DaniWeb IT Discussion Community - Re: i Cant stop the Mass Amounts of Pop Ups

DaniWeb IT Discussion Community (http://www.daniweb.com/forums/index.php)

- Viruses, Spyware and other Nasties (http://www.daniweb.com/forums/forum64.html)

- - Re: i Cant stop the Mass Amounts of Pop Ups (http://www.daniweb.com/forums/thread165341.html)

Re: i Cant stop the Mass Amounts of Pop Ups

I know that some of these protection programs can be difficult to turn off. Maybe the simplest way is to go into Task Manager...Ctrl-Alt-Delete keys and when that opens highlight each one of the items noted below and then click the End Task button.
These include all the McAfee processes I see running in your HJT log and also Windows Defender and AdAware Service (which really does nothing anyway unless you have the paid version and doesn't need to be running at all) I would also advise using Windows Defender only for scanning as it can interfere with fixes done also.
Here are those you should End.
MsMpEng.exe
aawservice.exe
McSACore.exe
mcmscsvc.exe
mcnasvc.exe
mcproxy.exe
mcshield.exe
MPFSrv.exe
mcagent.exe
MSASCui.exe
mcuimgr.exe
mcvsshld.exe
Once you have done that then try running combofix as directed.
Judy

Re: i Cant stop the Mass Amounts of Pop Ups

Hhere is the ConboFix log. Let me know what this all means and what (if any more) I need to continue fixing. Thank you again.

ComboFix 09-01-01.02 - Jason Woods 2009-01-02 15:42:42.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.350 [GMT -5:00]
Running from: c:\documents and settings\Jason Woods\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Jason Woods\Desktop\WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
AV: McAfee VirusScan *On-access scanning disabled* (Updated)
FW: McAfee Personal Firewall *enabled*
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\Downloaded Program Files\setup.inf
c:\windows\system32\_004197_.tmp.dll
c:\windows\system32\_004198_.tmp.dll
c:\windows\system32\_004199_.tmp.dll
c:\windows\system32\_004200_.tmp.dll
c:\windows\system32\_004207_.tmp.dll
c:\windows\system32\_004208_.tmp.dll
c:\windows\system32\_004209_.tmp.dll
c:\windows\system32\_004210_.tmp.dll
c:\windows\system32\_004212_.tmp.dll
c:\windows\system32\_004213_.tmp.dll
c:\windows\system32\_004216_.tmp.dll
c:\windows\system32\_004217_.tmp.dll
c:\windows\system32\_004219_.tmp.dll
c:\windows\system32\_004220_.tmp.dll
c:\windows\system32\_004221_.tmp.dll
c:\windows\system32\_004223_.tmp.dll
c:\windows\system32\_004226_.tmp.dll
c:\windows\system32\_004227_.tmp.dll
c:\windows\system32\_004229_.tmp.dll
c:\windows\system32\_004231_.tmp.dll
c:\windows\system32\_004232_.tmp.dll
c:\windows\system32\_004234_.tmp.dll
c:\windows\system32\_004237_.tmp.dll
c:\windows\system32\_004239_.tmp.dll
c:\windows\system32\_004240_.tmp.dll
c:\windows\system32\_004241_.tmp.dll
c:\windows\system32\_004242_.tmp.dll
c:\windows\system32\_004243_.tmp.dll
c:\windows\system32\_004246_.tmp.dll
c:\windows\system32\_004247_.tmp.dll
c:\windows\system32\_004248_.tmp.dll
c:\windows\system32\_004249_.tmp.dll
c:\windows\system32\_004250_.tmp.dll
c:\windows\system32\_004255_.tmp.dll
c:\windows\system32\_004257_.tmp.dll
c:\windows\system32\_004258_.tmp.dll
c:\windows\system32\adasolug.ini
c:\windows\system32\afinadeb.ini
c:\windows\system32\ajezukiv.ini
c:\windows\system32\ajililub.ini
c:\windows\system32\akinudoy.ini
c:\windows\system32\amasebep.ini
c:\windows\system32\anahekik.ini
c:\windows\system32\anofolut.ini
c:\windows\system32\asoyukat.ini
c:\windows\system32\avobopor.ini
c:\windows\system32\ayizirof.ini
c:\windows\system32\azipufik.ini
c:\windows\system32\efakunil.ini
c:\windows\system32\ekefotuj.ini
c:\windows\system32\elineror.ini
c:\windows\system32\eluwovik.ini
c:\windows\system32\enukifom.ini
c:\windows\system32\esokibog.ini
c:\windows\system32\evodahuj.ini
c:\windows\system32\eyekodov.ini
c:\windows\system32\ezumemag.ini
c:\windows\system32\ibinahey.ini
c:\windows\system32\idaholav.ini
c:\windows\system32\idezujur.ini
c:\windows\system32\idogotok.ini
c:\windows\system32\ifoyewig.ini
c:\windows\system32\igukugov.ini
c:\windows\system32\ihuvuvaz.ini
c:\windows\system32\imerurol.ini
c:\windows\system32\inapogob.ini
c:\windows\system32\izumorot.ini
c:\windows\system32\obamuveg.ini
c:\windows\system32\ohoragog.ini
c:\windows\system32\ohujudud.ini
c:\windows\system32\okubotub.ini
c:\windows\system32\orukijuv.ini
c:\windows\system32\owazehig.ini
c:\windows\system32\owihipak.ini
c:\windows\system32\sohezigu.dll
c:\windows\system32\ufivihud.ini
c:\windows\system32\ugomezit.ini
c:\windows\system32\uholunoh.ini
c:\windows\system32\ujowoyar.ini
c:\windows\system32\ukewuvep.ini
c:\windows\system32\ukoboger.ini
c:\windows\system32\uloputak.ini
c:\windows\system32\uteyewaf.ini
c:\windows\system32\uwafoweg.ini
c:\windows\system32\uwelazah.ini
c:\windows\system32\uwodilug.ini

