keystroke recording program

Greetings [Than makes the Member Intro part formal]
It looks to me like a registry key save, not a virus.
[I'll move this to the Windows forum within 24 hours]

Did I not get reposted in the windows section? My computer has been on the fritz for the last week so when I got on tonight I thought I might get an answer or two but cannot find my mssg posted in the windows portion as u said u would. Am I not looking in the right place or what? THX

Ya know, I've been looking for this thread too in order to move it, but I had lost track of it. Sorry. I'll move it now.

Did you check the add/remove section in control panel for any unknown programs you might have on the machine? What infos is within the file?

Thanks, I have not seen any suspicious programs listed in the add remove files but that does not mean that one is not there... I check email, surf a little and edit home video so I am not able to identify what all the programs listed are for...
I am more curious to know what a registery key is and why it might show up in a Word file by magic??? Again, it was just "lastWrite" followed by a date and time. My initial thought was that my son in law had installed a keystroke recording program like he had showed me before and I told him to take it off. I assume he did.
A week or so later, my pc began running so slow that it took all day to check my email and then I found that my antivirus (Macafee) had been 'lost' and I needed to reinstall it. My dwnld speed was 0.5kb/min and I could not accomplish it until just yesterday when I had a speed of 2kb/min and it took 3 hours for my antivirus to dwnld and now everything seems to b back to normal. Dial up sucks big time but that is what I get for living in the woods!

Give us your operating system version:
File location and full name of the file:

Also download and run HIJACKTHIS
and send us the report of what you get.

Cyberdyne.

Why would he have wanted to put a keystroke program on your pc? You should check for spyware and adware. Adaware and Spybot S&D are freebies you could use. I don't think you have a keystroke recorder sounds more like spy/ad ware to me. Follow that HIJACK this link Cyber posted above and post the results.

I have XP, the file was a WORD or NOTEPAD containing only the timestamp and lastWrite, I deleted the file and am not sure if I can pull it out of somewhere or not? Hope this report means something to you... Thanks * I had to delete portions of the report as this site limits posting size, I only removed lines that had over 1% in common with other pc's
Index % of PCs with item Code Data

3 6.4% O16 {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Co mmon\yinsthelpe r.dll
4 0.1% O16 {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee .com/molbin/shared/mcinsctl/en-us/4,0,0,90/mcinsctl.cab
5 0.1% O16 {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee .com/molbin/shared/mcgdmgr/en-us/1,0,0,23/mcgdmgr.cab
6 0.0% O16 {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsof t.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab? 1137469254579
7 0.0% O17 NameServer = 216.61.218.2 216.61.218.3

