This topic is locked
Here is my HJT log:
Logfile of HijackThis v1.99.1
Scan saved at 12:02:35 AM, on 11/1/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\netdde.exe
C:\WINDOWS\system32\clipsrv.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe
C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\AT&T\DSL\programs\dslpca.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\Lavasoft\AD-AWA~1\Ad-Watch.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ESET\nod32kui.exe
C:\Program Files\Trillian Pro\trillian.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\Valve\Steam\steam.exe
C:\Documents and Settings\Nathan Turner\Desktop\tso\tso.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\iTunes\iTunes.exe
C:\HJT\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.att.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.att.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.att.net/
R3 - URLSearchHook: (no name) - <default> - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [SBDrvDet] C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe /r
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [CTDVDDET] C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AT&T DSL Service PCA Program] C:\Program Files\AT&T\DSL\programs\dslpca.exe /ws
O4 - HKLM\..\Run: [MsgCenterExe] "C:\Program Files\Common Files\Real\Update_OB\RealOneMessageCenter.exe" -osboot
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [Anti-Blaxx Manager] C:\Program Files\Anti-Blaxx\Anti-Blaxx.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Steam] "c:\program files\valve\steam\steam.exe" -silent
O4 - HKCU\..\Run: [SB Audigy 2 Startup Menu] "C:\Program Files\Creative\SBAudigy2ZS\Program\Startup Menu\ChkColor.EXE"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AWMON] "C:\PROGRA~1\Lavasoft\AD-AWA~1\Ad-Watch.exe"
O4 - HKCU\..\Run: [Internet Download Accelerator] C:\Program Files\IDA\ida.exe -autorun
O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: NOD32 Control Center (2).lnk = C:\Program Files\ESET\nod32kui.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.att.net
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupd...b?1099976117403
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O18 - Protocol: bw+0 - {E5F8F137-70A2-4BF5-93F2-7D5F3A4C4054} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {E5F8F137-70A2-4BF5-93F2-7D5F3A4C4054} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {E5F8F137-70A2-4BF5-93F2-7D5F3A4C4054} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {E5F8F137-70A2-4BF5-93F2-7D5F3A4C4054} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {E5F8F137-70A2-4BF5-93F2-7D5F3A4C4054} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {E5F8F137-70A2-4BF5-93F2-7D5F3A4C4054} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {E5F8F137-70A2-4BF5-93F2-7D5F3A4C4054} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {E5F8F137-70A2-4BF5-93F2-7D5F3A4C4054} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {E5F8F137-70A2-4BF5-93F2-7D5F3A4C4054} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {E5F8F137-70A2-4BF5-93F2-7D5F3A4C4054} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {E5F8F137-70A2-4BF5-93F2-7D5F3A4C4054} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {E5F8F137-70A2-4BF5-93F2-7D5F3A4C4054} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {E5F8F137-70A2-4BF5-93F2-7D5F3A4C4054} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {E5F8F137-70A2-4BF5-93F2-7D5F3A4C4054} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {E5F8F137-70A2-4BF5-93F2-7D5F3A4C4054} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {E5F8F137-70A2-4BF5-93F2-7D5F3A4C4054} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {E5F8F137-70A2-4BF5-93F2-7D5F3A4C4054} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {E5F8F137-70A2-4BF5-93F2-7D5F3A4C4054} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {E5F8F137-70A2-4BF5-93F2-7D5F3A4C4054} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {E5F8F137-70A2-4BF5-93F2-7D5F3A4C4054} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {E5F8F137-70A2-4BF5-93F2-7D5F3A4C4054} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {E5F8F137-70A2-4BF5-93F2-7D5F3A4C4054} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {E5F8F137-70A2-4BF5-93F2-7D5F3A4C4054} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {E5F8F137-70A2-4BF5-93F2-7D5F3A4C4054} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {E5F8F137-70A2-4BF5-93F2-7D5F3A4C4054} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {E5F8F137-70A2-4BF5-93F2-7D5F3A4C4054} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {E5F8F137-70A2-4BF5-93F2-7D5F3A4C4054} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {E5F8F137-70A2-4BF5-93F2-7D5F3A4C4054} