This seems to be the place for HijackThis
Page 1 of 2 12 LastLast
Results 1 to 10 of 20

Thread: This seems to be the place for HijackThis

  1. #1
    T̙͓̞̣̯ͦͭͅͅȂͧͭͧ̏̈͏̖̖Z̿ ͆̎̄
    Join Date
    Dec 2004
    Posts
    3,171

    This seems to be the place for HijackThis

    Need some feedback on this site that appears to give results automatically..

    http://www.hijackthis.de/index.php?langselect=english

    is it any good...a scam...a spyware depository waiting for victims...or the real deal ?

  2. #2
    Banned
    Join Date
    Aug 2001
    Location
    Yes
    Posts
    4,429
    The real deal... now that's an extremely nice and helpful page... it's probably not 100% correct all the time, but from what I can see it does an excellent job.

    It's obviously a German project, and assumes that all applications are installed in the default directory (c:\programme\ on a German box, obviously). If they're not, it'll label them as "Possibly nasty"...

    It even recognized and labeled correctly the software for my touchpad...

  3. #3
    Senior Member Spyrus's Avatar
    Join Date
    Oct 2002
    Posts
    742
    From what I can tell it seems like a good website from my computers scan anyway, it did say that my firewall and antivirus were potential threats but came up on the list as safe. Picked up one file that could be removed and gives good advice about windows messenger connections. All-in-all may be a pretty good program for a newbie
    Duct tape.....A whole lot of Duct Tape
    Spyware/Adaware problem click
    here

  4. #4
    Senior Member
    Join Date
    Jan 2005
    Posts
    217

    It helps! :)

    The site helps in analyzing such logs.

    Good source.

    Thanks for the info.

    Yo!
    \"Life without FREEDOM is no life at all\". - William Wallace
    MyhomE MyboX StealtH (loop n. see loop.)
    http://www.geocities.com/sebeneleben/SOTBMulti.gif

  5. #5
    Member
    Join Date
    Dec 2004
    Posts
    81
    I just scanned mine using Hijackthis and it said "It seems that you don't use an anti-virus scanner or your scanner is not active" and "No active firewall was found on your system or the firewall you use is unknown to us." But I DO use an AV scanner and it IS active, and I DO have a firewall and it IS active. I use Norton AV05 and Norton Personal Firewall.

    Then I just tested using Shields UP!, and it said my system received a "perfect "TruStealth" rating," and that "There is NO EVIDENCE WHATSOEVER that a port (or even any computer) exists at this IP address!" and that "From the standpoint of the passing probes of any hacker, this machine does not exist on the Internet. Some questionable personal security systems expose their users by attempting to "counter-probe the prober", thus revealing themselves. But your system wisely remained silent in every way. Very nice."

    Any idea as to why I am getting conflicting reports between the two sites?
    \"Champagne for my real friends, real pain for my sham friends\"-Ed Norton/25th Hour

  6. #6
    Senior Member
    Join Date
    Feb 2004
    Posts
    202

    Re: This seems to be the place for HijackThis

    Originally posted here by Egaladeist
    Need some feedback on this site that appears to give results automatically..

    http://www.hijackthis.de/index.php?langselect=english

    is it any good...a scam...a spyware depository waiting for victims...or the real deal ?
    It's real.... for what it's worth.

    The problems in this application are twofold:

    (1) False positives/false negatives. Everything must be checked by a real, live, knowledgeable person to be certain.

    (2) Newer infections need special interventions. While HijackThis is a great tool for peeking into various parts of the registry, it can't fix every infection. Think of CWS, VX2 and Bube... and these are just a few of the infections that require specialized tools & knowledge.

    I wouldn't recommend that page for those reasons. Just my .02.


  7. #7
    Senior Member
    Join Date
    Aug 2003
    Posts
    1,019
    To add to meeeeeeeee's prognosis/opinion:

    The biggest problem with automated scans is that they do not look at context. Take for example the following: (go ahead, you can plug them into the automated reader if you want)

    O4 - HKLM\..\Run: [THG] C:\WINDOWS\system32\THGuard.exe
    O4 - HKLM\..\Run: C:\WINDOWS\System32\regedit.exe
    O4 - HKLM\..\Run: C:\WINDOWS\System32\explorer.exe
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
    O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
    O4 - HKLM\..\Run: [Recguard] C:\Program Files\SMINST\RECGUARD.EXE


    Can you figure out what, if anything, is wrong with those? The question then becomes, what should one do with them? Remove them and possibly damage the system? Those are legitimate files....or are they? You can find them all on Google, so they must be ok.

