soybot picked up this


HKEY_USERS\S-1-5-21-3596468691-1117351892-3897911047-1006\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN\iexplore.excel=W=1

I havnt deleted it but have deleted all other probs it detected

Still getting popups tho

Would appreciate advice on what to do with this before i fix it pls

TA

DELBOY001

Hello.


Open SpyBot.
Check for problems.
When finished, right click and choose copy results (not the full report) to clipboard and post that into topic.


Thanks.

thankyou Tashi

cannot copy to clipboard but save to file, copied and pasted hope this is what you require


Microsoft.Windows.Security.InternetExplorer: Settings (Registry change, nothing done)
HKEY_USERS\S-1-5-21-3596468691-1117351892-3897911047-1006\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN\iexplore.exe!=W=1

ReliableStats: Tracking cookie (Internet Explorer: Steve) (Cookie, nothing done)


Zedo: Tracking cookie (Internet Explorer: Steve) (Cookie, nothing done)


Winsoftware.WinAntiVirusPro2006: Tracking cookie (Internet Explorer: Steve) (Cookie, nothing done)


Smitfraud-C.Toolbar888: Tracking cookie (Internet Explorer: Steve) (Cookie, nothing done)



--- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---

2005-05-31 blindman.exe (1.0.0.1)
2005-05-31 SpybotSD.exe (1.4.0.3)
2005-05-31 TeaTimer.exe (1.4.0.2)
2007-04-09 unins000.exe (51.41.0.0)
2005-05-31 Update.exe (1.4.0.0)
2007-01-15 advcheck.dll (1.2.1.0)
2005-05-31 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2005-05-31 SDHelper.dll (1.4.0.0)
2007-01-02 Tools.dll (2.0.1.0)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2007-04-04 Includes\Cookies.sbi (*)
2006-12-08 Includes\Dialer.sbi (*)
2007-04-04 Includes\DialerC.sbi (*)
2007-04-04 Includes\Hijackers.sbi (*)
2007-04-04 Includes\HijackersC.sbi (*)
2006-10-27 Includes\Keyloggers.sbi (*)
2007-04-04 Includes\KeyloggersC.sbi (*)
2007-03-21 Includes\Malware.sbi (*)
2007-04-04 Includes\MalwareC.sbi (*)
2007-03-21 Includes\PUPS.sbi (*)
2007-04-04 Includes\PUPSC.sbi (*)
2007-04-04 Includes\Revision.sbi (*)
2006-12-08 Includes\Security.sbi (*)
2007-04-04 Includes\SecurityC.sbi (*)
2007-03-21 Includes\Spybots.sbi (*)
2007-04-04 Includes\SpybotsC.sbi (*)
2005-02-17 Includes\Tracks.uti
2007-04-04 Includes\Trojans.sbi (*)
2007-04-04 Includes\TrojansC.sbi (*)



DELBOY

The default setting for the following registry entry became "iexplore.exe"=dword:00000001 with the introduction of Windows XP Service Pack 2.


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]
"iexplore.exe"=dword:00000001
Spybot's detection indicates that the registry entry "!=W=1" (where "!=" is not equal and "W=1" is dword:00000001). In other words the value not set to the default value.

There is an explanation (relatively technical) of FEATURE_LOCALMACHINE_LOCKDOWN in the following:
Compatibility in Internet Explorer 6 for Windows XP Service Pack 2
http://msdn.microsoft.com/library/default.asp?url=/workshop/author/dhtml/overview/xpsp2compat.asp
The bottom line is, if you did not intentionally change the default for some reason such as the following, I suggest that fix the problem:
Pictures do not appear as expected, or you receive an error message when you open an HTML file on a Windows XP Service Pack 2-based computer
http://support.microsoft.com/kb/878461

Winsoftware.WinAntiVirusPro2006: Tracking cookie (Internet Explorer: Steve) (Cookie, nothing done)


Hi DELBOY,

Also, we should take a look at the System, you may have an infected machine.