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {E5F8F137-70A2-4BF5-93F2-7D5F3A4C4054} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {E5F8F137-70A2-4BF5-93F2-7D5F3A4C4054} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {E5F8F137-70A2-4BF5-93F2-7D5F3A4C4054} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {E5F8F137-70A2-4BF5-93F2-7D5F3A4C4054} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {E5F8F137-70A2-4BF5-93F2-7D5F3A4C4054} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {E5F8F137-70A2-4BF5-93F2-7D5F3A4C4054} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {E5F8F137-70A2-4BF5-93F2-7D5F3A4C4054} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {E5F8F137-70A2-4BF5-93F2-7D5F3A4C4054} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {E5F8F137-70A2-4BF5-93F2-7D5F3A4C4054} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {E5F8F137-70A2-4BF5-93F2-7D5F3A4C4054} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {E5F8F137-70A2-4BF5-93F2-7D5F3A4C4054} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {E5F8F137-70A2-4BF5-93F2-7D5F3A4C4054} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {E5F8F137-70A2-4BF5-93F2-7D5F3A4C4054} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {E5F8F137-70A2-4BF5-93F2-7D5F3A4C4054} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {E5F8F137-70A2-4BF5-93F2-7D5F3A4C4054} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {E5F8F137-70A2-4BF5-93F2-7D5F3A4C4054} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {E5F8F137-70A2-4BF5-93F2-7D5F3A4C4054} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {E5F8F137-70A2-4BF5-93F2-7D5F3A4C4054} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {E5F8F137-70A2-4BF5-93F2-7D5F3A4C4054} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {E5F8F137-70A2-4BF5-93F2-7D5F3A4C4054} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {E5F8F137-70A2-4BF5-93F2-7D5F3A4C4054} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {E5F8F137-70A2-4BF5-93F2-7D5F3A4C4054} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {E5F8F137-70A2-4BF5-93F2-7D5F3A4C4054} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {E5F8F137-70A2-4BF5-93F2-7D5F3A4C4054} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {E5F8F137-70A2-4BF5-93F2-7D5F3A4C4054} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {E5F8F137-70A2-4BF5-93F2-7D5F3A4C4054} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {E5F8F137-70A2-4BF5-93F2-7D5F3A4C4054} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {E5F8F137-70A2-4BF5-93F2-7D5F3A4C4054} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {E5F8F137-70A2-4BF5-93F2-7D5F3A4C4054} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {E5F8F137-70A2-4BF5-93F2-7D5F3A4C4054} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {E5F8F137-70A2-4BF5-93F2-7D5F3A4C4054} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {E5F8F137-70A2-4BF5-93F2-7D5F3A4C4054} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {E5F8F137-70A2-4BF5-93F2-7D5F3A4C4054} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {E5F8F137-70A2-4BF5-93F2-7D5F3A4C4054} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {E5F8F137-70A2-4BF5-93F2-7D5F3A4C4054} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {E5F8F137-70A2-4BF5-93F2-7D5F3A4C4054} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {E5F8F137-70A2-4BF5-93F2-7D5F3A4C4054} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {E5F8F137-70A2-4BF5-93F2-7D5F3A4C4054} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {E5F8F137-70A2-4BF5-93F2-7D5F3A4C4054} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {E5F8F137-70A2-4BF5-93F2-7D5F3A4C4054} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {E5F8F137-70A2-4BF5-93F2-7D5F3A4C4054} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {E5F8F137-70A2-4BF5-93F2-7D5F3A4C4054} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {E5F8F137-70A2-4BF5-93F2-7D5F3A4C4054} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {E5F8F137-70A2-4BF5-93F2-7D5F3A4C4054} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {E5F8F137-70A2-4BF5-93F2-7D5F3A4C4054} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {E5F8F137-70A2-4BF5-93F2-7D5F3A4C4054} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {E5F8F137-70A2-4BF5-93F2-7D5F3A4C4054} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {E5F8F137-70A2-4BF5-93F2-7D5F3A4C4054} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {E5F8F137-70A2-4BF5-93F2-7D5F3A4C4054} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
Additionally, as I use WinPatrol, some programs keep trying to install themeselves in the startup forlder after I have removed them. Another twist on the problem is that the programs were ones I had on the computer, but have since deleated.
