Community Forum

HJT log Please look

Xfinity Forum Archive
About the archive project

Xfinity Forum Archive...

This is an archived section of the community.

Content in this area has been identified as outdated or irrelevant.

This change was done in an effort to make the forum easier to use and to keep only the most helpful and recent content active.

Post your questions in the Xfinity Community

Regular Contributor

HJT log Please look

Someone please take a look at this and tell me if it is alright
Thank you in advance
 
Logfile of HijackThis v1.99.1
Scan saved at 10:48:39 PM, on 7/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Bump\Local Settings\Temporary Internet Files\Content.IE5\397K5BFK\HijackThis[1].exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q305&bd=pavilion&pf=laptop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/home.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q305&bd=pavilion&pf=laptop
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q305&bd=pavilion&pf=laptop
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0\bin\jusched.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] "%ProgramFiles%\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe"
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /startintray
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q305&bd=pavilion&pf=laptop
O16 - DPF: {14C1B87C-3342-445F-9B5E-365FF330A3AC} (Hewlett-Packard Online Support Services) - http://h50203.www5.hp.com/HPISWeb/Customer/cabs/HPISDataManager.CAB
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - http://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab
O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/asa/ctrl/SymAData.cab
O16 - DPF: {44990200-3C9D-426D-81DF-AAB636FA4345} (Symantec SmartIssue) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - https://www-secure.symantec.com/techsupp/asa/ctrl/tgctlsr.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://scan.safety.live.com/resource/download/scanner/wlscbase5059.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1150853266218
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
 
Regular Contributor

Re: HJT log Please look

I removed some spyware/adware earlier with edwido and webroot. AV found no infection but i really don't trust. I just want to know that it is gone and that I am "clean" Thank you very much for your time in advance.
Valued Contributor

Re: HJT log Please look

Bumpman,

  I do not see anything nasty in your log. Are you experiencing any problems?
Valued Contributor

Re: HJT log Please look

If you want to do further testing, you can run some of the online AV programs recommended in CajunTek's "READ THIS FIRST..." thread.
Regular Contributor

Re: HJT log Please look

Nothin really major. I ran the Ewido scan today after I downloaded it and found about 7 rootkits. It said it cleaned them I just wanted to be sure. Also I know that this is probably a dumb question but what is a rootkit. All i know is that you don't want one from what I have heard. Also thaank you for you help and time.
Most Valued Poster

Re: HJT log Please look

I do not mean to high jack this thread, but, I wqas not aware that Ewido found rootkints. When did this start?
Image Hosted by ImageShack.us
Regular Contributor

Re: HJT log Please look

I read it wrong Tracking cookies. Wrong report.Sorry

Webbroot found rootkit

Message Edited by Bumpman on 07-10-2006 08:19 PM

Valued Contributor

Re: HJT log Please look

Rootkits are definitely something you do not want. They can be very difficult if not impossible to remove from your system. Please do this:

1. Download F-Secure's BlackLight (Beta) from http://www.f-secure.com/blacklight/try.shtml

2. Run a scan and post its log here.
Regular Contributor

Re: HJT log Please look

It said it was an out dated link server not found
Bronze Problem Solver

Re: HJT log Please look

Try this link
TANSTAAFL!!


Valued Contributor

Re: HJT log Please look

Regular Contributor

Re: HJT log Please look

I must have done it wrong. I scanned with Blacklight Beta I tried to copy and paste processes but couldn't results said no traces or hidden files found. If you need the log please instruct. I am sorry guys i am still a newbie

I do appreciate both of you helping me though

Valued Contributor

Re: HJT log Please look

Do you have the Webroot log indicating the rootkit? Please post that if yes.
Regular Contributor

Re: HJT log Please look

No I ran the scan again and it found no traces. All I have is what I wrote down which is just numbers Not very smart of me huh,sorry when it ran it cleaned they are not even in quarintine
Valued Contributor

Re: HJT log Please look

Well it seems like everything has been removed. We can try one more thing.

