I'm still a bit troubled that Ewido still didn't delete anything. I'll just have you do them by hand then.
Deletions
Delete the following files indicated in
RED if they still exist:
D:\WINDOWS\SYSTEM\exdl.exe
D:\WINDOWS\SYSTEM\exdl0.exe
D:\WINDOWS\SYSTEM\exul.exe
D:\WINDOWS\SYSTEM\javexulm.vxd
D:\WINDOWS\SYSTEM\mqexdlm.srg
Empty Spybot Quarantine
Open
SpyBot Search & Destroy and click on the
Recovery button. Tick all the listed boxes and then click on
Purge selected items at the top. Click
Yes. Exit Spybot.
Clear Cookies
Clear your IE cookies. Start>Settings>Control Panel>Internet Options>General. Under
Temporary Internet Files, click on
Delete Cookies. Then click
Delete Files.
Perform an online scan with Internet Explorer with
Panda ActiveScan.
- Click on the "Scan your PC" button located at the bottom of the page. A popup window should appear -- make sure you allow it if you have a popup blocker.
- Enter your e-mail address, country, and state and click Scan Now.
- Your computer will download Panda's 8 megabyte ActiveX control at this point. Follow the on-screen directions if it asks you to install the ActiveX control.
- Begin the scan by selecting My Computer. Note:
- Please turn off the real time scanner of any existing antivirus program while performing the online scan.
- Please ignore any entry it finds and the offer to buy the program to remove the entry, as we will address this later.
- Click on See report then click Save report.
- It is not necessary to remain online while it's doing the scan, but you will have to re-connect after it has finished to see the report.
Post the Panda report when it's done along with one more HijackThis log. Also let me know how your machine is behaving now.