WinPatrol Report Log
Report created by WinPatrol version 9.7.4.0:9.7.4.0 at 6:36:22 PM, on 10/30/2005
Platform: Windows XP Professional Service Pack 2 (Build 2600)
Browser: Firefox - Firefox version 1.7.12: 2005091517
Memory currently in use: 54%
MSIE: Internet Explorer (6.00.2900.2180)
IE Cookie Path: C:\Documents and Settings\Nathan Turner\Cookies\
Firefox 1.7.12: 2005091517 installed in C:\Program Files\Mozilla Firefox\
HKLM Default_Page_URL = http://www.att.net
HKCU Start Page = http://www.att.net/
HKLM Start Page = http://www.att.net/
WinLogon DefaultUserName=Nathan Turner
WinLogon DefaultDomainName=OX-GATE
WinLogon Shell=Explorer.exe
WinLogon UserInit=C:\WINDOWS\system32\userinit.exe,
• Startup Programs •
# NeroFilterCheck
NeroCheck.exe NeroCheck
Version: 1, 0, 0, 2 Copyright © 2001
Location: HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Path: C:\WINDOWS\system32\NeroCheck.exe
Click for Plus Info
# InCD
InCD.exe InCD
Version: 4, 2, 15, 1 Copyright 1995-2004 Ahead Software AG and its licensors. All Rights Reserved.
Location: HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Path: C:\Program Files\Ahead\InCD\InCD.exe
Click for Plus Info
# SunJavaUpdateSched
jusched.exe Java™ 2 Platform Standard Edition binary
Version: 5.0.40.5 Copyright © 2004
Location: HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Path: C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
Click for Plus Info
# Logitech Hardware Abstraction Layer
KHALMNPR.EXE Logitech KHAL Main Process
Version: 2.31.522 © 1998-2005 Logitech. All rights reserved.
Location: HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Path: KHALMNPR.EXE
Click for Plus Info
# SBDrvDet
SBDrvDet.exe /r SBDrvDet.exe
Version: 1.0.0.0 Copyright © Creative Technology Ltd., 2002. All rights reserved.
Location: HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Path: C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe /r
Click for Plus Info
# CTSysVol
CTSysVol.exe /r CTSysVol.exe
Version: 1.0.0.0 Copyright © Creative Technology Ltd., 2002-2003. All rights reserved.
Location: HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Path: C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe /r
Click for Plus Info
# CTDVDDET
CTDVDDET.exe CTDVDDET
Version: 1.0.3.0 Copyright © Creative Technology Ltd., 2002-2003. All rights reserved.
Location: HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Path: C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.exe
Click for Plus Info
# CTHelper
CTHELPER.EXE CtHelper Application
Version: 1, 0, 1, 2 Copyright © 2002-03
Location: HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Path: CTHELPER.EXE
Click for Plus Info
# UpdReg
Updreg.EXE Creative UpdReg
Version: 1.0.2 Copyright © Creative Technology Ltd. 2000
Location: HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Path: C:\WINDOWS\Updreg.EXE
Click for Plus Info
# gcasServ
gcasServ.exe Microsoft AntiSpyware Service
Version: 1.00.0615 Location: HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Path: C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
Click for Plus Info
# ATICCC
cli.exe runtime CLI Application (Command Line Interface)
Version: 1.11.0.0 2002-2005
Location: HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Path: C:\Program Files\ATI Technologies\ATI.ACE\cli.exe runtime
Click for Plus Info
# iTunesHelper
iTunesHelper.exe iTunesHelper Module
Version: 6.0.0.18 © 2003-2005 Apple Computer, Inc. All Rights Reserved.