    You will get an error message that is pretty confusing. Certainly not for a novice user, IMHO.

    The other issue I have is that if you do use the scanner, and do mess something up, who are you going to get to help undo your mistake? I can see this scenario:
    OP:
    "I used your automated scanner, and it was unsure about some files, so I deleted them. Help me please"
    HELPER:
    "Do you remember what you deleted?"
    OP:
    "No"
    HELPER:
    "I can't help you because I don't know what you did..sorry. I guess you will just have to reformat. I sure hope you have your OS disks"
    OP:
    "What OS disks?"
    At least when a mistake is made when helping someone clean their system (their mistake or mine), I am right there to help them fix it, even if it means e-mailing them the necessary files to correct the error. And it does happen from time to time.

    And in addition to what meeeeeeee said about VX2, there are variants that do not show up in the log at all, as well as some variants of qooligic.

    I really do appreciate the efforts people go through to keep up with these things, and to try to keep them up to date. I have designed practice logs that will fool the automated scanners just for the simple fact that I don't want those people I help train to have to depend on them (the automated readers, I mean).

    Just for fun, put those entries into the reader found here:
    http://www.help2go.com/modules.php?name=HJTDetective

    Anyway, that's just my somewhat educated opinion.

  8. #8
    Member
    Join Date
    Dec 2004
    Posts
    81
    Just for fun, put those entries into the reader found here:
    http://www.help2go.com/modules.php?name=HJTDetective

    Anyway, that's just my somewhat educated opinion.
    Wow, the "O4 - HKLM\..\Run: C:\WINDOWS\System32\explorer.exe" has been identified as Beta Software, and has been positively identified as a malicious program, possibly being malware/spyware.

    That's good stuff. Thank you for enlightening me and showing me that. I am truly grateful. I WAS getting ready to, within the next few days, post the results of the scan I did yesterday and ask for assistance. Because I don't understand what it is telling me. But, if it's alright, I would still like to PM the results to you anyway, after I enter the results on that website first, if that's alright with you.

    But thanks again for showing me that. That is very helpful to me
    \"Champagne for my real friends, real pain for my sham friends\"-Ed Norton/25th Hour

  9. #9
    Senior Member
    Join Date
    Feb 2004
    Posts
    202
    Post the whatever you have in this thread. It should be informative to us all.


  10. #10
    Member
    Join Date
    Dec 2004
    Posts
    81
    Okay, here's the one I JUST did like, 2 minutes ago:





