I have one trojan on my computer after running my AV program.

I cannot seem to get rid of it, so I am enlisting the help of the many geniuses of Geeks to Go. Any help that you would be willing to offer would be greatly appreciated!

Thanks!!

~ Viklet

This post has been edited by viklet: Feb 1 2006, 01:28 PM

Please do this:

* Click here to download HJTsetup.exe

• Save HJTsetup.exe to your desktop.
• Doubleclick on the HJTsetup.exe icon on your desktop.
• By default it will install to C:\Program Files\Hijack This.
• Continue to click Next in the setup dialogue boxes until you get to the Select Addition Tasks dialogue.
• Put a check by Create a desktop icon then click Next again.
• Continue to follow the rest of the prompts from there.
• At the final dialogue box click Finish and it will launch Hijack This.
• Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad.
• Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
• Come back here to this thread and Paste the log in your next reply.
• DO NOT have Hijack This fix anything yet. Most of what it finds will be harmless or even required.

Thanks for helping!

Here is my Hijack this log:

Logfile of HijackThis v1.99.1
Scan saved at 9:03:32 AM, on 2/3/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVTray.exe
C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVRID.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe
C:\WINDOWS\SM1BG.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
C:\PROGRA~1\MUSICM~1\MUSICM~2\MMDiag.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mim.exe
C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\ISafe.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Corel\Graphics8\Programs\MFIndexer.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE
C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\VetMsg.exe
C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAV.exe
C:\Program Files\Hijackthis\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [CaAvTray] "C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVTray.exe"
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\CAVRID.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~2\mimboot.exe
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [SM1BG] C:\WINDOWS\SM1BG.EXE
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
O4 - HKLM\..\Run: [CTDVDDet] C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /startintray
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SB Audigy 2 Startup Menu] /L:ENG
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Corel MEDIA FOLDERS INDEXER 8.LNK = C:\Corel\Graphics8\Programs\MFIndexer.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1125429802812
O16 - DPF: {94B82441-A413-4E43-8422-D49930E69764} (TLIEFlashObj Class) - https://echat.us.dell.com/Media/VisitorChat/TLIEFlash.CAB
O16 - DPF: {E856B973-45FD-4559-8F82-EAB539144667} (Dell PC Checkup Installer Control) - http://pccheckup.dellfix.com/rel/35/install/gtdownde.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\ISafe.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: VET Message Service (VETMSGNT) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\VetMsg.exe

I don't see anything in the HJT log. Tell me exactly what your antivirus found and where.

Also run ActiveScan online virus scan here

When the scan is finished, save the results from the scan!

Post a new HiJackThis log along with the results from ActiveScan

I ran EZ Trust Antivirus and the virus location is:

Documents and Settings\Miss Viky\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\javainstaller.jar-5aa0b436-6873281c.zip <javainstaller/InstallerApplet.class>

The name of the virus is: JavaShinwow.BA


Here is the ActiveScan Log: (it's all spyware and I ran my spyware program (Webroot Spysweeper) afterward and it showed that everything was removed)