Location: HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Path: C:\Program Files\iTunes\iTunesHelper.exe
Click for Plus Info
# QuickTime Task
qttask.exe -atboottime QuickTime Task
Version: QuickTime 7.0.3 Copyright Apple Computer, Inc. 1989-2005
Location: HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Path: C:\Program Files\QuickTime\qttask.exe -atboottime
Click for Plus Info
# MsgCenterExe
RealOneMessageCenter.exe -osboot
Location: HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Path: C:\Program Files\Common Files\Real\Update_OB\RealOneMessageCenter.exe -osboot
Click for Plus Info
# AVG7_CC
avgcc.exe /STARTUP
Location: HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Path: C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
Click for Plus Info
# Anti-Blaxx Manager
Anti-Blaxx.exe
Location: HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Path: C:\Program Files\Anti-Blaxx\Anti-Blaxx.exe
Click for Plus Info
# AT&T DSL Service PCA Program
dslpca.exe /ws DSL Application
Version: 4.0.0.0300 Copyright © 2003 AT&T Corp.
Location: HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Path: C:\Program Files\AT&T\DSL\programs\dslpca.exe /ws
Click for Plus Info
# MSMSGS
msmsgs.exe /background Windows Messenger
Version: Version 4.7.3001 Copyright © Microsoft Corporation 2004
Location: HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Path: C:\Program Files\Messenger\msmsgs.exe /background
Click for Plus Info
# Steam
steam.exe -silent Steam
Version: 1.0.0.0 © Copyright 2000-2003 Valve Corporation All rights reserved.
Location: HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Path: c:\program files\valve\steam\steam.exe -silent
Click for Plus Info
# SB Audigy 2 Startup Menu
ChkColor.EXE
Location: HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Path: C:\Program Files\Creative\SBAudigy2ZS\Program\Startup Menu\ChkColor.EXE
Click for Plus Info
# ctfmon.exe
ctfmon.exe CTF Loader
Version: 5.1.2600.2180 © Microsoft Corporation. All rights reserved.
Location: HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Path: C:\WINDOWS\system32\ctfmon.exe
Click for Plus Info
# AWMON
Ad-Watch.exe Ad-Watch System Protector
Version: 3.2 1999-2004 Team Lavasoft
Location: HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Path: C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe
Click for Plus Info
# Internet Download Accelerator
ida.exe -autorun
Location: HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Path: C:\Program Files\IDA\ida.exe -autorun
Click for Plus Info
# CLI Application (Command Line Interface)
CLI.exe CLI Application (Command Line Interface)
Version: 1.11.0.0 2002-2005
Location: Windows Startup Group
Path: C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
Click for Plus Info
# Logitech SetPoint Event Manager
SetPoint.exe Logitech SetPoint Event Manager
Version: 2.31.546 © 1998-2005 Logitech. All rights reserved.
Location: Windows Startup Group
Path: C:\Program Files\Logitech\SetPoint\SetPoint.exe
Click for Plus Info
# Winlogon Userinit
userinit.exe Userinit Logon Application
Version: 5.1.2600.2180 © Microsoft Corporation. All rights reserved.
Location: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon Userinit
Path: C:\WINDOWS\system32\userinit.exe
Click for Plus Info
# Winlogon Shell
Explorer.exe Windows Explorer
Version: 6.00.2900.2180 © Microsoft Corporation. All rights reserved.
Location: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon Shell
Path: Explorer.exe
Click for Plus Info
• Active Tasks •
# Windows NT Session Manager
smss.exe Windows NT Session Manager
Version: 5.1.2600.2180 © Microsoft Corporation. All rights reserved.
Path: C:\WINDOWS\system32\smss.exe
Click for Plus Info
# Windows NT Logon Application
winlogon.exe Windows NT Logon Application
Version: 5.1.2600.2180 © Microsoft Corporation. All rights reserved.
Path: C:\WINDOWS\system32\winlogon.exe
Click for Plus Info
# Services and Controller app
services.exe Services and Controller app
Version: 5.1.2600.2180 © Microsoft Corporation. All rights reserved.
Path: C:\WINDOWS\system32\services.exe
Click for Plus Info
# LSA Shell (Export Version)
lsass.exe LSA Shell (Export Version)
Version: 5.1.2600.2180 © Microsoft Corporation. All rights reserved.
Path: C:\WINDOWS\system32\lsass.exe
Click for Plus Info
# ATI External Event Utility EXE Module
ati2evxx.exe ATI External Event Utility EXE Module
Version: 6.14.10.4121 Copyright © 1999-2004 ATI Technologies Inc.