11 0.9% O2 scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\vi russcan\scriptc l.dll
12 0.2% O2 MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5 000.1021\en-us\msntb.dll
13 48.8% O22 Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\Syst em32\browseui.d ll
14 47.2% O22 Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\Syst em32\browseui.d ll
15 11.3% O23 Pml Driver HPZ12 - HP - C:\WINDOWS\Syst em32\HPZipm12.e xe
16 4.0% O23 LightScribeServ ice Direct Disc Labeling Service (LightScribeSer vice) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScri be\LSSrvc.exe
17 1.5% O23 McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McA fee\MSC\mcpromg r.exe
18 1.5% O23 McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McA fee\MSC\mcupdmg r.exe
19 1.4% O23 McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McA fee\VIRUSS~1\mc ods.exe
20 1.4% O23 McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McA fee\VIRUSS~1\mc shield.exe
21 1.4% O23 McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McA fee\VIRUSS~1\mc sysmon.exe
22 1.3% O23 McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McA fee\MSC\mcmscsv c.exe
23 1.3% O23 McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mn a\mcnasvc.exe
24 1.3% O23 McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Ha ckerWatch\HWAPI .exe
25 1.3% O23 McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COM MON~1\mcafee\re dirsvc\redirsvc .exe
26 1.2% O23 McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COM MON~1\McAfee\Em Proxy\emproxy.e xe
27 1.2% O23 McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MP F\MPFSrv.exe
28 1.2% O23 iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\ iPodService.exe
29 1.1% O23 SiteAdvisor Service - McAfee, Inc. - C:\Program Files\SiteAdvis or\6028\SAServi ce.exe
30 0.7% O23 McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McA fee\MPS\mps.exe
31 0.7% O23 McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COM MON~1\mcafee\mc proxy\mcproxy.e xe
32 0.5% O23 McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Program Files\McAfee\MS K\MskSrver.exe
33 0.1% O23 lxbt_device - Lexmark International, Inc. - C:\WINDOWS\syst em32\lxbtcoms.e xe
34 0.0% O23 McAfee Application Installer Cleanup (01338611759508 93) (01338611759508 93mcinstcleanup ) - McAfee, Inc. - C:\WINDOWS\TEMP \013386~1.EXE
35 1.1% O3 McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-66 0.6% O4 [LSBWatcher] c:\hp\drivers\h plsbwatcher\lsb urnwatcher.exe
67 0.5% O4 [iTunesHelper] C:\Program Files\iTunes\iT unesHelper.exe
68 0.5% O4 [MskAgentexe] C:\Program Files\McAfee\MS K\MskAgent.exe
69 0.5% O4 HotSync Manager.lnk = C:\Program Files\palmOne\H otsync.exe
70 0.4% O4 [HPHmon06] C:\WINDOWS\syst em32\hphmon06.e xe
71 0.3% O4 [HPHUPD06] c:\Program Files\HP\{AAC4F C36-8F89-4587-8DD3-EBC57C83374D}\h phupd06.exe
72 0.3% O4 [WinampAgent] "C:\Program Files\Winamp\wi nampa.exe"
73 0.2% O4 DataViz Inc Messenger.lnk = C:\Program Files\Common Files\DataViz\D vzIncMsgr.exe
74 0.1% O4 [USB2Check] RUNDLL32.EXE "C:\WINDOWS\sys tem32\PCLECoIns t.dll",CheckUSB Controller
75 0.1% O4 [LXBTCATS] rundll32 C:\WINDOWS\Syst em32\spool\DRIV ERS\W32X86\3\LX BTtime.dll,_Run DLLEntry@16
76 0.1% O4 [USBToolTip] "C:\Program Files\Pinnacle\ Shared Files\Programs\ USBTip\USBTip.e xe"
77 0.0% O4 [Lexmark 5200 series] "C:\Program Files\Lexmark 5200 series\lxbtbmgr .exe"
78 0.0% O4 LifeDrive? Manager.lnk = C:\Program Files\palmOne\L ifeDriveMgrTray .exe
79 0.0% O4 [HPHmon07] C:\WINDOWS\syst em32\hphmon07.e xe
80 0.0% O4 [HPDJ Taskbar Utility] C:\WINDOWS\syst em32\spool\driv ers\w32x86\3\hp ztsb99.exe
81 0.0% O4 [HPHUPD07] C:\Program Files\HP\{C8EEA A89-0A3E-441f-B646-17A46F5D6954}\h phupd07.exe
82 0.0% O4 [HPHped07] C:\PROGRA~1\HP\ {C8EEA~1\pexpre ss\hphPED07.exe
83 0.2% O8 E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1 933~1\msmsgs.ex e
87 30.3% O9 @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Networ k Diagnostic\xpne tdiag.exe (file missing)
88 30.2% O9 (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Networ k Diagnostic\xpne tdiag.exe (file missing)
89 1.2% O9 (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re 1.4.2_03\bin\np jpi142_03.dll
90 1.0% O9 Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re 1.4.2_03\bin\np jpi142_03.dll
91 0.2% O9 Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yah oo!\MESSEN~1\YP ager.exe (file missing)
Shared\VS7Debug \mdm.exe


