Sign in with
Sign up | Sign in
Your question

Hijack this

Last response: in Windows XP
Share
Anonymous
July 9, 2005 6:38:43 AM

Archived from groups: microsoft.public.windowsxp.general (More info?)

Guys please help.
MY PC seems to be working sooooo slow. I have no idea why. Someone
once suggested to use the Highjack this software to see whats wrong. I
didnt see anything wrong with my HJ...
Can anyone see something I dont see?
Thanks a lot...


Logfile of HijackThis v1.99.1
Scan saved at 6:00:29 PM, on 7/7/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\spoolsv.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\windows\System32\nvsvc32.exe
C:\windows\System32\svchost.exe
C:\windows\Explorer.EXE
C:\windows\system32\gsicon.exe
C:\windows\system32\dslagent.exe
C:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\PROGRA~1\ICQ\ICQ.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\stass\LOCALS~1\Temp\Rar$EX00.056\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet
Explorer\Search,CustomizeSearch =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
- C:\Program Files\Adobe\Acrobat
6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1FAD3100-9C16-58E1-8756-64550DA62E10} - (no
file)
O2 - BHO: VENGOBAR - {4E7BD74F-2B8D-469E-C0FF-FD63B39BBF2B} -
C:\WINDOWS\DOWNLO~1\vengobar.dll
O2 - BHO: Viewpoint Toolbar BHO -
{A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program
Files\Viewpoint\Viewpoint Toolbar\ViewBarBHO.dll
O3 - Toolbar: VENGOBAR - {4E7BD74F-2B8D-469E-C0FF-FD63B39BBF2B} -
C:\WINDOWS\DOWNLO~1\vengobar.dll
O3 - Toolbar: Viewpoint Toolbar -
{F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program
Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll
O4 - HKLM\..\Run: [GSICONEXE] gsicon.exe
O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB
O4 - HKLM\..\Run: [Camera Detector]
C:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE -autorun
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE
C:\windows\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program
Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [Mirabilis ICQ] C:\PROGRA~1\ICQ\ICQNet.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft
AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common
Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [KAVPersonal50] D:\Program Files\Kaspersky
Anti-Virus Personal\kav.exe /minimize
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program
Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN
Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Microsoft Office.lnk = C:\Program
Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: &Viewpoint Search - res://C:\Program
Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll/CXTSEARCH.HTML
O8 - Extra context menu item: Send To &Bluetooth - C:\Program
Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501}
- C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra ’Tools’ menuitem: Sun Java Console -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program
Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} -
C:\PROGRA~1\ICQ\ICQ.exe
O9 - Extra ’Tools’ menuitem: ICQ -
{6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe
O9 - Extra button: @btrez.dll,-4015 -
{CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program
Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra ’Tools’ menuitem: @btrez.dll,-4017 -
{CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program
Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683}
- C:\Program Files\Messenger\msmsgs.exe
O9 - Extra ’Tools’ menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine
Advantage Validation Tool) -
http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x40...
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image
Uploader 3.0 Control) - http://www.pic.co.il/ImageUploader3.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF}
(MsnMessengerSetupDownloadControl Class) -
http://messenger.msn.com/download/MsnMessengerSetupDown...
O16 - DPF: {D79B6F43-F214-4E7A-9ECB-CCC8771F2416} (LauncherV1 Class) -
http://www.tapuz.co.il/irc/main/launcher.cab
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software
XUpload) - http://www.pic.co.il/XUpload.ocx
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control
4.5) - http://chat.msn.com/bin/msnchat45.cab
O17 -
HKLM\System\CCS\Services\Tcpip\..\{99306F78-3508-4F8B-8029-C180A
B07BA2E}:
NameServer = 212.143.212.143 194.90.1.5
O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} -
C:\windows\system32\btxppanel.dll
O20 - Winlogon Notify: iexplore - 2dm2d.dll (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - Unknown owner -
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe (file missing)
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - Unknown owner -
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe (file missing)
O23 - Service: F-Secure Internet Security 2004 (BackWeb Client -
4476822) - Unknown owner -
C:\PROGRA~1\F-SECU~1\backweb\4476822\Program\SERVIC~1.EXE (file
missing)
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. -
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: F-Secure Gatekeeper Handler Starter - Unknown owner -
C:\Program Files\F-Secure Internet
Security\Anti-Virus\fsgk32st.exe (file missing)
O23 - Service: fsbwsys - Unknown owner - C:\Program Files\F-Secure
Internet Security\backweb\4476822\program\fsbwsys.exe (file
missing)
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - Unknown
owner - C:\Program Files\F-Secure Internet
Security\FWES\Program\fsdfwd.exe (file missing)
O23 - Service: F-Secure Management Agent (FSMA) - Unknown owner -
C:\Program Files\F-Secure Internet Security\Common\FSMA32.EXE
(file missing)
O23 - Service: kavsvc - Kaspersky Labs - D:\Program Files\Kaspersky
Anti-Virus Personal\kavsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA
Corporation - C:\windows\System32\nvsvc32.exe

--
Posted using the http://www.windowsforumz.com interface, at author's request
Articles individually checked for conformance to usenet standards
Topic URL: http://www.windowsforumz.com/General-Discussion-Hijack-...
Visit Topic URL to contact author (reg. req'd). Report abuse: http://www.windowsforumz.com/eform.php?p=1761058

More about : hijack

Anonymous
July 10, 2005 12:15:22 AM

Archived from groups: microsoft.public.windowsxp.general (More info?)

"stason3" <UseLinkToEmail@WindowsForumz.com> wrote in message
news:3_1761058_76e274d7948bf2d45ff09c02f5309d58@windowsforumz.com...
> Guys please help.
> MY PC seems to be working sooooo slow. I have no idea why. Someone
> once suggested to use the Highjack this software to see whats wrong. I
> didnt see anything wrong with my HJ...
> Can anyone see something I dont see?
> Thanks a lot...
>
>
> Logfile of HijackThis v1.99.1

Answers in line


> C:\Program Files\Common Files\Real\Update_OB\realsched.exe
> O2 - BHO: VENGOBAR - {4E7BD74F-2B8D-469E-C0FF-FD63B39BBF2B} -
> C:\WINDOWS\DOWNLO~1\vengobar.dll
> O3 - Toolbar: VENGOBAR - {4E7BD74F-2B8D-469E-C0FF-FD63B39BBF2B} -
> C:\WINDOWS\DOWNLO~1\vengobar.dll

I would remove these items above


> O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - Unknown owner -
> C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe (file missing)
> O23 - Service: AVG7 Update Service (Avg7UpdSvc) - Unknown owner -
> C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe (file missing)
> O23 - Service: F-Secure Internet Security 2004 (BackWeb Client -
> 4476822) - Unknown owner -
> C:\PROGRA~1\F-SECU~1\backweb\4476822\Program\SERVIC~1.EXE (file
> missing)
> O23 - Service: F-Secure Gatekeeper Handler Starter - Unknown owner -
> C:\Program Files\F-Secure Internet
> Security\Anti-Virus\fsgk32st.exe (file missing)
> O23 - Service: fsbwsys - Unknown owner - C:\Program Files\F-Secure
> Internet Security\backweb\4476822\program\fsbwsys.exe (file
> missing)
> O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - Unknown
> owner - C:\Program Files\F-Secure Internet
> Security\FWES\Program\fsdfwd.exe (file missing)
> O23 - Service: F-Secure Management Agent (FSMA) - Unknown owner -
> C:\Program Files\F-Secure Internet Security\Common\FSMA32.EXE
> (file missing)
> O23 - Service: kavsvc - Kaspersky Labs - D:\Program Files\Kaspersky
> Anti-Virus Personal\kavsvc.exe
> O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA
> Corporation - C:\windows\System32\nvsvc32.exe

You should only be running one AV program, review the list above and
decide which AV program you want to keep, remove the others from Add
Remove Programs.