Path: C:\WINDOWS\system32\ati2evxx.exe
Click for Plus Info
# Generic Host Process for Win32 Services
svchost.exe Generic Host Process for Win32 Services
Version: 5.1.2600.2180 © Microsoft Corporation. All rights reserved.
Path: C:\WINDOWS\system32\svchost.exe
Click for Plus Info
# incdsrv
InCDsrv.exe incdsrv
Version: 4, 2, 15, 1 Copyright 1995-2004 Ahead Software AG and its licensors. All Rights Reserved.
Path: C:\PROGRAM FILES\Ahead\InCD\InCDsrv.exe
Click for Plus Info
# Spooler SubSystem App
spoolsv.exe Spooler SubSystem App
Version: 5.1.2600.2696 © Microsoft Corporation. All rights reserved.
Path: C:\WINDOWS\system32\spoolsv.exe
Click for Plus Info
# CTF Loader
ctfmon.exe CTF Loader
Version: 5.1.2600.2180 © Microsoft Corporation. All rights reserved.
Path: C:\WINDOWS\system32\ctfmon.exe
Click for Plus Info
# Windows Explorer
explorer.exe Windows Explorer
Version: 6.00.2900.2180 © Microsoft Corporation. All rights reserved.
Path: C:\WINDOWS\explorer.exe
Click for Plus Info
# InCD
InCD.exe InCD
Version: 4, 2, 15, 1 Copyright 1995-2004 Ahead Software AG and its licensors. All Rights Reserved.
Path: C:\PROGRAM FILES\Ahead\InCD\InCD.exe
Click for Plus Info
# CTSysVol.exe
CTSysVol.exe CTSysVol.exe
Version: 1.0.0.0 Copyright © Creative Technology Ltd., 2002-2003. All rights reserved.
Path: C:\PROGRAM FILES\Creative\SBAUDIGY2ZS\SURROUND MIXER\CTSysVol.exe
Click for Plus Info
# CTDVDDET
CTDVDDET.exe CTDVDDET
Version: 1.0.3.0 Copyright © Creative Technology Ltd., 2002-2003. All rights reserved.
Path: C:\PROGRAM FILES\Creative\SBAUDIGY2ZS\DVDAudio\CTDVDDET.exe
Click for Plus Info
# CtHelper Application
CTHELPER.EXE CtHelper Application
Version: 1, 0, 1, 2 Copyright © 2002-03
Path: C:\WINDOWS\system32\CTHELPER.EXE
Click for Plus Info
# Microsoft AntiSpyware Service
gcasServ.exe Microsoft AntiSpyware Service
Version: 1.00.0615 Path: C:\PROGRAM FILES\MICROSOFT ANTISPYWARE\gcasServ.exe
Click for Plus Info
# CLI Application (Command Line Interface)
CLI.exe CLI Application (Command Line Interface)
Version: 1.11.0.0 2002-2005
Path: C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\CLI.exe
Click for Plus Info
# QuickTime Task
qttask.exe QuickTime Task
Version: QuickTime 7.0.3 Copyright Apple Computer, Inc. 1989-2005
Path: C:\PROGRAM FILES\QUICKTIME\qttask.exe
Click for Plus Info
# Ad-Watch System Protector
Ad-Watch.exe Ad-Watch System Protector
Version: 3.2 1999-2004 Team Lavasoft
Path: C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe
Click for Plus Info
# Logitech SetPoint Event Manager
SetPoint.exe Logitech SetPoint Event Manager
Version: 2.31.546 © 1998-2005 Logitech. All rights reserved.
Path: C:\PROGRAM FILES\Logitech\SetPoint\SetPoint.exe
Click for Plus Info
# Network DDE - DDE Communication
netdde.exe Network DDE - DDE Communication
Version: 5.1.2600.2180 © Microsoft Corporation. All rights reserved.
Path: C:\WINDOWS\system32\netdde.exe
Click for Plus Info
# Windows NT DDE Server
clipsrv.exe Windows NT DDE Server
Version: 5.1.2600.2180 © Microsoft Corporation. All rights reserved.