136 0.9% P01 C:\WINDOWS\ALCW ZRD.EXE
137 0.8% P01 C:\Program Files\Java\j2re 1.4.2_03\bin\ju sched.exe
138 0.7% P01 C:\Program Files\McAfee\MP S\mpsevh.exe
139 0.7% P01 C:\PROGRA~1\McA fee\MPS\mps.exe
140 0.6% P01 c:\PROGRA~1\COM MON~1\mcafee\mc proxy\mcproxy.e xe
141 0.5% P01 C:\Program Files\palmOne\H otsync.exe
142 0.5% P01 C:\Program Files\McAfee\MS K\MskAgent.exe
143 0.5% P01 C:\WINDOWS\ALCM TR.EXE
144 0.5% P01 C:\Program Files\McAfee\MS K\MskSrver.exe
145 0.4% P01 C:\WINDOWS\syst em32\hphmon06.e xe
146 0.3% P01 C:\PROGRA~1\mca fee\VIRUSS~1\mc vsshld.exe
147 0.2% P01 C:\Program Files\Common Files\DataViz\D vzIncMsgr.exe
148 0.1% P01 C:\hp\drivers\h plsbwatcher\lsb urnwatcher.exe
149 0.1% P01 C:\Program Files\Pinnacle\ Shared Files\Programs\ USBTip\USBTip.e xe
150 0.0% P01 C:\Program Files\Lexmark 5200 series\lxbtbmgr .exe
151 0.0% P01 C:\Program Files\Lexmark 5200 series\lxbtbmon .exe
152 0.0% P01 C:\Program Files\palmOne\L ifeDriveMgrTray .exe
153 0.0% P01 C:\Program Files\palmOne\P almOneLiveConne ct.exe
154 0.0% P01 C:\WINDOWS\syst em32\hphmon07.e xe
155 0.0% P01 C:\WINDOWS\syst em32\spool\driv ers\w32x86\3\hp ztsb99.exe
156 0.0% P01 C:\PROGRA~1\HP\ {C8EEA~1\pexpre ss\hphPED07.exe
157 0.0% P01 C:\Program Files\Cyberback Internet\dialer .exe
158 0.0% P01 C:\Documents and Settings\HP_Own er\Local Settings\Tempor ary Internet Files\Content.I E5\PSGJ510H\HiJ ackThis_v2[1].exe
159 0.0% R0 HKCU\Software\M icrosoft\Intern et Explorer\Main,S tart Page = http://www.cyberback.c om/

