Jump to content

Change Mode

mrlessk

Advanced Member
  • Posts

    284
  • Joined

  • Last visited

About mrlessk

  • Birthday 07/22/1973

Contact Methods

  • Website URL
    http://

Profile Information

  • Gender
    Male
  • Location
    Oregon USA

Previous Fields

  • System Specifications:
    Dell Inspiron 570 PCWindows 7 Home Premium x64AMD Athlon II X2 240, 2800 MHz (2 CPUs) 3072 MB system RAM ATI Radeon HD 4200
  • Teams:

mrlessk's Achievements

Newbie

Newbie (1/14)

  1. Thanks jamie...you bet, I'll be back. btw, just to reiterate the importance of getting a HJT logfile checked quickly (as if you don't aleady know) (and, regardless of whomever does it) I just had my own infestation shortly after posting that log on Nov 12...seems I inadvertantly clicked on a site that Google found for me in searching for an older version of MusicMatch Jukebox which turned out to be a "hacked" version that left me with the following gifts: Trojan Horse Generic 2.ISQ Trojan.W32.ZLOB YazzleSudoku (Yazzle.Clickspring) Smitfraud-C. shost.exe ismini.exe Smitfraud-C.Toolbar888 ADWARE.SOFTOMATE How about that? Using Killbox, SmitfraudFix, combo fix, VundoFix, tools, etc, helped get rid of the virus and nasty DLL's but, as you know, a HJT logfile check is required quite often during the healing process....it actually took about 3-4 days, working with a MS MVP in another Tech Forum, to finally get cleaned up. You just can't be "too" careful, the baddies will find a way to infiltrate into your computer no matter what you try and do to prevent it. I see a lot of posts regarding Smitfraud-C. and SmitfraudC. Toolbar888 so that one is really making the rounds. It took 3-4 days, many posts and HJT logfiles to get my computer cleaned up...what a mess! At the next sign of trouble or even for a periodical HJT check I'll come back here and I hope you're around at that time to help me out. Thanks and good luck! Mrlessk
  2. Hi jamielaw,Thank you for the offer...but... As much as I utilize and obtain piece of mind from using PC Pitstop's Diagnostics (and it has helped me often with problems I didn't know I had) and as much as I appreciate all the wonderful services Pitstop performs, perhaps analyzing HijackThis logfiles shouldn't be one of them. I do realize the service is FREE and is performed by (minimally staffed) unpaid volunteers like yourself, and you all deserve all the credit in the world for sharing your expertise in helping users like myself maintain a well-functioning computer system free of ills and intrusions... When our computers start acting strangely...e.g. popups from our Security software alerting us to Trojans, Spyware and other malware and viruses, strange Toolbars appearing and weird things happening to our Browsers, we need help "quickly", not three weeks later (at least in my case)...I would consider perhaps three "days" the (very) maximum acceptable expected time frame to have someone check my log (three hours is more preferred to allow me to get those issues resolved). I will continue to visit PC Pitstop often for my diagnostics and perusing the Forums but I had to find an alternative to presenting my HijackThis logfiles for evaluation when time is of the essence in determining what is wrong when things with our computers go awry. I'm not angry or upset of course, I understand what "overloaded" and "being swamped" is from my own job experiences, it happens in many work environments...and I still say "Thank You" to PC Pitstop for all the good things you do. Thanks again, Mrlessk
  3. Hi, It's been a while since my logfile has been checked.... I'll create a new Ignorelist if all is well. Thank you Logfile of HijackThis v1.99.1 Scan saved at 10:47:24 AM, on 11/12/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0011) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe C:\PROGRA~1\BILLPS~1\WINPAT~1\WinPatrol.exe C:\PROGRA~1\VERIZO~1\HELPSU~1\VERIZO~1.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe C:\PROGRA~1\Verizon\SMARTB~1\MotiveSB.exe C:\Program Files\Common Files\Verizon Online\ConnMgr\cmisrv.exe C:\Program Files\POP Peeper\POPPeeper.exe C:\Program Files\Iconoid\iconoid.exe C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe C:\Program Files\Common Files\Verizon Online\AppMgr\vzOpenUIServer.exe C:\Program Files\Yahoo!\Yahoo! Music Jukebox\ymetray.exe C:\Program Files\SpywareGuard 2.2Minimal\SpywareGuard\sgmain.exe C:\Program Files\SpywareGuard 2.2Minimal\SpywareGuard\sgbhp.exe C:\Program Files\BOINC\boincmgr.exe C:\Program Files\BOINC\boinc.