Path: C:\WINDOWS\system32\clipsrv.exe
Click for Plus Info
# Microsoft AntiSpyware Data Service
GCASDTSERV.EXE Microsoft AntiSpyware Data Service
Version: 1.00.0615 Path: C:\PROGRAM FILES\MICROSOFT ANTISPYWARE\GCASDTSERV.EXE
Click for Plus Info
# Creative Service for CDROM Access
CTSVCCDA.EXE Creative Service for CDROM Access
Version: 1.0.0.0 Copyright © Creative Technology Ltd., 1999. All rights reserved.
Path: C:\WINDOWS\system32\CTSVCCDA.EXE
Click for Plus Info
# Machine Debug Manager
MDM.EXE Machine Debug Manager
Version: 7.00.9466 © Microsoft Corporation. All rights reserved.
Path: C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\VS7DEBUG\MDM.EXE
Click for Plus Info
# NOD32 Kernel Service
nod32krn.exe NOD32 Kernel Service
Version: 2, 50, 25 Copyright © 1992-2005 Eset
Path: C:\PROGRAM FILES\ESET\nod32krn.exe
Click for Plus Info
# Logitech KHAL Main Process
KHALMNPR.EXE Logitech KHAL Main Process
Version: 2.31.522 © 1998-2005 Logitech. All rights reserved.
Path: C:\PROGRAM FILES\COMMON FILES\Logitech\KHAL\KHALMNPR.EXE
Click for Plus Info
# StarWind iSCSI Target (Alcohol Edition)
STARWINDSERVICE.EXE StarWind iSCSI Target (Alcohol Edition)
Version: 2.6.1 Build 0x20050401 Copyright © Rocket Division Software 2003-2005. All rights reserved.
Path: C:\PROGRAM FILES\ALCOHOL SOFT\ALCOHOL 120\StarWind\STARWINDSERVICE.EXE
Click for Plus Info
# WMDM PMSP Service
MsPMSPSv.exe WMDM PMSP Service
Version: 7.00.00.1954 Copyright © Microsoft Corp. 1981-2000
Path: C:\WINDOWS\system32\MsPMSPSv.exe
Click for Plus Info
# NOD32 Control Center GUI
nod32kui.exe NOD32 Control Center GUI
Version: 2, 50, 25 Copyright © 1992-2005 Eset
Path: C:\PROGRAM FILES\ESET\nod32kui.exe
Click for Plus Info
# iPodService Module
IPODSERVICE.EXE iPodService Module
Version: 6.0.0.18 © 2003-2005 Apple Computer, Inc. All Rights Reserved.
Path: C:\PROGRAM FILES\iPod\bin\IPODSERVICE.EXE
Click for Plus Info
# Steam
steam.exe Steam
Version: 1.0.0.0 © Copyright 2000-2003 Valve Corporation All rights reserved.
Path: C:\PROGRAM FILES\Valve\Steam\steam.exe
Click for Plus Info
# Firefox
firefox.exe Firefox
Version: 1.7.12: 2005091517 Mozilla
Path: C:\PROGRAM FILES\MOZILLA FIREFOX\firefox.exe
Click for Plus Info
# iTunes
iTunes.exe iTunes
Version: 6.0.0.18 © 2003-2005 Apple Computer, Inc. All Rights Reserved.
Path: C:\PROGRAM FILES\iTunes\iTunes.exe
Click for Plus Info
# WinPatrol System Monitor
WINPATROL.EXE WinPatrol System Monitor
Version: 9.7.4.0 Copyright © 1997- 2005 BillP Studios
Path: C:\PROGRAM FILES\BILLP STUDIOS\WINPATROL\WINPATROL.EXE
Click for Plus Info
# WinPatrol Explorer
WINPATROLEX.EXE WinPatrol Explorer
Version: 9.7.4.0 Copyright © 2004-2005 BillP Studios
Path: C:\PROGRAM FILES\BILLP STUDIOS\WINPATROL\WINPATROLEX.EXE
Click for Plus Info
• IE Helpers •
# AcroIEHelper Library
AcroIEHelper.dll Adobe Acrobat IE Helper Version 7.0 for ActiveX
Version: 7, 0, 0, 0 Copyright 1984-2004 Adobe Systems Incorporated and its licensors. All rights reserved.