Incident Status Location

Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Miss Viky\Cookies\miss viky@com[2].txt
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Miss Viky\Cookies\miss viky@doubleclick[2].txt
Spyware:Cookie/Valueclick Not disinfected C:\Documents and Settings\Miss Viky\Cookies\miss viky@valueclick[1].txt
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Miss Viky\Application Data\Mozilla\Firefox\Profiles\9g81muny.default\cookies.txt[servedby.advertising.com/]
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Miss Viky\Application Data\Mozilla\Firefox\Profiles\9g81muny.default\cookies.txt[.advertising.com/]
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Miss Viky\Application Data\Mozilla\Firefox\Profiles\9g81muny.default\cookies.txt[.fastclick.net/]
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Miss Viky\Application Data\Mozilla\Firefox\Profiles\9g81muny.default\cookies.txt[ad.yieldmanager.com/]
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Miss Viky\Application Data\Mozilla\Firefox\Profiles\9g81muny.default\cookies.txt[.overture.com/]
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Miss Viky\Application Data\Mozilla\Firefox\Profiles\9g81muny.default\cookies.txt[.atdmt.com/]
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Miss Viky\Application Data\Mozilla\Firefox\Profiles\9g81muny.default\cookies.txt[.doubleclick.net/]
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Miss Viky\Application Data\Mozilla\Firefox\Profiles\9g81muny.default\cookies.txt[.realmedia.com/]
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Miss Viky\Application Data\Mozilla\Firefox\Profiles\9g81muny.default\cookies.txt[.adrevolver.com/]
Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Miss Viky\Application Data\Mozilla\Firefox\Profiles\9g81muny.default\cookies.txt[.ads.pointroll.com/]
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Miss Viky\Application Data\Mozilla\Firefox\Profiles\9g81muny.default\cookies.txt[.questionmarket.com/]
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Miss Viky\Application Data\Mozilla\Firefox\Profiles\9g81muny.default\cookies.txt[.tribalfusion.com/]
Spyware:Cookie/Adserver Not disinfected C:\Documents and Settings\Miss Viky\Application Data\Mozilla\Firefox\Profiles\9g81muny.default\cookies.txt[.z1.adserver.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Miss Viky\Application Data\Mozilla\Firefox\Profiles\9g81muny.default\cookies.txt[.casalemedia.com/]
Spyware:Cookie/Ask Not disinfected C:\Documents and Settings\Miss Viky\Application Data\Mozilla\Firefox\Profiles\9g81muny.default\cookies.txt[.ask.com/]
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Miss Viky\Application Data\Mozilla\Firefox\Profiles\9g81muny.default\cookies.txt[.hitbox.com/]
Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\Miss Viky\Application Data\Mozilla\Firefox\Profiles\9g81muny.default\cookies.txt[.as-eu.falkag.net/]
Spyware:Cookie/Valueclick Not disinfected C:\Documents and Settings\Miss Viky\Application Data\Mozilla\Firefox\Profiles\9g81muny.default\cookies.txt[.valueclick.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\Documents and Settings\Miss Viky\Application Data\Mozilla\Firefox\Profiles\9g81muny.default\cookies.txt[.trafficmp.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Miss Viky\Application Data\Mozilla\Firefox\Profiles\9g81muny.default\cookies.txt[.mediaplex.com/]
Spyware:Cookie/24/7 Realmedia Not disinfected C:\Documents and Settings\Miss Viky\Application Data\Mozilla\Firefox\Profiles\9g81muny.default\cookies.txt[.247realmedia.com/]
Spyware:Cookie/2o7.net Not disinfected C:\Documents and Settings\Miss Viky\Application Data\Mozilla\Firefox\Profiles\9g81muny.default\cookies.txt[.2o7.net/]
Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\Miss Viky\Application Data\Mozilla\Firefox\Profiles\9g81muny.default\cookies.txt[.as-us.falkag.net/]
Spyware:Cookie/Maxserving Not disinfected C:\Documents and Settings\Miss Viky\Application Data\Mozilla\Firefox\Profiles\9g81muny.default\cookies.txt[.maxserving.com/]
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Miss Viky\Application Data\Mozilla\Firefox\Profiles\9g81muny.default\cookies.txt[.belnk.com/]
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Miss Viky\Application Data\Mozilla\Firefox\Profiles\9g81muny.default\cookies.txt[.dist.belnk.com/]
Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Miss Viky\Application Data\Mozilla\Firefox\Profiles\9g81muny.default\cookies.txt[.zedo.com/]
Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Miss Viky\Application Data\Mozilla\Firefox\Profiles\9g81muny.default\cookies.txt[statse.webtrendslive.com/]
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Miss Viky\Application Data\Mozilla\Firefox\Profiles\9g81muny.default\cookies.txt[.serving-sys.com/]
Spyware:Cookie/Searchportal Not disinfected C:\Documents and Settings\Miss Viky\Application Data\Mozilla\Firefox\Profiles\9g81muny.default\cookies.txt[searchportal.information.com/]
