I am totally confused. I ran a couple scans on my computer and one scan(Digital Scan Patrol) found this:Trojan.Java.Classloader.Dummy.A. So I ran another scan(SpyWare Doctor) and found the following: Xupiter/OrbitExplorer (HKLM\software\classes\appid\{bac984c9-78c8-4105-9e97-1675a4052686}) registry key * Xupiter/OrbitExplorer (HKLM\software\classes\interface\{4a0f42b7-a61b-4131-bf41-bf05a2635bfd}) registry key * Xupiter/OrbitExplorer (HKLM\software\classes\interface\{9dbdd71c-0a7f-48ac-9ffa-e102b3750b9d}) registry key * Xupiter/OrbitExplorer (HKLM\software\classes\interface\{c2e56e18-2f04-4ab9-9333-b2db3c350956}) registry key * Xupiter/OrbitExplorer (HKLM\software\classes\interface\{e9cbbeed-20b6-456c-8589-cf364d9d2370}) registry key * Xupiter/OrbitExplorer (HKLM\software\classes\interface\{f8c5ea77-7d72-405c-b90a-093655b0f544}) registry key * My Way (HKCR\TypeLib\{0494D0D0-F8E0-41AD-92A3-14154ECE70AC}) registry key * My Way (HKCR\MyWayToolBar.NetscapeShutdown) registry key * My Way (HKCR\MyWayToolBar.NetscapeShutdown.1) registry key * My Way (HKCR\Interface\{0494D0D4-F8E0-41AD-92A3-14154ECE70AC}) registry key * My Way (HKCR\Interface\{0494D0D6-F8E0-41AD-92A3-14154ECE70AC}) registry key * My Way (HKCR\CLSID\{0494D0D2-F8E0-41ad-92A3-14154ECE70AC}) registry key * My Way (HKCR\CLSID\{0494D0D3-F8E0-41ad-92A3-14154ECE70AC}) registry key * My Way (HKCR\CLSID\{0494D0D5-F8E0-41ad-92A3-14154ECE70AC}) registry key * My Way (HKCR\CLSID\{0494D0D7-F8E0-41ad-92A3-14154ECE70AC}) registry key * My Way (HKCR\CLSID\{0494D0D9-F8E0-41ad-92A3-14154ECE70AC}) registry key * Lycos (HKLM\SOFTWARE\Lycos) registry key * C-Dilla (HKLM\SOFTWARE\C07ft5Y) registry key * Zestyfind (Unknown Hijacker) (HKCR\clsid\{0494d0de-f8e0-41ad-92a3-14154ece70ac}) registry key * Tracking Cookie (robert johnson@games.espn.go[2].txt) cookie file * Tracking Cookie (robert johnson@my.espn.go[1].txt) cookie file * Tracking Cookie (robert johnson@espn.go[2].txt) cookie file * Tracking Cookie (robert johnson@go[2].txt) cookie file * Tracking Cookie (robert johnson@sports.espn.go[1].txt) cookie file * Tracking Cookie (robert johnson@rsi.espn.go[1].txt) cookie file * Tracking Cookie (robert johnson@ad[1].txt) cookie file * RealPlayer Search Bar (D:\Program Files\Common Files\Real\Update_OB\realsched.exe) file * RealPlayer Search Bar (D:\Program Files\Common Files\Real\Toolbar\RealBar.dll) file * I did't find any of this with adaware or spybot. What can I or should I do?

Take a look at this to remove Xupitor: http://www.pchell.com/support/xupiter.shtml also run HijackThis and paste the complete log at this site: http://www.hijackthis.de/index.php?langselect=english M

