Ouch - I think I have been Bitten

[Und3ertak3r]

hi Guys,

Found these files in my systems startup (WinXP PRo)

IMJPMIG.EXE /Spoil /remAdvdef /Migration32
Dumprep 0 -k

No New software in the last 5days..

Now How did this come to my attention?

Daughter (good to have someone else to blame) was hunting for (suprise suprise) Music on the Kazaa network..(Kazaalite).. left the room.. I came in half an hour later to find the machine frozen..
Reset.. restarted ok..
Wouldn't dial into the ISP.. REset the external Modem.. restarted ok
Started Musicmatch to play some good old rock and roll.. ACDC if you must know..OK
dial in to ISP OK.. connected to AO aOK..
Started "Outlook" (ok shoot me ).. Ok, went to reply to a friends email (recieved 4 days ago and read several times ) machine grinds to a halt.. mouse pauses in one spot for a 10 to 20 seconds (read Eternity).. the music is worse.. (I won't describe it here. but "Highway to hell" sound realy funny)
After a minute or 3 trying to shut down open progs, ie Outlook, musicmatch.. and with out my trying, Norton 2002 AV is shut down (well the error message said that the OS felt that it wasn't responding and would be shut down..
By this time I managed to have the task manager up.. suprise the CPU was running at 100% and I couldn't see the running processes..
By now Zonealarm was being shut down..
HDD activity started to pick up as did the Send activity on the MOdem..
RESET again..
brought it up in safemode, checked the registry.. nothing strange
Checked the startup in the config utility.. and this is where I found strange program entries..
Currently attempting to do a "on line virus scan"..
Oh did I say I disabled that pair in the startup.. well I have and that is how I seem to be able to type this.. Once the online scan is run i will attempt to re run Outlook and see what happens..
My NAV defs are dated 13 Nov 2002 ? but attempting to update tonight has lead to a "All is OK" response..

any thought on these files? that first one is sus.. very sus..

cheers..

[r3b00+]

Did a search on google and came up with this

Program Name: Imjpmig8.1

Executable Name: IMJPMIG.EXE

Required: No

Comments: Part of Microsoft's Input Message Editor (IME) for translating Japanese/Chinese text in IE, Outlook and Word

Taken from HERE

Doesnt seem like its anything to worry about.
Hope this helps!

Cheers

r3b00+

[Tiger Shark]

Did a google for IMJPMIG.EXE and it seems to be something to do with M$ japanese language pack, googling Dumprep 0 -k indicates it is something to do with Adobe's professional version, which now I think back does make sense.

So - if you have ever clicked "yes" to DL the japanese lang thingy for IE then you are kosher - if you ever installed Adobe Acrobat Pro then you are also kosher.....

What does seem odd tho and warrants further investigation is the uninvited shutdown of your protection systems simultaneously - That's a monster red flag if you ask me......

[blakdeth77]

Wasn't there a security issue with one of the language packs for win2k? I think this guy should update his a/v software and run a full scan. With all that stuff happening by itself... sounds like a backdoor proggie it? Especially if all this goofy crap happens only while he's online.

[Und3ertak3r]

Me thinks I should get one Daughter her own virus catcher..

After several restarts I think I located the problem..

Yes the IMJPMIG.EXE is part of the Japanese language package, and thanks Tiger shark for the info regarding Dumprep it is from Photoshop. and I thought that I knew my startup files like the back of my hand..

The Problem appears to be the .PST file in Outlook, as this appears to be where the system would crash.. The file was over 500MB in size.. my fault I had experimented with it a couple of weeks ago to see if a bug I had read about would cause me problems.. hmmm

Still it don't explain the other sillyness

I will follow through on the comment frm blakdeth77 regarding the language pack vulnerability.. BTW, the online scann Clean, uninstalled reinstalled NAV.. reupdated the Defs,, no probs..

Thanks for the comments guys..

Cheers

[Tiger Shark]

A .pst over 500mb........ WOW!!!!!!! No wonder you have problems!!!!!!

I have users that experience problems with their email when their .pst exceeds 80-100, when you go and look they have never done any maintenance and find literally thousands of messages in the inbox, sent items and deleted items. We simply tell them that they will continue to have problems until they clean out the mailboxes, then we leave...... They bitch, moan and whine about being too busy but that's water off a ducks back......

IMO, (notice I say "opinion....), if your computer is trying to deal with a .pst of that size it would not surprise me too much if it caused the whole system to go flakey and it may have just been coincidence that you witnessed ZA and NAV drop. Since you have done all the scans and come up clean I would say you are good to go as soon as you clean the .pst.

Having said that, and knowing your daughter uses the same machine, I would continue to keep a weather eye out for issues - hell I gave my gf her own PC on the network - set limits and autoupdates of NAV and Win2k and have practically forgotten about it ever since - of course she's probably a bit older than your daughter......

[Und3ertak3r]

you are absolutly correct Tiger Shark, I made the mistake of not cleaning the boxes out after my experiment.. well not completly.. When I was testing it out.. I would duplicate some "STUFF" in a test folder.. and increase the file size some 50k at a time.. close outlook restart.. continue .. untill a 1MB size increase.. restart the machine.. did this untill it went flakey.. well in that case OL would crash on opening or refuse to open a message/note etc.. this was when the pst was some 700mb(this must be ram memory related also) then deleted the crap.. (seems I didn't get it all..) and the suprise a couple of week later..POW.. yep I was slack, a few large attachments in emails, and my having not removed 400Mb of crap..

my fault I had experimented with it a couple of weeks ago to see if a bug I had read about would cause me problems.. hmmm

Now I have learnt something.. (besides don't be a dickhead)..

Cheers

[avenger_jcc]

Another thing that wont hurt to try is run Ad Aware, by lavasoft (Google: adaware)
as this may kill some other memory hogs in your background. Ive seen lots of machines that are running sluggish or wierd be cured of all its ailments by this nice little prog. you do need to trim your .pst, no doubt, but this may be a added step....
Avenger

[Und3ertak3r]

don't forget Refupdate... very handy..