ok bobbye, here's what i have:
- the sas log is copied and pasted just below the link to the website. this is how it opens in my notepad.
- i removed the 06 entries through hjt
- the msi.com in trusted zones refuses to go away. i remove it from the trusted list
and it comes right back. can i remove it using hjt?
- still no luck locating xblock or xclean_micro. can i remove it using hjt?
- i removed all the 016 entries you suggested using hjt.
- i stopped the active x's from running from the IE/manage add ons.
- i restarted from safemode and stopped active x from running in IE.
here's where things may get interesting:
- i am diligent about emptying cookies folders and temp file folders which may explain the lack of cookies found.
- i am also very diligent about setting alot of services to manual under computer management.
- i am also very diligent about running windows in slective startup.
- for these reasons i don't undestand why many of those programs are starting on there own. i have checked and they are set to manual in the services/ they are set to NOT autorun during startup and i dont see them running when i hit alt/ctrl/del.
- and here's a note that may give incite to you that you can relate to me.
i am the administrator for this computer. when i start the computer it goes directly to my account. no login necessary. no other accounts are set to be used. BUT, when i click docs and settings i see 4 account files./ administrator/allusers/defaultuser/tom. the last being me obviously.
when i go to control panel/user accounts i only see tom{computer adm} and guest{guest account is off}. hmmmm! what's more!!! when i restarted in safemode there were 2 available accounts administrator and tom both with administrative rights. hmmm. i'm guessing when i set this computer up i set up tom as my account but didnt realize it would run separately from the original administraor account. and here's a little glitch that has gone on for a while.
when i make changes under selective startup i get and error message that reads. {an access denied error was returned while attempting to change a service. you may need to log on using administrator account to make specified changes}.
it has done this for a while but i have ignored it BECAUSE after i get the error message i click ok the error repeats then i click ok again and it asks me if i want to restart or exit without restart. after doing an eventual restart the changes i made in selective startup have taken effect. any thoughts on this?
anyway here's a new hjt log and a copy and paste of the sas log. thanks again tejast
SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 12/20/2008 at 08:36 PM
Application Version : 4.23.1006
Core Rules Database Version : 3680
Trace Rules Database Version: 1659
Scan type : Complete Scan
Total Scan Time : 00:31:03
Memory items scanned : 354
Memory threats detected : 0
Registry items scanned : 4963
Registry threats detected : 0
File items scanned : 21087
File threats detected : 0
heres the log