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe C:\Program Files\HijackThis 1.99.1\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://my.netscape.com/index2.psp R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Verizon Online R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:9022 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;127.0.0.1;<local> O1 - Hosts: services.msc O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SpywareGuardDLBLOCK.CBrowserHelper - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard 2.2Minimal\SpywareGuard\dlprotect.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [WinPatrol] "C:\PROGRA~1\BILLPS~1\WINPAT~1\WinPatrol.exe" O4 - HKLM\..\Run: [A Verizon App] C:\PROGRA~1\VERIZO~1\HELPSU~1\VERIZO~1.EXE O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\Verizon\SMARTB~1\MotiveSB.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe O4 - HKCU\..\Run: [POP Peeper] "C:\Program Files\POP Peeper\POPPeeper.exe" -min O4 - HKCU\..\Run: [iconoid] "C:\Program Files\Iconoid\iconoid.exe" O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard 2.2Minimal\SpywareGuard\sgmain.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: ymetray.lnk = ? O8 - Extra context menu item: &WordWeb... - res://C:\WINDOWS\System32\wweb32.dll/lookup.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0819.dll O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0819.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O16 - DPF: cpcScanner - http://www.crucial.com/controls/cpcScanner.cab O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} - http://www.kaspersky.com/downloads/kws/kavwebscan.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409 O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/insta...staller_gmn.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab O16 - DPF: {88B507F9-C6B2-45CC-AAB6-720A652DE11C} (TenOfTen Class) - https://help.verizon.net/hstwebinstall/web/...tWebInstall.cab O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://72.32.179.44/filter/cameraviewer/isetup.cab O16 - DPF: {9732FB42-C321-11D1-836F-00A0C993F125} (mhLabel Class) - http://www.pcpitstop.com/mhLbl.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10/ZIntro.cab32846.cab O16 - DPF: {C606BA60-AB76-48B6-96A7-2C4D5C386F70} (PreQualifier Class) - http://www.verizon.net/checkmypc/includes/MotivePreQual.cab O16 - DPF: {D06A22B4-6087-4D3D-B7AF-82B113E9ABD4} (CPostLaunch Object) - http://www2.verizon.net/update/msnwebinsta...es/vzWebIns.CAB O16 - DPF: {DB0474CC-8EF6-47FC-905B-23FC58A70817} (RegPropsCtrl Class) - http://download.verizon.net/sfp/Cabs/hst/w...tWebInstall.cab O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{B252A9C9-BF24-4D67-A2FA-FE2E315E5718}: NameServer = 192.168.1.1,192.168.1.47 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Intel Corporation - (no file) O23 - Service: Netropa NHK Server (Nhksrv) - Unknown owner - C:\WINDOWS\Nhksrv.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
  4. Thanks Don, yes that's exactly where I was trying to download 7.5 from...a Google Search led me to that site. I kept getting a RPC (Remote Procedure Call) error right at the end of the installation, which I took to mean that the 7.5 was no longer available on the MM site...the installation would "freeze" and I had to use my Task Manager to close it. I tried everything I could but just couldn't get a successful (completed) download...I had no problem however with the install of the newer version...Yahoo! Music Jukebox 2.0. Thanks again.
  5. Windows XP HomeFirefox 1.5.0.8 IE7 Well, here's what happened to me just a couple of days ago when I thought I'd upgrade my WMP from 10 to 11. My computer is kept in good shape, virus and malware free using Spybot, Ad-Aware, etc. BTW...I've since rolled back to the WMP v10 I had before. First of all, it messed up my MusicMatch Jukebox version 7.5 (yes, it's an old version but I liked it's simplicity and the skin)....now it's gone because of the WMP download. After I downloaded WMP 11, I could no longer open up my MMJB. The download also replaced, for some ungodly reason, the Shortcut I had on the Desktop to the Recycle Bin with a second, unuseable, Shortcut to the MMJB (which, as I said, now refused to start). So, what a mess. I had to roll back the WMP to version 10, which is ok now. I kinda like the Yahoo! JB but, would rather still have my older 7.5 version. I had to now upgrade (replace) my MMJB with the latest version (which is now Yahoo! Music Jukebox). I downloaded the FREE version, which gives you only one skin...but that's another story. So, for me, the upgrade to WMP 11 created a BIG headache. Hope you have better success. Cheers
×
×
  • Create New...