jennifer_borman
asked on
HiJackThis Log Review Please!
Manufacturer:
Model: Dimension L550R
Model Year: 2000
OS: Win98
Thanks in Advance!
The log is as follows:
--------------------
Logfile of HijackThis v1.97.7
Scan saved at 8:20:09 PM, on 10/11/04
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Unable to get Internet Explorer version!
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32
C:\WINDOWS\SYSTEM\MSGSRV32
C:\WINDOWS\SYSTEM\MPREXE.E
C:\WINDOWS\SYSTEM\mmtask.t
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.
C:\MOUSE\SYSTEM\EM_EXEC.EX
C:\PROGRAM FILES\VIEWPOINT\VIEWPOINT MANAGER\VIEWMGR.EXE
C:\PROGRAM FILES\REAL\REALPLAYER\REAL
C:\PROGRAM FILES\BROADJUMP\CLIENT FOUNDATION\CFD.EXE
C:\PROGRAM FILES\VISUAL NETWORKS\VISUAL IP INSIGHT\SBC\IPCLIENT.EXE
C:\PROGRAM FILES\VISUAL NETWORKS\VISUAL IP INSIGHT\SBC\IPMON32.EXE
C:\PROGRAM FILES\SBC SELF SUPPORT TOOL\SMARTBRIDGE\MOTIVESB.
C:\WINDOWS\SYSTEM\INS95EN.
C:\WINDOWS\SYSTEM\IOSLP30E
C:\PROGRAM FILES\SBC SELF SUPPORT TOOL\BIN\MPBTN.EXE
C:\PROGRAM FILES\AMERICA ONLINE 8.0B\WAOL.EXE
C:\WINDOWS\SYSTEM\SPOOL32.
C:\WINDOWS\SYSTEM\DDHELP.E
C:\PROGRAM FILES\AMERICA ONLINE 8.0B\AOLWBSPD.EXE
C:\WINDOWS\SYSTEM\RNAAPP.E
C:\WINDOWS\SYSTEM\TAPISRV.
C:\WINDOWS\SYSTEM\PSTORES.
C:\PROGRAM FILES\REALVNC\VNC4\WINVNC4
C:\WINDOWS\SYSTEM\WINOA386
C:\WINDOWS\FTP.EXE
C:\HIJACKTHIS.EXE
R1 - HKCU\Software\Microsoft\In
R1 - HKCU\Software\Microsoft\In
R0 - HKCU\Software\Microsoft\In
R1 - HKCU\Software\Microsoft\In
R0 - HKLM\Software\Microsoft\In
R0 - HKLM\Software\Microsoft\In
R1 - HKCU\Software\Microsoft\In
R1 - HKLM\Software\Microsoft\In
F1 - win.ini: run=hpfsched
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radi
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [EM_EXEC] c:\mouse\system\em_exec.ex
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPw
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\Real
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [IPInSightLAN 01] "C:\PROGRAM FILES\VISUAL NETWORKS\VISUAL IP INSIGHT\SBC\IPClient.exe" -l
O4 - HKLM\..\Run: [IPInSightMonitor 01] "C:\PROGRAM FILES\VISUAL NETWORKS\VISUAL IP INSIGHT\SBC\IPMon32.exe"
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SBCSEL~1\SMART
O4 - HKLM\..\Run: [hoadgbw] C:\WINDOWS\kjberup.exe
O4 - HKLM\..\Run: [p4mX37S] INS95EN.EXE
O4 - HKLM\..\RunServices: [WinVNC4] "C:\PROGRAM FILES\REALVNC\VNC4\WINVNC4
O4 - HKCU\..\Run: [Yahoo! Pager] 1
O4 - HKCU\..\Run: [Y357RXe6l] IOSLP30E.EXE
O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Ad
O4 - Startup: America Online 8.0 Tray Icon.lnk = C:\Program Files\America Online 8.0b\aoltray.exe
O4 - Startup: SBC Self Support Tool.lnk = C:\Program Files\SBC Self Support Tool\bin\matcli.exe
O4 - Startup: Download Plus.lnk = ?