1. Download WinPFind from http://www.bleepingcomputer.com/files/winpfind.php

2. Follow the instructions on that page and post the log it creates.
Regular Contributor

Re: HJT log Please look

UPX!
FSG!
PEC2
PECompact2
Umonitor
qoologic
aspack
PTech
urllogic
ad-beh
ad-behNior.com
sYVLLSAKY
_rtneg3
SAHAgent
buddy.exe
ZepMon
aurora.exe
;2x(V]@BMD
Tlji7Mk
KavSvc
69.59.186.63
209.66.67.134
66.63.167.97
66.63.167.77
abetterinternet.com
8B!7F\(T
testpopup
web-nex
yourkey
winsync
rec2_run
WinShutDown
ad-w-a-r-e.com
 
 
Is this what you need?
Valued Contributor

Re: HJT log Please look

I dont know what you posted. WinPFind should create a lengthy log. Did you follow the instructions on that web site? You need to copy and paste the scan results into a post here.
Regular Contributor

Re: HJT log Please look

»»»»»»»»»»»»»»»» Checking Selected Standard Folders »»»»»»»»»»»»»»»»»»»»
Checking %SystemDrive% folder...
Checking %ProgramFilesDir% folder...
Checking %WinDir% folder...
Checking %System% folder...
PEC2                 8/4/2004 4:00:00 AM         41397      C:\WINDOWS\SYSTEM32\dfrg.msc
PTech                6/19/2006 4:19:42 PM        571184     C:\WINDOWS\SYSTEM32\LegitCheckControl.dll
PECompact2           6/8/2006 9:19:52 PM         5967776    C:\WINDOWS\SYSTEM32\MRT.exe
aspack               6/8/2006 9:19:52 PM         5967776    C:\WINDOWS\SYSTEM32\MRT.exe
aspack               8/4/2004 4:00:00 AM         708096     C:\WINDOWS\SYSTEM32\ntdll.dll
Umonitor             8/4/2004 4:00:00 AM         657920     C:\WINDOWS\SYSTEM32\rasdlg.dll
winsync              8/4/2004 4:00:00 AM         1309184    C:\WINDOWS\SYSTEM32\wbdbase.deu
PTech                6/19/2006 4:19:26 PM        304944     C:\WINDOWS\SYSTEM32\WgaTray.exe
Checking %System%\Drivers folder and sub-folders...
Items found in C:\WINDOWS\SYSTEM32\drivers\etc\hosts