There may be other bad products in you list, [EG 023 file secure
entries]if my suggestions don't give you any relief post your HJT
log here [you will have to register]
http://forum.aumha.org/

rgds
Li'l Roberto
Anonymous
July 10, 2005 9:32:00 AM

Archived from groups: microsoft.public.windowsxp.general (More info?)

Have hijackthis fix the following lines.

O2 - BHO: (no name) - {1FAD3100-9C16-58E1-8756-64550DA62E10} - (no
file)
O2 - BHO: VENGOBAR - {4E7BD74F-2B8D-469E-C0FF-FD63B39BBF2B} -
C:\WINDOWS\DOWNLO~1\vengobar.dll
O2 - BHO: Viewpoint Toolbar BHO -
{A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program
Files\Viewpoint\Viewpoint Toolbar\ViewBarBHO.dll
O3 - Toolbar: VENGOBAR - {4E7BD74F-2B8D-469E-C0FF-FD63B39BBF2B} -
C:\WINDOWS\DOWNLO~1\vengobar.dll
O3 - Toolbar: Viewpoint Toolbar -
{F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program
Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll
O8 - Extra context menu item: &Viewpoint Search - res://C:\Program
Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll/CXTSEARCH.HTML

Do you use the viewpoint toolbar? That is debatable whether or not it is
spyware. If you don't use it then remove it. However you have some uploading
active X files installed some of which are for uploading photos which could
be used with the viewpoint toolbar.


--


The best live web video on the internet http://www.seedsv.com/webdemo.htm
NEW Embedded system W/Linux. We now sell DVR cards.
See it all at http://www.seedsv.com/products.htm
Sharpvision simply the best http://www.seedsv.com



"stason3" <UseLinkToEmail@WindowsForumz.com> wrote in message
news:3_1761058_76e274d7948bf2d45ff09c02f5309d58@windowsforumz.com...
> Guys please help.
> MY PC seems to be working sooooo slow. I have no idea why. Someone
> once suggested to use the Highjack this software to see whats wrong. I
> didnt see anything wrong with my HJ...
> Can anyone see something I dont see?
> Thanks a lot...
>
>
> Logfile of HijackThis v1.99.1
> Scan saved at 6:00:29 PM, on 7/7/2005
> Platform: Windows XP SP2 (WinNT 5.01.2600)
> MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
>
> Running processes:
> C:\windows\System32\smss.exe
> C:\windows\system32\winlogon.exe
> C:\windows\system32\services.exe
> C:\windows\system32\lsass.exe
> C:\windows\system32\svchost.exe
> C:\windows\System32\svchost.exe
> C:\windows\system32\spoolsv.exe
> C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
> C:\windows\System32\nvsvc32.exe
> C:\windows\System32\svchost.exe
> C:\windows\Explorer.EXE
> C:\windows\system32\gsicon.exe
> C:\windows\system32\dslagent.exe
> C:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE
> C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
> C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
> C:\Program Files\Common Files\Real\Update_OB\realsched.exe
> C:\Program Files\MSN Messenger\MsnMsgr.Exe
> C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
> C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
> C:\PROGRA~1\ICQ\ICQ.exe
> C:\Program Files\Internet Explorer\iexplore.exe
> C:\Program Files\WinRAR\WinRAR.exe
> C:\DOCUME~1\stass\LOCALS~1\Temp\Rar$EX00.056\HijackThis.exe
>
> R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
> R0 - HKLM\Software\Microsoft\Internet
> Explorer\Search,CustomizeSearch =
> O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
> - C:\Program Files\Adobe\Acrobat
> 6.0\Reader\ActiveX\AcroIEHelper.dll
> O2 - BHO: (no name) - {1FAD3100-9C16-58E1-8756-64550DA62E10} - (no
> file)
> O2 - BHO: VENGOBAR - {4E7BD74F-2B8D-469E-C0FF-FD63B39BBF2B} -
> C:\WINDOWS\DOWNLO~1\vengobar.dll
> O2 - BHO: Viewpoint Toolbar BHO -
> {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:\Program
> Files\Viewpoint\Viewpoint Toolbar\ViewBarBHO.dll
> O3 - Toolbar: VENGOBAR - {4E7BD74F-2B8D-469E-C0FF-FD63B39BBF2B} -
> C:\WINDOWS\DOWNLO~1\vengobar.dll
> O3 - Toolbar: Viewpoint Toolbar -
> {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program
> Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll
> O4 - HKLM\..\Run: [GSICONEXE] gsicon.exe
> O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB
> O4 - HKLM\..\Run: [Camera Detector]
> C:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE -autorun
> O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE
> C:\windows\System32\NvCpl.dll,NvStartup
> O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program
> Files\Java\jre1.5.0_02\bin\jusched.exe
> O4 - HKLM\..\Run: [Mirabilis ICQ] C:\PROGRA~1\ICQ\ICQNet.exe
> O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft
> AntiSpyware\gcasServ.exe"
> O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common
> Files\Real\Update_OB\realsched.exe" -osboot
> O4 - HKLM\..\Run: [KAVPersonal50] D:\Program Files\Kaspersky
> Anti-Virus Personal\kav.exe /minimize
> O4 - HKLM\..\Run: [QuickTime Task] "C:\Program
> Files\QuickTime\qttask.exe" -atboottime
> O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN
> Messenger\MsnMsgr.Exe" /background
> O4 - Global Startup: Microsoft Office.lnk = C:\Program
> Files\Microsoft Office\Office\OSA9.EXE
> O4 - Global Startup: BTTray.lnk = ?
> O8 - Extra context menu item: &Viewpoint Search - res://C:\Program
> Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll/CXTSEARCH.HTML
> O8 - Extra context menu item: Send To &Bluetooth - C:\Program
> Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
> O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501}
> - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
> O9 - Extra 'Tools' menuitem: Sun Java Console -
> {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program
> Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
> O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} -
> C:\PROGRA~1\ICQ\ICQ.exe
> O9 - Extra 'Tools' menuitem: ICQ -
> {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe
> O9 - Extra button: @btrez.dll,-4015 -
> {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program
> Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
> O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 -
> {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program
> Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
> O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683}
> - C:\Program Files\Messenger\msmsgs.exe
> O9 - Extra 'Tools' menuitem: Windows Messenger -
> {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
> Files\Messenger\msmsgs.exe
> O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine
> Advantage Validation Tool) -
> http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x40...
> O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image
> Uploader 3.0 Control) - http://www.pic.co.il/ImageUploader3.cab
> O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF}
> (MsnMessengerSetupDownloadControl Class) -
> http://messenger.msn.com/download/MsnMessengerSetupDown...
> O16 - DPF: {D79B6F43-F214-4E7A-9ECB-CCC8771F2416} (LauncherV1 Class) -
> http://www.tapuz.co.il/irc/main/launcher.cab
> O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software
> XUpload) - http://www.pic.co.il/XUpload.ocx
> O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control
> 4.5) - http://chat.msn.com/bin/msnchat45.cab
> O17 -
> HKLM\System\CCS\Services\Tcpip\..\{99306F78-3508-4F8B-8029-C180A
> B07BA2E}:
> NameServer = 212.143.212.143 194.90.1.5
> O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} -
> C:\windows\system32\btxppanel.dll
> O20 - Winlogon Notify: iexplore - 2dm2d.dll (file missing)
> O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - Unknown owner -
> C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe (file missing)
> O23 - Service: AVG7 Update Service (Avg7UpdSvc) - Unknown owner -
> C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe (file missing)
> O23 - Service: F-Secure Internet Security 2004 (BackWeb Client -
> 4476822) - Unknown owner -
> C:\PROGRA~1\F-SECU~1\backweb\4476822\Program\SERVIC~1.EXE (file
> missing)
> O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. -
> C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
> O23 - Service: F-Secure Gatekeeper Handler Starter - Unknown owner -
> C:\Program Files\F-Secure Internet
> Security\Anti-Virus\fsgk32st.exe (file missing)
> O23 - Service: fsbwsys - Unknown owner - C:\Program Files\F-Secure
> Internet Security\backweb\4476822\program\fsbwsys.exe (file
> missing)
> O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - Unknown
> owner - C:\Program Files\F-Secure Internet
> Security\FWES\Program\fsdfwd.exe (file missing)
> O23 - Service: F-Secure Management Agent (FSMA) - Unknown owner -
> C:\Program Files\F-Secure Internet Security\Common\FSMA32.EXE
> (file missing)
> O23 - Service: kavsvc - Kaspersky Labs - D:\Program Files\Kaspersky
> Anti-Virus Personal\kavsvc.exe
> O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA
> Corporation - C:\windows\System32\nvsvc32.exe
>
> --
> Posted using the http://www.windowsforumz.com interface, at author's
> request
> Articles individually checked for conformance to usenet standards
> Topic URL:
> http://www.windowsforumz.com/General-Discussion-Hijack-...
> Visit Topic URL to contact author (reg. req'd). Report abuse:
> http://www.windowsforumz.com/eform.php?p=1761058
Related resources
Anonymous
July 10, 2005 2:31:49 PM