.
((((((((((((((((((((((((( Files Created from 2008-12-02 to 2009-01-02 )))))))))))))))))))))))))))))))
.

2009-01-02 10:09 . 2009-01-02 10:09 <DIR> d-------- c:\program files\Sun
2009-01-02 10:08 . 2009-01-02 10:07 410,984 --a------ c:\windows\system32\deploytk.dll
2009-01-02 10:08 . 2009-01-02 10:07 73,728 --a------ c:\windows\system32\javacpl.cpl
2009-01-01 16:41 . 2009-01-01 19:24 <DIR> d-------- c:\program files\EsetOnlineScanner
2009-01-01 15:14 . 2009-01-01 15:14 <DIR> d-------- c:\documents and settings\Jason Woods\Application Data\Malwarebytes
2009-01-01 15:13 . 2009-01-01 15:14 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-01-01 15:13 . 2009-01-01 15:13 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-01-01 15:13 . 2008-12-03 19:52 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-01-01 15:13 . 2008-12-03 19:52 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-01-01 15:03 . 2009-01-01 15:03 33,832 --a------ c:\windows\system32\jabhpwrg.exe
2009-01-01 10:10 . 2009-01-01 10:13 <DIR> d-------- c:\program files\Windows Live Safety Center
2009-01-01 09:40 . 2009-01-01 09:40 <DIR> d-------- c:\program files\Trend Micro
2008-12-31 17:10 . 2008-12-31 17:10 <DIR> d-------- c:\windows\CF055C57A98842E6BDAFE3D94C6973A8.TMP
2008-12-31 17:10 . 2008-12-31 17:10 <DIR> d-------- c:\program files\DIFX
2008-12-31 16:56 . 2008-12-31 16:56 <DIR> d-------- c:\documents and settings\Jason Woods\.assistant
2008-12-31 16:34 . 2008-11-25 12:39 18,560 --a------ c:\windows\system32\drivers\FlyUsb.sys
2008-12-31 16:31 . 2008-12-31 16:33 110 --a------ c:\windows\{CF055C57-A988-42E6-BDAF-E3D94C6973A8}_WiseFW.ini
2008-12-31 16:30 . 2008-12-31 16:32 <DIR> d-------- c:\program files\LeapFrog
2008-12-31 16:30 . 2008-12-31 16:30 <DIR> d-------- c:\documents and settings\All Users\Application Data\Leapfrog
2008-12-30 13:55 . 2008-12-30 13:55 <DIR> d-------- c:\program files\Citrix
2008-12-30 13:55 . 2008-09-30 16:04 42,792 --a------ c:\windows\system32\gotomon.dll
2008-12-19 11:45 . 2008-12-19 11:45 <DIR> d-------- c:\program files\Lavasoft
2008-12-19 11:45 . 2008-12-19 11:59 <DIR> d-------- c:\documents and settings\All Users\Application Data\Lavasoft
2008-12-17 11:33 . 2008-12-17 11:33 <DIR> d-------- c:\windows\system32\en
2008-12-17 11:33 . 2008-12-17 11:33 <DIR> d-------- c:\windows\system32\bits
2008-12-16 23:56 . 2008-12-16 23:56 2,763 --a------ c:\windows\system32\spupdsvc.inf
2008-12-16 23:47 . 2008-12-16 23:47 <DIR> d-------- c:\windows\system32\scripting
2008-12-16 23:47 . 2008-12-16 23:47 <DIR> d-------- c:\windows\l2schemas
2008-12-16 23:43 . 2008-12-16 23:48 <DIR> d-------- c:\windows\ServicePackFiles
2008-12-16 23:01 . 2008-12-17 11:29 <DIR> d-------- c:\program files\Windows Defender
2008-12-08 20:54 . 2008-12-08 20:54 <DIR> d-------- c:\program files\iTunes
2008-12-08 20:54 . 2008-12-08 20:54 <DIR> d-------- c:\program files\iPod
2008-12-08 20:54 . 2008-12-08 20:54 <DIR> d-------- c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-12-08 20:50 . 2008-12-08 20:51 <DIR> d-------- c:\program files\QuickTime
2008-12-06 10:33 . 2008-12-31 17:09 <DIR> d-------- c:\documents and settings\LocalService\Application Data\SACore