I deleted the file in question, it was a Wordpad file, This is the first half of the scan results.
Index % of PCs with item Code Data
1 0.0% O14 START_PAGE_URL= http://www.cyberback.c om
2 16.6% O16 {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.co m/fwlink/?linkid=39204
3 6.4% O16 {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Co mmon\yinsthelpe r.dll
4 0.1% O16 {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee .com/molbin/shared/mcinsctl/en-us/4,0,0,90/mcinsctl.cab
5 0.1% O16 {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee .com/molbin/shared/mcgdmgr/en-us/1,0,0,23/mcgdmgr.cab
6 0.0% O16 {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsof t.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab? 1137469254579
7 0.0% O17 NameServer = 216.61.218.2 216.61.218.3
8 17.6% O2 Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acr obat 7.0\ActiveX\Acr oIEHelper.dll
9 1.1% O2 (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvis or\6028\SiteAdv .dll
10 1.0% O2 ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0 000.1005\en-xu\stmain.dll
11 0.9% O2 scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\vi russcan\scriptc l.dll
12 0.2% O2 MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5 000.1021\en-us\msntb.dll
13 48.8% O22 Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\Syst em32\browseui.d ll
14 47.2% O22 Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\Syst em32\browseui.d ll
15 11.3% O23 Pml Driver HPZ12 - HP - C:\WINDOWS\Syst em32\HPZipm12.e xe
16 4.0% O23 LightScribeServ ice Direct Disc Labeling Service (LightScribeSer vice) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScri be\LSSrvc.exe
17 1.5% O23 McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McA fee\MSC\mcpromg r.exe
18 1.5% O23 McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McA fee\MSC\mcupdmg r.exe
19 1.4% O23 McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McA fee\VIRUSS~1\mc ods.exe
20 1.4% O23 McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McA fee\VIRUSS~1\mc shield.exe
21 1.4% O23 McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McA fee\VIRUSS~1\mc sysmon.exe
22 1.3% O23 McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McA fee\MSC\mcmscsv c.exe
23 1.3% O23 McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mn a\mcnasvc.exe
24 1.3% O23 McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Ha ckerWatch\HWAPI .exe
25 1.3% O23 McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COM MON~1\mcafee\re dirsvc\redirsvc .exe
26 1.2% O23 McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COM MON~1\McAfee\Em Proxy\emproxy.e xe
27 1.2% O23 McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MP F\MPFSrv.exe
28 1.2% O23 iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\ iPodService.exe
29 1.1% O23 SiteAdvisor Service - McAfee, Inc. - C:\Program Files\SiteAdvis or\6028\SAServi ce.exe
30 0.7% O23 McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McA fee\MPS\mps.exe
31 0.7% O23 McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COM MON~1\mcafee\mc proxy\mcproxy.e xe
32 0.5% O23 McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Program Files\McAfee\MS K\MskSrver.exe
33 0.1% O23 lxbt_device - Lexmark International, Inc. - C:\WINDOWS\syst em32\lxbtcoms.e xe
34 0.0% O23 McAfee Application Installer Cleanup (01338611759508 93) (01338611759508 93mcinstcleanup ) - McAfee, Inc. - C:\WINDOWS\TEMP \013386~1.EXE