Archived from groups: microsoft.public.windowsxp.general (More info?)

My Pc have been running slow also, this is whta hijack this shows, and I can
not see anything wrong

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Gazel-NT\vstartx.exe
C:\Program Files\Gazel-NT\gisdnlog.exe
C:\PROGRA~1\Iomega\System32\AppServices.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Commander Pro\UPServ.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Commander Pro\UPS.EXE
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\Program Files\Gazel-NT\gsyno.exe
C:\Program Files\Messenger Plus! 3\MsgPlus.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
C:\PROGRA~1\LEXMAR~1\ACMonitor_X83.exe
C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X83.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE
C:\Program Files\Logitech\ImageStudio\LogiTray.exe
C:\Program Files\Iomega\Iomega Automatic Backup\ibackup.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe
C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe
C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\Playlist.exe
C:\cFosNT\cFosDNT.exe
C:\Program Files\Acronis\TrueImage\TrueImageMonitor.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\D-Link AirPlus Xtreme G\AirPlus.exe
C:\Program Files\No-IP\DUC20.exe
C:\Program Files\WinPhone\winphone.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\newsproxy\NewsProxy.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\Bill\LOCALS~1\Temp\Rar$EX00.703\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://us.cnn.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://us.cnn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft
Internet Explorer
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} -
C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} -
C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: AcroIEToolbarHelper Class -
{AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat
6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program
Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} -
C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -
C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} -
C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog
Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog
Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec
Shared\ccApp.exe"
O4 - HKLM\..\Run: [NAV CfgWiz] C:\Program Files\Common Files\Symantec
Shared\CfgWiz.exe /GUID NAV /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor]
C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft
AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program
Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [GazelDisplay] "C:\Program Files\Gazel-NT\gsyno.exe" -h
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus!
3\MsgPlus.exe"
O4 - HKLM\..\Run: [PrinTray]
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
O4 - HKLM\..\Run: [Lexmark X83 Button Monitor]
C:\PROGRA~1\LEXMAR~1\ACMonitor_X83.exe
O4 - HKLM\..\Run: [Lexmark X83 Button Manager]
C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X83.exe
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program
Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program
Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program
Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common
Files\Logitech\QCDriver3\LVCOMS.EXE
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program
Files\Logitech\ImageStudio\ISStart.exe
O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program
Files\Logitech\ImageStudio\LogiTray.exe
O4 - HKLM\..\Run: [Iomega Automatic Backup 1.0.1] C:\Program
Files\Iomega\Iomega Automatic Backup\ibackup.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Common Files\Roxio
Shared\System\EngUtil.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy CD Creator
6\DragToDisc\DrgToDsc.exe"
O4 - HKLM\..\Run: [RoxioAudioCentral] "C:\Program Files\Roxio\Easy CD
Creator 6\AudioCentral\RxMon.exe"
O4 - HKLM\..\Run: [cFosDNT] C:\cFosNT\cFosDNT.exe
O4 - HKLM\..\Run: [Acronis True Image Monitor] "C:\Program
Files\Acronis\TrueImage\TrueImageMonitor.exe"
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common
Files\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI
Technologies\ATI.ACE\cli.exe" runtime
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe"
/background
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus!
3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Iomega Automatic Backup] C:\Program Files\Iomega\Iomega
Automatic Backup\ibackup.exe
O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy
Sweeper\SpySweeper.exe" /0
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe"
/background
O4 - Startup: No-IP DUC.lnk = C:\Program Files\No-IP\DUC20.exe
O4 - Startup: WinPhone.lnk = C:\Program Files\WinPhone\winphone.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat
6.0\Distillr\acrotray.exe
O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\Program Files\ATI
Technologies\ATI.ACE\CLI.exe
O4 - Global Startup: D-Link AirPlus Xtreme G Configuration Utility.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel
present
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program
Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program
Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} -
C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
Files\Messenger\msmsgs.exe
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) -
https://www-secure.symantec.com/techsupp/asa/LSSupCtl.c...
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus
scanner) -
http://security.symantec.com/sscv6/SharedContent/vc/bin...
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating
System Class) -
http://download.mcafee.com/molbin/shared/mcinsctl/en-us...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://v5.windowsupdate.microsoft.com/v5consumer/V5Cont...
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility
Class) -
http://security.symantec.com/sscv6/SharedContent/common...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) -
http://a840.g.akamai.net/7/840/537/2004061001/housecall...
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) -
http://download.mcafee.com/molbin/shared/mcgdmgr/en-us/...
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) -
https://www-secure.symantec.com/techsupp/asa/SymAData.c...
O16 - DPF: {E36C5562-C4E0-4220-BCB2-1C671E3A5916} (Seagate SeaTools English
Online) -
http://www.seagate.com/support/disc/asp/tools/en/bin/np...
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) -
http://download.mcafee.com/molbin/iss-loc/vso/en-us/too...
O17 -
HKLM\System\CCS\Services\Tcpip\..\{69E3444C-02AC-405A-886D-74BBAB8A68CF}:
NameServer = 192.168.0.1
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis -
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. -
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. -
C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation -
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation -
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec
Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation -
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Démarrage Gazel (Gazel Startup) - Unknown owner - C:\Program
Files\Gazel-NT\vstartx.exe" /s (file missing)
O23 - Service: Journal des connexions RNIS (GisdnLog) - Unknown owner -
C:\Program Files\Gazel-NT\gisdnlog.exe" -s (file missing)
O23 - Service: Iomega App Services - Iomega Corporation -
C:\PROGRA~1\Iomega\System32\AppServices.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec
Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton
AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation -
C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec
Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) -
Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program
Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: UPSmart - Unknown owner - C:\Program Files\Commander
Pro\UPServ.exe