Please follow the procedure in this link: "BEFORE you POST" -Preliminary Steps (http://forums.spybot.info/showthread.php?t=288) Then start your own thread in the Malware Removal Forum (http://forums.spybot.info/forumdisplay.php?f=22)

Once you have posted a helper will advise you as soon as available.

Cheers.

Thnx MD USA Ihave done that ( made iexplore =1)

I will see what happens

Thnx


Tashi

I will do as you asked thnkyou too!

DELBOY))!

Incident Status Location

Adware:adware/block-checker Not disinfected Windows Registry
Hacktool:HackTool/EvID Not disinfected C:\Documents and Settings\All Users\Documents\PPLive TV\SynaLiveSetup.exe[EvID4226Patch.exe]
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Chris\Cookies\chris@247realmedia[1].txt
Spyware:Cookie/888 Not disinfected C:\Documents and Settings\Chris\Cookies\chris@888[1].txt
Spyware:Cookie/888 Not disinfected C:\Documents and Settings\Chris\Cookies\chris@888[2].txt
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Chris\Cookies\chris@ad.yieldmanager[1].txt
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Chris\Cookies\chris@adrevolver[1].txt
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Chris\Cookies\chris@adrevolver[3].txt
Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Chris\Cookies\chris@ads.pointroll[2].txt
Spyware:Cookie/Adtech Not disinfected C:\Documents and Settings\Chris\Cookies\chris@adtech[2].txt
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Chris\Cookies\chris@advertising[1].txt
Spyware:Cookie/Adviva Not disinfected C:\Documents and Settings\Chris\Cookies\chris@adviva[1].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Chris\Cookies\chris@atdmt[2].txt
Spyware:Cookie/Bluestreak Not disinfected C:\Documents and Settings\Chris\Cookies\chris@bluestreak[1].txt
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Chris\Cookies\chris@bs.serving-sys[2].txt
Spyware:Cookie/BurstNet Not disinfected C:\Documents and Settings\Chris\Cookies\chris@burstnet[1].txt
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Chris\Cookies\chris@casalemedia[2].txt
Spyware:Cookie/Cassava Not disinfected C:\Documents and Settings\Chris\Cookies\chris@cassava[1].txt
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Chris\Cookies\chris@com[1].txt
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Chris\Cookies\chris@doubleclick[1].txt
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Chris\Cookies\chris@fastclick[2].txt
Spyware:Cookie/Comclick Not disinfected C:\Documents and Settings\Chris\Cookies\chris@fl01.ct2.comclick[1].txt
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Chris\Cookies\chris@hitbox[2].txt
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Chris\Cookies\chris@mediaplex[1].txt
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Chris\Cookies\chris@overture[1].txt
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Chris\Cookies\chris@questionmarket[1].txt
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Chris\Cookies\chris@realmedia[1].txt
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Chris\Cookies\chris@serving-sys[1].txt
Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Chris\Cookies\chris@statcounter[1].txt
Spyware:Cookie/Reliablestats Not disinfected C:\Documents and Settings\Chris\Cookies\chris@stats1.reliablestats[2].txt
Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Chris\Cookies\chris@statse.webtrendslive[1].txt
Spyware:Cookie/Tradedoubler Not disinfected C:\Documents and Settings\Chris\Cookies\chris@tradedoubler[2].txt
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Chris\Cookies\chris@tribalfusion[1].txt
Spyware:Cookie/Valueclick Not disinfected C:\Documents and Settings\Chris\Cookies\chris@valueclick[2].txt
Spyware:Cookie/BurstBeacon Not disinfected C:\Documents and Settings\Chris\Cookies\chris@www.burstbeacon[2].txt
Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Chris\Cookies\chris@zedo[1].txt

Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Lynn\Cookies\lynn@ad.yieldmanager[1].txt
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Lynn\Cookies\lynn@adrevolver[1].txt
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Lynn\Cookies\lynn@adrevolver[2].txt
Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Lynn\Cookies\lynn@ads.pointroll[1].txt
Spyware:Cookie/Adtech Not disinfected C:\Documents and Settings\Lynn\Cookies\lynn@adtech[2].txt
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Lynn\Cookies\lynn@advertising[2].txt
Spyware:Cookie/Adviva Not disinfected C:\Documents and Settings\Lynn\Cookies\lynn@adviva[2].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Lynn\Cookies\lynn@atdmt[2].txt
Spyware:Cookie/Bluestreak Not disinfected C:\Documents and Settings\Lynn\Cookies\lynn@bluestreak[2].txt
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Lynn\Cookies\lynn@bs.serving-sys[1].txt
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Lynn\Cookies\lynn@casalemedia[1].txt
Spyware:Cookie/Clickbank Not disinfected C:\Documents and Settings\Lynn\Cookies\lynn@clickbank[2].txt
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Lynn\Cookies\lynn@doubleclick[1].txt
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Lynn\Cookies\lynn@fastclick[2].txt
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Lynn\Cookies\lynn@hitbox[1].txt
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Lynn\Cookies\lynn@mediaplex[2].txt
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Lynn\Cookies\lynn@overture[1].txt
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Lynn\Cookies\lynn@questionmarket[1].txt
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Lynn\Cookies\lynn@serving-sys[1].txt
Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Lynn\Cookies\lynn@statcounter[1].txt
Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Lynn\Cookies\lynn@statse.webtrendslive[2].txt
Spyware:Cookie/Tradedoubler Not disinfected C:\Documents and Settings\Lynn\Cookies\lynn@tradedoubler[2].txt
Spyware:Cookie/Cgi-bin Not disinfected C:\Documents and Settings\Lynn\Local Settings\Temp\Cookies\lynn@cgi-bin[1].txt
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Lynn\Local Settings\Temp\Cookies\lynn@doubleclick[1].txt
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Martin\Application Data\Mozilla\Firefox\Profiles\y8obibpo.default\cookies.txt[.hitbox.com/]
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Martin\Application Data\Mozilla\Firefox\Profiles\y8obibpo.default\cookies.txt[.atdmt.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Martin\Application Data\Mozilla\Firefox\Profiles\y8obibpo.default\cookies.txt[.casalemedia.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Martin\Application Data\Mozilla\Firefox\Profiles\y8obibpo.default\cookies.txt[.mediaplex.com/]
Spyware:Cookie/bravenetA Not disinfected C:\Documents and Settings\Martin\Application Data\Mozilla\Firefox\Profiles\y8obibpo.default\cookies.txt[.bravenet.com/]
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Martin\Application Data\Mozilla\Firefox\Profiles\y8obibpo.default\cookies.txt[.advertising.com/]
Spyware:Cookie/WinFixer Not disinfected C:\Documents and Settings\Martin\Application Data\Mozilla\Firefox\Profiles\y8obibpo.default\cookies.txt[.winfixer.com/]
Spyware:Cookie/Reliablestats Not disinfected C:\Documents and Settings\Martin\Application Data\Mozilla\Firefox\Profiles\y8obibpo.default\cookies.txt[stats1.reliablestats.com/]
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Martin\Application Data\Mozilla\Firefox\Profiles\y8obibpo.default\cookies.txt[.doubleclick.net/]
Spyware:Cookie/Valueclick Not disinfected C:\Documents and Settings\Martin\Application Data\Mozilla\Firefox\Profiles\y8obibpo.default\cookies.txt[.valueclick.com/]
Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Martin\Application Data\Mozilla\Firefox\Profiles\y8obibpo.default\cookies.txt[statse.webtrendslive.com/dcsnoi7kme9xjy0rkvgs4687n_2h1c]
Spyware:Cookie/Adtech Not disinfected C:\Documents and Settings\Martin\Application Data\Mozilla\Firefox\Profiles\y8obibpo.default\cookies.txt[.adtech.de/]
Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Martin\Application Data\Mozilla\Firefox\Profiles\y8obibpo.default\cookies.txt[statse.webtrendslive.com/]
Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Martin\Application Data\Mozilla\Firefox\Profiles\y8obibpo.default\cookies.txt[.statcounter.com/]
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Martin\Application Data\Mozilla\Firefox\Profiles\y8obibpo.default\cookies.txt[.fastclick.net/]
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Martin\Application Data\Mozilla\Firefox\Profiles\y8obibpo.default\cookies.txt[ad.yieldmanager.com/]
Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Martin\Cookies\martin@112.2o7[2].txt
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Martin\Cookies\martin@247realmedia[2].txt
Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Martin\Cookies\martin@2o7[2].txt
Spyware:Cookie/888 Not disinfected C:\Documents and Settings\Martin\Cookies\martin@888[1].txt
Spyware:Cookie/888 Not disinfected C:\Documents and Settings\Martin\Cookies\martin@888[2].txt
Spyware:Cookie/Hbmediapro Not disinfected C:\Documents and Settings\Martin\Cookies\martin@adopt.hbmediapro[1].txt
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Martin\Cookies\martin@adrevolver[1].txt
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Martin\Cookies\martin@adrevolver[2].txt

