Hi
i finally could remove the Vundo trojan using avast… now i guess im clear, nothing suspicious in the register or system32 or windows, etc…
BUT after i removed it, i said i need to repair windows (using the windows XP CD)… after the repair, some things began going weird:
1- i have no sound. At each boot, windows says it found a new hardware (the "Realtek High Definition Audio Device")… i got the driver for this on a CD, windows begins to install it and copy files, then says "installation of the device fails"…
2- i got an ATI Radeon X1950 pro which has a driver and a control software… the driver is OK, but then the control software (MOM.exe) takes much CPU time and so do csrss.exe and vsmon.exe (zonealarm)…
3- when browsing a CD, opening some folder then another etc… and then using the "Up" button to go to the parent folder, the path shown in the address bar goes like C:\Documents and Settings\User\Local Settings\Application Data\Microsoft\CD Burning\setup where setup is the folder inside the CD… this problem doesnt show up when i browse into folders on my drives…
I dunno if these 3 problems have to do with Vundo being removed or with the windows repair (i think it’s the first time i do a repair since i got my computer 6 months ago)… or maybe the combination of both…
thank you for ur time reading what i wrote… any ideas are welcome.. the 3rd issue is very secondary as it doesnt affect anything im doing, so u may want to forget about it, but it also may give u a clue…
everything else looks normal.. no CPU time consumption, no suspicious processes, no viruses/worms found by either adaware or avast, browsers and other applications run normally…
I just tried to reinstall the CCC (catalyst control center of ATI), and when the installshield begins to copy files, at each step i get a dialog saying "incorrect command line parameters
windows installer V 2.00.2600.1106
Copyright 2000 Microsoft Corporation. All rght reserved.
Portion of this software are based in part on the work of the Independent JPEG group."
i can only click on an OK button, and i need to do that like a hundred times until the install shield completes (i keep pressing on the Enter button)…
about the CCC (MOM.exe): i have noticed that this process causes a consumption of the CPU time because it is being constantly restarted (like some other process keeps it from starting normally)… im saying this because the memory usage of MOM.exe keeps on swinging between something like 200 Kbytes and 8,000 Kbytes… at the same times, csrss, vsmon and also zclient use up to 60% off the CPU time until i kill the MOM process…