jennifer_borman
asked on
HiJackThis Log Review Please!
Manufacturer:
Model: Dimension L550R
Model Year: 2000
OS: Win98
Thanks in Advance!
The log is as follows:
--------------------
Logfile of HijackThis v1.97.7
Scan saved at 8:20:09 PM, on 10/11/04
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Unable to get Internet Explorer version!
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32 .DLL
C:\WINDOWS\SYSTEM\MSGSRV32 .EXE
C:\WINDOWS\SYSTEM\MPREXE.E XE
C:\WINDOWS\SYSTEM\mmtask.t sk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\SYSTRAY. EXE
C:\MOUSE\SYSTEM\EM_EXEC.EX E
C:\PROGRAM FILES\VIEWPOINT\VIEWPOINT MANAGER\VIEWMGR.EXE
C:\PROGRAM FILES\REAL\REALPLAYER\REAL PLAY.EXE
C:\PROGRAM FILES\BROADJUMP\CLIENT FOUNDATION\CFD.EXE
C:\PROGRAM FILES\VISUAL NETWORKS\VISUAL IP INSIGHT\SBC\IPCLIENT.EXE
C:\PROGRAM FILES\VISUAL NETWORKS\VISUAL IP INSIGHT\SBC\IPMON32.EXE
C:\PROGRAM FILES\SBC SELF SUPPORT TOOL\SMARTBRIDGE\MOTIVESB. EXE
C:\WINDOWS\SYSTEM\INS95EN. EXE
C:\WINDOWS\SYSTEM\IOSLP30E .EXE
C:\PROGRAM FILES\SBC SELF SUPPORT TOOL\BIN\MPBTN.EXE
C:\PROGRAM FILES\AMERICA ONLINE 8.0B\WAOL.EXE
C:\WINDOWS\SYSTEM\SPOOL32. EXE
C:\WINDOWS\SYSTEM\DDHELP.E XE
C:\PROGRAM FILES\AMERICA ONLINE 8.0B\AOLWBSPD.EXE
C:\WINDOWS\SYSTEM\RNAAPP.E XE
C:\WINDOWS\SYSTEM\TAPISRV. EXE
C:\WINDOWS\SYSTEM\PSTORES. EXE
C:\PROGRAM FILES\REALVNC\VNC4\WINVNC4 .EXE
C:\WINDOWS\SYSTEM\WINOA386 .MOD
C:\WINDOWS\FTP.EXE
C:\HIJACKTHIS.EXE
R1 - HKCU\Software\Microsoft\In ternet Explorer\Main,Search Bar = http://www.judysearch.com/ie/
R1 - HKCU\Software\Microsoft\In ternet Explorer\Main,Search Page = http://www.judysearch.com/ie/
R0 - HKCU\Software\Microsoft\In ternet Explorer\Main,Start Page = http://yahoo.sbc.com/dsl
R1 - HKCU\Software\Microsoft\In ternet Explorer\Search,SearchAssi stant = http://64.71.171.96/search.php
R0 - HKLM\Software\Microsoft\In ternet Explorer\Main,Start Page = http://www.judysearch.com/home.php
R0 - HKLM\Software\Microsoft\In ternet Explorer\Search,SearchAssi stant = http://www.judysearch.com/ie/
R1 - HKCU\Software\Microsoft\In ternet Explorer\Main,Window Title = Microsoft Internet Explorer provided by America Online
R1 - HKLM\Software\Microsoft\In ternet Explorer\Main,SearchAssist ant = about:blank
F1 - win.ini: run=hpfsched
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radi o - {8E718888-423F-11D2-876E-0 0A0C908246 7} - C:\WINDOWS\SYSTEM\MSDXM.OC X
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [EM_EXEC] c:\mouse\system\em_exec.ex e
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPw rScheme
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\Real Play.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [IPInSightLAN 01] "C:\PROGRAM FILES\VISUAL NETWORKS\VISUAL IP INSIGHT\SBC\IPClient.exe" -l
O4 - HKLM\..\Run: [IPInSightMonitor 01] "C:\PROGRAM FILES\VISUAL NETWORKS\VISUAL IP INSIGHT\SBC\IPMon32.exe"
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SBCSEL~1\SMART B~1\Motive SB.exe
O4 - HKLM\..\Run: [hoadgbw] C:\WINDOWS\kjberup.exe
O4 - HKLM\..\Run: [p4mX37S] INS95EN.EXE
O4 - HKLM\..\RunServices: [WinVNC4] "C:\PROGRAM FILES\REALVNC\VNC4\WINVNC4 .EXE" -noconsole -service
O4 - HKCU\..\Run: [Yahoo! Pager] 1
O4 - HKCU\..\Run: [Y357RXe6l] IOSLP30E.EXE
O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Ad obe Gamma Loader.exe
O4 - Startup: America Online 8.0 Tray Icon.lnk = C:\Program Files\America Online 8.0b\aoltray.exe
O4 - Startup: SBC Self Support Tool.lnk = C:\Program Files\SBC Self Support Tool\bin\matcli.exe
O4 - Startup: Download Plus.lnk = ?