Spyware:Cookie/AdDynamix Not disinfected C:\Documents and Settings\Martin\Cookies\martin@ads.addynamix[1].txt
Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Martin\Cookies\martin@ads.pointroll[2].txt
Spyware:Cookie/Adtech Not disinfected C:\Documents and Settings\Martin\Cookies\martin@adtech[2].txt
Spyware:Cookie/adultfriendfinder Not disinfected C:\Documents and Settings\Martin\Cookies\martin@adultfriendfinder[2].txt
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Martin\Cookies\martin@advertising[2].txt
Spyware:Cookie/Adviva Not disinfected C:\Documents and Settings\Martin\Cookies\martin@adviva[2].txt
Spyware:Cookie/NewMedia Not disinfected C:\Documents and Settings\Martin\Cookies\martin@anm.co[1].txt
Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\Martin\Cookies\martin@as-eu.falkag[1].txt
Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\Martin\Cookies\martin@as-us.falkag[2].txt
Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\Martin\Cookies\martin@as1.falkag[1].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Martin\Cookies\martin@atdmt[2].txt
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Martin\Cookies\martin@atwola[1].txt
Spyware:Cookie/Azjmp Not disinfected C:\Documents and Settings\Martin\Cookies\martin@azjmp[1].txt
Spyware:Cookie/Bfast Not disinfected C:\Documents and Settings\Martin\Cookies\martin@bfast[2].txt
Spyware:Cookie/Bluestreak Not disinfected C:\Documents and Settings\Martin\Cookies\martin@bluestreak[2].txt
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Martin\Cookies\martin@bs.serving-sys[1].txt
Spyware:Cookie/BurstNet Not disinfected C:\Documents and Settings\Martin\Cookies\martin@burstnet[2].txt
Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Martin\Cookies\martin@c5.zedo[1].txt
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Martin\Cookies\martin@casalemedia[1].txt
Spyware:Cookie/Cassava Not disinfected C:\Documents and Settings\Martin\Cookies\martin@cassava[1].txt
Spyware:Cookie/Ccbill Not disinfected C:\Documents and Settings\Martin\Cookies\martin@ccbill[2].txt
Spyware:Cookie/Cgi-bin Not disinfected C:\Documents and Settings\Martin\Cookies\martin@cgi-bin[4].txt
Spyware:Cookie/Clickbank Not disinfected C:\Documents and Settings\Martin\Cookies\martin@clickbank[1].txt
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Martin\Cookies\martin@com[1].txt
Spyware:Cookie/Hitslink Not disinfected C:\Documents and Settings\Martin\Cookies\martin@counter.hitslink[1].txt
Spyware:Cookie/Sextracker Not disinfected C:\Documents and Settings\Martin\Cookies\martin@counter1.sextracker[1].txt
Spyware:Cookie/Sextracker Not disinfected C:\Documents and Settings\Martin\Cookies\martin@counter15.sextracker[2].txt
Spyware:Cookie/Sextracker Not disinfected C:\Documents and Settings\Martin\Cookies\martin@counter4.sextracker[1].txt
Spyware:Cookie/Sextracker Not disinfected C:\Documents and Settings\Martin\Cookies\martin@counter5.sextracker[1].txt
Spyware:Cookie/Sextracker Not disinfected C:\Documents and Settings\Martin\Cookies\martin@counter6.sextracker[1].txt
Spyware:Cookie/Sextracker Not disinfected C:\Documents and Settings\Martin\Cookies\martin@counter9.sextracker[1].txt
Spyware:Cookie/Coremetrics Not disinfected C:\Documents and Settings\Martin\Cookies\martin@data.coremetrics[1].txt
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Martin\Cookies\martin@doubleclick[1].txt
Spyware:Cookie/DriveCleaner Not disinfected C:\Documents and Settings\Martin\Cookies\martin@drivecleaner[1].txt
Spyware:Cookie/Entrepreneur Not disinfected C:\Documents and Settings\Martin\Cookies\martin@entrepreneur[1].txt
Spyware:Cookie/ErrorSafe Not disinfected C:\Documents and Settings\Martin\Cookies\martin@errorsafe[2].txt
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Martin\Cookies\martin@fastclick[2].txt
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Martin\Cookies\martin@hitbox[2].txt
Spyware:Cookie/HotLog Not disinfected C:\Documents and Settings\Martin\Cookies\martin@hotlog[2].txt
Spyware:Cookie/Internetfuel Not disinfected C:\Documents and Settings\Martin\Cookies\martin@internetfuel[1].txt
Spyware:Cookie/Linksynergy Not disinfected C:\Documents and Settings\Martin\Cookies\martin@linksynergy[1].txt
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Martin\Cookies\martin@mediaplex[1].txt
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Martin\Cookies\martin@overture[1].txt
Spyware:Cookie/AspinallsOnlineCasino Not disinfected C:\Documents and Settings\Martin\Cookies\martin@pacificpoker[1].txt
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Martin\Cookies\martin@questionmarket[2].txt
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Martin\Cookies\martin@realmedia[2].txt
Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Martin\Cookies\martin@server.iad.liveperson[1].txt
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Martin\Cookies\martin@serving-sys[2].txt
Spyware:Cookie/Sextracker Not disinfected C:\Documents and Settings\Martin\Cookies\martin@sextracker[1].txt
Spyware:Cookie/SpyLog Not disinfected C:\Documents and Settings\Martin\Cookies\martin@spylog[2].txt

Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Martin\Cookies\martin@statcounter[1].txt
Spyware:Cookie/DriveCleaner Not disinfected C:\Documents and Settings\Martin\Cookies\martin@stats.drivecleaner[2].txt
Spyware:Cookie/Reliablestats Not disinfected C:\Documents and Settings\Martin\Cookies\martin@stats1.reliablestats[2].txt
Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Martin\Cookies\martin@statse.webtrendslive[2].txt
Spyware:Cookie/Systemdoctor Not disinfected C:\Documents and Settings\Martin\Cookies\martin@systemdoctor[2].txt
Spyware:Cookie/Mammamediasolutions Not disinfected C:\Documents and Settings\Martin\Cookies\martin@targetnet[1].txt
Spyware:Cookie/Toplist Not disinfected C:\Documents and Settings\Martin\Cookies\martin@toplist[1].txt
Spyware:Cookie/Tradedoubler Not disinfected C:\Documents and Settings\Martin\Cookies\martin@tradedoubler[2].txt
Spyware:Cookie/Traffic Marketplace Not disinfected C:\Documents and Settings\Martin\Cookies\martin@trafficmp[2].txt
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Martin\Cookies\martin@tribalfusion[1].txt
Spyware:Cookie/Valueclick Not disinfected C:\Documents and Settings\Martin\Cookies\martin@valueclick[1].txt
Spyware:Cookie/Weborama Not disinfected C:\Documents and Settings\Martin\Cookies\martin@weborama[2].txt
Spyware:Cookie/WebPower Not disinfected C:\Documents and Settings\Martin\Cookies\martin@webpower[1].txt
Spyware:Cookie/Winantivirus Not disinfected C:\Documents and Settings\Martin\Cookies\martin@winantispyware[1].txt
Spyware:Cookie/Winantivirus Not disinfected C:\Documents and Settings\Martin\Cookies\martin@winantivirus[2].txt
Spyware:Cookie/BurstBeacon Not disinfected C:\Documents and Settings\Martin\Cookies\martin@www.burstbeacon[1].txt
Spyware:Cookie/DriveCleaner Not disinfected C:\Documents and Settings\Martin\Cookies\martin@www.drivecleaner[2].txt
Spyware:Cookie/ErrorSafe Not disinfected C:\Documents and Settings\Martin\Cookies\martin@www.errorsafe[1].txt
Spyware:Cookie/Intelli-tracker Not disinfected C:\Documents and Settings\Martin\Cookies\martin@www.intelli-tracker[1].txt
Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\Martin\Cookies\martin@xiti[1].txt
Spyware:Cookie/Yadro Not disinfected C:\Documents and Settings\Martin\Cookies\martin@yadro[2].txt
Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Martin\Cookies\martin@zedo[1].txt
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Martin\Local Settings\Temp\Cookies\martin@ad.yieldmanager[1].txt
Spyware:Cookie/Hbmediapro Not disinfected C:\Documents and Settings\Martin\Local Settings\Temp\Cookies\martin@adopt.hbmediapro[2].txt
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Martin\Local Settings\Temp\Cookies\martin@adrevolver[1].txt
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Martin\Local Settings\Temp\Cookies\martin@adrevolver[2].txt

Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Martin\Local Settings\Temp\Cookies\martin@advertising[2].txt
Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\Martin\Local Settings\Temp\Cookies\martin@as-eu.falkag[1].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Martin\Local Settings\Temp\Cookies\martin@atdmt[2].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Martin\Local Settings\Temp\Cookies\martin@belnk[1].txt
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Martin\Local Settings\Temp\Cookies\martin@casalemedia[2].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Martin\Local Settings\Temp\Cookies\martin@dist.belnk[2].txt
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Martin\Local Settings\Temp\Cookies\martin@doubleclick[2].txt
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Martin\Local Settings\Temp\Cookies\martin@fastclick[1].txt
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Martin\Local Settings\Temp\Cookies\martin@media.fastclick[2].txt
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Martin\Local Settings\Temp\Cookies\martin@mediaplex[1].txt
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Martin\Local Settings\Temp\Cookies\martin@realmedia[1].txt
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Martin\Local Settings\Temp\Cookies\martin@tribalfusion[1].txt
Spyware:Cookie/Valueclick Not disinfected C:\Documents and Settings\Martin\Local Settings\Temp\Cookies\martin@valueclick[2].txt
Spyware:Cookie/WebPower Not disinfected C:\Documents and Settings\Martin\Local Settings\Temp\Cookies\martin@webpower[1].txt
Spyware:Cookie/Winantivirus Not disinfected C:\Documents and Settings\Martin\Local Settings\Temp\Cookies\martin@winantivirus[1].txt
Spyware:Cookie/Winantivirus Not disinfected C:\Documents and Settings\Martin\Local Settings\Temp\Cookies\martin@www.winantivirus[1].txt
Spyware:Cookie/Xmts Not disinfected C:\Documents and Settings\Martin\Local Settings\Temp\Cookies\martin@xmts[1].txt
Spyware:Cookie/Adserver Not disinfected C:\Documents and Settings\Martin\Local Settings\Temp\Cookies\martin@z1.adserver[1].txt
Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Martin\Local Settings\Temp\Cookies\martin@zedo[1].txt
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Steve\Cookies\steve@adrevolver[1].txt
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Steve\Cookies\steve@adrevolver[3].txt
Spyware:Cookie/Adtech Not disinfected C:\Documents and Settings\Steve\Cookies\steve@adtech[2].txt
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Steve\Cookies\steve@advertising[1].txt
Spyware:Cookie/Adviva Not disinfected C:\Documents and Settings\Steve\Cookies\steve@adviva[1].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Steve\Cookies\steve@atdmt[2].txt
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Steve\Cookies\steve@doubleclick[1].txt
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Steve\Cookies\steve@fastclick[2].txt
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Steve\Cookies\steve@media.fastclick[2].txt
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Steve\Cookies\steve@overture[1].txt
Spyware:Cookie/Tradedoubler Not disinfected C:\Documents and Settings\Steve\Cookies\steve@tradedoubler[1].txt
Spyware:Cookie/Valueclick Not disinfected C:\Documents and Settings\Steve\Cookies\steve@valueclick[1].txt
Spyware:Spyware/SafeSurf Not disinfected C:\Program Files\Windows Media Player\Skins\evillyrics.zip[setup.exe][²ÜÇ\ExtractDLL.dll]
Spyware:Spyware/Vundo Not disinfected C:\WINDOWS\system32\gqugddol.dll