Checking the Windows folder and sub-folders for system and hidden files within the last 60 days...
                     7/10/2006 6:51:28 PM      S 2048       C:\WINDOWS\bootstat.dat
                     6/20/2006 9:52:20 PM     H  0          C:\WINDOWS\inf\oem18.inf
                     7/10/2006 9:01:38 PM     H  0          C:\WINDOWS\LastGood\INF\oem31.inf
                     7/10/2006 9:01:38 PM     H  0          C:\WINDOWS\LastGood\INF\oem31.PNF
                     6/22/2006 7:18:30 AM      S 13309      C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB911280.cat
                     5/29/2006 12:16:00 PM     S 23751      C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB916281.cat
                     5/18/2006 3:15:12 AM      S 10925      C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB917344.cat
                     6/1/2006 4:28:56 PM       S 11043      C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB918439.cat
                     5/17/2006 2:24:42 PM      S 7160       C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\WGA.cat
                     6/19/2006 4:20:58 PM      S 7160       C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\WgaNotify.cat
                     7/10/2006 11:41:24 PM    H  1024       C:\WINDOWS\system32\config\default.LOG
                     7/10/2006 11:40:00 PM    H  1024       C:\WINDOWS\system32\config\SAM.LOG
                     7/10/2006 9:58:08 PM     H  1024       C:\WINDOWS\system32\config\SECURITY.LOG
                     7/11/2006 1:18:46 AM     H  1024       C:\WINDOWS\system32\config\software.LOG
                     7/11/2006 12:05:08 AM    H  1024       C:\WINDOWS\system32\config\system.LOG
                     7/10/2006 9:05:32 PM     H  1024       C:\WINDOWS\system32\config\systemprofile\NTUSER.DAT.LOG
                     6/16/2006 9:02:38 PM     H  262144     C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat
                     6/16/2006 9:02:38 PM     H  1024       C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG
                     6/16/2006 9:05:22 PM     HS 113        C:\WINDOWS\system32\config\systemprofile\Local Settings\History\desktop.ini
                     6/16/2006 9:05:22 PM     HS 113        C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\desktop.ini
                     6/16/2006 9:05:22 PM     HS 67         C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\desktop.ini
                     6/16/2006 9:05:22 PM     HS 67         C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\desktop.ini
                     6/16/2006 9:05:22 PM     HS 67         C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\EFY7AK7U\desktop.ini
                     6/16/2006 9:05:22 PM     HS 67         C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\EZ1Q045I\desktop.ini
                     6/16/2006 9:05:22 PM     HS 67         C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\U09Z3QFI\desktop.ini
                     6/16/2006 9:05:22 PM     HS 67         C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\XEBO789G\desktop.ini
                     6/16/2006 9:15:46 PM    RHS 1737       C:\WINDOWS\system32\drivers\103C_HP_NTBK_HP Pavilion dv1000 (EP344UA#ABA)_YN_0Pavi_QCNF6031ZVB_E381914002_46_I308F_SQuanta_V46.13_BF.21_T051222_WXH2_L409_M503_J80_7Intel_8Pentium M_91.7_#050411_N10EC8139_(EP344UA#ABA)_XMOBILE_CN10_Z8086266D.MRK
                     6/20/2006 9:46:24 PM     H  0          C:\WINDOWS\system32\drivers\umdf\MsftWdf_user_01_00_00.Wdf
                     6/27/2006 7:39:36 PM     HS 388        C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\67a89f81-97e8-46e9-b3d0-6dd93d8b6dc6
                     6/27/2006 7:39:36 PM     HS 24         C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\Preferred
                     6/16/2006 9:05:08 PM     HS 388        C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User\5b108d7d-7243-4c41-ae93-1936b788142b
                     6/16/2006 9:05:08 PM     HS 388        C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User\9b7a835c-ee7c-4769-9bcd-88d10739ce69
                     6/16/2006 9:05:08 PM     HS 388        C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User\9e8dc09c-f6c3-40a7-af28-7207b01b726c
                     6/16/2006 9:05:08 PM     HS 24         C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User\Preferred
                     7/10/2006 6:51:40 PM     H  6          C:\WINDOWS\Tasks\SA.DAT
                     6/16/2006 9:12:10 PM     HS 113        C:\WINDOWS\Temp\History\History.IE5\desktop.ini
                     6/16/2006 9:12:10 PM     HS 67         C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\desktop.ini
                     6/16/2006 9:12:10 PM     HS 67         C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\23WN23A7\desktop.ini
                     6/16/2006 9:12:10 PM     HS 67         C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\EBC36PK5\desktop.ini
                     6/16/2006 9:12:10 PM     HS 67         C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\MDU52Z47\desktop.ini
                     6/16/2006 9:12:10 PM     HS 67         C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\OFYHEDAN\desktop.ini
Regular Contributor