35 1.1% O3 McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvis or\6028\SiteAdv .dll
36 0.5% O3 HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\Program Files\HP\Digita l Imaging\bin\HPD TLK02.dll
37 0.2% O3 MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5 000.1021\en-us\msntb.dll
38 55.4% O4 [ctfmon.exe] C:\WINDOWS\syst em32\ctfmon.exe
39 22.9% O4 [QuickTime Task] "C:\Program Files\QuickTime \qttask.exe" -atboottime
40 12.8% O4 [SoundMan] SOUNDMAN.EXE
41 12.6% O4 Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acr obat 7.0\Reader\read er_sl.exe
42 11.6% O4 [IgfxTray] C:\WINDOWS\Syst em32\igfxtray.e xe
43 8.2% O4 [TkBellExe] "C:\Program Files\Common Files\Real\Upda te_OB\realsched .exe" -osboot
44 7.7% O4 [HotKeysCmds] C:\WINDOWS\Syst em32\hkcmd.exe
45 6.5% O4 Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10 \OSA.EXE
46 5.9% O4 [Alcmtr] ALCMTR.EXE
47 5.0% O4 [AGRSMMSG] AGRSMMSG.exe
48 4.6% O4 [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd 2.exe
49 4.4% O4 HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digita l Imaging\bin\hpq tra08.exe
50 4.2% O4 [ISUSScheduler] "C:\Program Files\Common Files\InstallSh ield\UpdateServ ice\issch.exe" -start
51 3.6% O4 [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG .exe
52 3.3% O4 [Recguard] C:\WINDOWS\SMIN ST\RECGUARD.EXE
53 2.6% O4 [ISUSPM Startup] C:\PROGRA~1\COM MON~1\INSTAL~1\ UPDATE~1\ISUSPM .exe -startup
54 2.1% O4 [VTTimer] VTTimer.exe
55 2.0% O4 [Yahoo! Pager] "C:\PROGRA~1\Ya hoo!\MESSEN~1\Y AHOOM~1.EXE" -quiet
56 1.8% O4 [KBD] C:\HP\KBD\KBD.E XE
57 1.7% O4 [hpsysdrv] c:\windows\syst em\hpsysdrv.exe
58 1.5% O4 [UpdateManager] "C:\Program Files\Common Files\Sonic\Upd ate Manager\sgtray. exe" /r
59 1.3% O4 [updateMgr] "C:\Program Files\Adobe\Acr obat 7.0\Reader\Adob eUpdateManager. exe" AcRdB7_0_8 -reboot 1
60 1.3% O4 [AlcxMonitor] ALCXMNTR.EXE
61 1.1% O4 [AlcWzrd] ALCWZRD.EXE
62 1.0% O4 HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digita l Imaging\bin\hpq thb08.exe
63 1.0% O4 [PinnacleDriverC heck] C:\WINDOWS\syst em32\PSDrvCheck .exe -CheckReg
64 0.9% O4 [SiteAdvisor] C:\Program Files\SiteAdvis or\6028\SiteAdv .exe
65 0.8% O4 [SunJavaUpdateSc hed] C:\Program Files\Java\j2re 1.4.2_03\bin\ju sched.exe
66 0.6% O4 [LSBWatcher] c:\hp\drivers\h plsbwatcher\lsb urnwatcher.exe
67 0.5% O4 [iTunesHelper] C:\Program Files\iTunes\iT unesHelper.exe
68 0.5% O4 [MskAgentexe] C:\Program Files\McAfee\MS K\MskAgent.exe
69 0.5% O4 HotSync Manager.lnk = C:\Program Files\palmOne\H otsync.exe
70 0.4% O4 [HPHmon06] C:\WINDOWS\syst em32\hphmon06.e xe
71 0.3% O4 [HPHUPD06] c:\Program Files\HP\{AAC4F C36-8F89-4587-8DD3-EBC57C83374D}\h phupd06.exe
72 0.3% O4 [WinampAgent] "C:\Program Files\Winamp\wi nampa.exe"
73 0.2% O4 DataViz Inc Messenger.lnk = C:\Program Files\Common Files\DataViz\D vzIncMsgr.exe
74 0.1% O4 [USB2Check] RUNDLL32.EXE "C:\WINDOWS\sys tem32\PCLECoIns t.dll",CheckUSB Controller
75 0.1% O4 [LXBTCATS] rundll32 C:\WINDOWS\Syst em32\spool\DRIV ERS\W32X86\3\LX BTtime.dll,_Run DLLEntry@16
76 0.1% O4 [USBToolTip] "C:\Program Files\Pinnacle\ Shared Files\Programs\ USBTip\USBTip.e xe"
77 0.0% O4 [Lexmark 5200 series] "C:\Program Files\Lexmark 5200 series\lxbtbmgr .exe"
78 0.0% O4 LifeDrive? Manager.lnk = C:\Program Files\palmOne\L ifeDriveMgrTray .exe
79 0.0% O4 [HPHmon07] C:\WINDOWS\syst em32\hphmon07.e xe
80 0.0% O4 [HPDJ Taskbar Utility] C:\WINDOWS\syst em32\spool\driv ers\w32x86\3\hp ztsb99.exe