Path: C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
7, 0, 0, 0
Location: "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects"
Click for Plus Info
# Research
C:\PROGRA~1\MICROS~2\OFFICE11\REFBARH.ICO
Location: "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions"
Click for Plus Info
# Messenger
msmsgs.exe Windows Messenger
Version: Version 4.7.3001 Copyright © Microsoft Corporation 2004
Path: C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Messenger\msmsgs.exe,302
Location: "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions"
Click for Plus Info
• File Types •
# Video Clip
wmplayer.exe /prefetch:8 /Open %L Windows Media Player
Version: 10.00.00.3802 © Microsoft Corporation. All rights reserved.
Path: C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:8 /Open %L
.AVI
Click for Plus Info
# BSPlayer v1.3
bsplayer.exe %L BSPlayer
Version: 1.3.6.0 © 2000-2005 BST
Path: C:\Program Files\Webteh\BSplayer\bsplayer.exe %L
.AVI
Click for Plus Info
# MS-DOS Batch File
%1 %*
Path: %1 %*
.BAT
Click for Plus Info
# Cabinet File
Explorer.exe /idlist,%I,%L Windows Explorer
Version: 6.00.2900.2180 © Microsoft Corporation. All rights reserved.
Path: C:\WINDOWS\Explorer.exe /idlist,%I,%L
.CAB
Click for Plus Info
# Security Catalog
rundll32.exe cryptext.dll,CryptExtOpenCAT %1 Run a DLL as an App
Version: 5.1.2600.2180 © Microsoft Corporation. All rights reserved.
Path: rundll32.exe cryptext.dll,CryptExtOpenCAT %1
.CAT
Click for Plus Info
# Compiled HTML Help file
hh.exe %1 Microsoft® HTML Help Executable
Version: 5.2.3790.2453 © Microsoft Corporation. All rights reserved.
Path: C:\WINDOWS\hh.exe %1
.CHM
Click for Plus Info
# MS-DOS Application
%1 %*
Path: %1 %*
.COM
Click for Plus Info
# Windows NT Command Script
%1 %*
Path: %1 %*
.CMD
Click for Plus Info
# Microsoft Word Document
WINWORD.EXE /n /dde Microsoft Office Word
Version: 11.0.6502 Copyright © 1983-2003 Microsoft Corporation. All rights reserved.
Path: C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE /n /dde
.DOC
Click for Plus Info
# Internet E-Mail Message
msimn.exe /eml:%1 Outlook Express
Version: 6.00.2900.2180 © 2004 Microsoft Corporation. All rights reserved.
Path: C:\Program Files\Outlook Express\msimn.exe /eml:%1
.EML
Click for Plus Info
# Application
%1 %*
Path: %1 %*
.EXE
Click for Plus Info
# Setup Information
NOTEPAD.EXE %1 Notepad
Version: 5.1.2600.2180 © Microsoft Corporation. All rights reserved.
Path: C:\WINDOWS\System32\NOTEPAD.EXE %1
.INF
Click for Plus Info
# JScript Script File
WScript.exe %1 %* Microsoft ® Windows Based Script Host
Version: 5.6.0.8820 Copyright © Microsoft Corp. 2002
Path: C:\WINDOWS\System32\WScript.exe %1 %*
.JS
Click for Plus Info
# Text Document
NOTEPAD.EXE %1 Notepad
Version: 5.1.2600.2180 © Microsoft Corporation. All rights reserved.
Path: C:\WINDOWS\system32\NOTEPAD.EXE %1
.LOG
Click for Plus Info
# Windows Installer Package
msiexec.exe /i %1 %* Windows® installer
Version: 3.1.4000.1823 © Microsoft Corporation. All rights reserved.
Path: C:\WINDOWS\System32\msiexec.exe /i %1 %*
.MSI
Click for Plus Info
# Outlook Item
OUTLOOK.EXE /f %1 Microsoft Office Outlook
Version: 11.0.6353 Copyright © 1995-2003 Microsoft Corporation. All rights reserved.