O9 - Extra button: Real.com (HKLM)
O9 - Extra button: AIM (HKLM)
O9 - Extra button: Your PC is infected with Spyware - click here to fix your PC (HKLM)
O9 - Extra button: Dell Home (HKCU)
O12 - Plugin for .mp3: C:\PROGRA~1\INTERN~1\PLUGI
O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugi
O12 - Plugin for .mpeg: C:\PROGRA~1\INTERN~1\PLUGI
O14 - IERESET.INF: START_PAGE_URL=http://www.aol.com
O16 - DPF: {F72A7B0E-0DD8-11D1-BD6E-0
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-4
O16 - DPF: {166B1BCA-3F9C-11CF-8075-4
O16 - DPF: Dialpad Java Applet - http://www.dialpad.com/applet/src/vscp.cab
O16 - DPF: {17163BB4-107E-11D4-9B76-0
O16 - DPF: Dialpad US Java Applet - http://dialpad.com/applet/src/vscp.cab
O16 - DPF: {5F03EAB4-1AD5-11D4-AE99-0
O16 - DPF: {47F591A2-8783-11D2-8343-0
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D
O16 - DPF: {A031D222-B496-11D2-9CC8-0
O16 - DPF: {30528230-99F7-4BB4-88D8-F
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8
O16 - DPF: {9F1C11AA-197B-4942-BA54-4
O17 - HKLM\System\CCS\Services\V
END OF LOG
---------------------
Any further questions are welcome!
Thanks!
-Jen
Model: Dimension L550R
Model Year: 2000
OS: Win98
Thanks in Advance!
The log is as follows:
--------------------
Logfile of HijackThis v1.97.7
Scan saved at 8:20:09 PM, on 10/11/04
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Unable to get Internet Explorer version!
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32
C:\WINDOWS\SYSTEM\MSGSRV32
C:\WINDOWS\SYSTEM\MPREXE.E
C:\WINDOWS\SYSTEM\mmtask.t
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.
C:\MOUSE\SYSTEM\EM_EXEC.EX
C:\PROGRAM FILES\VIEWPOINT\VIEWPOINT MANAGER\VIEWMGR.EXE
C:\PROGRAM FILES\REAL\REALPLAYER\REAL
C:\PROGRAM FILES\BROADJUMP\CLIENT FOUNDATION\CFD.EXE
C:\PROGRAM FILES\VISUAL NETWORKS\VISUAL IP INSIGHT\SBC\IPCLIENT.EXE
C:\PROGRAM FILES\VISUAL NETWORKS\VISUAL IP INSIGHT\SBC\IPMON32.EXE
C:\PROGRAM FILES\SBC SELF SUPPORT TOOL\SMARTBRIDGE\MOTIVESB.
C:\WINDOWS\SYSTEM\INS95EN.
C:\WINDOWS\SYSTEM\IOSLP30E
C:\PROGRAM FILES\SBC SELF SUPPORT TOOL\BIN\MPBTN.EXE
C:\PROGRAM FILES\AMERICA ONLINE 8.0B\WAOL.EXE
C:\WINDOWS\SYSTEM\SPOOL32.
C:\WINDOWS\SYSTEM\DDHELP.E
C:\PROGRAM FILES\AMERICA ONLINE 8.0B\AOLWBSPD.EXE
C:\WINDOWS\SYSTEM\RNAAPP.E
C:\WINDOWS\SYSTEM\TAPISRV.
C:\WINDOWS\SYSTEM\PSTORES.