O9 - Extra button: Real.com (HKLM)
O9 - Extra button: AIM (HKLM)
O9 - Extra button: Your PC is infected with Spyware - click here to fix your PC (HKLM)
O9 - Extra button: Dell Home (HKCU)
O12 - Plugin for .mp3: C:\PROGRA~1\INTERN~1\PLUGI NS\npqtplu gin3.dll
O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugi ns\NPDocBo x.dll
O12 - Plugin for .mpeg: C:\PROGRA~1\INTERN~1\PLUGI NS\npqtplu gin3.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.aol.com
O16 - DPF: {F72A7B0E-0DD8-11D1-BD6E-0 0AA00B92AF 1} (IE Active Setup Control) - http://www.microsoft.com/windows/ie/ie40/download/cdf/setupctl.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-4 4455354000 0} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-4 4455354000 0} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/swdir8d196.cab
O16 - DPF: Dialpad Java Applet - http://www.dialpad.com/applet/src/vscp.cab
O16 - DPF: {17163BB4-107E-11D4-9B76-0 06097DF231 7} (EABootStrap Class) - http://aol.ea.com/downloads/games/common/boot_strap/iegils.cab
O16 - DPF: Dialpad US Java Applet - http://dialpad.com/applet/src/vscp.cab
O16 - DPF: {5F03EAB4-1AD5-11D4-AE99-0 050DAC24E8 F} - http://www.iwon.com/ct/in_wn/iwonslot1,0,1,5.cab
O16 - DPF: {47F591A2-8783-11D2-8343-0 0A0C945A81 9} (RFXPlayer Class) - http://download.richfx.com/player/mediaversion/005/latest/twophase.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D 3488ABDDC6 B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {A031D222-B496-11D2-9CC8-0 0105A10AAF 6} (WONWebLauncher Class) - http://www.flipside.com/cab/WONWebLauncherControl.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-F A1D4F56A2A B} (YInstStarter Class) - http://files.member.yahoo.com/dl/installs/sbc/yinst.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8 DC6B52AB35 B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.com/computercheckup/qdiagcc.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-4 7A8489BB47 F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?38018.7199652778
O17 - HKLM\System\CCS\Services\V xD\MSTCP: Domain = aoldsl.net
END OF LOG
---------------------
Any further questions are welcome!
Thanks!
-Jen
Model: Dimension L550R
Model Year: 2000
OS: Win98
Thanks in Advance!
The log is as follows:
--------------------
Logfile of HijackThis v1.97.7
Scan saved at 8:20:09 PM, on 10/11/04
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Unable to get Internet Explorer version!
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32
C:\WINDOWS\SYSTEM\MSGSRV32
C:\WINDOWS\SYSTEM\MPREXE.E
C:\WINDOWS\SYSTEM\mmtask.t
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.
C:\MOUSE\SYSTEM\EM_EXEC.EX
C:\PROGRAM FILES\VIEWPOINT\VIEWPOINT MANAGER\VIEWMGR.EXE
C:\PROGRAM FILES\REAL\REALPLAYER\REAL
C:\PROGRAM FILES\BROADJUMP\CLIENT FOUNDATION\CFD.EXE
C:\PROGRAM FILES\VISUAL NETWORKS\VISUAL IP INSIGHT\SBC\IPCLIENT.EXE
C:\PROGRAM FILES\VISUAL NETWORKS\VISUAL IP INSIGHT\SBC\IPMON32.EXE
C:\PROGRAM FILES\SBC SELF SUPPORT TOOL\SMARTBRIDGE\MOTIVESB.
C:\WINDOWS\SYSTEM\INS95EN.
C:\WINDOWS\SYSTEM\IOSLP30E
C:\PROGRAM FILES\SBC SELF SUPPORT TOOL\BIN\MPBTN.EXE
C:\PROGRAM FILES\AMERICA ONLINE 8.0B\WAOL.EXE
C:\WINDOWS\SYSTEM\SPOOL32.