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-02 15:07 --------- d-----w c:\program files\Java
2009-01-01 15:02 --------- d-----w c:\program files\Common Files\Apple
2009-01-01 15:02 --------- d-----w c:\documents and settings\Jason Woods\Application Data\Move Networks
2008-12-31 21:33 --------- d-----w c:\program files\Common Files\Wise Installation Wizard
2008-12-30 18:55 --------- d--h--w c:\program files\InstallShield Installation Information
2008-12-30 18:18 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help
2008-12-19 15:07 --------- d-----w c:\program files\McAfee
2008-12-10 18:50 --------- d-----w c:\program files\Google
2008-01-14 16:09 61,480 -c--a-w c:\documents and settings\Jason Woods\GoToAssistDownloadHelper.exe
2008-06-09 19:18 152 --sh--r c:\windows\system32\818F014236.sys
2008-06-09 19:18 8,456 --sha-w c:\windows\system32\KGyGaAvL.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Yahoo! Pager"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2007-08-30 4670704]
"ModemOnHold"="c:\program files\NetWaiting\netWaiting.exe" [2003-09-10 20480]
"DellSupport"="c:\program files\DellSupport\DSAgnt.exe" [2007-03-15 460784]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-12-10 39408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ShowLOMControl"="" [X]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2005-11-29 761947]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-06-10 81920]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-06-10 249856]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-11-19 77824]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2004-12-06 127035]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-11-19 98304]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-11-19 118784]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2006-02-07 168448]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 67584]
"DVDLauncher"="c:\program files\CyberLink\PowerDVD\DVDLauncher.exe" [2005-12-09 49152]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2005-11-12 1347584]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2007-09-18 185632]
"SMSTray"="c:\program files\Samsung\Samsung Media Studio 5\SMSTray.exe" [2007-09-20 132624]
"lxczbmgr.exe"="c:\program files\Lexmark 1200 Series\lxczbmgr.exe" [2007-02-08 74672]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"mcagent_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2007-11-01 582992]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-11-04 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-11-20 290088]
"GoToMyPC"="c:\program files\Citrix\GoToMyPC\g2svc.exe" [2008-09-30 258856]
"Monitor"="c:\program files\LeapFrog\LeapFrog Connect\Monitor.exe" [2008-11-25 356352]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-01-02 136600]
"SigmatelSysTrayApp"="stsystra.exe" [2005-11-16 c:\windows\stsystra.exe]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2006-02-07 24576]
ymetray.lnk - c:\program files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe [2007-10-03 54512]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{88485281-8b4b-4f8d-9ede-82e29a064277}"= "c:\progra~1\MarkAny\CONTEN~1\MACSMA~1.DLL" [2004-11-23 192512]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToMyPC]
2008-09-30 16:04 10536 c:\program files\Citrix\GoToMyPC\G2WinLogon.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ lsdelete

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Yahoo!\\Yahoo! Music Jukebox\\YahooMusicEngine.exe"=
"c:\\WINDOWS\\system32\\muzapp.exe"=
"c:\\WINDOWS\\system32\\lxczcoms.exe"=
"c:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Google\\Common\\Google Updater\\GoogleUpdaterService.exe"=
"c:\\Program Files\\Samsung\\Samsung Media Studio 5\\SMSTray.exe"=
"c:\\Program Files\\LeapFrog\\LeapFrog Connect\\CommandService.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

