Thread: Tried the 5 steps and still have an occasional pop up
View Single Post
Old 06-10-2008, 08:34 PM   #1 (permalink)
gtjhill
Registered User
 
Join Date: Jun 2008
Posts: 7
OS: windows xp


Tried the 5 steps and still have an occasional pop up
I hve been working on this for the past 2 nights in my spare time trying to rid myself of these unwanted pop ups. I have gone through the 5 steps after I installed malwarebytes and it failed to rid me of my propblems. I have updated my computer fully. please review the attached Logas and let me know what you guys think!

Thanks

Deckard's System Scanner v20071014.68
Run by Jonathan Hill on 2008-06-10 22:20:36
Computer is in Normal Mode.
--------------------------------------------------------------------------------



-- HijackThis (run as Jonathan Hill.exe) ---------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:22:11 PM, on 6/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe
C:\Program Files\Linksys Wireless-G Print Server\PSDiagnosticM.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Hewlett-Packard\Toolbox\jre\bin\javaw.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Documents and Settings\Jonathan Hill\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Jonathan Hill.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TY...lion&pf=laptop
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TY...lion&pf=laptop
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;<local>
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: {26c72422-87d8-d25b-c504-cd238e21d3dc} - {cd3d12e8-32dc-405c-b52d-8d7822427c62} - C:\WINDOWS\system32\drvspmqq.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [StatusClient 2.6] C:\Program Files\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe /auto
O4 - HKLM\..\Run: [TomcatStartup 2.5] C:\Program Files\Hewlett-Packard\Toolbox\hpbpsttp.exe
O4 - HKLM\..\Run: [PSDiagnosticM] "C:\Program Files\Linksys Wireless-G Print Server\PSDiagnosticM.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DelayShred] c:\PROGRA~1\mcafee\mshr\ShrCL.EXE /P4 /q c:\DOCUME~1\JONATH~1\LOCALS~1\temp\TEMPOR~1\Content.IE5\SN1FQINL.SH! c:\DOCUME~1\JONATH~1\LOCALS~1\temp\TEMPOR~1\Content.IE5\D3BJD1SQ.SH! c:\DOCUME~1\JONATH~1\LOCALS~1\temp\TEMPOR~1\Content.IE5\0H2CXY2U.SH! c:\DOCUME~1\JONATH~1\LOCALS~1\temp\TEMPOR~1\Content.SH! c:\DOCUME~1\JONATH~1\LOCALS~1\temp\TEMPOR~1.SH!
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q405&bd=pavilion&pf=laptop
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/actives.../as2stubie.cab
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 8693 bytes

-- Files created between 2008-05-10 and 2008-06-10 -----------------------------

2008-06-10 22:13:53 0 d-------- C:\Program Files\Trend Micro
2008-06-10 21:08:12 0 d-------- C:\WINDOWS\Prefetch
2008-06-10 18:47:30 0 d-------- C:\WINDOWS\system32\scripting
2008-06-10 18:47:29 0 d-------- C:\WINDOWS\l2schemas
2008-06-10 18:47:27 0 d-------- C:\WINDOWS\system32\en
2008-06-10 18:47:26 0 d-------- C:\WINDOWS\system32\bits
2008-06-10 18:40:57 0 d-------- C:\WINDOWS\ServicePackFiles
2008-06-10 18:35:35 0 d-------- C:\WINDOWS\network diagnostic
2008-06-10 15:55:40 0 d-------- C:\ie-spyad_zo
2008-06-10 15:46:01 0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-06-10 15:45:45 0 d-------- C:\Program Files\SpywareBlaster
2008-06-09 22:52:13 0 d-------- C:\Program Files\Panda Security
2008-06-09 08:15:30 0 d-------- C:\Documents and Settings\Jonathan Hill\Application Data\Malwarebytes
2008-06-09 08:15:15 0 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-06-09 08:15:13 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-06-09 03:19:48 101376 -----n--- C:\WINDOWS\system32\nahdjeex.dll
2008-06-09 03:16:48 113664 --a------ C:\WINDOWS\system32\drvspmqq.dll
2008-06-09 03:13:48 105472 -----n--- C:\WINDOWS\system32\vhdmkboe.dll
2008-06-08 09:38:58 0 d-------- C:\Program Files\McAfee
2008-06-08 09:38:32 0 d-------- C:\Program Files\Common Files\McAfee
2008-06-08 09:29:28 0 d-------- C:\Documents and Settings\All Users\Application Data\McAfee
2008-06-08 03:14:50 111616 --a------ C:\WINDOWS\system32\luygfees.dll
2008-06-08 03:14:41 101376 --a------ C:\WINDOWS\system32\ygoaoxuw.dll
2008-06-07 15:03:31 0 d-------- C:\WINDOWS\system32\vntiho05
2008-05-10 23:11:51 0 d-------- C:\Program Files\Sun
2008-05-10 23:05:56 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe


-- Find3M Report ---------------------------------------------------------------

2008-06-10 18:48:42 0 d-------- C:\Program Files\Messenger
2008-06-10 18:47:25 0 d-------- C:\Program Files\Movie Maker
2008-06-10 18:40:11 0 d-------- C:\Program Files\Windows NT
2008-06-09 22:42:19 0 d-------- C:\Program Files\Easy Internet signup
2008-06-09 22:16:30 0 d-------- C:\Documents and Settings\Jonathan Hill\Application Data\Adobe
2008-06-09 18:11:48 0 d-------- C:\Program Files\Common Files\AOL
2008-06-09 18:11:46 0 d-------- C:\Documents and Settings\Jonathan Hill\Application Data\Mozilla
2008-06-08 09:51:11 0 d-------- C:\Program Files\McAfee.com
2008-06-08 09:38:32 0 d-------- C:\Program Files\Common Files
2008-05-10 23:11:29 0 d-------- C:\Program Files\Java
2008-05-10 23:05:43 0 d-------- C:\Program Files\Common Files\Adobe
2008-05-10 23:03:55 0 d-------- C:\Documents and Settings\Jonathan Hill\Application Data\AdobeUM
2008-05-02 07:49:11 0 d-------- C:\Documents and Settings\Jonathan Hill\Application Data\MP3Rocket
2008-04-16 19:40:27 0 d-------- C:\Program Files\GlobeCom_Activation
2008-04-16 19:40:27 0 d-------- C:\Program Files\Common Files\Motive


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{cd3d12e8-32dc-405c-b52d-8d7822427c62}]
06/09/2008 03:16 AM 113664 --a------ C:\WINDOWS\system32\drvspmqq.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StatusClient 2.6"="C:\Program Files\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe" [02/27/2004 01:29 PM]
"TomcatStartup 2.5"="C:\Program Files\Hewlett-Packard\Toolbox\hpbpsttp.exe" [05/20/2004 12:40 PM]
"PSDiagnosticM"="C:\Program Files\Linksys Wireless-G Print Server\PSDiagnosticM.exe" [02/27/2007 04:29 PM]
"HP Component Manager"="C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" [05/12/2004 04:18 PM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [02/22/2008 04:25 AM]
"mcagent_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe" [11/01/2007 07:12 PM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [09/11/2006 05:40 AM]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [04/13/2008 08:12 PM]
"DelayShred"="c:\PROGRA~1\mcafee\mshr\ShrCL.exe" [12/04/2007 01:32 PM]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [4/23/2008 3:38:16 AM]
HP Digital Imaging Monitor.lnk - C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe [5/28/2004 11:31:38 PM]
HP Image Zone Fast Start.lnk - C:\Program Files\Hp\Digital Imaging\bin\hpqthb08.exe [5/29/2004 1236 AM]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy]
C:\WINDOWS\System32\dimsntfy.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Desktop Manager.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Desktop Manager.lnk
backup=C:\WINDOWS\pss\Desktop Manager.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Harmony Monitor.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Harmony Monitor.lnk
backup=C:\WINDOWS\pss\Harmony Monitor.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk
backup=C:\WINDOWS\pss\Logitech Desktop Messenger.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech Harmony Remote V5.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech Harmony Remote V5.lnk
backup=C:\WINDOWS\pss\Logitech Harmony Remote V5.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^QuickBooks Update Agent.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk
backup=C:\WINDOWS\pss\QuickBooks Update Agent.lnkCommon Startup


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\0f40db45]
rundll32.exe "C:\WINDOWS\system32\hnevaafu.dll",b

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aim6]


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]
"C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BM0c73e8d9]
Rundll32.exe "C:\WINDOWS\system32\ygoaoxuw.dll",s

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cpqset]
C:\Program Files\HPQ\Default Settings\cpqset.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eabconfg.cpl]
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager]
C:\Program Files\Common Files\AOL\1138931970\ee\AOLSoftware.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
"C:\Program Files\iTunes\iTunesHelper.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
%systemroot%\system32\dumprep 0 -k

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LSA Shellu]
C:\Documents and Settings\Jonathan Hill\lsass.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LSBWatcher]
c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MCAgentExe]
c:\PROGRA~1\mcafee.com\agent\mcagent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MCUpdateExe]
c:\PROGRA~1\mcafee.com\agent\mcupdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"C:\Program Files\Messenger\msmsgs.exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OASClnt]
C:\Program Files\McAfee.com\VSO\oasclnt.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\qttask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxWatchTray]
"C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\runner1]
C:\WINDOWS\mrofinu1188.exe 61A847B5BBF72813339330466188719AB689201522886B092CBD44BD8689220221DD3257

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
"C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirusScan Online]
C:\Program Files\McAfee.com\VSO\mcvsshld.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VSOCheckTask]
"C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
eapsvcs eaphost
dot3svc dot3svc

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
napagent
hkmsvc




-- End of Deckard's System Scanner: finished at 2008-06-10 22:24:05 ------------
gtjhill is offline  
Important Information
Join the #1 Tech Support Forum Today - It's Totally Free!

TechSupportForum.com is a leading support website for your computer needs. We offer free, friendly and personalized computer support. Why pay to have your computer fixed when you can do it for free.

Join TechSupportforum.com Today - Click Here