--
Anonymous
July 10, 2005 2:31:50 PM

Archived from groups: microsoft.public.windowsxp.general (More info?)

Your log is fine.

--


The best live web video on the internet http://www.seedsv.com/webdemo.htm
NEW Embedded system W/Linux. We now sell DVR cards.
See it all at http://www.seedsv.com/products.htm
Sharpvision simply the best http://www.seedsv.com



"Newport" <xxxxxx@txxxxx.xx> wrote in message
news:42d0dd4c$0$25061$8fcfb975@news.wanadoo.fr...
> My Pc have been running slow also, this is whta hijack this shows, and I
> can not see anything wrong
>
> C:\WINDOWS\System32\smss.exe
> C:\WINDOWS\system32\csrss.exe
> C:\WINDOWS\system32\winlogon.exe
> C:\WINDOWS\system32\services.exe
> C:\WINDOWS\system32\lsass.exe
> C:\WINDOWS\system32\Ati2evxx.exe
> C:\WINDOWS\system32\svchost.exe
> C:\WINDOWS\system32\svchost.exe
> C:\WINDOWS\System32\svchost.exe
> C:\WINDOWS\System32\svchost.exe
> C:\WINDOWS\System32\svchost.exe
> C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
> C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
> C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
> C:\WINDOWS\system32\spoolsv.exe
> C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
> C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
> C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
> C:\Program Files\Gazel-NT\vstartx.exe
> C:\Program Files\Gazel-NT\gisdnlog.exe
> C:\PROGRA~1\Iomega\System32\AppServices.exe
> C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
> C:\Program Files\Norton AntiVirus\navapsvc.exe
> C:\Program Files\Norton AntiVirus\SAVScan.exe
> C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
> C:\WINDOWS\System32\svchost.exe
> C:\WINDOWS\system32\wdfmgr.exe
> C:\Program Files\Commander Pro\UPServ.exe
> C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
> C:\WINDOWS\System32\alg.exe
> C:\WINDOWS\System32\svchost.exe
> C:\Program Files\Commander Pro\UPS.EXE
> C:\WINDOWS\system32\Ati2evxx.exe
> C:\WINDOWS\Explorer.EXE
> C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
> C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
> C:\Program Files\Common Files\Symantec Shared\ccApp.exe
> C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
> C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
> C:\Program Files\Gazel-NT\gsyno.exe
> C:\Program Files\Messenger Plus! 3\MsgPlus.exe
> C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
> C:\PROGRA~1\LEXMAR~1\ACMonitor_X83.exe
> C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X83.exe
> C:\Program Files\Logitech\iTouch\iTouch.exe
> C:\Program Files\Logitech\Video\LogiTray.exe
> C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE
> C:\Program Files\Logitech\ImageStudio\LogiTray.exe
> C:\Program Files\Iomega\Iomega Automatic Backup\ibackup.exe
> C:\Program Files\Logitech\MouseWare\system\em_exec.exe
> C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe
> C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe
> C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\Playlist.exe
> C:\cFosNT\cFosDNT.exe
> C:\Program Files\Acronis\TrueImage\TrueImageMonitor.exe
> C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
> C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
> C:\Program Files\Messenger\msmsgs.exe
> C:\WINDOWS\system32\ctfmon.exe
> C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
> C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
> C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
> C:\Program Files\D-Link AirPlus Xtreme G\AirPlus.exe
> C:\Program Files\No-IP\DUC20.exe
> C:\Program Files\WinPhone\winphone.exe
> C:\Program Files\MSN Messenger\msnmsgr.exe
> C:\newsproxy\NewsProxy.exe
> C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
> C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
> C:\Program Files\Outlook Express\msimn.exe
> C:\Program Files\Internet Explorer\iexplore.exe
> C:\Program Files\WinRAR\WinRAR.exe
> C:\DOCUME~1\Bill\LOCALS~1\Temp\Rar$EX00.703\HijackThis.exe
>
> R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
> http://us.cnn.com
> R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
> http://us.cnn.com
> R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title =
> Microsoft Internet Explorer
> O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
> C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
> O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} -
> C:\PROGRA~1\SPYBOT~1\SDHelper.dll
> O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} -
> C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
> O2 - BHO: AcroIEToolbarHelper Class -
> {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat
> 6.0\Acrobat\AcroIEFavClient.dll
> O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program
> Files\Norton AntiVirus\NavShExt.dll
> O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} -
> C:\Program Files\Norton AntiVirus\NavShExt.dll
> O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -
> C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
> O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} -
> C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
> O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog
> Devices\SoundMAX\SMax4PNP.exe
> O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog
> Devices\SoundMAX\Smax4.exe" /tray
> O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec
> Shared\ccApp.exe"
> O4 - HKLM\..\Run: [NAV CfgWiz] C:\Program Files\Common Files\Symantec
> Shared\CfgWiz.exe /GUID NAV /CMDLINE "REBOOT"
> O4 - HKLM\..\Run: [Symantec NetDriver Monitor]
> C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
> O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft
> AntiSpyware\gcasServ.exe"
> O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program
> Files\Java\jre1.5.0_02\bin\jusched.exe
> O4 - HKLM\..\Run: [GazelDisplay] "C:\Program Files\Gazel-NT\gsyno.exe" -h
> O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus!
> 3\MsgPlus.exe"
> O4 - HKLM\..\Run: [PrinTray]
> C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
> O4 - HKLM\..\Run: [Lexmark X83 Button Monitor]
> C:\PROGRA~1\LEXMAR~1\ACMonitor_X83.exe
> O4 - HKLM\..\Run: [Lexmark X83 Button Manager]
> C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X83.exe
> O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program
> Files\Logitech\iTouch\iTouch.exe
> O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
> O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program
> Files\Logitech\Video\ISStart.exe
> O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program
> Files\Logitech\Video\LogiTray.exe
> O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common
> Files\Logitech\QCDriver3\LVCOMS.EXE
> O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program
> Files\Logitech\ImageStudio\ISStart.exe
> O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program
> Files\Logitech\ImageStudio\LogiTray.exe
> O4 - HKLM\..\Run: [Iomega Automatic Backup 1.0.1] C:\Program
> Files\Iomega\Iomega Automatic Backup\ibackup.exe
> O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
> O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Common
> Files\Roxio Shared\System\EngUtil.exe"
> O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy CD
> Creator 6\DragToDisc\DrgToDsc.exe"
> O4 - HKLM\..\Run: [RoxioAudioCentral] "C:\Program Files\Roxio\Easy CD
> Creator 6\AudioCentral\RxMon.exe"
> O4 - HKLM\..\Run: [cFosDNT] C:\cFosNT\cFosDNT.exe
> O4 - HKLM\..\Run: [Acronis True Image Monitor] "C:\Program
> Files\Acronis\TrueImage\TrueImageMonitor.exe"
> O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common
> Files\Acronis\Schedule2\schedhlp.exe"
> O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI
> Technologies\ATI.ACE\cli.exe" runtime
> O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe"
> /background
> O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus!
> 3\MsgPlus.exe" /WinStart
> O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
> O4 - HKCU\..\Run: [Iomega Automatic Backup] C:\Program Files\Iomega\Iomega
> Automatic Backup\ibackup.exe
> O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy
> Sweeper\SpySweeper.exe" /0
> O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
> O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe"
> /background
> O4 - Startup: No-IP DUC.lnk = C:\Program Files\No-IP\DUC20.exe
> O4 - Startup: WinPhone.lnk = C:\Program Files\WinPhone\winphone.exe
> O4 - Global Startup: Acrobat Assistant.lnk = C:\Program
> Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
> O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\Program Files\ATI
> Technologies\ATI.ACE\CLI.exe
> O4 - Global Startup: D-Link AirPlus Xtreme G Configuration Utility.lnk = ?
> O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel
> present
> O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program
> Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
> O8 - Extra context menu item: E&xport to Microsoft Excel -
> res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
> O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
> C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
> O9 - Extra 'Tools' menuitem: Sun Java Console -
> {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program
> Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
> O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
> C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
> O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} -
> C:\WINDOWS\system32\Shdocvw.dll
> O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
> C:\Program Files\Messenger\msmsgs.exe
> O9 - Extra 'Tools' menuitem: Windows Messenger -
> {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
> Files\Messenger\msmsgs.exe
> O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) -
> https://www-secure.symantec.com/techsupp/asa/LSSupCtl.c...
> O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus
> scanner) -
> http://security.symantec.com/sscv6/SharedContent/vc/bin...
> O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating
> System Class) -
> http://download.mcafee.com/molbin/shared/mcinsctl/en-us...
> O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
> http://v5.windowsupdate.microsoft.com/v5consumer/V5Cont...
> O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility
> Class) -
> http://security.symantec.com/sscv6/SharedContent/common...
> O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) -
> http://a840.g.akamai.net/7/840/537/2004061001/housecall...
> O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) -
> http://download.mcafee.com/molbin/shared/mcgdmgr/en-us/...
> O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) -
> https://www-secure.symantec.com/techsupp/asa/SymAData.c...
> O16 - DPF: {E36C5562-C4E0-4220-BCB2-1C671E3A5916} (Seagate SeaTools
> English Online) -
> http://www.seagate.com/support/disc/asp/tools/en/bin/np...
> O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) -
> http://download.mcafee.com/molbin/iss-loc/vso/en-us/too...
> O17 -
> HKLM\System\CCS\Services\Tcpip\..\{69E3444C-02AC-405A-886D-74BBAB8A68CF}:
> NameServer = 192.168.0.1
> O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis -
> C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
> O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. -
> C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
> O23 - Service: Ati HotKey Poller - ATI Technologies Inc. -
> C:\WINDOWS\system32\Ati2evxx.exe
> O23 - Service: ATI Smart - Unknown owner -
> C:\WINDOWS\system32\ati2sgag.exe
> O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation -
> C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
> O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation -
> C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
> O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec
> Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
> O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec
> Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
> O23 - Service: Démarrage Gazel (Gazel Startup) - Unknown owner -
> C:\Program Files\Gazel-NT\vstartx.exe" /s (file missing)
> O23 - Service: Journal des connexions RNIS (GisdnLog) - Unknown owner -
> C:\Program Files\Gazel-NT\gisdnlog.exe" -s (file missing)
> O23 - Service: Iomega App Services - Iomega Corporation -
> C:\PROGRA~1\Iomega\System32\AppServices.exe
> O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec
> Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
> O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton
> AntiVirus\SAVScan.exe
> O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation -
> C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
> O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec
> Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
> O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) -
> Analog Devices, Inc. - C:\Program Files\Analog
> Devices\SoundMAX\SMAgent.exe
> O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program
> Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
> O23 - Service: UPSmart - Unknown owner - C:\Program Files\Commander
> Pro\UPServ.exe
>
>
>
> --
>
>
>
Anonymous
July 10, 2005 3:06:51 PM