Here is the second half of the report, Thanks for looking, hope you can help. Thanks again
81 0.0% O4 [HPHUPD07] C:\Program Files\HP\{C8EEA A89-0A3E-441f-B646-17A46F5D6954}\h phupd07.exe
82 0.0% O4 [HPHped07] C:\PROGRA~1\HP\ {C8EEA~1\pexpre ss\hphPED07.exe
83 0.2% O8 E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1 933~1\Office10\ EXCEL.EXE/3000
84 0.1% O8 Add To HP Organize... - C:\PROGRA~1\HEW LET~1\HPORGA~1\ bin/module.main/favorites\ie_ad d_to.html
85 42.2% O9 Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger \msmsgs.exe
86 41.6% O9 Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger \msmsgs.exe
87 30.3% O9 @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Networ k Diagnostic\xpne tdiag.exe (file missing)
88 30.2% O9 (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Networ k Diagnostic\xpne tdiag.exe (file missing)
89 1.2% O9 (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re 1.4.2_03\bin\np jpi142_03.dll
90 1.0% O9 Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re 1.4.2_03\bin\np jpi142_03.dll
91 0.2% O9 Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yah oo!\MESSEN~1\YP ager.exe (file missing)
92 86.1% P01 C:\WINDOWS\Expl orer.EXE
93 84.0% P01 C:\WINDOWS\syst em32\svchost.ex e
94 83.9% P01 C:\WINDOWS\syst em32\lsass.exe
95 83.9% P01 C:\WINDOWS\syst em32\winlogon.e xe
96 83.9% P01 C:\WINDOWS\syst em32\services.e xe
97 83.8% P01 C:\WINDOWS\Syst em32\smss.exe
98 80.6% P01 C:\WINDOWS\syst em32\spoolsv.ex e
99 58.5% P01 C:\WINDOWS\syst em32\ctfmon.exe
100 31.8% P01 C:\Program Files\Internet Explorer\iexplo re.exe
101 19.0% P01 C:\WINDOWS\syst em32\wuauclt.ex e
102 17.3% P01 C:\Program Files\Common Files\Microsoft Shared\VS7Debug \mdm.exe
103 14.2% P01 C:\Program Files\QuickTime \qttask.exe
104 13.6% P01 C:\WINDOWS\syst em32\NOTEPAD.EX E
105 12.1% P01 C:\Program Files\iPod\bin\ iPodService.exe
106 12.1% P01 C:\WINDOWS\SOUN DMAN.EXE
107 11.5% P01 C:\Program Files\iTunes\iT unesHelper.exe
108 10.6% P01 C:\WINDOWS\Syst em32\hkcmd.exe
109 5.5% P01 C:\Program Files\HP\HP Software Update\HPWuSchd 2.exe
110 5.2% P01 C:\WINDOWS\Syst em32\HPZipm12.e xe
111 5.1% P01 C:\Windows\AGRS MMSG.exe
112 4.9% P01 C:\WINDOWS\syst em32\igfxtray.e xe
113 4.8% P01 C:\WINDOWS\syst em32\cisvc.exe
114 4.2% P01 C:\WINDOWS\syst em32\cidaemon.e xe
115 4.2% P01 C:\Program Files\HP\Digita l Imaging\bin\hpq tra08.exe
116 4.1% P01 C:\Program Files\Common Files\LightScri be\LSSrvc.exe
117 3.9% P01 C:\Program Files\Windows Media Player\wmpnscfg .exe
118 3.7% P01 C:\Program Files\Common Files\InstallSh ield\UpdateServ ice\issch.exe
119 3.1% P01 C:\Program Files\Winamp\wi nampa.exe
120 2.6% P01 C:\windows\syst em\hpsysdrv.exe
121 2.4% P01 C:\PROGRA~1\mca fee.com\agent\m cagent.exe
122 2.3% P01 C:\HP\KBD\KBD.E XE
123 1.4% P01 C:\PROGRA~1\McA fee\MSC\mcpromg r.exe
124 1.4% P01 C:\PROGRA~1\McA fee\VIRUSS~1\mc ods.exe
125 1.3% P01 C:\PROGRA~1\McA fee\MSC\mcmscsv c.exe
126 1.3% P01 C:\PROGRA~1\McA fee\VIRUSS~1\mc shield.exe
127 1.3% P01 c:\program files\common files\mcafee\mn a\mcnasvc.exe
128 1.3% P01 C:\PROGRA~1\McA fee\VIRUSS~1\mc sysmon.exe
129 1.2% P01 C:\Program Files\Common Files\McAfee\Ha ckerWatch\HWAPI .exe
130 1.2% P01 c:\PROGRA~1\COM MON~1\mcafee\re dirsvc\redirsvc .exe
131 1.1% P01 C:\Program Files\McAfee\MP F\MPFSrv.exe
132 1.1% P01 C:\PROGRA~1\Yah oo!\MESSEN~1\ym sgr_tray.exe
133 1.1% P01 C:\Program Files\SiteAdvis or\6028\SAServi ce.exe
134 1.1% P01 C:\Program Files\SiteAdvis or\6028\SiteAdv .exe
135 1.0% P01 C:\Program Files\HP\Digita l Imaging\bin\hpq galry.exe
136 0.9% P01 C:\WINDOWS\ALCW ZRD.EXE
137 0.8% P01 C:\Program Files\Java\j2re 1.4.2_03\bin\ju sched.exe
138 0.7% P01 C:\Program Files\McAfee\MP S\mpsevh.exe
139 0.7% P01 C:\PROGRA~1\McA fee\MPS\mps.exe
140 0.6% P01 c:\PROGRA~1\COM MON~1\mcafee\mc proxy\mcproxy.e xe
141 0.5% P01 C:\Program Files\palmOne\H otsync.exe
142 0.5% P01 C:\Program Files\McAfee\MS K\MskAgent.exe
143 0.5% P01 C:\WINDOWS\ALCM TR.EXE
