Jump to content


Photo

Please Review My Log


  • Please log in to reply
4 replies to this topic

#1 JohnMolta

JohnMolta

    Member

  • New Member
  • Pip
  • 2 posts

Posted 19 May 2004 - 04:50 PM

Logfile of HijackThis v1.97.7
Scan saved at 3:09:25 PM, on 5/15/04
Platform: Windows 98 Gold (Win9x 4.10.1998)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSRTE.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\STARTER.EXE
C:\PROGRAM FILES\MCAFEE.COM\AGENT\MCAGENT.EXE
C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSSHLD.EXE
C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSESCN.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\PROGRAM FILES\BHODEMON\BHODEMON.EXE
C:\JOHN\SOFTWARE\HIJACKTHIS.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.worldnet.att.net/
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CPROGRAM%20FILES%5CNETSCAPE%5CNETSCAPE%5Csearchplugins%5CSBWeb_01.src"); (C:\WINDOWS\Application Data\Mozilla\Profiles\default\3wox1bi1.slt\prefs.js)
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSSHL.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [EnsoniqMixer] starter.exe
O4 - HKLM\..\Run: [MCAgentExe] C:\PROGRA~1\MCAFEE.COM\AGENT\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\MCAFEE.COM\AGENT\MCUPDATE.EXE
O4 - HKLM\..\Run: [VirusScan Online] "C:\PROGRA~1\MCAFEE.COM\VSO\mcvsshld.exe"
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\MCAFEE.COM\VSO\MCMNHDLR.EXE" /checktask
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [McVsRte] C:\PROGRA~1\MCAFEE.COM\VSO\mcvsrte.exe /embedding
O4 - Startup: BHODemon.lnk = C:\Program Files\BHODemon\BHODemon.exe
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: MSN Messenger Service (HKLM)
O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
O16 - DPF: {0C568603-D79D-11D2-87A7-00C04FF158BB} (BrowseFolderPopup Class) - http://download.mcaf...ed/MGBrwFld.cab
O16 - DPF: {340A0150-9DC7-11D3-9A01-005004677EF4} (Mcafee PC Clinic Edisk Class) - http://download.mcaf...Edisk/edisk.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macr...ash/swflash.cab
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
O16 - DPF: {9184D21C-9835-42C5-A883-EA8BE7FC048D} (Downloader Class) - http://www.shopintui...bles/IE/IDA.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupd...B?37879.7290625
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com...ex/qtplugin.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akama...meInstaller.exe
O16 - DPF: {9A57B18E-2F5D-11D5-8997-00104BD12D94} (compid Class) - http://www.support.g...rvest/gwCID.CAB
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://bin.mcafee.co...,19/mcgdmgr.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (sys Class) - https://support.gate.../formassist.CAB
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} - http://download.micr...922/wmv9VCM.CAB

#2 dave38

dave38

    Devout Murphyite!

  • Emeritus
  • PipPipPipPipPip
  • 8,508 posts

Posted 19 May 2004 - 05:12 PM

Nothing obvious in your log.

What problems were/are you having?
Be wary of strong drink. It may make you shoot at tax collectors, and miss!
Please support SWI forum

#3 nickvandekar

nickvandekar

    Member

  • New Member
  • Pip
  • 4 posts

Posted 19 May 2004 - 08:20 PM

The computer is very slow. When turning on it crashes several times before coming stable. It also seems to whir for a long time with a lot of unnecessary programs starting up. I have a continual message saying IE cannot back up offline portal messages because there is not enough space.

#4 dave38

dave38

    Devout Murphyite!

  • Emeritus
  • PipPipPipPipPip
  • 8,508 posts

Posted 20 May 2004 - 03:57 PM

Sounds more like a software configuration problem.

How much memory do you have in this computer, and how much free disk space?
Have you cleaned out all temporary files, and defragmented the drive(s)?
Be wary of strong drink. It may make you shoot at tax collectors, and miss!
Please support SWI forum

#5 JohnMolta

JohnMolta

    Member

  • New Member
  • Pip
  • 2 posts

Posted 21 May 2004 - 06:48 PM

Dave,

I think there was a mixup. It's my HijackThis log, but "nickvandekar" described his symptoms.

Any way, here's the problem that prompted me to run HijackThis. After I run Internet Explorer and then close its window, it takes about 90 seconds before I can start another application. I close the window, and it goes away immediately. Then I hit the Start button, or double-click an icon on the desktop, and nothing happens for about 90 seconds. This does not happen every time I run IE. It seems to happen consistently if I log in to the AT&T Worldnet email system, read my mail, log out, and close IE. I have seen the problem at other times after closing IE, but am not sure what steps I had run.

I posted this problem to a Microsoft usergroup, and the "MVP" who responded suggested HijackThis, among many other things to try. So far, nothing has worked.

Another problem I'm seeing that may or may not be related to this one is that sometimes when I try to shut down the system there is a delay and then a message window comes up indicating that the "Task is not responding" and I'm given a choice of killing the task or waiting for it to respond.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Member of ASAP and UNITE
Support SpywareInfo Forum - click the button