C:\WINDOWS\SYSTEM\DDHELP.E
C:\PROGRAM FILES\AMERICA ONLINE 8.0B\AOLWBSPD.EXE
C:\WINDOWS\SYSTEM\RNAAPP.E
C:\WINDOWS\SYSTEM\TAPISRV.
C:\WINDOWS\SYSTEM\PSTORES.
C:\PROGRAM FILES\REALVNC\VNC4\WINVNC4
C:\WINDOWS\SYSTEM\WINOA386
C:\WINDOWS\FTP.EXE
C:\HIJACKTHIS.EXE
R1 - HKCU\Software\Microsoft\In
R1 - HKCU\Software\Microsoft\In
R0 - HKCU\Software\Microsoft\In
R1 - HKCU\Software\Microsoft\In
R0 - HKLM\Software\Microsoft\In
R0 - HKLM\Software\Microsoft\In
R1 - HKCU\Software\Microsoft\In
R1 - HKLM\Software\Microsoft\In
F1 - win.ini: run=hpfsched
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radi
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [EM_EXEC] c:\mouse\system\em_exec.ex
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPw
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\Real
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [IPInSightLAN 01] "C:\PROGRAM FILES\VISUAL NETWORKS\VISUAL IP INSIGHT\SBC\IPClient.exe" -l
O4 - HKLM\..\Run: [IPInSightMonitor 01] "C:\PROGRAM FILES\VISUAL NETWORKS\VISUAL IP INSIGHT\SBC\IPMon32.exe"
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\SBCSEL~1\SMART
O4 - HKLM\..\Run: [hoadgbw] C:\WINDOWS\kjberup.exe
O4 - HKLM\..\Run: [p4mX37S] INS95EN.EXE
O4 - HKLM\..\RunServices: [WinVNC4] "C:\PROGRAM FILES\REALVNC\VNC4\WINVNC4
O4 - HKCU\..\Run: [Yahoo! Pager] 1
O4 - HKCU\..\Run: [Y357RXe6l] IOSLP30E.EXE
O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Ad
O4 - Startup: America Online 8.0 Tray Icon.lnk = C:\Program Files\America Online 8.0b\aoltray.exe
O4 - Startup: SBC Self Support Tool.lnk = C:\Program Files\SBC Self Support Tool\bin\matcli.exe
O4 - Startup: Download Plus.lnk = ?
O9 - Extra button: Real.com (HKLM)
O9 - Extra button: AIM (HKLM)
O9 - Extra button: Your PC is infected with Spyware - click here to fix your PC (HKLM)
O9 - Extra button: Dell Home (HKCU)
O12 - Plugin for .mp3: C:\PROGRA~1\INTERN~1\PLUGI
O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugi
O12 - Plugin for .mpeg: C:\PROGRA~1\INTERN~1\PLUGI
O14 - IERESET.INF: START_PAGE_URL=http://www.aol.com
O16 - DPF: {F72A7B0E-0DD8-11D1-BD6E-0
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-4
O16 - DPF: {166B1BCA-3F9C-11CF-8075-4
O16 - DPF: Dialpad Java Applet - http://www.dialpad.com/applet/src/vscp.cab
O16 - DPF: {17163BB4-107E-11D4-9B76-0
O16 - DPF: Dialpad US Java Applet - http://dialpad.com/applet/src/vscp.cab
O16 - DPF: {5F03EAB4-1AD5-11D4-AE99-0
O16 - DPF: {47F591A2-8783-11D2-8343-0
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D
O16 - DPF: {A031D222-B496-11D2-9CC8-0
O16 - DPF: {30528230-99F7-4BB4-88D8-F
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8
O16 - DPF: {9F1C11AA-197B-4942-BA54-4
O17 - HKLM\System\CCS\Services\V
END OF LOG
---------------------
Any further questions are welcome!
Thanks!
-Jen
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
and from next time before posting the log.... first describe ur problem in detail.... and post the log when an expert ask u to post it :)
Here also.... if u are having problems, then describe them, otherwise if u want to analyse ur log only u can use the above website to do this job =)
Here also.... if u are having problems, then describe them, otherwise if u want to analyse ur log only u can use the above website to do this job =)
Hi Jen,
What exactly you want us to analyse? your entries seem to be quite ok. One thing mysterious though... where's your AV software... disabled or not running at all?
anyway seems you've solved your doubt.
cheers,
Luis
What exactly you want us to analyse? your entries seem to be quite ok. One thing mysterious though... where's your AV software... disabled or not running at all?
anyway seems you've solved your doubt.
cheers,
Luis
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Good stuff everyone! I will submit my logs elsewhere.
ASKER