Documents and Settings\Owner\Cookies\owner@serving-sys[2].txt C:\Documents and Settings\Owner\Cookies\owner@tribalfusion[2].txt C:\Documents and Settings\Owner\Cookies\owner@xiti[1].txt C:\QooBox\Quarantine\C\Documents and Settings\Owner\Cookies\owner@insightexpressai[2].txt.vir C:\WINDOWS\system32\config\systemprofile\Cookies\system@crackle[2].txt Adware.180solutions/ZangoSearch HKCR\CLSID\{D676F999-4608-4dc5-A135-4F51F4212739} HKCR\CLSID\{D676F999-4608-4dc5-A135-4F51F4212739}#rsp Adware.Vundo Variant/Rel HKLM\SOFTWARE\Microsoft\MS Track System HKLM\SOFTWARE\Microsoft\MS Track System#Uid HKLM\SOFTWARE\Microsoft\MS Track System#Shows Rogue.Component/Trace HKU\S-1-5-21-1547161642-1078145449-1343024091-1003\Software\Microsoft\FIAS4051 Trace.Known Threat Sources C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\WJ1V1YQC\favicon[1].ico -------------------------------------------------------------------------------------- Completed running super anti spyware; can you guide me to the next step.