Spyware:Cookie/WUpd Not disinfected C:\Documents and Settings\Miss Viky\Application Data\Mozilla\Firefox\Profiles\9g81muny.default\cookies.txt[.revenue.net/]
Spyware:Cookie/Tradedoubler Not disinfected C:\Documents and Settings\Miss Viky\Application Data\Mozilla\Firefox\Profiles\9g81muny.default\cookies.txt[.tradedoubler.com/]
Spyware:Cookie/Apmebf Not disinfected C:\Documents and Settings\Miss Viky\Application Data\Mozilla\Firefox\Profiles\9g81muny.default\cookies.txt[.apmebf.com/]
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Miss Viky\Application Data\Mozilla\Firefox\Profiles\9g81muny.default\cookies.txt[.ath.belnk.com/]
Spyware:Cookie/Microsofte Not disinfected C:\Documents and Settings\Miss Viky\Application Data\Mozilla\Firefox\Profiles\9g81muny.default\cookies.txt[.microsofteup.112.2o7.net/]
Spyware:Cookie/Coremetrics Not disinfected C:\Documents and Settings\Miss Viky\Application Data\Mozilla\Firefox\Profiles\9g81muny.default\cookies.txt[data.coremetrics.com/]
Spyware:Cookie/DomainSponsor Not disinfected C:\Documents and Settings\Miss Viky\Application Data\Mozilla\Firefox\Profiles\9g81muny.default\cookies.txt[landing.domainsponsor.com/]
Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Miss Viky\Application Data\Mozilla\Firefox\Profiles\9g81muny.default\cookies.txt[.statcounter.com/]
Spyware:Cookie/Bfast Not disinfected C:\Documents and Settings\Miss Viky\Application Data\Mozilla\Firefox\Profiles\9g81muny.default\cookies.txt[.bfast.com/]
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Miss Viky\Application Data\Mozilla\Firefox\Profiles\9g81muny.default\cookies.txt[.ehg.hitbox.com/]
Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Miss Viky\Application Data\Mozilla\Firefox\Profiles\9g81muny.default\cookies.txt[statse.webtrendslive.com/dcscnmbvn10000w4dajruakrt_4k2m]
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Miss Viky\Application Data\Mozilla\Firefox\Profiles\9g81muny.default\cookies.txt[.phg.hitbox.com/]
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\ed\Cookies\ed@ad.yieldmanager[2].txt
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\ed\Cookies\ed@advertising[1].txt
Spyware:Cookie/Apmebf Not disinfected C:\Documents and Settings\ed\Cookies\ed@apmebf[2].txt
Spyware:Cookie/Ask Not disinfected C:\Documents and Settings\ed\Cookies\ed@ask[1].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\ed\Cookies\ed@atdmt[1].txt
Spyware:Cookie/BurstNet Not disinfected C:\Documents and Settings\ed\Cookies\ed@burstnet[1].txt
Spyware:Cookie/Coremetrics Not disinfected C:\Documents and Settings\ed\Cookies\ed@data.coremetrics[1].txt
Spyware:Cookie/did-it Not disinfected C:\Documents and Settings\ed\Cookies\ed@did-it[2].txt
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\ed\Cookies\ed@doubleclick[1].txt
Spyware:Cookie/Humanclick Not disinfected C:\Documents and Settings\ed\Cookies\ed@hc2.humanclick[2].txt
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\ed\Cookies\ed@hitbox[2].txt
Spyware:Cookie/Linksynergy Not disinfected C:\Documents and Settings\ed\Cookies\ed@linksynergy[1].txt
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\ed\Cookies\ed@mediaplex[1].txt
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\ed\Cookies\ed@overture[2].txt
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\ed\Cookies\ed@phg.hitbox[1].txt
Spyware:Cookie/QkSrv Not disinfected C:\Documents and Settings\ed\Cookies\ed@qksrv[2].txt
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\ed\Cookies\ed@servedby.advertising[1].txt
Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\ed\Cookies\ed@server.iad.liveperson[2].txt
Spyware:Cookie/Affiliate fuel Not disinfected C:\Documents and Settings\ed\Cookies\ed@www.affiliatefuel[1].txt
Spyware:Cookie/BurstBeacon Not disinfected C:\Documents and Settings\ed\Cookies\ed@www.burstbeacon[1].txt
Spyware:Cookie/myaffiliateprogram Not disinfected C:\Documents and Settings\ed\Cookies\ed@www.myaffiliateprogram[2].txt
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Miss Viky\Application Data\Mozilla\Firefox\Profiles\9g81muny.default\cookies.txt[]
Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Miss Viky\Application Data\Mozilla\Firefox\Profiles\9g81muny.default\cookies.txt[dcscnmbvn10000w4dajruakrt_4k2m]
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Miss Viky\Application Data\Mozilla\Firefox\Profiles\9g81muny.default\cookies.txt[]
Adware:Adware/IST.ISTBar Not disinfected C:\Documents and Settings\Miss Viky\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\javainstaller.jar-5aa0b436-6873281c.zip[InstallerApplet.class]
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Miss Viky\Cookies\miss viky@com[2].txt
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Miss Viky\Cookies\miss viky@doubleclick[2].txt
Spyware:Cookie/Valueclick Not disinfected C:\Documents and Settings\Miss Viky\Cookies\miss viky@valueclick[1].txt


