Jump to content
Sign in to follow this  
JMac

JMac - Log 01

Recommended Posts

Logfile of HijackThis v1.99.1

Scan saved at 15:19:58, on 19/09/2005

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.5112.0000)


Running processes:

C:WINDOWSSystem32smss.exe

C:WINDOWSsystem32winlogon.exe

C:WINDOWSsystem32services.exe

C:WINDOWSsystem32lsass.exe

C:WINDOWSsystem32svchost.exe

C:WINDOWSSystem32svchost.exe

C:Program FilesblueyonderPCguardfws.exe

C:WINDOWSsystem32spoolsv.exe

C:Program FilesCommon FilesCommand Softwaredvpapi.exe

C:WINDOWSsystem32nvsvc32.exe

C:WINDOWSsystem32svchost.exe

C:WINDOWSsystem32CTHELPER.EXE

C:Program FilesMicrosoft AntiSpywaregcasServ.exe

C:WINDOWSsystem32LVCOMSX.EXE

C:Program FilesblueyonderPCguardRPS.exe

C:Program FilesJavajre1.5.0_05binjusched.exe

C:Program FilesLClocklclock.exe

C:Program Filesblueyonder ISTbinmpbtn.exe

C:Program FilesMicrosoft AntiSpywaregcasDtServ.exe

C:Program FilesWindows Media Playerwmplayer.exe

C:WINDOWSexplorer.exe

C:Program FilesMSN Messengermsnmsgr.exe

C:WINDOWSsystem32wisptis.exe

C:WINDOWSsystem32msiexec.exe

C:Program FilesiPodbiniPodService.exe

C:Program FilesMozilla Firefoxfirefox.exe

C:Documents and SettingsJames MacMillanDesktopHijackThis.exe


R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.blueyonder.co.uk/

O2 - BHO: Pop-Up Blocker BHO - {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - C:Program FilesblueyonderPCguardpkR.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:PROGRA~1SPYBOT~1SDHelper.dll

O2 - BHO: Form Filler BHO - {56071E0D-C61B-11D3-B41C-00E02927A304} - C:Program FilesblueyonderPCguardFBHR.dll

O4 - HKLM..Run: [CTHelper] CTHELPER.EXE

O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup

O4 - HKLM..Run: [gcasServ] "C:Program FilesMicrosoft AntiSpywaregcasServ.exe"

O4 - HKLM..Run: [LVCOMSX] C:WINDOWSsystem32LVCOMSX.EXE

O4 - HKLM..Run: [PCguard] "C:Program FilesblueyonderPCguardRPS.exe"

O4 - HKLM..Run: [sunJavaUpdateSched] C:Program FilesJavajre1.5.0_05binjusched.exe

O4 - HKLM..RunOnce: [indexCleaner] "C:Program FilesblueyonderPCguardIdxClnR.exe"

O4 - HKCU..Run: [LClock] C:Program FilesLClocklclock.exe

O4 - Global Startup: blueyonder Instant Support Tool.lnk = C:Program Filesblueyonder ISTbinmatcli.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.5.0_05binnpjpi150_05.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.5.0_05binnpjpi150_05.dll

O9 - Extra button: @C:Program FilesMessengerMsgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe

O9 - Extra 'Tools' menuitem: @C:Program FilesMessengerMsgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe

O11 - Options group: [TABS] Tabbed Browsing

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1118968879000

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1126562016047

O16 - DPF: {C606BA60-AB76-48B6-96A7-2C4D5C386F70} (PreQualifier Class) - http://www.blueyonder.co.uk/assets/tool/files/MotivePreQual.cab

O23 - Service: DvpApi (dvpapi) - Command Software Systems, Inc. - C:Program FilesCommon FilesCommand Softwaredvpapi.exe

O23 - Service: Radialpoint Service (FWS) - Radialpoint Inc. - C:Program FilesblueyonderPCguardfws.exe

O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:Program FilesiPodbiniPodService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:WINDOWSsystem32nvsvc32.exe

Share this post


Link to post
Share on other sites

These can go:

O4 - HKLM..Run: [sunJavaUpdateSched] C:Program FilesJavajre1.5.0_05binjusched.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.5.0_05binnpjpi150_05.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.5.0_05binnpjpi150_05.dll

16 - DPF: {C606BA60-AB76-48B6-96A7-2C4D5C386F70} (PreQualifier Class) - http://www.blueyonder.co.uk/assets/tool/fi...tivePreQual.cab

Share this post


Link to post
Share on other sites

These can go:

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll

16 - DPF: {C606BA60-AB76-48B6-96A7-2C4D5C386F70} (PreQualifier Class) - http://www.blueyonder.co.uk/assets/tool/fi...tivePreQual.cab

<{POST_SNAPBACK}>

Removed.

Logfile of HijackThis v1.99.1

Scan saved at 23:01:15, on 19/09/2005

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.5112.0000)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\blueyonder\PCguard\fws.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\CTHELPER.EXE

C:\Program Files\Microsoft AntiSpyware\gcasServ.exe

C:\WINDOWS\system32\LVCOMSX.EXE

C:\Program Files\blueyonder\PCguard\RPS.exe

C:\Program Files\LClock\lclock.exe

C:\Program Files\blueyonder IST\bin\mpbtn.exe

C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\WINDOWS\system32\msiexec.exe

C:\Program Files\Common Files\Command Software\dvpapi.exe

C:\Documents and Settings\James MacMillan\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.blueyonder.co.uk/

O2 - BHO: Pop-Up Blocker BHO - {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - C:\Program Files\blueyonder\PCguard\pkR.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: Form Filler BHO - {56071E0D-C61B-11D3-B41C-00E02927A304} - C:\Program Files\blueyonder\PCguard\FBHR.dll

O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE

O4 - HKLM\..\Run: [PCguard] "C:\Program Files\blueyonder\PCguard\RPS.exe"

O4 - HKLM\..\RunOnce: [indexCleaner] "C:\Program Files\blueyonder\PCguard\IdxClnR.exe"

O4 - HKCU\..\Run: [LClock] C:\Program Files\LClock\lclock.exe

O4 - HKCU\..\RunOnce: [indexCleaner] "C:\Program Files\blueyonder\PCguard\IdxClnR.exe"

O4 - Global Startup: blueyonder Instant Support Tool.lnk = C:\Program Files\blueyonder IST\bin\matcli.exe

O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O11 - Options group: [TABS] Tabbed Browsing

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1118968879000

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1126562016047

O23 - Service: DvpApi (dvpapi) - Command Software Systems, Inc. - C:\Program Files\Common Files\Command Software\dvpapi.exe

O23 - Service: Radialpoint Service (FWS) - Radialpoint Inc. - C:\Program Files\blueyonder\PCguard\fws.exe

O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  

×