Archived from groups: microsoft.public.windowsxp.general (More info?)

Thanks !!!


"pcbutts1" <pcbutts1@seedsv.com> wrote in message
news:0m5Ae.69$_%4.6@newssvr14.news.prodigy.com...
> Your log is fine.
>
> --
>
>
> The best live web video on the internet http://www.seedsv.com/webdemo.htm
> NEW Embedded system W/Linux. We now sell DVR cards.
> See it all at http://www.seedsv.com/products.htm
> Sharpvision simply the best http://www.seedsv.com
>
>
>
> "Newport" <xxxxxx@txxxxx.xx> wrote in message
> news:42d0dd4c$0$25061$8fcfb975@news.wanadoo.fr...
>> My Pc have been running slow also, this is whta hijack this shows, and I
>> can not see anything wrong
>>
>> C:\WINDOWS\System32\smss.exe
>> C:\WINDOWS\system32\csrss.exe
>> C:\WINDOWS\system32\winlogon.exe
>> C:\WINDOWS\system32\services.exe
>> C:\WINDOWS\system32\lsass.exe
>> C:\WINDOWS\system32\Ati2evxx.exe
>> C:\WINDOWS\system32\svchost.exe
>> C:\WINDOWS\system32\svchost.exe
>> C:\WINDOWS\System32\svchost.exe
>> C:\WINDOWS\System32\svchost.exe
>> C:\WINDOWS\System32\svchost.exe
>> C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
>> C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
>> C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
>> C:\WINDOWS\system32\spoolsv.exe
>> C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
>> C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
>> C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
>> C:\Program Files\Gazel-NT\vstartx.exe
>> C:\Program Files\Gazel-NT\gisdnlog.exe
>> C:\PROGRA~1\Iomega\System32\AppServices.exe
>> C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
>> C:\Program Files\Norton AntiVirus\navapsvc.exe
>> C:\Program Files\Norton AntiVirus\SAVScan.exe
>> C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
>> C:\WINDOWS\System32\svchost.exe
>> C:\WINDOWS\system32\wdfmgr.exe
>> C:\Program Files\Commander Pro\UPServ.exe
>> C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
>> C:\WINDOWS\System32\alg.exe
>> C:\WINDOWS\System32\svchost.exe
>> C:\Program Files\Commander Pro\UPS.EXE
>> C:\WINDOWS\system32\Ati2evxx.exe
>> C:\WINDOWS\Explorer.EXE
>> C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
>> C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
>> C:\Program Files\Common Files\Symantec Shared\ccApp.exe
>> C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
>> C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
>> C:\Program Files\Gazel-NT\gsyno.exe
>> C:\Program Files\Messenger Plus! 3\MsgPlus.exe
>> C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
>> C:\PROGRA~1\LEXMAR~1\ACMonitor_X83.exe
>> C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X83.exe
>> C:\Program Files\Logitech\iTouch\iTouch.exe
>> C:\Program Files\Logitech\Video\LogiTray.exe
>> C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE
>> C:\Program Files\Logitech\ImageStudio\LogiTray.exe
>> C:\Program Files\Iomega\Iomega Automatic Backup\ibackup.exe
>> C:\Program Files\Logitech\MouseWare\system\em_exec.exe
>> C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe
>> C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe
>> C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\Playlist.exe
>> C:\cFosNT\cFosDNT.exe
>> C:\Program Files\Acronis\TrueImage\TrueImageMonitor.exe
>> C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
>> C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
>> C:\Program Files\Messenger\msmsgs.exe
>> C:\WINDOWS\system32\ctfmon.exe
>> C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
>> C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
>> C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
>> C:\Program Files\D-Link AirPlus Xtreme G\AirPlus.exe
>> C:\Program Files\No-IP\DUC20.exe
>> C:\Program Files\WinPhone\winphone.exe
>> C:\Program Files\MSN Messenger\msnmsgr.exe
>> C:\newsproxy\NewsProxy.exe
>> C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
>> C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
>> C:\Program Files\Outlook Express\msimn.exe
>> C:\Program Files\Internet Explorer\iexplore.exe
>> C:\Program Files\WinRAR\WinRAR.exe
>> C:\DOCUME~1\Bill\LOCALS~1\Temp\Rar$EX00.703\HijackThis.exe
>>
>> R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
>> http://us.cnn.com
>> R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
>> http://us.cnn.com
>> R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title =
>> Microsoft Internet Explorer
>> O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
>> C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
>> O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} -
>> C:\PROGRA~1\SPYBOT~1\SDHelper.dll
>> O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} -
>> C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
>> O2 - BHO: AcroIEToolbarHelper Class -
>> {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat
>> 6.0\Acrobat\AcroIEFavClient.dll
>> O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} -
>> C:\Program Files\Norton AntiVirus\NavShExt.dll
>> O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} -
>> C:\Program Files\Norton AntiVirus\NavShExt.dll
>> O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -
>> C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
>> O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} -
>> C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
>> O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog
>> Devices\SoundMAX\SMax4PNP.exe
>> O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog
>> Devices\SoundMAX\Smax4.exe" /tray
>> O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec
>> Shared\ccApp.exe"
>> O4 - HKLM\..\Run: [NAV CfgWiz] C:\Program Files\Common Files\Symantec
>> Shared\CfgWiz.exe /GUID NAV /CMDLINE "REBOOT"
>> O4 - HKLM\..\Run: [Symantec NetDriver Monitor]
>> C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
>> O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft
>> AntiSpyware\gcasServ.exe"
>> O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program
>> Files\Java\jre1.5.0_02\bin\jusched.exe
>> O4 - HKLM\..\Run: [GazelDisplay] "C:\Program Files\Gazel-NT\gsyno.exe" -h
>> O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus!
>> 3\MsgPlus.exe"
>> O4 - HKLM\..\Run: [PrinTray]
>> C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
>> O4 - HKLM\..\Run: [Lexmark X83 Button Monitor]
>> C:\PROGRA~1\LEXMAR~1\ACMonitor_X83.exe
>> O4 - HKLM\..\Run: [Lexmark X83 Button Manager]
>> C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X83.exe
>> O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program
>> Files\Logitech\iTouch\iTouch.exe
>> O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
>> O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program
>> Files\Logitech\Video\ISStart.exe
>> O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program
>> Files\Logitech\Video\LogiTray.exe
