Try this out. http://www.superantispyware.co.....vspro.html

Did you get this report from Spyware Doctor? Trojan.agent is too vague. There should be a .<variant name> at the end of that. Also, Spyware Doctor is for Spyware, not viruses unless you have the AV version.

You probably do have an infection. Some of these spyware scams will create a false positive virus in order to try to get you to pay for a removal product. Here is an example of how such programs work from the support forums at Lavasoft, makers of Ad-Aware:
http://www.lavasoftsupport.com.....#38;start=

FMZ, if you can't get or generate a text mode log of the infection report, just look for the name, or variant, of the virus. But, don't worry too much about this virus report -- I'm pretty sure it's a false lead.

I googled up that registry key and got lots of hits for Virtumonde, Vundo, or Vundomonde. It may be one of these, but do try another scanner as PalmTrees suggested. If a scanner can't get it, we may need to see the HJT log, as k9 suggests.

Go to msconfig and check your startup items. Probably the trojan had modified the registry to run the dlls you have mentioned on startup. Just uncheck the boxes corresponding to these dlls. Since you got rid of the trojan and the associated dlls, RunDLL is unable to locate these dlls and execute them.

You can also use a program called Autoruns to help you deal with it.

Aha! Made up jumbled letter filenames are certainly malware related. This still could be a Vundo variant -- see this article at bleepingcomputer.com:
http://www.bleepingcomputer.co.....18610.html

If those RunDLL errors are coming from Windows, you could use Windows Defender or autoruns to remove them from the startup list. Reboot and see that they don't come back. Even if this works, you should continue to test with other free scanners and/or post a HJT log.

FMZ, I'm glad your pop-ups are gone. I would not be satisfied with just unchecking those startup items in msconfig. They need to be completely removed. Use Windows Defender or Autoruns and delete those bogus entries with extreme prejudice! If you need help with that, just ask.

Once that's done, then you can consider this incident to be done with. However, it never hurts to get a 2nd, 3rd or 4th opinion. There are lots of free online scanners and they might find leftovers from this infection or another one lying in wait. Finally, see this wiki article for general tips on preventing another infection from even getting on your system:
http://www.howtogeek.com/wiki/.....nd_Spyware

Txs team, the system is running smooth as ever! One other question, I downloaded Autoruns as ScottW suggested, what do I do next with this program?

First I ran SmitFraudFix (for trojan.agent), this removed a good part of the problem, after that I ran FixIEDef.exe by ShadowPuterDude(for IEDefender), this website was suggested by ScottW (http://www.lavasoftsupport.com.....#38;start= ) and thats it. A note, all the time I had windows restore shut down. And scanning with PC Tools Spyware Doctor and Norton.

FMZ, autoruns may look a little chaotic at first. Go to the Logon tab and here you will see all of the programs that are set to launch at startup time. They are presented as registry keys, with the programs underneath. Userinit and Shell (explorer.exe) are part of the OS and should not be altered. The keys that end CurrentVersion\Run RunOnce and Programs\Startup are where you will find the startup programs. If you see any leftovers from the infection, such as <jumbled letters>.dll, delete those.

As for the rest, you should look them over and be sure that you know what they all are and what they do. If there is something there you don't recognize, google it up and find out what it is. For things that you do recognize, you can decide if you want them to run or not. To try running without these extras, just uncheck them.