Buddy215...I stumbled across your fix when researching how to get rid of the same issue. I'm getting popups from the same sites and warnings to install AnitVirus 2009. I completed all the steps below and I am still getting the popups. Attahced is my SAS log. Any help is much appreciated.
SUPERAntiSpyware Scan Log
http://www.superantispyware.comGenerated 12/08/2008 at 11:00 PM
Application Version : 4.23.1006
Core Rules Database Version : 3668
Trace Rules Database Version: 1647
Scan type : Complete Scan
Total Scan Time : 00:24:17
Memory items scanned : 209
Memory threats detected : 0
Registry items scanned : 5708
Registry threats detected : 27
File items scanned : 54417
File threats detected : 35
Adware.Vundo Variant
HKLM\Software\Classes\CLSID\{EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4}
HKCR\CLSID\{EC43E3FD-5C60-46A6-97D7-E0B85DBDD6C4}
HKCR\CLSID\{EC43E3FD-5C60-46A6-97D7-E0B85DBDD6C4}\InprocServer32
HKCR\CLSID\{EC43E3FD-5C60-46A6-97D7-E0B85DBDD6C4}\InprocServer32#ThreadingModel
C:\WINDOWS\SYSTEM32\NANULOTE.DLL
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler#{EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad#SSODL
C:\WINDOWS\SYSTEM32\BIYEDEPU.DLL
HKCR\CLSID\{EC43E3FD-5C60-46A6-97D7-E0B85DBDD6C4}
Adware.MyWebSearch
HKU\S-1-5-21-583907252-1417001333-839522115-3769\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D}
HKU\S-1-5-21-583907252-1417001333-839522115-3769\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
HKU\S-1-5-21-583907252-1417001333-839522115-3769\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
Adware.Tracking Cookie
C:\Documents and Settings\agough\Cookies\agough@adopt.specificclick[1].txt
C:\Documents and Settings\agough\Cookies\agough@specificmedia[1].txt
C:\Documents and Settings\agough\Cookies\agough@revsci[2].txt
C:\Documents and Settings\agough\Cookies\agough@ads.cnn[2].txt
C:\Documents and Settings\agough\Cookies\agough@realmedia[1].txt
C:\Documents and Settings\agough\Cookies\agough@tribalfusion[1].txt
C:\Documents and Settings\agough\Cookies\agough@ads.bleepingcomputer[2].txt
C:\Documents and Settings\agough\Cookies\agough@microsoftwindows.112.2o7[1].txt
C:\Documents and Settings\agough\Cookies\agough@serving-sys[2].txt
C:\Documents and Settings\agough\Cookies\agough@questionmarket[2].txt
C:\Documents and Settings\agough\Cookies\agough@directtrack[1].txt
C:\Documents and Settings\agough\Cookies\agough@advancedscanner[2].txt
C:\Documents and Settings\agough\Cookies\agough@mediaplex[1].txt
C:\Documents and Settings\agough\Cookies\agough@zedo[1].txt
C:\Documents and Settings\agough\Cookies\agough@atdmt[2].txt
C:\Documents and Settings\agough\Cookies\agough@s.clickability[2].txt
C:\Documents and Settings\agough\Cookies\agough@imrworldwide[2].txt
C:\Documents and Settings\agough\Cookies\agough@clickbank[2].txt
C:\Documents and Settings\agough\Cookies\agough@ad.yieldmanager[2].txt
C:\Documents and Settings\agough\Cookies\agough@bs.serving-sys[2].txt
C:\Documents and Settings\agough\Cookies\agough@casalemedia[2].txt
C:\Documents and Settings\agough\Cookies\agough@specificclick[2].txt
C:\Documents and Settings\agough\Cookies\agough@trafficmp[1].txt
C:\Documents and Settings\agough\Cookies\agough@angleinteractive.directtrack[2].txt
C:\Documents and Settings\agough\Cookies\agough@doubleclick[1].txt
C:\Documents and Settings\agough\Cookies\agough@2o7[2].txt
C:\Documents and Settings\agough\Cookies\agough@overture[2].txt
C:\Documents and Settings\agough\Cookies\agough@apmebf[1].txt
Adware.MyWebSearch/FunWebProducts
HKCR\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}
HKCR\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}\1.0
HKCR\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}\1.0\0
HKCR\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}\1.0\0\win32
HKCR\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}\1.0\FLAGS
HKCR\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}\1.0\HELPDIR
HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}
HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}\ProxyStubClsid
HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}\ProxyStubClsid32
HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}\TypeLib
HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}\TypeLib#Version
Adware.Vundo Variant/Rel
HKLM\SOFTWARE\Microsoft\contim
HKLM\SOFTWARE\Microsoft\contim#SysShell
HKLM\SOFTWARE\Microsoft\rdfa
HKLM\SOFTWARE\Microsoft\rdfa#F
HKLM\SOFTWARE\Microsoft\rdfa#N
Trojan.Fake-Alert/Trace
HKU\S-1-5-21-583907252-1417001333-839522115-3769\SOFTWARE\Microsoft\fias4013
Adware.Vundo Variant/HAL
C:\WINDOWS\SYSTEM32\GAYUSOMI.DLL
Trace.Known Threat Sources
C:\Documents and Settings\agough\Local Settings\Temporary Internet Files\Content.IE5\E8N7GYGK\indexsg[1].htm
C:\Documents and Settings\agough\Local Settings\Temporary Internet Files\Content.IE5\ET6C8BJG\l.s.bg1z[1].gif
C:\Documents and Settings\agough\Local Settings\Temporary Internet Files\Content.IE5\E8N7GYGK\l.s.bg2z[1].gif
C:\Documents and Settings\agough\Local Settings\Temporary Internet Files\Content.IE5\MPQHZB6N\favicon[4].ico