>> O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common
>> Files\Logitech\QCDriver3\LVCOMS.EXE
>> O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program
>> Files\Logitech\ImageStudio\ISStart.exe
>> O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program
>> Files\Logitech\ImageStudio\LogiTray.exe
>> O4 - HKLM\..\Run: [Iomega Automatic Backup 1.0.1] C:\Program
>> Files\Iomega\Iomega Automatic Backup\ibackup.exe
>> O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
>> O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Common
>> Files\Roxio Shared\System\EngUtil.exe"
>> O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy CD
>> Creator 6\DragToDisc\DrgToDsc.exe"
>> O4 - HKLM\..\Run: [RoxioAudioCentral] "C:\Program Files\Roxio\Easy CD
>> Creator 6\AudioCentral\RxMon.exe"
>> O4 - HKLM\..\Run: [cFosDNT] C:\cFosNT\cFosDNT.exe
>> O4 - HKLM\..\Run: [Acronis True Image Monitor] "C:\Program
>> Files\Acronis\TrueImage\TrueImageMonitor.exe"
>> O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common
>> Files\Acronis\Schedule2\schedhlp.exe"
>> O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI
>> Technologies\ATI.ACE\cli.exe" runtime
>> O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe"
>> /background
>> O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus!
>> 3\MsgPlus.exe" /WinStart
>> O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
>> O4 - HKCU\..\Run: [Iomega Automatic Backup] C:\Program
>> Files\Iomega\Iomega Automatic Backup\ibackup.exe
>> O4 - HKCU\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy
>> Sweeper\SpySweeper.exe" /0
>> O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
>> O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe"
>> /background
>> O4 - Startup: No-IP DUC.lnk = C:\Program Files\No-IP\DUC20.exe
>> O4 - Startup: WinPhone.lnk = C:\Program Files\WinPhone\winphone.exe
>> O4 - Global Startup: Acrobat Assistant.lnk = C:\Program
>> Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
>> O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\Program Files\ATI
>> Technologies\ATI.ACE\CLI.exe
>> O4 - Global Startup: D-Link AirPlus Xtreme G Configuration Utility.lnk =
>> ?
>> O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel
>> present
>> O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program
>> Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
>> O8 - Extra context menu item: E&xport to Microsoft Excel -
>> res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
>> O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
>> C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
>> O9 - Extra 'Tools' menuitem: Sun Java Console -
>> {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program
>> Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
>> O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
>> C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
>> O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} -
>> C:\WINDOWS\system32\Shdocvw.dll
>> O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
>> C:\Program Files\Messenger\msmsgs.exe
>> O9 - Extra 'Tools' menuitem: Windows Messenger -
>> {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
>> Files\Messenger\msmsgs.exe
>> O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) -
>> https://www-secure.symantec.com/techsupp/asa/LSSupCtl.c...
>> O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus
>> scanner) -
>> http://security.symantec.com/sscv6/SharedContent/vc/bin...
>> O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating
>> System Class) -
>> http://download.mcafee.com/molbin/shared/mcinsctl/en-us...
>> O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
>> http://v5.windowsupdate.microsoft.com/v5consumer/V5Cont...
>> O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility
>> Class) -
>> http://security.symantec.com/sscv6/SharedContent/common...
>> O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) -
>> http://a840.g.akamai.net/7/840/537/2004061001/housecall...
>> O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) -
>> http://download.mcafee.com/molbin/shared/mcgdmgr/en-us/...
>> O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo
>> Class) - https://www-secure.symantec.com/techsupp/asa/SymAData.c...
>> O16 - DPF: {E36C5562-C4E0-4220-BCB2-1C671E3A5916} (Seagate SeaTools
>> English Online) -
>> http://www.seagate.com/support/disc/asp/tools/en/bin/np...
>> O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) -
>> http://download.mcafee.com/molbin/iss-loc/vso/en-us/too...
>> O17 -
>> HKLM\System\CCS\Services\Tcpip\..\{69E3444C-02AC-405A-886D-74BBAB8A68CF}:
>> NameServer = 192.168.0.1
>> O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis -
>> C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
>> O23 - Service: AOL Connectivity Service (AOL ACS) - America Online,
>> Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
>> O23 - Service: Ati HotKey Poller - ATI Technologies Inc. -
>> C:\WINDOWS\system32\Ati2evxx.exe
>> O23 - Service: ATI Smart - Unknown owner -
>> C:\WINDOWS\system32\ati2sgag.exe
>> O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation -
>> C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
>> O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation -
>> C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
>> O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec
>> Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
>> O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec
>> Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
>> O23 - Service: Démarrage Gazel (Gazel Startup) - Unknown owner -
>> C:\Program Files\Gazel-NT\vstartx.exe" /s (file missing)
>> O23 - Service: Journal des connexions RNIS (GisdnLog) - Unknown owner -
>> C:\Program Files\Gazel-NT\gisdnlog.exe" -s (file missing)
>> O23 - Service: Iomega App Services - Iomega Corporation -
>> C:\PROGRA~1\Iomega\System32\AppServices.exe
>> O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) -
>> Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
>> O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton
>> AntiVirus\SAVScan.exe
>> O23 - Service: ScriptBlocking Service (SBService) - Symantec
>> Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
>> O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec
>> Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
>> O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service
>> (default)) - Analog Devices, Inc. - C:\Program Files\Analog
>> Devices\SoundMAX\SMAgent.exe
>> O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation -
>> C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
>> O23 - Service: UPSmart - Unknown owner - C:\Program Files\Commander
>> Pro\UPServ.exe
>>
>>
>>
>> --
>>
>>
>>
>
>
Anonymous
July 10, 2005 7:39:58 PM