    Logfile of HijackThis v1.99.0
    Scan saved at 9:22:52 PM, on 2/27/2005
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\ACS.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Norton Personal Firewall\ISSVC.exe
    C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
    C:\Program Files\Toshiba\Power Management\CeEPwrSvc.exe
    C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    C:\WINDOWS\system32\DVDRAMSV.exe
    C:\Program Files\Norton AntiVirus\navapsvc.exe
    C:\Program Files\Norton AntiVirus\SAVScan.exe
    C:\WINDOWS\system32\svchost.exe
    c:\TOSHIBA\Ivp\Swupdate\swupdtmr.exe
    C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    C:\WINDOWS\wanmpsvc.exe
    C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
    C:\Program Files\TOSHIBA\Power Management\CePMTray.exe
    C:\WINDOWS\system32\dla\tfswctrl.exe
    C:\Program Files\ltmoh\Ltmoh.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\Program Files\Apoint2K\Apoint.exe
    C:\Program Files\EzButton\EzButton.EXE
    C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
    C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
    C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
    C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
    C:\WINDOWS\System32\ZoomingHook.exe
    C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\WINDOWS\system32\igfxtray.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\toshiba\ivp\ism\pinger.exe
    C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe
    C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\Program Files\Winamp\winampa.exe
    C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\Apoint2K\Apntex.exe
    C:\Program Files\Logitech\MouseWare\system\em_exec.exe
    C:\WINDOWS\system32\RAMASST.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\Program Files\Yahoo!\Messenger\YPager.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Chikka\chikka.exe
    C:\PROGRA~1\Chikka\BnrRepo2.exe
    C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
    C:\Program Files\Messenger\msmsgs.exe
    C:\DOCUME~1\b\LOCALS~1\Temp\Temporary Directory 1 for hijackthis.zip\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.toshiba.com/search
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.antionline.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshibadirect.com/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://activation.rr.com/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_5_7_0.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
    O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
    O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: Norton Personal Firewall - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
    O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_5_7_0.dll
    O4 - HKLM\..\Run: [CeEPOWER] C:\Program Files\TOSHIBA\Power Management\CePMTray.exe
    O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
    O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
    O4 - HKLM\..\Run: [EzButton] C:\Program Files\EzButton\EzButton.EXE
    O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
    O4 - HKLM\..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
    O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
    O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
    O4 - HKLM\..\Run: [ZoomingHook] c:\WINDOWS\System32\ZoomingHook.exe
    O4 - HKLM\..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [Pinger] c:\toshiba\ivp\ism\pinger.exe /run
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
    O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
    O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
    O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
    O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - Startup: Microsoft Office OneNote 2003 Quick Launch.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
    O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
    O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
    O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
    O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
    O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O14 - IERESET.INF: START_PAGE_URL=http://www.toshiba.com
    O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://activation.rr.com/install/download/tgctlcm.cab
    O16 - DPF: {88D758A3-D33B-45FD-91E3-67749B4057FA} (Sinstaller Class) - http://dm.screensavers.com/dm/instal...sinstaller.cab
    O18 - Protocol: bw+0 - {FD6050B7-26BE-4936-8825-B4CF5EBEEBF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {FD6050B7-26BE-4936-8825-B4CF5EBEEBF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {FD6050B7-26BE-4936-8825-B4CF5EBEEBF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {FD6050B7-26BE-4936-8825-B4CF5EBEEBF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {FD6050B7-26BE-4936-8825-B4CF5EBEEBF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {FD6050B7-26BE-4936-8825-B4CF5EBEEBF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {FD6050B7-26BE-4936-8825-B4CF5EBEEBF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {FD6050B7-26BE-4936-8825-B4CF5EBEEBF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {FD6050B7-26BE-4936-8825-B4CF5EBEEBF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {FD6050B7-26BE-4936-8825-B4CF5EBEEBF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {FD6050B7-26BE-4936-8825-B4CF5EBEEBF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {FD6050B7-26BE-4936-8825-B4CF5EBEEBF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {FD6050B7-26BE-4936-8825-B4CF5EBEEBF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {FD6050B7-26BE-4936-8825-B4CF5EBEEBF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {FD6050B7-26BE-4936-8825-B4CF5EBEEBF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {FD6050B7-26BE-4936-8825-B4CF5EBEEBF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {FD6050B7-26BE-4936-8825-B4CF5EBEEBF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {FD6050B7-26BE-4936-8825-B4CF5EBEEBF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {FD6050B7-26BE-4936-8825-B4CF5EBEEBF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {FD6050B7-26BE-4936-8825-B4CF5EBEEBF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {FD6050B7-26BE-4936-8825-B4CF5EBEEBF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {FD6050B7-26BE-4936-8825-B4CF5EBEEBF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {FD6050B7-26BE-4936-8825-B4CF5EBEEBF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {FD6050B7-26BE-4936-8825-B4CF5EBEEBF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {FD6050B7-26BE-4936-8825-B4CF5EBEEBF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {FD6050B7-26BE-4936-8825-B4CF5EBEEBF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {FD6050B7-26BE-4936-8825-B4CF5EBEEBF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {FD6050B7-26BE-4936-8825-B4CF5EBEEBF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {FD6050B7-26BE-4936-8825-B4CF5EBEEBF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {FD6050B7-26BE-4936-8825-B4CF5EBEEBF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {FD6050B7-26BE-4936-8825-B4CF5EBEEBF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {FD6050B7-26BE-4936-8825-B4CF5EBEEBF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {FD6050B7-26BE-4936-8825-B4CF5EBEEBF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {FD6050B7-26BE-4936-8825-B4CF5EBEEBF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {FD6050B7-26BE-4936-8825-B4CF5EBEEBF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {FD6050B7-26BE-4936-8825-B4CF5EBEEBF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {FD6050B7-26BE-4936-8825-B4CF5EBEEBF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {FD6050B7-26BE-4936-8825-B4CF5EBEEBF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {FD6050B7-26BE-4936-8825-B4CF5EBEEBF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {FD6050B7-26BE-4936-8825-B4CF5EBEEBF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {FD6050B7-26BE-4936-8825-B4CF5EBEEBF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {FD6050B7-26BE-4936-8825-B4CF5EBEEBF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {FD6050B7-26BE-4936-8825-B4CF5EBEEBF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {FD6050B7-26BE-4936-8825-B4CF5EBEEBF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {FD6050B7-26BE-4936-8825-B4CF5EBEEBF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {FD6050B7-26BE-4936-8825-B4CF5EBEEBF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {FD6050B7-26BE-4936-8825-B4CF5EBEEBF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {FD6050B7-26BE-4936-8825-B4CF5EBEEBF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {FD6050B7-26BE-4936-8825-B4CF5EBEEBF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {FD6050B7-26BE-4936-8825-B4CF5EBEEBF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {FD6050B7-26BE-4936-8825-B4CF5EBEEBF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {FD6050B7-26BE-4936-8825-B4CF5EBEEBF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {FD6050B7-26BE-4936-8825-B4CF5EBEEBF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {FD6050B7-26BE-4936-8825-B4CF5EBEEBF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {FD6050B7-26BE-4936-8825-B4CF5EBEEBF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {FD6050B7-26BE-4936-8825-B4CF5EBEEBF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {FD6050B7-26BE-4936-8825-B4CF5EBEEBF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {FD6050B7-26BE-4936-8825-B4CF5EBEEBF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {FD6050B7-26BE-4936-8825-B4CF5EBEEBF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {FD6050B7-26BE-4936-8825-B4CF5EBEEBF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {FD6050B7-26BE-4936-8825-B4CF5EBEEBF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {FD6050B7-26BE-4936-8825-B4CF5EBEEBF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {FD6050B7-26BE-4936-8825-B4CF5EBEEBF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {FD6050B7-26BE-4936-8825-B4CF5EBEEBF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {FD6050B7-26BE-4936-8825-B4CF5EBEEBF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {FD6050B7-26BE-4936-8825-B4CF5EBEEBF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {FD6050B7-26BE-4936-8825-B4CF5EBEEBF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {FD6050B7-26BE-4936-8825-B4CF5EBEEBF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {FD6050B7-26BE-4936-8825-B4CF5EBEEBF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {FD6050B7-26BE-4936-8825-B4CF5EBEEBF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {FD6050B7-26BE-4936-8825-B4CF5EBEEBF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {FD6050B7-26BE-4936-8825-B4CF5EBEEBF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {FD6050B7-26BE-4936-8825-B4CF5EBEEBF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {FD6050B7-26BE-4936-8825-B4CF5EBEEBF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {FD6050B7-26BE-4936-8825-B4CF5EBEEBF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {FD6050B7-26BE-4936-8825-B4CF5EBEEBF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll
    O18 - Protocol: offline-8876480 - {FD6050B7-26BE-4936-8825-B4CF5EBEEBF8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O23 - Service: Atheros Configuration Service - Unknown - C:\WINDOWS\system32\ACS.exe
    O23 - Service: AOL Connectivity Service - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
    O23 - Service: Ati HotKey Poller - Unknown - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Symantec Event Manager - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Network Proxy - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
    O23 - Service: Symantec Password Validation - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    O23 - Service: CeEPwrSvc - COMPAL ELECTRONIC INC. - C:\Program Files\Toshiba\Power Management\CeEPwrSvc.exe
    O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
    O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\hpbpro.exe
    O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\hpboid.exe
    O23 - Service: ISSvc - Symantec Corporation - C:\Program Files\Norton Personal Firewall\ISSVC.exe
    O23 - Service: Norton AntiVirus Auto Protect Service - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
    O23 - Service: ScriptBlocking Service - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: Symantec Network Drivers Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: Symantec SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: Swupdtmr - Unknown - c:\TOSHIBA\Ivp\Swupdate\swupdtmr.exe
    O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    O23 - Service: SymWMI Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
    O23 - Service: WAN Miniport (ATW) Service - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
    \"Champagne for my real friends, real pain for my sham friends\"-Ed Norton/25th Hour

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •