registry question PLEASE

You really do need to follow the steps closely as HJT while good is not the fix all application many think it is, which is why we have you run this one last, you need to run through the guide as posted above by Matt again and install the requested software and run the online scans ( Panda and Bitdefender ) which we also request logs from.

HiJackThis also needs to be run from Normal mode to give us a full picture of whats installed, your log is from Safe mode.


As your not fully upto date with XP Service Pack 2, it seems as if you may have messenger service running which some spyware uses to try and infect your PC by poping up alert boxes that resemble ligitimate system alerts, just double check that the messenger service is disabled, to do this a few routes are available, ( messenger service is not your instant messenging software as in Yahoo or MSN but a tool used by network admins to issue alerts but sadly was exploited by spammers and malware groups to infect your PC, this service was disabled once SP2 was installed )

1. Download and run Shoot the Messenger a nice small app from Steve gibson.

2. The manual way....
Click Start > Settings > Control Panel > Administrative Tools > Services > scroll down to Messenger and highlight > Right Click and choose Properties > click Stop > then under the Startup Type dropdown menu pick Disable > OK


But you really need to update to SP2 and install any new updates from MS, you should also install some malware protection in Antivirus, Firewall and Antispyware apps before going online , this guide will help in that area How to Protect yourself from malware! ( the majority of the applications in that guide are free as I dont have any paid for security software on my PC as they do the job fine in keeping me malware free )

 

Please do run through the steps as outlined by Matt in this post http://forum.majorgeeks.com/showpost.php?p=819227&postcount=2

I know the guide may look long and tedious, but its designed to help remove the malware from your PC, if its not followed fully its hard for us to help you remove the pests.

Your Hijack this log is still from Safe Mode, we do need it from Normal Mode and not attached in the way described, hijack this automatically creates a TXT file that you can attach to your post as described in the guide.

but also run the steps to disable Messenger I mentioned in this post http://forum.majorgeeks.com/showpost.php?p=819481&postcount=5

 

It will have removed the popups ( by disabling the messenger service ), completly as that route for malware is now closed, but did you click any of them? plus as your running an older version of XP in SP1 you may have more malware installed, so as Matt said above we do need to see your logs and per the guide.

Sorry to keep harping on about following the guide but all we wish to achieve is you to have a clean PC and a malware free surfing experience

You last HJT log was still incomplete ( their were no indications Microsoft Defender or the Panda and Bitdefender scans were run ), are you running it from safe mode? or are you using msconfig or another startup manager to disable startups.. if so stop using them as we need to see a full list of whats running.