You may want to print these out. please close all other applications, start hjt again, click 'perform system scan only', place a tick next to the following and click 'fix checked'

O4 - HKLM\..\Run: [AOL Plaxo Support] PlaxoSoftware.exe
O4 - HKLM\..\RunServices: [AOL Plaxo Support] PlaxoSoftware.exe
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/de...e/HPDEXAXO.cab

reboot, and post a new hjt and sdfix log.

thanks,

v

As requested. Behavior unchanged.

thanks
norm

Attached Files

	hijackthis.log (9.8 KB, 2 views)
	SDFix report.txt (2.4 KB, 2 views)

okay, sdfix and hjt are showing that the trojan is clean. What is the aberrant behaviour you are still experiencing? Is it redirections, or other issues? Let's dump the cache and go from there as well.

Please download ATF Cleaner by Atribune.
This program is for XP and Windows 2000 only

• Double-click ATF-Cleaner.exe to run the program.
  Under Main choose: Select All
  Click the Empty Selected button.

If you use Firefox browser

• Click Firefox at the top and choose: Select All
  Click the Empty Selected button.
  NOTE: If you would like to keep your saved passwords, please click No at the prompt.

If you use Opera browser

• Click Opera at the top and choose: Select All
  Click the Empty Selected button.
  NOTE: If you would like to keep your saved passwords, please click No at the prompt.

Click Exit on the Main menu to close the program.
For Technical Support, double-click the e-mail address located at the bottom of each menu.

thanks,

v

Valis,

I used ATF cleaner as you suggested and the behavior is still there. This is what is happening - first of all, I cannot get to AntiVirus, Anti-Spyware, Endpoint Security, Backup, Storage, and Compliance Solutions - Symantec Corp. - IE says site can't be displayed - makes it hard to download virus updates for my Norton Antivirus. Also, Microsoft Corporation just sits there and hangs. Some websites that we have gone to in the past such as Wilderness Survival: Free info covering all aspects of survival. which my daughter likes to look at comes up with a gay porn site. If I try to search the registry for, say, wilderness, to see if there is some entry that is causing the vectoring, regedit sits there for a few seconds searching and then the system spontaneously reboots.

While we have certainly cleared out some trojans that were on the system, there must be something else that is causing these problems.

I appreciate all your help and hope we can get to the bottom of this.

thanks
norm

addendum -

I just downloaded firefox and find that I can access symantec, microsoft and wilderness-survival with no problems. Of course, this doesn't fix the problem with searching the registry. Just wanted to give you the additional info.

norm

could you post a new hjt log and sdfix log please?

thanks,

v