R2 LeapFrog Connect Device Service;LeapFrog Connect Device Service;"c:\program files\LeapFrog\LeapFrog Connect\CommandService.exe" [2008-11-25 991232]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;"c:\program files\McAfee\SiteAdvisor\McSACore.exe" [2008-09-26 206096]
R2 WinDefend;Windows Defender;"c:\program files\Windows Defender\MsMpEng.exe" [2006-11-03 13592]
S3 FlyUsb;FLY Fusion;c:\windows\system32\DRIVERS\FlyUsb.sys [2008-12-31 18560]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1f8408f0-63da-11dd-905f-00038a000015}]
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL http://www.mgae.com/keylauncher/?code=3654264636448860

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{361ac05d-0e0d-11da-9aa9-806d6172696f}]
\Shell\AutoRun\command - E:\setup.exe
.
Contents of the 'Scheduled Tasks' folder

2009-01-02 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

2008-12-15 c:\windows\Tasks\McDefragTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2007-12-04 12:32]

2008-10-01 c:\windows\Tasks\McQcTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2007-12-04 12:32]

2009-01-02 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 19:20]
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-BMUpdate - c:\windows\system32\BMUpdate.exe
HKCU-Run-MsnMsgr - c:\program files\Windows Live\Messenger\MsnMsgr.Exe
HKU-Default-Run-lolafegaku - c:\windows\system32\fomihari.dll
SharedTaskScheduler-SSODL - (no file)

.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
uInternet Connection Wizard,ShellNext = iexplore
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-02 15:48:32
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\System\ControlSet001\Control\PAPI\DEV\W*NULL*I*NULL*N*NULL*B*NULL*O*NULL*N*NULL*D*NULL*_*NULL*C*NULL*D*NULL*-*NULL*R*NULL*O*NULL*M*NULL*_*NULL*D*NULL*R*NULL*I*NULL*V*NULL*E*NULL*:*NULL*0*NULL*0*NULL*1*NULL*_*NULL*_*NULL**NULL*¬ ]
"Tested"=hex:00
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(904)
c:\program files\Citrix\GoToMyPC\G2WinLogon.dll

- - - - - - - > 'explorer.exe'(4460)
c:\program files\McAfee\SiteAdvisor\saHook.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\WLTRYSVC.EXE
c:\windows\system32\BCMWLTRY.EXE
c:\program files\Lavasoft\Ad-Aware\aawservice.exe
c:\progra~1\COMMON~1\AOL\ACS\AOLacsd.exe
c:\windows\ehome\ehrecvr.exe
c:\windows\ehome\ehSched.exe
c:\program files\Citrix\GoToMyPC\g2comm.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Citrix\GoToMyPC\g2pre.exe
c:\windows\system32\lxczcoms.exe
c:\progra~1\McAfee\MSC\mcmscsvc.exe
c:\program files\Citrix\GoToMyPC\g2tray.exe
c:\progra~1\COMMON~1\McAfee\MNA\McNASvc.exe
c:\progra~1\COMMON~1\McAfee\McProxy\McProxy.exe
c:\progra~1\McAfee\VIRUSS~1\Mcshield.exe
c:\program files\McAfee\MPF\MpfSrv.exe
c:\program files\Dell\NicConfigSvc\NicConfigSvc.exe
c:\windows\ehome\mcrdsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\progra~1\McAfee.com\Agent\mcagent.exe
c:\windows\system32\dllhost.exe
c:\windows\system32\igfxsrvc.exe
c:\windows\ehome\ehmsas.exe
c:\program files\Google\Google Desktop Search\GoogleDesktopIndex.exe
c:\program files\Lexmark 1200 Series\LXCZbmon.exe
c:\program files\iPod\bin\iPodService.exe
c:\progra~1\McAfee\MSC\mcuimgr.exe
c:\program files\Yahoo!\Messenger\Ymsgr_tray.exe
.
**************************************************************************
.
Completion time: 2009-01-02 15:57:17 - machine was rebooted [Jason Woods]
ComboFix-quarantined-files.txt 2009-01-02 20:56:28

Pre-Run: 31,127,199,744 bytes free
Post-Run: 31,111,041,024 bytes free

319 --- E O F --- 2008-11-13 03:27:36

Blessings,
Kim

Re: i Cant stop the Mass Amounts of Pop Ups

Give me a bit to go through all this and I will get back with you ASAP.
Can you update MBA-M and do another scan with it, reboot and then give me a new scan with HiJackThis.
Judy

Re: i Cant stop the Mass Amounts of Pop Ups

Good afternoon Judy, Here is what you have asked for...