Re: HJT log Please look

Checking for CPL files...
Microsoft Corporation          8/4/2004 4:00:00 AM         68608      C:\WINDOWS\SYSTEM32\access.cpl
Microsoft Corporation          8/4/2004 4:00:00 AM         549888     C:\WINDOWS\SYSTEM32\appwiz.cpl
Microsoft Corporation          8/4/2004 4:00:00 AM         110592     C:\WINDOWS\SYSTEM32\bthprops.cpl
Microsoft Corporation          8/4/2004 4:00:00 AM         135168     C:\WINDOWS\SYSTEM32\desk.cpl
Microsoft Corporation          8/4/2004 4:00:00 AM         80384      C:\WINDOWS\SYSTEM32\firewall.cpl
Microsoft Corporation          8/4/2004 4:00:00 AM         155136     C:\WINDOWS\SYSTEM32\hdwwiz.cpl
Intel Corporation              1/22/2005 2:33:44 PM        94208      C:\WINDOWS\SYSTEM32\igfxcpl.cpl
Microsoft Corporation          8/4/2004 4:00:00 AM         358400     C:\WINDOWS\SYSTEM32\inetcpl.cpl
Microsoft Corporation          8/4/2004 4:00:00 AM         129536     C:\WINDOWS\SYSTEM32\intl.cpl
Microsoft Corporation          8/4/2004 4:00:00 AM         380416     C:\WINDOWS\SYSTEM32\irprops.cpl
InstallShield Software Corporation7/27/2004 7:50:48 PM        73728      C:\WINDOWS\SYSTEM32\ISUSPM.cpl
Microsoft Corporation          8/4/2004 4:00:00 AM         68608      C:\WINDOWS\SYSTEM32\joy.cpl
Sun Microsystems, Inc.         4/11/2005 7:32:46 AM        49262      C:\WINDOWS\SYSTEM32\jpicpl32.cpl
Microsoft Corporation          8/4/2004 4:00:00 AM         187904     C:\WINDOWS\SYSTEM32\main.cpl
Microsoft Corporation          8/4/2004 4:00:00 AM         618496     C:\WINDOWS\SYSTEM32\mmsys.cpl
Microsoft Corporation          8/4/2004 4:00:00 AM         35840      C:\WINDOWS\SYSTEM32\ncpa.cpl
Microsoft Corporation          8/4/2004 4:00:00 AM         25600      C:\WINDOWS\SYSTEM32\netsetup.cpl
Microsoft Corporation          8/4/2004 4:00:00 AM         257024     C:\WINDOWS\SYSTEM32\nusrmgr.cpl
Microsoft Corporation          8/4/2004 4:00:00 AM         32768      C:\WINDOWS\SYSTEM32\odbccp32.cpl
Microsoft Corporation          8/4/2004 4:00:00 AM         114688     C:\WINDOWS\SYSTEM32\powercfg.cpl
Apple Computer, Inc.           9/23/2004 9:57:40 PM        323072     C:\WINDOWS\SYSTEM32\QuickTime.cpl
Microsoft Corporation          8/4/2004 4:00:00 AM         298496     C:\WINDOWS\SYSTEM32\sysdm.cpl
Microsoft Corporation          8/4/2004 4:00:00 AM         28160      C:\WINDOWS\SYSTEM32\telephon.cpl
Microsoft Corporation          8/4/2004 4:00:00 AM         94208      C:\WINDOWS\SYSTEM32\timedate.cpl
Hewlett-Packard Company        1/21/2005 4:41:06 PM        86016      C:\WINDOWS\SYSTEM32\WACntlPnl.cpl
Microsoft Corporation          8/4/2004 4:00:00 AM         148480     C:\WINDOWS\SYSTEM32\wscui.cpl
Microsoft Corporation          5/26/2005 7:16:30 AM        174360     C:\WINDOWS\SYSTEM32\wuaucpl.cpl
Microsoft Corporation          5/26/2005 7:16:30 AM        174360     C:\WINDOWS\SYSTEM32\dllcache\wuaucpl.cpl
»»»»»»»»»»»»»»»»» Checking Selected Startup Folders »»»»»»»»»»»»»»»»»»»»»
Checking files in %ALLUSERSPROFILE%\Startup folder...
                     8/7/2004 8:58:34 AM      HS 84         C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini
                     6/20/2006 10:14:52 PM       1808       C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
                     6/20/2006 10:17:18 PM       798        C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Image Zone Fast Start.lnk
Checking files in %ALLUSERSPROFILE%\Application Data folder...
                     8/7/2004 1:46:50 AM      HS 62         C:\Documents and Settings\All Users\Application Data\desktop.ini
                     6/20/2006 10:27:12 PM       1086       C:\Documents and Settings\All Users\Application Data\hpzinstall.log
Checking files in %USERPROFILE%\Startup folder...
                     6/21/2006 1:42:58 AM        1939       C:\Documents and Settings\TEST\Start Menu\Programs\Startup\Cyber-shot Viewer Media Check Tool.lnk
                     8/7/2004 8:58:34 AM      HS 84         C:\Documents and Settings\TEST\Start Menu\Programs\Startup\desktop.ini
Checking files in %USERPROFILE%\Application Data folder...
                     8/7/2004 1:46:48 AM      HS 62         C:\Documents and Settings\TEST\Application Data\desktop.ini
                     7/4/2006 10:27:34 PM        150        C:\Documents and Settings\TEST\Application Data\wklnhst.dat
Regular Contributor

