Tech Support Guy banner
Status
Not open for further replies.
1 - 3 of 3 Posts

·
Registered
Joined
·
93 Posts
Discussion Starter · #1 ·
Hello, running my occasional checking. Got some stuff goin on i think, not sure what, just feel it, anyway heres my hijackthis log file. Lemme tell ya, getting rid of PeoplePCOnline dial program and stuff is a pain in the arse, still isnt gone, if you have any info or proggy's thatll get rid of peoplepc on my system lemme know. Oh and i use a crack to make my trillian basic to pro (shhhh....i didnt just say that lol), but since i updated my earthlink prog, i dont think the crack/patch is working now, it keeps loading trillian basic now :( any help in that if it doesnt pss u off that im cheap is appreciated lol, ok, heres my log file....

Logfile of HijackThis v1.99.1
Scan saved at 9:30:41 AM, on 6/18/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\CTsvcCDA.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\Guru\My Documents\My Programs\CursorXP\CursorXP.exe
C:\Documents and Settings\Guru\My Documents\My Programs\Rainlendar\Rainlendar.exe
C:\WINDOWS\System32\wpabaln.exe
C:\Documents and Settings\Guru\My Documents\Torrent\BitCommet\BitComet\BitComet.exe
C:\Documents and Settings\Guru\My Documents\P2P\LimeWire\LimeWire.exe
C:\Program Files\EarthLink TotalAccess\TaskPanl.exe
C:\WINDOWS\System32\svcnet.exe
C:\Documents and Settings\Guru\My Documents\My Instant Messengers\Trillian Pro 3\Trillian\trillian.exe
C:\Documents and Settings\Guru\My Documents\My Programs\Mozilla 1.7\mozilla.exe
C:\Documents and Settings\Guru\My Documents\My Programs\Security\Hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.earthlink.net
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.earthlink.net/partner/more/msie/button/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.earthlink.net/partner/more/msie/button/search.html
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: EarthLink ScamBlocker V2 - {15F4D456-5BAA-4076-8486-EECB38CD3E57} - C:\Program Files\EarthLink TotalAccess\Toolbar\EScamBlk.dll
O2 - BHO: (no name) - {206E52E0-D52E-11D4-AD54-0000E86C26F6} - C:\DOCUME~1\Guru\MYDOCU~1\MYPROG~1\FRESHD~1\FRESHD~1\fdcatch.dll
O2 - BHO: EarthLink PopUp Blocker V2 - {512ACF1B-64D9-4928-B382-A80556F28DB4} - C:\Program Files\EarthLink TotalAccess\Toolbar\ElnkPuB.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Documents and Settings\Guru\My Documents\My Programs\Security\SpyBot Search & Destroy\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: IE_PopupBlocker Class - {656EC4B7-072B-4698-B504-2A414C1F0037} - C:\Program Files\EarthLink TotalAccess\Accelerator\prpl_IePopupBlocker.dll
O2 - BHO: Earthlink Protection BHO - {9579D574-D4D8-4335-9560-FE8641A013BD} - C:\Program Files\EarthLink TotalAccess\Toolbar\ProtctIE.dll
O2 - BHO: PeoplePal Toolbar - {A8FB8EB3-183B-4598-924D-86F0E5E37085} - C:\Program Files\PeoplePC\Toolbar\PPCToolbar.dll (file missing)
O2 - BHO: Uninstall Legacy Earthlink Toolbar - {E713904C-DF05-4C79-BBAD-02DB923253BE} - C:\Program Files\EarthLink TotalAccess\Toolbar\uninsttb.dll
O3 - Toolbar: PeoplePal Toolbar - {A8FB8EB3-183B-4598-924D-86F0E5E37085} - C:\Program Files\PeoplePC\Toolbar\PPCToolbar.dll (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: EarthLink Toolbar - {C7768536-96F8-4001-B1A2-90EE21279187} - C:\Program Files\EarthLink TotalAccess\Toolbar\Toolbar.dll
O4 - HKLM\..\Run: [BootSkin Startup Jobs] "C:\Program Files\Stardock\WinCustomize\BootSkin\BootSkin.exe" /StartupJobs
O4 - HKLM\..\Run: [LogonStudio] "C:\Documents and Settings\Guru\My Documents\My Programs\Windows Theme\Login Screen\LogonStudio\logonstudio.exe" /RANDOM
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [bwleaxz] C:\WINDOWS\System32\swhgtgur.exe
O4 - HKLM\..\Run: [DirectX For Microsoft® Windows] C:\WINDOWS\System32\dtxservice.exe -atm
O4 - HKLM\..\Run: [AdRoarUpdate] C:\WINDOWS\ARUpdate.exe
O4 - HKLM\..\Run: [PPCRunonce] C:\WINDOWS\System32\PPCRunOnce.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Documents and Settings\Guru\My Documents\My Programs\Security\Zone Alarm\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\msconfig.exe /auto
O4 - HKLM\..\Run: [Shellapi32] svcnet.exe
O4 - HKCU\..\Run: [CursorXP] C:\Documents and Settings\Guru\My Documents\My Programs\CursorXP\CursorXP.exe
O4 - HKCU\..\Run: [Shellapi32] svcnet.exe
O4 - Startup: Rainlendar.lnk = C:\Documents and Settings\Guru\My Documents\My Programs\Rainlendar\Rainlendar.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.c...ls/en/x86/client/wuweb_site.cab?1109394466647
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/autocomplete.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B5B37677-0B53-4540-8A15-7DF321F801E6}: NameServer = 207.69.188.187 207.69.188.186
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: MrPostman - Unknown owner - C:\Documents and Settings\Guru\My Documents\My Programs\Thunderbird\plugins\mrpostman\install\win32\wrapper\wrapper.exe" -s wrapper.conf (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Oh, and one more thing, iv been trying to get zone alarm to work, but my pc keeps saying i cant use due to admin restrictions, i keep no restrictions....amd the only one that uses my pc....and AM the admin lol, what do i do? (sometimes gets same msg when trying to install other proggys). Anywho, thanks for everyones help, this place is awsomely great, l8as.
 
1 - 3 of 3 Posts
Status
Not open for further replies.
Top