check up

a checkup would be greatly appreciated

Logfile of HijackThis v1.97.7
Scan saved at 7:32:22 PM, on 3/2/2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\SOYO\HW Monitor\Itesmart.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Documents and Settings\MystikOne\My Documents\framxpro\FreeRAM XP Pro 1.40.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Beware of Dog\Screaming Broccoli.exe
C:\Program Files\AIM95\aim.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\MYSTIK~1\LOCALS~1\Temp\Rar$EX00.605\HijackThis.exe

O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SmartGuardian] C:\Program Files\SOYO\HW Monitor\Itesmart.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [DeadAIM] rundll32.exe "C:\PROGRA~1\AIM95\\DeadAIM.ocm",ExportedCheckODLs
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM95\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [FreeRAM XP] "C:\Documents and Settings\MystikOne\My Documents\framxpro\FreeRAM XP Pro 1.40.exe" -win
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O9 - Extra button: AIM (HKLM)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{3D2682B7-6C6C-4630-B729-69DE193D0B6E}: NameServer = 64.136.20.133 64.136.28.133

 

Hi Vi,

You need to visit Windows Update.
I would fix this one:
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
since it is not necessary and BackWeb Lite comes with some privacy issues.
And to satisfy my curiosity: what is
C:\Program Files\Beware of Dog\Screaming Broccoli.exe

Reagrds,

Pieter

 

Woah, talk about a blast from the past, its the Screaming Broccoli!!!!!!


Back in the dotcom heyday, there were over a dozen free ISPs, a community emerged to remove the ads from the free ISP software and/or connect through a pure PPP link. This was accomplished by many means.

One group, produced a program that killed the free ISP software (which had annoying ads and lowered screen size) without terminating the connection. It came with a program called Screaming Broccoli, which just did timed pings to the gateway to try to avoid early disconnection.

I'm surpised to still see this relic running, I lost my copy of it over a year ago.


To sum it up:
The program is otherwise harmless, it just auto pings the gateway at timed intervals. (for the layman: pings the computer your own computer is connected to when you get online)


Also on a side note: Hello felllow dunner, Vi!!!!!!

 

heh juno doesnt work no more they foudn a way around it finally heh..well i had just reformatted my computer so the check-up was to see if i was clean, since hten i downloaded some programs and went to websites and what not..i have a grip of ads any help please?

Logfile of HijackThis v1.97.7
Scan saved at 9:29:51 PM, on 3/3/2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\SOYO\HW Monitor\Itesmart.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\AIM95\aim.exe
C:\Documents and Settings\MystikOne\My Documents\framxpro\FreeRAM XP Pro 1.40.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\Program Files\America Online 9.0\waol.exe
C:\Program Files\America Online 9.0\shellmon.exe
C:\Program Files\America Online 9.0\aolwbspd.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\DOCUME~1\MYSTIK~1\LOCALS~1\Temp\Rar$EX00.143\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://animelayer.com/
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SmartGuardian] C:\Program Files\SOYO\HW Monitor\Itesmart.exe
O4 - HKLM\..\Run: [DeadAIM] rundll32.exe "C:\PROGRA~1\AIM95\\DeadAIM.ocm",ExportedCheckODLs
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM95\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [FreeRAM XP] "C:\Documents and Settings\MystikOne\My Documents\framxpro\FreeRAM XP Pro 1.40.exe" -win
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Si&milar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: AIM (HKLM)
O9 - Extra button: Real.com (HKLM)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{3D2682B7-6C6C-4630-B729-69DE193D0B6E}: NameServer = 198.81.19.4

thanks.

 

Still clean, but please, please update Windows while you still are.
And get some protection.

Read this on how to minimize the risk of infection: http://boards.cexx.org/viewtopic.php?t=957.

Thanks for the info on the "broccoli" Kevin.

Regards,

Pieter