C:\PROGRAM FILES\REALVNC\VNC4\WINVNC4
C:\WINDOWS\SYSTEM\WINOA386
C:\WINDOWS\FTP.EXE
C:\HIJACKTHIS.EXE
R1 - HKCU\Software\Microsoft\In
R1 - HKCU\Software\Microsoft\In
R0 - HKCU\Software\Microsoft\In
R1 - HKCU\Software\Microsoft\In
R0 - HKLM\Software\Microsoft\In
R0 - HKLM\Software\Microsoft\In
R1 - HKCU\Software\Microsoft\In
R1 - HKLM\Software\Microsoft\In
F1 - win.ini: run=hpfsched
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radi
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [EM_EXEC] c:\mouse\system\em_exec.ex
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPw
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\Real
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [IPInSightLAN 01] "C:\PROGRAM FILES\VISUAL NETWORKS\VISUAL IP INSIGHT\SBC\IPClient.exe" -l
O4 - HKLM\..\Run: [IPInSightMonitor 01] "C:\PROGRAM FILES\VISUAL NETWORKS\VISUAL IP INSIGHT\SBC\IPMon32.exe"
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SBCSEL~1\SMART
O4 - HKLM\..\Run: [hoadgbw] C:\WINDOWS\kjberup.exe
O4 - HKLM\..\Run: [p4mX37S] INS95EN.EXE
O4 - HKLM\..\RunServices: [WinVNC4] "C:\PROGRAM FILES\REALVNC\VNC4\WINVNC4
O4 - HKCU\..\Run: [Yahoo! Pager] 1
O4 - HKCU\..\Run: [Y357RXe6l] IOSLP30E.EXE
O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Ad
O4 - Startup: America Online 8.0 Tray Icon.lnk = C:\Program Files\America Online 8.0b\aoltray.exe
O4 - Startup: SBC Self Support Tool.lnk = C:\Program Files\SBC Self Support Tool\bin\matcli.exe
O4 - Startup: Download Plus.lnk = ?
O9 - Extra button: Real.com (HKLM)
O9 - Extra button: AIM (HKLM)
O9 - Extra button: Your PC is infected with Spyware - click here to fix your PC (HKLM)
O9 - Extra button: Dell Home (HKCU)
O12 - Plugin for .mp3: C:\PROGRA~1\INTERN~1\PLUGI
O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugi
O12 - Plugin for .mpeg: C:\PROGRA~1\INTERN~1\PLUGI
O14 - IERESET.INF: START_PAGE_URL=http://www.aol.com
O16 - DPF: {F72A7B0E-0DD8-11D1-BD6E-0
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-4
O16 - DPF: {166B1BCA-3F9C-11CF-8075-4
O16 - DPF: Dialpad Java Applet - http://www.dialpad.com/applet/src/vscp.cab
O16 - DPF: {17163BB4-107E-11D4-9B76-0
O16 - DPF: Dialpad US Java Applet - http://dialpad.com/applet/src/vscp.cab
O16 - DPF: {5F03EAB4-1AD5-11D4-AE99-0
O16 - DPF: {47F591A2-8783-11D2-8343-0
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D
O16 - DPF: {A031D222-B496-11D2-9CC8-0
O16 - DPF: {30528230-99F7-4BB4-88D8-F
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8
O16 - DPF: {9F1C11AA-197B-4942-BA54-4
O17 - HKLM\System\CCS\Services\V
END OF LOG
---------------------
Any further questions are welcome!
Thanks!
-Jen
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
and from next time before posting the log.... first describe ur problem in detail.... and post the log when an expert ask u to post it :)
Here also.... if u are having problems, then describe them, otherwise if u want to analyse ur log only u can use the above website to do this job =)
Here also.... if u are having problems, then describe them, otherwise if u want to analyse ur log only u can use the above website to do this job =)
Hi Jen,
What exactly you want us to analyse? your entries seem to be quite ok. One thing mysterious though... where's your AV software... disabled or not running at all?
anyway seems you've solved your doubt.
cheers,
Luis
What exactly you want us to analyse? your entries seem to be quite ok. One thing mysterious though... where's your AV software... disabled or not running at all?
anyway seems you've solved your doubt.
cheers,
Luis
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Good stuff everyone! I will submit my logs elsewhere.
ASKER