M, Thanks for the help. Here is that Log: Logfile of HijackThis v1.97.7 Scan saved at 1:11:35 PM, on 9/3/2004 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: D:\WINDOWS\System32\smss.exe D:\WINDOWS\system32\winlogon.exe D:\WINDOWS\system32\services.exe D:\WINDOWS\system32\lsass.exe D:\WINDOWS\system32\svchost.exe D:\WINDOWS\System32\svchost.exe D:\WINDOWS\system32\spoolsv.exe D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe D:\Program Files\Alwil Software\Avast4\ashServ.exe D:\Program Files\Ahead\InCD\InCDsrv.exe D:\Program Files\Analog Devices\SoundMAX\SMAgent.exe D:\WINDOWS\System32\svchost.exe D:\WINDOWS\system32\ZONELABS\vsmon.exe D:\WINDOWS\Explorer.exe D:\Program Files\GIANT Company Software\Spam Inspector\siService.exe D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe D:\WINDOWS\SM1BG.exe D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe D:\Program Files\Common Files\Real\Update_OB\realsched.exe D:\PROGRA~1\PANICW~1\POP-UP~1\PSFREE.exe D:\Program Files\SpywareGuard\sgmain.exe D:\WINDOWS\wanmpsvc.exe D:\Program Files\GIANT Company Software\Spam Inspector\siMailProxyServer.exe D:\Program Files\GIANT Company Software\Spam Inspector\siSpamFilterEngine.exe D:\Program Files\SpywareGuard\sgbhp.exe D:\Program Files\Winamp\winamp.exe D:\Documents and Settings\Robert Johnson\My Documents\All Setup Programs\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://msn.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - D:\Program Files\SpywareGuard\dlprotect.dll O3 - Toolbar: Hotmail Spam Filter - {58A83E4F-477A-4A3F-BF9B-B65BC2BD5598} - D:\Program Files\GIANT Company Software\Spam Inspector\siClientUIHotmail.dll O3 - Toolbar: QuickSearch SearchBar - {82315A18-6CFB-44a7-BDFD-90E36537C252} - D:\Program Files\QuickSearch\QuickSearchBar3_28.dll O3 - Toolbar: My &Search Bar - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - D:\Program Files\MyWay\myBar\2.bin\MYBAR.DLL (file missing) O4 - HKLM\..\Run: [siService.exe] "D:\Program Files\GIANT Company Software\Spam Inspector\siService.exe" O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [SM1BG] D:\WINDOWS\SM1BG.exe O4 - HKLM\..\Run: [Zone Labs Client] "D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "D:\PROGRA~1\PANICW~1\POP-UP~1\PSFREE.exe" O4 - HKCU\..\Run: [Spyware Doctor] "D:\Program Files\Spyware Doctor\spydoctor.exe" /Q O4 - Startup: SpywareGuard.lnk = D:\Program Files\SpywareGuard\sgmain.exe O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM) O9 - Extra button: Research (HKLM) O9 - Extra button: Yahoo! Messenger (HKLM) O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM) O9 - Extra button: Messenger (HKLM) O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM) O12 - Plugin for .bcf: D:\Program Files\Internet Explorer\Plugins\NPBelv32.dll O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://pcpitstop.com/pcpitstop/PCPitStop.CAB O16 - DPF: {16095503-786F-4097-AED6-5D567A26D760} (SiS_OCX Control) - http://www.sis.com/support/chipdetect/SiSAutodetectNT.cab O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab O16 - DPF: {1842B0EE-B597-11D4-8997-00104BD12D94} (iCC Class) - http://pcpitstop.com/internet/pcpConnCheck.cab O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} (Office Update Installation Engine) - http://office.microsoft.com/officeupdate/content/opuc.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab

i've got this trojan virus program aswell... i run BitDefender Professional Edition v7.2 and i always get a pop up sayin that its found a virus called Trojan.downloader.Agent.BQ sometime its different, but its still a trojan thing. its infected the following files \atlpx.exe \javaxm.exe \ntnr.exe \system32\winrc.exe how do i stop this NOW, this trojan virus? this is really getting on my skin. how the hell did it get on my computer? help needed please! thanks Jimmy

by the way, i do a virus scan, it finds them and deletes them. but when i log on to programs, like, the internet, it all comes back? what am i doing wrong? help needed please.. thanks Jimmy

hi jdo1, listen well, don't post your problem on robert's thread. start a new thread. murve

hi robert, do this: disable your system restore, to flush out your system restore folder of malware. next, get your latest defs for spybot, adaware, anti-virus, and anti-trojan softwares. if you don't have an anti-trojan, go to www.thepublicworks.com, scroll down to payware, link to trojan hunter and download free 30 day trial of trojan hunter and get latest defs. next, reboot to safe mode, and scan with all these, and delete all files they come up with. next, clean your cache, temp files, history and cookies folders, and clean your recyle bin. next, run hijackthis, make sure you don't have any open windows, or any open programs, put a check next to the following and hit the fix checked button: O3 - Toolbar: QuickSearch SearchBar - {82315A18-6CFB-44a7-BDFD-90E36537C252} - D:\Program Files\QuickSearch\QuickSearchBar3_28.dll O3 - Toolbar: My &Search Bar - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - D:\Program Files\MyWay\myBar\2.bin\MYBAR.DLL (file missing) O4 - HKCU\..\Run: [Spyware Doctor] "D:\Program Files\Spyware Doctor\spydoctor.exe" /Q O12 - Plugin for .bcf: D:\Program Files\Internet Explorer\Plugins\NPBelv32.dll O16 - DPF: {16095503-786F-4097-AED6-5D567A26D760} (SiS_OCX Control) - http://www.sis.com/support/chipdetect/SiSAutodetectNT.cab uninstall spydoctor program from control panel add and remove program list as it is considered not legitimate anti spyware but rogueware. next, reboot to normal mode, re enable your system restore. all the best, murve