Thanks for your help and sharing your knowledge!

This post has been edited by viklet: Feb 6 2006, 01:35 PM

* Open Firefox.
Click on Tools, then Options
Select the Privacy icon in the left-hand panel
Click on Cookies
Click on View Cookies
Click on the Remove All Cookies button.


* Go to Control Panel > Java. On the General tab under "Temporary Internet Files", click the "Delete Files" button to clear the Java cache.


* Go to Control Panel > Internet Options. On the General tab under "Temporary Internet Files" Click "Delete Files". Put a check by "Delete Offline Content" and click OK. Click on the "Delete Cookies" button to clear all cookies.


* Open Hijack This and click on the "Open the Misc Tools section" button. Click on the "Open Uninstall Manager" button. Click the "Save List" button. Copy and paste that list here.

Those were easy fixes! Gee... I feel silly if that's all it was, but thanks to you, I'm getting it done!

Here is the uninstall.txt list from Hijack this:

Adobe Acrobat - Reader 6.0.2 Update
Adobe Acrobat 6.0.1 Professional
Adobe Acrobat and Reader 6.0.3 Update
Adobe Acrobat and Reader 6.0.4 Update
Adobe Atmosphere Player for Acrobat and Adobe Reader
Adobe Photoshop 6.0
Broadcom 802.11 Driver
Broadcom Driver Installer
CAdidS V1.0
Conexant D850 56K V.9x DFVc Modem
Corel Uninstaller
Cypress USB Mass Storage Driver Installation
EPSON Scan
eTrust EZ Antivirus
Google Earth
Hemera Photo-Objects & PhotoFont Maker
Hijackthis 1.99.1
HijackThis 1.99.1
Intel® PRO Network Adapters and Drivers
iPod for Windows 2005-09-23
iTunes
J2SE Runtime Environment 5.0 Update 4
Macromedia Flash Player 8
Microsoft FrontPage 98
Microsoft Office Professional Edition 2003
Mozilla Firefox (1.0.7)
MSN Messenger 7.5
MSN Music Assistant
Musicmatch® Jukebox
Panda ActiveScan
PowerDVD
QuickTime
REALTEK Gigabit and Fast Ethernet NIC Driver
Roxio Easy Media Creator 7
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893066)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB896688)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899588)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB905915)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB912919)
Sound Blaster Audigy 2
Spy Sweeper
Update for Windows XP (KB894391)
Update for Windows XP (KB896727)
Update for Windows XP (KB898461)
Update for Windows XP (KB910437)
USB Storage Adapter FX (SM1)
Windows Genuine Advantage v1.3.0254.0
Windows Installer 3.1 (KB893803)
Windows Media Format Runtime
Windows Media Player 10
Windows XP Hotfix - KB873333
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB893086
XoftSpy

* Go to Add/Remmove programs and uninstall J2SE Runtime Environment 5.0 Update 4


* Now go here and install the latest version of Java.

You should be good to go now.

You are amazing! Thank you so much for the fix!!! Your help is ENORMOUSLY appreciated.

My pleasure!

Check this out for info on how to tighten your security settings and some good free tools to help prevent this from happening again.

Now turn off System Restore:

On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
Check Turn off System Restore.
Click Apply, and then click OK.

Restart your computer, turn System Restore back on and create a restore point.

To create a restore point:

Single-click Start and point to All Programs.
Mouse over Accessories, then System Tools, and select System Restore.
In the System Restore wizard, select the box next the text labeled "Create a restore point" and click the Next button.
Type a description for your new restore point. Something like "After trojan/spyware cleanup". Click Create and you're done.

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.