Path: C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE /f %1
.MSG
Click for Plus Info
# MIDI Sequence
wmplayer.exe /Open %L Windows Media Player
Version: 10.00.00.3802 © Microsoft Corporation. All rights reserved.
Path: C:\Program Files\Windows Media Player\wmplayer.exe /Open %L
.MID
Click for Plus Info
# MP3 Format Sound
wmplayer.exe /prefetch:6 /Open %L Windows Media Player
Version: 10.00.00.3802 © Microsoft Corporation. All rights reserved.
Path: C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:6 /Open %L
.MP3
Click for Plus Info
# Shortcut to MS-DOS Program
%1 %*
Path: %1 %*
.PIF
Click for Plus Info
# RealMedia File
mplayerc.exe %1 Media Player Classic
Version: 6, 4, 8, 4 Copyright © 2002-2005 Gabest
Path: C:\Program Files\Media Player Classic\mplayerc.exe %1
.RAM
Click for Plus Info
# Registration Entries
regedit.exe %1 Registry Editor
Version: 5.1.2600.2180 © Microsoft Corporation. All rights reserved.
Path: regedit.exe %1
.REG
Click for Plus Info
# Rich Text Format
WINWORD.EXE /n /dde Microsoft Office Word
Version: 11.0.6502 Copyright © 1983-2003 Microsoft Corporation. All rights reserved.
Path: C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE /n /dde
.RTF
Click for Plus Info
# Spyware supplemental file
SpybotSD.exe %1
Path: C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe %1
.SBS
Click for Plus Info
# Screen Saver
%1 /S
Path: %1 /S
.SCR
Click for Plus Info
# Text Document
NOTEPAD.EXE %1 Notepad
Version: 5.1.2600.2180 © Microsoft Corporation. All rights reserved.
Path: C:\WINDOWS\system32\NOTEPAD.EXE %1
.TXT
Click for Plus Info
# Internet Shortcut
rundll32.exe shdocvw.dll,OpenURL %l Run a DLL as an App
Version: 5.1.2600.2180 © Microsoft Corporation. All rights reserved.
Path: rundll32.exe shdocvw.dll,OpenURL %l
.URL
Click for Plus Info
# VBScript Script File
WScript.exe %1 %* Microsoft ® Windows Based Script Host
Version: 5.6.0.8820 Copyright © Microsoft Corp. 2002
Path: C:\WINDOWS\System32\WScript.exe %1 %*
.VBS
Click for Plus Info
# VBScript Encoded Script File
WScript.exe %1 %* Microsoft ® Windows Based Script Host
Version: 5.6.0.8820 Copyright © Microsoft Corp. 2002
Path: C:\WINDOWS\System32\WScript.exe %1 %*
.VBE
Click for Plus Info
# Windows Script File
WScript.exe %1 %* Microsoft ® Windows Based Script Host
Version: 5.6.0.8820 Copyright © Microsoft Corp. 2002
Path: C:\WINDOWS\System32\WScript.exe %1 %*
.WSF
Click for Plus Info
# Windows Script Host Settings File
WScript.exe %1 %* Microsoft ® Windows Based Script Host
Version: 5.6.0.8820 Copyright © Microsoft Corp. 2002
Path: C:\WINDOWS\System32\WScript.exe %1 %*
.WSH
Click for Plus Info
# Microsoft Excel Worksheet
EXCEL.EXE /e Microsoft Office Excel
Version: 11.0.6355 Copyright © 1985-2003 Microsoft Corporation. All rights reserved.
Path: C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE /e
.XLS
Click for Plus Info
The bolded items are ones that seem to self generate. I have also uninstalled those programs from my computer.
Addedum: the "pop-up proof" Firefox has been plagued by the aforementioned pop-ups. A majority of these originate from casalemedia or tribalfusion. Excuse my superflous use of multi-syllabic words.
Edit: Seems the first time I posted my HJT log, an error occured and a full lof was not created. It has been fixed.
Edited by theFatTubist, 01 November 2005 - 02:05 AM.
Sign In
Create Account