I see something called vundo there

sorry its so long

gonna empty and run Bitdefender

BIT DEFENDER REPORT

BitDefender Online Scanner



Scan report generated at: Wed, Apr 11, 2007 - 16:18:13





Scan path: C:\;D:\;E:\;F:\;







Statistics

Time
01:49:57

Files
397718

Folders
10403

Boot Sectors
3

Archives
7983

Packed Files
18323




Results

Identified Viruses
3

Infected Files
5

Suspect Files
0

Warnings
0

Disinfected
0

Deleted Files
6




Engines Info

Virus Definitions
485104

Engine build
AVCORE v1.0 (build 2397) (i386) (Feb 8 2007 14:24:08)

Scan plugins
14

Archive plugins
38

Unpack plugins
6

E-mail plugins
6

System plugins
1




Scan Settings

First Action
Disinfect

Second Action
Delete

Heuristics
Yes

Enable Warnings
Yes

Scanned Extensions
*;

Exclude Extensions


Scan Emails
Yes

Scan Archives
Yes

Scan Packed
Yes

Scan Files
Yes

Scan Boot
Yes




Scanned File
Status

C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\2C.tmp=>(Quarantine-4)
Infected with: Trojan.Spy.VBStat.B

C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\2C.tmp=>(Quarantine-4)
Deleted

C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\2D.tmp=>(Quarantine-4)
Infected with: Trojan.Virtumod.JB

C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\2D.tmp=>(Quarantine-4)
Disinfection failed

C:\Program Files\Trend Micro\Internet Security 2007\Quarantine\2D.tmp=>(Quarantine-4)
Deleted

C:\WINDOWS\system32\byxxxxx.dll
Infected with: MemScan:Trojan.Vundo.DLM

C:\WINDOWS\system32\byxxxxx.dll
Disinfection failed

C:\WINDOWS\system32\byxxxxx.dll
Delete failed

C:\WINDOWS\system32\fccabaa.dll
Infected with: MemScan:Trojan.Vundo.DLM

C:\WINDOWS\system32\fccabaa.dll
Disinfection failed

C:\WINDOWS\system32\fccabaa.dll
Deleted

C:\WINDOWS\system32\ljjjghf.dll
Infected with: MemScan:Trojan.Vundo.DLM

C:\WINDOWS\system32\ljjjghf.dll
Disinfection failed

C:\WINDOWS\system32\ljjjghf.dll
Deleted





OH DEAR !!!

Hi DELBOY001.

Re: PM and WinAntiVirusPro2006.

I strongly suggest you start a topic in the malware removal forum, so that one of our helpers can take a look at the system.

Cheers.