MBA-M 2nd run through log

Malwarebytes' Anti-Malware 1.31
Database version: 1590
Windows 5.1.2600 Service Pack 3

1/3/2009 1:57:38 PM
mbam-log-2009-01-03 (13-57-38).txt

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 117105
Time elapsed: 2 hour(s), 46 minute(s), 26 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

HiJackThis 2nd run through log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:03:00 PM, on 1/3/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Citrix\GoToMyPC\g2svc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Citrix\GoToMyPC\g2comm.exe
C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
C:\WINDOWS\system32\lxczcoms.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\Program Files\Citrix\GoToMyPC\g2pre.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
C:\Program Files\Citrix\GoToMyPC\g2tray.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe
C:\Program Files\Lexmark 1200 Series\lxczbmon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\NetWaiting\netWaiting.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Documents and Settings\Jason Woods\Desktop\HiJackThis.exe
c:\PROGRA~1\mcafee\msc\mcuimgr.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/...ch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: GoogleAFE - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\Program Files\GoogleAFE\GoogleAE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [ShowLOMControl]
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SMSTray] C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
O4 - HKLM\..\Run: [lxczbmgr.exe] "C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [GoToMyPC] "C:\Program Files\Citrix\GoToMyPC\g2svc.exe" -logon
O4 - HKLM\..\Run: [Monitor] "C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netWaiting.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: ymetray.lnk = C:\Program Files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/res...scbase6662.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: GoToMyPC - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToMyPC\g2svc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LeapFrog Connect Device Service - Unknown owner - C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
O23 - Service: lxcz_device - - C:\WINDOWS\system32\lxczcoms.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

--
End of file - 11391 bytes

Please let me know what you think and if there is anything else at all I need to get you. You have been sich a blessing and I have to report that so far, I have had no pop up windows. The only thing I notice differently is that it takes much longer for my wireless internet to load upon starting up my computer. Usually it was 2nd to load (after McAfee) and now it is last to load. Weird.

Talk to you soon.

Blessings,
Kim

Re: i Cant stop the Mass Amounts of Pop Ups

Quote:

Originally Posted by jholland1964 (Post 770134)

The logs look good. I have several questions before I want to offer start up advice. I see several references to LeapFrog. I know these are kids video game players and several other type items...I have grandkids...but have not found anyplace where these are required to run at start up. Are these used very often?

The Leapfrog stuff that is on the computer is for my little girl's TAG book she just got for Christmas. It required me to download a LeapFrof Connect CD, in order to connect her books to the wireless pen. I wouldn't mind doing whatever with them, I just need to be able to connect her books when i buy more for her. So in actuality I don't need it until she gets more bokos. So maybe I can uninstall for now and then redownload when I need it? Or what do you think?

There are multiple listings for Leap Frog both in start ups and start up services.
I also note you say you use wireless internet. You have a start up for ModemOnHold which generally is used for dial up connections and wouldn't be needed unless you use dial up, the same goes for Digital Line Detect

It's funny you say that I have this on my laptop because there are several things that came with this dang laptop that we never use. We use wireless and have always used wireless. Not sure how to get rid off stuff we don't ever use. Like that NetWaiting thing in the bottom right-hand corner of my screen (looks like a telephone).

You also have some definitely unnecessary start ups which you can stop and I will note those and tell you how to stop themafter I get your answers on these other questions. Disabling unnecessary start ups would certainly speed the boot time. I will also give you a link to a free program to control these.

I am totally open to your suggestions. I definitely have way too much crud on my computer that we don't ever use and have no clue how to get rid of them. You should see my running Processes in the Task Manager. Oh my goodness, it is unbelieveable. I once tried to go through the internet to figure out what they all are, but gosh I am not professional guru and have no cluu why there are SO many things running under Processes. So, any help at all would definitely hel me ALOT. Thank you so very much for your time. You are a God send.