144 0.5% P01 C:\Program Files\McAfee\MS K\MskSrver.exe
145 0.4% P01 C:\WINDOWS\syst em32\hphmon06.e xe
146 0.3% P01 C:\PROGRA~1\mca fee\VIRUSS~1\mc vsshld.exe
147 0.2% P01 C:\Program Files\Common Files\DataViz\D vzIncMsgr.exe
148 0.1% P01 C:\hp\drivers\h plsbwatcher\lsb urnwatcher.exe
149 0.1% P01 C:\Program Files\Pinnacle\ Shared Files\Programs\ USBTip\USBTip.e xe
150 0.0% P01 C:\Program Files\Lexmark 5200 series\lxbtbmgr .exe
151 0.0% P01 C:\Program Files\Lexmark 5200 series\lxbtbmon .exe
152 0.0% P01 C:\Program Files\palmOne\L ifeDriveMgrTray .exe
153 0.0% P01 C:\Program Files\palmOne\P almOneLiveConne ct.exe
154 0.0% P01 C:\WINDOWS\syst em32\hphmon07.e xe
155 0.0% P01 C:\WINDOWS\syst em32\spool\driv ers\w32x86\3\hp ztsb99.exe
156 0.0% P01 C:\PROGRA~1\HP\ {C8EEA~1\pexpre ss\hphPED07.exe
157 0.0% P01 C:\Program Files\Cyberback Internet\dialer .exe
158 0.0% P01 C:\Documents and Settings\HP_Own er\Local Settings\Tempor ary Internet Files\Content.I E5\PSGJ510H\HiJ ackThis_v2[1].exe
159 0.0% R0 HKCU\Software\M icrosoft\Intern et Explorer\Main,S tart Page = http://www.cyberback.c om/
160 0.0% R0 HKLM\Software\M icrosoft\Intern et Explorer\Main,S tart Page = http://www.cyberback.c om
161 0.0% R1 HKLM\Software\M icrosoft\Intern et Explorer\Main,S earch Page = http://ie.redirect.hp. com/svs/rdr?TYPE=3&tp=i esearch&locale= EN_US&c=Q105&bd =pavilion&pf=de sktop
162 0.0% R1 HKCU\Software\M icrosoft\Intern et Explorer\Main,S earch Page = http://ie.redirect.hp. com/svs/rdr?TYPE=3&tp=i esearch&locale= EN_US&c=Q105&bd =pavilion&pf=de sktop
163 0.0% R1 HKCU\Software\M icrosoft\Intern et Explorer\Main,D efault_Page_URL = http://www.cyberback.c om
164 0.0% R1 HKCU\Software\M icrosoft\Intern et Explorer\Main,D efault_Search_U RL = http://www.cyberback.c om
165 0.0% R1 HKLM\Software\M icrosoft\Intern et Explorer\Main,D efault_Page_URL = http://www.cyberback.c om
166 0.0% R1 HKLM\Software\M icrosoft\Intern et Explorer\Main,D efault_Search_U RL = http://www.cyberback.c om
167 0.0% R1 HKLM\Software\M icrosoft\Intern et Explorer\Main,S earch Bar = http://www.cyberback.c om
168 0.0% R1 HKCU\Software\M icrosoft\Intern et Explorer\Main,W indow Title = Microsoft Internet Explorer provided by Cyberback Internet
Explanation of the codes
R - Registry, StartPage/SearchPage changes
 R0 - Changed registry value
 R1 - Created registry value
 R2 - Created registry key
 R3 - Created extra registry value where only one should be
F - IniFiles, autoloading entries
 F0 - Changed inifile value
 F1 - Created inifile value
 F2 - Changed inifile value, mapped to Registry
 F3 - Created inifile value, mapped to Registry
N - Netscape/Mozilla StartPage/SearchPage changes
 N1 - Change in prefs.js of Netscape 4.x
 N2 - Change in prefs.js of Netscape 6
 N3 - Change in prefs.js of Netscape 7
 N4 - Change in prefs.js of Mozilla
O - Other, several sections which represent:
 O1 - Hijack of auto.search.msn .com with Hosts file
 O2 - Enumeration of existing MSIE BHO's
 O3 - Enumeration of existing MSIE toolbars
 O4 - Enumeration of suspicious autoloading Registry entries
 O5 - Blocking of loading Internet Options in Control Panel
 O6 - Disabling of 'Internet Options' Main tab with Policies
 O7 - Disabling of Regedit with Policies
 O8 - Extra MSIE context menu items
 O9 - Extra 'Tools' menuitems and buttons
 O10 - Breaking of Internet access by New.Net or WebHancer
 O11 - Extra options in MSIE 'Advanced' settings tab
 O12 - MSIE plugins for file extensions or MIME types
 O13 - Hijack of default URL prefixes
 O14 - Changing of IERESET.INF
 O15 - Trusted Zone Autoadd
 O16 - Download Program Files item
 O17 - Domain hijack
 O18 - Enumeration of existing protocols and filters
 O19 - User stylesheet hijack
 O20 - AppInit_DLLs autorun Registry value, Winlogon Notify Registry keys
 O21 - ShellServiceObj ectDelayLoad (SSODL) autorun Registry key
 O22 - SharedTaskSched uler autorun Registry key
 O23 - Enumeration of NT Services
 O24 - Enumeration of ActiveX Desktop Components