Archived from groups: microsoft.public.windowsxp.general (More info?)

"" wrote:
> Have hijackthis fix the following lines.
>
> O2 - BHO: (no name) - {1FAD3100-9C16-58E1-8756-64550DA62E10} -
> (no
> file)
> O2 - BHO: VENGOBAR - {4E7BD74F-2B8D-469E-C0FF-FD63B39BBF2B} -
> C:WINDOWSDOWNLO~1vengobar.dll
> O2 - BHO: Viewpoint Toolbar BHO -
> {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:p rogram
> FilesViewpointViewpoint ToolbarViewBarBHO.dll
> O3 - Toolbar: VENGOBAR -
> {4E7BD74F-2B8D-469E-C0FF-FD63B39BBF2B} -
> C:WINDOWSDOWNLO~1vengobar.dll
> O3 - Toolbar: Viewpoint Toolbar -
> {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:p rogram
> FilesViewpointViewpoint ToolbarViewBar.dll
> O8 - Extra context menu item: &Viewpoint Search -
> res://C:p rogram
> FilesViewpointViewpoint ToolbarViewBar.dll/CXTSEARCH.HTML
>
> Do you use the viewpoint toolbar? That is debatable whether or
> not it is
> spyware. If you don't use it then remove it. However you have
> some uploading
> active X files installed some of which are for uploading
> photos which could
> be used with the viewpoint toolbar.
>
>
> --
>
>
> The best live web video on the internet
> http://www.seedsv.com/webdemo.htm
> NEW Embedded system W/Linux. We now sell DVR cards.
> See it all at http://www.seedsv.com/products.htm
> Sharpvision simply the best http://www.seedsv.com
>
>
>
> "stason3" <UseLinkToEmail@WindowsForumz.com> wrote in message
> news:3_1761058_76e274d7948bf2d45ff09c02f5309d58@windowsforumz.com...
> > Guys please help.
> > MY PC seems to be working sooooo slow. I have no idea why.
> Someone
> > once suggested to use the Highjack this software to see
> whats wrong. I
> > didnt see anything wrong with my HJ...
> > Can anyone see something I dont see?
> > Thanks a lot...
> >
> >
> > Logfile of HijackThis v1.99.1
> > Scan saved at 6:00:29 PM, on 7/7/2005
> > Platform: Windows XP SP2 (WinNT 5.01.2600)
> > MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
> >
> > Running processes:
> > C:windowsSystem32smss.exe
> > C:windowssystem32winlogon.exe
> > C:windowssystem32services.exe
> > C:windowssystem32lsass.exe
> > C:windowssystem32svchost.exe
> > C:windowsSystem32svchost.exe
> > C:windowssystem32spoolsv.exe
> > C:p rogram FilesWIDCOMMBluetooth Softwarebinbtwdins.exe
> > C:windowsSystem32nvsvc32.exe
> > C:windowsSystem32svchost.exe
> > C:windowsExplorer.EXE
> > C:windowssystem32gsicon.exe
> > C:windowssystem32dslagent.exe
> > C:p ROGRA~1ACDSYS~1DEVDET~1DEVDET~1.EXE
> > C:p rogram FilesJavajre1.5.0_02binjusched.exe
> > C:p rogram FilesMicrosoft AntiSpywaregcasServ.exe
> > C:p rogram FilesCommon FilesRealUpdate_OBrealsched.exe
> > C:p rogram FilesMSN MessengerMsnMsgr.Exe
> > C:p rogram FilesMicrosoft AntiSpywaregcasDtServ.exe
> > C:p rogram FilesWIDCOMMBluetooth SoftwareBTTray.exe
> > C:p ROGRA~1WIDCOMMBLUETO~1BTSTAC~1.EXE
> > C:p ROGRA~1ICQICQ.exe
> > C:p rogram FilesInternet Exploreriexplore.exe
> > C:p rogram FilesWinRARWinRAR.exe
> > C:D OCUME~1stassLOCALS~1TempRar$EX00.056HijackThis.exe
> >
> > R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start
> Page =
> > R0 - HKLMSoftwareMicrosoftInternet
> > ExplorerSearch,CustomizeSearch =
> > O2 - BHO: AcroIEHlprObj Class -
> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
> > - C:p rogram FilesAdobeAcrobat
> > 6.0ReaderActiveXAcroIEHelper.dll
> > O2 - BHO: (no name) - {1FAD3100-9C16-58E1-8756-64550DA62E10}
> - (no
> > file)
> > O2 - BHO: VENGOBAR - {4E7BD74F-2B8D-469E-C0FF-FD63B39BBF2B}
> -
> > C:WINDOWSDOWNLO~1vengobar.dll
> > O2 - BHO: Viewpoint Toolbar BHO -
> > {A7327C09-B521-4EDB-8509-7D2660C9EC98} - C:p rogram
> > FilesViewpointViewpoint ToolbarViewBarBHO.dll
> > O3 - Toolbar: VENGOBAR -
> {4E7BD74F-2B8D-469E-C0FF-FD63B39BBF2B} -
> > C:WINDOWSDOWNLO~1vengobar.dll
> > O3 - Toolbar: Viewpoint Toolbar -
> > {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:p rogram
> > FilesViewpointViewpoint ToolbarViewBar.dll
> > O4 - HKLM..Run: [GSICONEXE] gsicon.exe
> > O4 - HKLM..Run: [DSLAGENTEXE] dslagent.exe USB
> > O4 - HKLM..Run: [Camera Detector]
> > C:p ROGRA~1ACDSYS~1DEVDET~1DEVDET~1.EXE -autorun
> > O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE
> > C:windowsSystem32NvCpl.dll,NvStartup
> > O4 - HKLM..Run: [SunJavaUpdateSched] C:p rogram
> > FilesJavajre1.5.0_02binjusched.exe
> > O4 - HKLM..Run: [Mirabilis ICQ] C:p ROGRA~1ICQICQNet.exe
> > O4 - HKLM..Run: [gcasServ] "C:p rogram FilesMicrosoft
> > AntiSpywaregcasServ.exe"
> > O4 - HKLM..Run: [TkBellExe] "C:p rogram FilesCommon
> > FilesRealUpdate_OBrealsched.exe" -osboot
> > O4 - HKLM..Run: [KAVPersonal50] D:p rogram FilesKaspersky
> > Anti-Virus Personalkav.exe /minimize
> > O4 - HKLM..Run: [QuickTime Task] "C:p rogram