Judy

Blessings,
Kim

Re: i Cant stop the Mass Amounts of Pop Ups

Ok, here is what you need: download CodeStuff Starter
This program is free and a very easy way to control both Auto Starting Programs and Auto-Starting Services.
Once you get it installed and open the program you will see Three Tabs;
Startups (these are programs which auto start when you start the computer) Processes (this is the same as your Task Manager) and Services (these are the programs which start as services)
First Click on the Startups Tab.
Click All Sections right at the top on the left side. This will show all programs which auto start from different locations...users, current users, registry...etc. You will see all of yours.
Take the check marks out of the following listings:
These are ones you can ABSOLUTELY stop and are not needed at all to run at Start up and can all be run manually when needed.
ISUSScheduler>>>InstallShield Update Service Scheduler. Automatically searches for and performs any updates to the software
ISUSPM Startup>>>InstallShield Update Service Scheduler. Automatically searches for and performs any updates to the software
NeroFilterCheck>>>Associated with "Nero Burning Rom" CD writing software. Checks for driver issues
igfxtray>>>Quick access to the control panel via a System Tray icon for graphics based upon the Intel chipsets
igfxpers>>> Associated with the Common User Interface module for Intel graphics cards
Google Desktop Search>>>"a desktop search application that provides full text search over your email, computer files, chats, and the web pages you've viewed.
TkBellExe>>> Application Scheduler installed along with RealOne Player. Once installed, it runs independently of RealOne Player. Not required
Adobe Reader Speed Launcher>>>Supposedly launches Adobe Reader faster, really only speeds the launch by a few seconds.
QuickTime Task>>>System Tray access to Apple's "Quick Time" viewer from version 5 onwards
iTunesHelper>>>Installed with Apple's iTunes for Windows. Uses ~3-4MB of memory. Now if you use this then it will put itself back into start ups so you will have to go back in and disable it in CodeStuff. If you use this all the time then leave it running. This is your choice.
GoToMyPC>>>ExpertCity GoToMyPc logon - web-based remote-access solution that allows individuals and companies to register their computers online and then securely access those computers from any web browser.
SunJavaUpdateSched>>>Checks with Sun's Java updates site to see if newer Java versions are available. Visit Sun's Java page or just run the Java Plug-In Control Panel.
Yahoo! Pager>>>Yahoo! Messenger allows you to send instant messages. Available via Start -> Programs
ModemOnHold>>> NetWaiting Modem-on-Hold Application. Program for use with dial up connections. If you have call waiting and use a dial up connection this will pop-up when you are online and receive a telephone call.
DellSupport>>>Dell's support tool bundled on their computers. Can be run as necessary.
swg>>>Added by the Google ToolBar for Internet Explorer. This program will notify you when you attempt to change the Internet Explorer search engine to some other search engine.
Digital Line Detect>>>Detects whether your are plugged into a digital telephone line and displays the information graphically. Installed by Dell (and maybe others) and is included with all Connexant V.92 and Broadcom modems
ymetray>>>Yahoo!_Music_utility
Now I will add the LeapFrog Connect\Monitor.exe" You can experiment with this one. Take the check mark out. *I will tell you what to do later.
Now go to the Services Tab.
When this opens everything is listed in alphabetical order. Scroll through the list.
On each one noted you will find the listing, double click to open the service properties for that particular item. First thing to do is at the bottom, if you see Running. Stop the Service by clicking the Stop button. Once it is stopped then go up to the middle and change the Start up type to Manual. Click Apply.
These are the ones which can be set to manual, unless noted to disable, meaning they will only start when you personally start the program.
Lavasoft Ad-Aware Service (aawservice)>>>this basically is worthless unless you have purchased the program. It does nothing but run. You can actually set this one to Disabled at start.
AOL Connectivity Service (AOL ACS) - America Online, Inc...If you don't use AOL then also Disable this one.
DSBrokerService >>>has something to do with Dell Support but can find no good reason for it. I have a Dell and it isn't even on my computer. Set to Manual.
GoToMyPC>>>set to manual
Google Updater Service (gusvc) stop and set to manual
InstallDriver Table Manager>>>This startup should only be created when a software that uses installshield is being installed. If you are not in the middle of installing a program, you can disable this entry.
iPod Service>>>This service is used by Itunes for using your Ipod. If you do not use Itunes you can disable this service.
LeapFrog Connect Device Service>>>stop the service and set to manual. If you see this is a problem with your daughter's LeapFrog device then go back in and re-enable the auto start.

After you have changed all the settings above and clicked Apply on each one then close CodeStuff Starter. Shut down and reboot the computer and see what you think.
*Test out the LeapFrog device and see if all works well manually. If it doesn't then go back into CodeStuff and put the check mark back into the listing for Start up and also set the Services listing to Automatic for the LeapFrog device. Reboot and see if it works ok.
Judy