Results 1 to 8 of 8
  1. #1
    I'm New, Please Help
    Guest

    Default Weird Things; Here's My VX2 Log

    Hi,

    Weird things are happening. I've been reading through your posts to see if I can figure it out alone, but I think I'd better let you knowledgeable folks help.

    I managed to download and run VX2 Finder. Here is my log.

    Files Found---
    C:\WINDOWS\SYSTEM\HcTPLUG.DLL
    C:\WINDOWS\SYSTEM\IaFRARED.DLL
    C:\WINDOWS\SYSTEM\IcFRARED.DLL
    C:\WINDOWS\SYSTEM\IhFRARED.DLL
    C:\WINDOWS\SYSTEM\IjFRARED.DLL
    C:\WINDOWS\SYSTEM\IwFRARED.DLL
    C:\WINDOWS\SYSTEM\IwSETUP.DLL


    User Agent String---
    {FE0CD0AC-5719-485A-A7FC-31ABFA13F07D}

    I didn't want to get rid of them all until I got the "go ahead" from you. Do you know if any of these problems are related to Notepad and Windows Media Player problems? Both of those programs icons keep changing and the programs don't work. I reinstall, to no avail.

    Thanks for the help!

    Susan

  2. #2
    Member Help2Go Moderator whoozhe's Avatar
    Join Date
    Jan 2001
    Location
    Wallaroo South Australia
    Posts
    8,567
    Points
    801

    Default

    All these files appear to be relate to an Infrared connection.
    Check your system to see if it came with built in Infrared capabilities.
    Take control of your life. Leave others to control their own.

  3. #3
    Guest

    Default Infrared Items on VX2 Log

    Hi,

    Thank you for your help. I'm not exactly sure how to check my system for infrared capabilities, but after doing a general search, here is what I found:

    C:\Windows\system\infrared.dll
    C:\Windows\system\infrared.ocx
    C:\Windows\infrared.inf
    C:\Windows\help\infrared.cnt
    C:\Windows\help\infrared.hlp
    C:\Windows\help\infrared.chm

    I am having tons of popups that I am usually able to delete through Adaware, however that isn't working. I am posting my HiJackThis log, too.

    Susan

    Logfile of HijackThis v1.97.7
    Scan saved at 9:33:06 AM, on 7/1/2004
    Platform: Windows ME (Win9x 4.90.3000)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\SYSTEM\KERNEL32.DLL
    C:\WINDOWS\SYSTEM\MSGSRV32.EXE
    C:\WINDOWS\SYSTEM\SPOOL32.EXE
    C:\WINDOWS\SYSTEM\MPREXE.EXE
    C:\WINDOWS\SYSTEM\STIMON.EXE
    C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE
    C:\WINDOWS\SYSTEM\MSTASK.EXE
    C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCEVTMGR.EXE
    C:\WINDOWS\SYSTEM\mmtask.tsk
    C:\WINDOWS\SYSTEM\DEVLDR16.EXE
    C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
    C:\WINDOWS\EXPLORER.EXE
    C:\WINDOWS\RUNDLL32.EXE
    C:\WINDOWS\TASKMON.EXE
    C:\WINDOWS\SYSTEM\SYSTRAY.EXE
    C:\PROGRAM FILES\NORTON ANTIVIRUS\ADVTOOLS\NPROTECT.EXE
    C:\WINDOWS\SYSTEM\WMIEXE.EXE
    C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCAPP.EXE
    C:\PROGRAM FILES\ZONE LABS\ZONEALARM\ZLCLIENT.EXE
    C:\WINDOWS\SYSTEM\CTFMON.EXE
    C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
    C:\INSTALLATION FILES\HIJACKTHIS.EXE

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = file://C:\WINDOWS\SYSTEM\sb.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
    O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\PROGRAM FILES\AOL TOOLBAR\TOOLBAR.DLL
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
    O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
    O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
    O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
    O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
    O4 - HKLM\..\Run: [NPROTECT] C:\PROGRA~1\NORTON~1\ADVTOOLS\NPROTECT.EXE
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [devldr16.exe] C:\WINDOWS\SYSTEM\devldr16.exe
    O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
    O4 - HKLM\..\RunServices: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
    O4 - HKLM\..\RunServices: [TrueVector] C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE -service
    O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
    O4 - HKLM\..\RunServices: [ScriptBlocking] "C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe" -reg
    O4 - HKLM\..\RunServices: [ccEvtMgr] "C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
    O4 - Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
    O8 - Extra context menu item: LimeShop Preferences - file://C:\Program Files\LimeShop\System\Temp\limeshop_script0.htm
    O8 - Extra context menu item: &AOL Toolbar search - res://C:\PROGRAM FILES\AOL TOOLBAR\TOOLBAR.DLL/SEARCH.HTML
    O9 - Extra button: Messenger (HKLM)
    O9 - Extra 'Tools' menuitem: MSN Messenger Service (HKLM)
    O9 - Extra button: Real.com (HKLM)
    O9 - Extra button: AIM (HKLM)
    O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
    O9 - Extra button: AOL Toolbar (HKLM)
    O9 - Extra 'Tools' menuitem: AOL Toolbar (HKLM)
    O9 - Extra button: ComcastHSI (HKCU)
    O9 - Extra button: Help (HKCU)
    O9 - Extra button: Support (HKCU)
    O14 - IERESET.INF: START_PAGE_URL=http://www.comcast.net
    O16 - DPF: {AE1C01E3-0283-11D3-9B3F-00C04F8EF466} (HeartbeatCtl Class) - http://fdl.msn.com/zone/datafiles/heartbeat.cab
    O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.co...871.4787731481
    O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} (Office Update Installation Engine) - http://office.microsoft.com/officeup...ntent/opuc.cab
    O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/s...ctor/swdir.cab
    O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.com/computercheckup/qdiagcc.cab
    O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - http://launch.gamespyarcade.com/soft...ch/alaunch.cab
    O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab
    O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/common/groove/gx/GrooveAX25.cab
    O16 - DPF: Yahoo! Spades - http://download.games.yahoo.com/game...ts/y/st2_x.cab
    O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/ca...C_1_0_0_41.cab
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2...ll/xscan53.cab

  4. #4
    Member steamwiz's Avatar
    Join Date
    Sep 2003
    Location
    Yorkshire U.K.
    Posts
    14,022
    Points
    2335

    Default

    Hi

    These are all L2M files ... go ahead and delete them.

    C:\WINDOWS\SYSTEM\HcTPLUG.DLL
    C:\WINDOWS\SYSTEM\IaFRARED.DLL
    C:\WINDOWS\SYSTEM\IcFRARED.DLL
    C:\WINDOWS\SYSTEM\IhFRARED.DLL
    C:\WINDOWS\SYSTEM\IjFRARED.DLL
    C:\WINDOWS\SYSTEM\IwFRARED.DLL
    C:\WINDOWS\SYSTEM\IwSETUP.DLL

    continue with the proceedure below....

    Close any un-neccessary windows you have open.
    -Check off all those files found and click the Delete these Files button
    (for as many as you have)

    -Click UserAgent$ (to remove that reg value)
    -Click Import.reg (to repair QuickLaunch Toolbar)
    -Click Restore Desktop..to restore the desktop(Explorer.exe ends while doing this fix)

    Retest with the VX2Finder and post new log

    steam
    Look here for Ways to keep your computer safe
    M'SOFT MVP -Windows Security 2004/8 .member ASAP -

  5. #5
    Guest

    Default New Log

    Hi,

    I deleted those, however the "User Agents$" button was grayed out and I could not click it.

    Here is my new log:



    Files Found---
    C:\WINDOWS\SYSTEM\MdI.DLL


    User Agent String---




    Again, thank you for your help.
    Susan

  6. #6
    Guest

    Default

    By the way....why isn't there a User Agent String now? Is that ok?

    Thanks!
    Susan

  7. #7
    Member steamwiz's Avatar
    Join Date
    Sep 2003
    Location
    Yorkshire U.K.
    Posts
    14,022
    Points
    2335

    Default

    HI

    You don't want the "User Agent String" ... it was part of your problem.....

    Clicking the " UserAgent$ " button would have deleted it

    It was greyed out bacause it was allready gone.

    Are you still having problems ?

    steam
    Look here for Ways to keep your computer safe
    M'SOFT MVP -Windows Security 2004/8 .member ASAP -

  8. #8
    Guest

    Default

    Steam,

    I think I am all fixed up now, and don't seem to be having any problems at all.

    I sincerely appreciate your time and wisdom.

    Susan