Re: HJT log Please look

»»»»»»»»»»»»»»»»» Checking Selected Registry Keys »»»»»»»»»»»»»»»»»»»»»»»
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
 SV1  =
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
[HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers]
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\ewido anti-spyware
 {8934FCEF-F5B8-468f-951F-78A921CD3920}  = C:\Program Files\ewido anti-spyware 4.0\context.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Offline Files
 {750fdf0e-2a26-11d1-a3ea-080036587f03}  = %SystemRoot%\System32\cscui.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Open With
 {09799AFB-AD67-11d1-ABCD-00C04FC30936}  = %SystemRoot%\system32\SHELL32.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Open With EncryptionMenu
 {A470F8CF-A1E8-4f65-8335-227475AA5C46}  = %SystemRoot%\system32\SHELL32.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Symantec.Norton.Antivirus.IEContextMenu
 {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA}  = C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\{a2a9545d-a0c2-42b4-9708-a0b2badd77c8}
 Start Menu Pin  = %SystemRoot%\system32\SHELL32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers]
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\SpySweeper
 {7C9D5882-CB4A-4090-96C8-430BFE8B795B}  = C:\PROGRA~1\Webroot\SPYSWE~1\SSCtxMnu.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\Symantec.Norton.Antivirus.IEContextMenu
 {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA}  = C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers]
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\EncryptionMenu
 {A470F8CF-A1E8-4f65-8335-227475AA5C46}  = %SystemRoot%\system32\SHELL32.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\ewido anti-spyware
 {8934FCEF-F5B8-468f-951F-78A921CD3920}  = C:\Program Files\ewido anti-spyware 4.0\context.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\Offline Files
 {750fdf0e-2a26-11d1-a3ea-080036587f03}  = %SystemRoot%\System32\cscui.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\Sharing
 {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}  = ntshrui.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers]
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{0D2E74C4-3C34-11d2-A27E-00C04FC30871}
  = %SystemRoot%\system32\SHELL32.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{24F14F01-7B1C-11d1-838f-0000F80461CF}
  = %SystemRoot%\system32\SHELL32.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{24F14F02-7B1C-11d1-838f-0000F80461CF}
  = %SystemRoot%\system32\SHELL32.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\{66742402-F9B9-11D1-A202-0000F81FEDEE}
  = %SystemRoot%\system32\SHELL32.dll
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
 AcroIEHlprObj Class = C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9ECB9560-04F9-4bbc-943D-298DDF1699E1}
 CNisExtBho Class = C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A8F38D8D-E480-4D52-B7A2-731BB6995FDD}
 CNavExtBho Class = C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}
 Google Toolbar Helper = c:\program files\google\googletoolbar1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{4D5C8C25-D075-11d0-B416-00C04FB90376}
 &Tip of the Day = %SystemRoot%\system32\shdocvw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
 {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7}  = Norton Internet Security 2006 : C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
 {C4069E3A-68F1-403E-B40E-20066696354B}  = Norton AntiVirus : C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
 {2318C2B1-4965-11d4-9B18-009027A5CD4F}  = &Google : c:\program files\google\googletoolbar1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}
 MenuText  = Sun Java Console : C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{92780B25-18CC-41C8-B9BE-3C9C571A8263}
 ButtonText  = Research :
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{FB5F1910-F110-11d2-BB9E-00C04F795683}
 ButtonText  = Messenger : C:\Program Files\Messenger\msmsgs.exe
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar]
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser
 {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} =  :
 {C4069E3A-68F1-403E-B40E-20066696354B} = Norton AntiVirus : C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser
 {01E04581-4EEE-11D0-BFE9-00AA005B4383} = &Address : %SystemRoot%\system32\browseui.dll
 {0E5CBF21-D15F-11D0-8301-00AA005B4383} = &Links : %SystemRoot%\system32\SHELL32.dll
 {2318C2B1-4965-11D4-9B18-009027A5CD4F} = &Google : c:\program files\google\googletoolbar1.dll
 {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} = Norton Internet Security 2006 : C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
 {C4069E3A-68F1-403E-B40E-20066696354B} = Norton AntiVirus : C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
Regular Contributor