> > FilesQuickTimeqttask.exe" -atboottime
> > O4 - HKCU..Run: [MsnMsgr] "C:p rogram FilesMSN
> > MessengerMsnMsgr.Exe" /background
> > O4 - Global Startup: Microsoft Office.lnk = C:p rogram
> > FilesMicrosoft OfficeOfficeOSA9.EXE
> > O4 - Global Startup: BTTray.lnk = ?
> > O8 - Extra context menu item: &Viewpoint Search -
> res://C:p rogram
> > FilesViewpointViewpoint ToolbarViewBar.dll/CXTSEARCH.HTML
> > O8 - Extra context menu item: Send To &Bluetooth -
> C:p rogram
> > FilesWIDCOMMBluetooth Softwarebtsendto_ie_ctx.htm
> > O9 - Extra button: (no name) -
> {08B0E5C0-4FCB-11CF-AAA5-00401C608501}
> > - C:p rogram FilesJavajre1.5.0_02binnpjpi150_02.dll
> > O9 - Extra 'Tools' menuitem: Sun Java Console -
> > {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:p rogram
> > FilesJavajre1.5.0_02binnpjpi150_02.dll
> > O9 - Extra button: ICQ Pro -
> {6224f700-cba3-4071-b251-47cb894244cd} -
> > C:p ROGRA~1ICQICQ.exe
> > O9 - Extra 'Tools' menuitem: ICQ -
> > {6224f700-cba3-4071-b251-47cb894244cd} -
> C:p ROGRA~1ICQICQ.exe
> > O9 - Extra button: @btrez.dll,-4015 -
> > {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:p rogram
> > FilesWIDCOMMBluetooth Softwarebtsendto_ie.htm
> > O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 -
> > {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:p rogram
> > FilesWIDCOMMBluetooth Softwarebtsendto_ie.htm
> > O9 - Extra button: Messenger -
> {FB5F1910-F110-11d2-BB9E-00C04F795683}
> > - C:p rogram FilesMessengermsmsgs.exe
> > O9 - Extra 'Tools' menuitem: Windows Messenger -
> > {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:p rogram
> > FilesMessengermsmsgs.exe
> > O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows
> Genuine
> > Advantage Validation Tool) -
> > http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x40...
> > O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma
> Image
> > Uploader 3.0 Control) - http://www.pic.co.il/ImageUploader3.cab
> > O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF}
> > (MsnMessengerSetupDownloadControl Class) -
> > http://messenger.msn.com/download/MsnMessengerSetupDown...
> > O16 - DPF: {D79B6F43-F214-4E7A-9ECB-CCC8771F2416}
> (LauncherV1 Class) -
> > http://www.tapuz.co.il/irc/main/launcher.cab
> > O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits
> Software
> > XUpload) - http://www.pic.co.il/XUpload.ocx
> > O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat
> Control
> > 4.5) - http://chat.msn.com/bin/msnchat45.cab
> > O17 -
> >
> HKLMSystemCCSServicesTcpip..{99306F78-3508-4F8B-8029-C18
> 0A
> > B07BA2E}:
> > NameServer = 212.143.212.143 194.90.1.5
> > O18 - Protocol: widimg -
> {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} -
> > C:windowssystem32btxppanel.dll
> > O20 - Winlogon Notify: iexplore - 2dm2d.dll (file missing)
> > O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) -
> Unknown owner -
> > C:p ROGRA~1GrisoftAVG7avgamsvr.exe (file missing)
> > O23 - Service: AVG7 Update Service (Avg7UpdSvc) - Unknown
> owner -
> > C:p ROGRA~1GrisoftAVG7avgupsvc.exe (file missing)
> > O23 - Service: F-Secure Internet Security 2004 (BackWeb
> Client -
> > 4476822) - Unknown owner -
> > C:p ROGRA~1F-SECU~1backweb4476822ProgramSERVIC~1.EXE
> (file
> > missing)
> > O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. -
> > C:p rogram FilesWIDCOMMBluetooth Softwarebinbtwdins.exe
> > O23 - Service: F-Secure Gatekeeper Handler Starter - Unknown
> owner -
> > C:p rogram FilesF-Secure Internet
> > SecurityAnti-Virusfsgk32st.exe (file missing)
> > O23 - Service: fsbwsys - Unknown owner - C:p rogram
> FilesF-Secure
> > Internet Securitybackweb4476822programfsbwsys.exe (file
> > missing)
> > O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD)
> - Unknown
> > owner - C:p rogram FilesF-Secure Internet
> > SecurityFWESProgramfsdfwd.exe (file missing)
> > O23 - Service: F-Secure Management Agent (FSMA) - Unknown
> owner -
> > C:p rogram FilesF-Secure Internet
> SecurityCommonFSMA32.EXE
> > (file missing)
> > O23 - Service: kavsvc - Kaspersky Labs - D:p rogram
> FilesKaspersky
> > Anti-Virus Personalkavsvc.exe
> > O23 - Service: NVIDIA Display Driver Service (NVSvc) -
> NVIDIA
> > Corporation - C:windowsSystem32nvsvc32.exe
> >
> > --
> > Posted using the http://www.windowsforumz.com interface, at author's
> > request
> > Articles individually checked for conformance to usenet
> standards
> > Topic URL:
> > http://www.windowsforumz.com/General-Discussion-Hijack-...
> > Visit Topic URL to contact author (reg. req'd). Report
> abuse:
> > http://www.windowsforumz.com/eform.php?p=1761058

Instead of using this software in this situation, read the following
article:

http://aumha.org/a/health.htm
!