ok, when i ran the TrendMicro online virus scan, it reported that i hade 15 infections of:
Java_bytever.a, java_bytever.k and java_bytever.a-1
it didn't detect trojandownloader.win32.siboco tho
i followed the rest of your instructions and deleted the entries you told me to delete and the file C:\windows\lbbho.dll
here is the HJT analyzer result file i got with the latest ver of HJT:
====================================================================
Log was analyzed using KRC HijackThis Analyzer - Updated on 3/2/05
Get updates at
http://www.greyknight17.com/download.htm#programs
***Security Programs Detected***
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Logfile of HijackThis v1.99.1
Scan saved at 2:07:43 PM, on 18/03/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\Program Files\Lexmark 4200 Series\lxbmbmgr.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\Silicon Image\SiISATARaid\SATARaid.exe
C:\Program Files\Lexmark 4200 Series\lxbmbmon.exe
O4 - HKLM\..\Run: [Lexmark 4200 Series] "C:\Program Files\Lexmark 4200 Series\lxbmbmgr.exe"
O4 - HKCU\..\Run: [Steam] "c:\program files\valve\steam\steam.exe" -silent
O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
O4 - Global Startup: SATARaid.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_06\bin\npjpi142_06.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_06\bin\npjpi142_06.dll
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) -
http://download.mcafee.com/molbin/is...48/mcfscan.cab
O23 - Service: RadClock - Unknown owner - C:\WINDOWS\system32\RadClock.exe
End of KRC HijackThis Analyzer Log.
====================================================================