Re: HJT log Please look

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
 IgfxTray C:\WINDOWS\system32\igfxtray.exe
 HotKeysCmds C:\WINDOWS\system32\hkcmd.exe
 SunJavaUpdateSched C:\Program Files\Java\jre1.5.0\bin\jusched.exe
 SynTPLpr C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
 SynTPEnh C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
 HP Software Update C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
 iTunesHelper C:\Program Files\iTunes\iTunesHelper.exe
 QuickTime Task "C:\Program Files\QuickTime\qttask.exe" -atboottime
 eabconfg.cpl C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
 Cpqset C:\Program Files\HPQ\Default Settings\cpqset.exe
 LSBWatcher c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
 hpWirelessAssistant "%ProgramFiles%\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe"
 SpySweeper "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /startintray
 ccApp "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
 !ewido "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]
 IMAIL Installed = 1
 MAPI Installed = 1
 MSFS Installed = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\load]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\run]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum
 {BDEADF00-C265-11D0-BCED-00A0C90AB50F} = C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL
 {6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} =
 {0DF44EAA-FF21-4412-828E-260A8728E7F1} =

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ratings
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system
 dontdisplaylastusername 0
 legalnoticecaption 
 legalnoticetext 
 shutdownwithoutlogon 1
 undockwithoutlogon 1

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies]
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
 NoDriveTypeAutoRun 145
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
 DisableRegistryTools 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
 PostBootReminder                {7849596a-48ea-486e-8937-a2a3009f31a9} = %SystemRoot%\system32\SHELL32.dll
 CDBurn                          {fbeb8a05-beee-4442-804e-409d6c4515e9} = %SystemRoot%\system32\SHELL32.dll
 WebCheck                        {E6FB5E20-DE35-11CF-9C87-00AA005127ED} = %SystemRoot%\system32\webcheck.dll
 SysTray                         {35CEC8A3-2BE6-11D2-8773-92E220524153} = C:\WINDOWS\system32\stobject.dll
 WPDShServiceObj                 {AAA288BA-9A4C-45B0-95D7-94D524869DB5} = C:\WINDOWS\system32\WPDShServiceObj.dll
 UPnPMonitor                     {e57ce738-33e8-4c51-8354-bb4de9d215d1} = C:\WINDOWS\system32\upnpui.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
 UserInit = C:\WINDOWS\system32\userinit.exe,
 Shell  = Explorer.exe
 System  =
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain
  = crypt32.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet
  = cryptnet.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll
  = cscdll.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui
  = igfxsrvc.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp
  = wlnotify.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule
  = wlnotify.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy
  = sclgntfy.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn
  = WlNotify.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv
  = wlnotify.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon
  = WgaLogon.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon
  = wlnotify.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WRNotifier
  = WRLogonNTF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Your Image File Name Here without a path
 Debugger = ntsd -d
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
 AppInit_DLLs 

»»»»»»»»»»»»»»»»»»»»»»»» Scan Complete »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
WinPFind v1.4.1 - Log file written to "WinPFind.Txt" in the WinPFind folder.
Scan completed on 7/11/2006 1:19:59 AM
Regular Contributor

Re: HJT log Please look

Is that what you need, Also thank you very much for your help and time.
Regular Contributor

Re: HJT log Please look

John,

Thank you for all of your help. If you have any more sugg. please post. I am retiring for tonight( 3:00 A.M.) my time probably late where you are too. I will be back in the morning. I do really appreciate all of this. I am a newbie and  I would have never known how to do this without you. Thank you very much.

Valued Contributor

Re: HJT log Please look

I dont see anything in that log either. I think you are ok.

There is a possibility Webroot came up with a false positive. Here is a note I found from one of their techs in another forum:

"Due to the way that Spy Sweeper's "potentially rootkit-masked files" detection works we do on occasion flag legitimate files as "potentially rootkit-masked files." These do appear legit and you can probably ignore that detection."

Message Edited by johnd on 07-11-2006 02:20 AM

Regular Contributor

Re: HJT log Please look

Cool, John I do appreciate the time you took to look through this with me. It is really great that there is a place like this for help like that but the best thing is the people in it. Without guys like you guys like me couldn't have comp. Thank you very  much.Smiley Happy

Editied for grammer duh.

Message Edited by Bumpman on 07-11-2006 05:05 AM