• ### Announcements

• #### IE 11 copy/paste problem

It has come to our attention that people using Internet Explorer 11 (IE 11) are having trouble with copy/paste to the forum. If you encounter this problem, using a different browser like Firefox or Chrome seems to get around the problem. We do not know what the problem is, but it seems to be specific to IE 11 and we are hopeful that Microsoft will eventually fix it.
Followers 0

# my hijacklog

## 20 posts in this topic

Logfile of HijackThis v1.97.7

Scan saved at 7:31:04 AM, on 7/22/2004

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe

C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\igfxtray.exe

C:\WINDOWS\System32\hkcmd.exe

C:\Program Files\Apoint\Apoint.exe

C:\WINDOWS\System32\ICO.EXE

C:\Program Files\Sony\HotKey Utility\HKserv.exe

C:\WINDOWS\System32\ezSP_Px.exe

C:\WINDOWS\Sonysys\Eflyer\EFlyer_Popup.exe

C:\WINDOWS\System32\WScript.exe

C:\PROGRA~1\mcafee.com\agent\mcagent.exe

C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe

C:\Program Files\Apoint\Apntex.exe

c:\PROGRA~1\mcafee.com\vso\mcshield.exe

C:\Program Files\Sony\HotKey Utility\HKWnd.exe

C:\Program Files\PowerPanel\Program\PcfMgr.exe

c:\progra~1\Support.com\client\bin\tgcmd.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Documents and Settings\Windows XP User\Desktop\HijackThis-1.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sony.com/vaiopeople

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,Shellnext = http://windowsupdate.microsoft.com/

O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: (no name) - {576EB0AD-6980-11D5-A9CD-0001032FEE17} - C:\Program Files\Yahoo!\Common\ycheckh.dll

O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\System32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe

O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe

O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE

O4 - HKLM\..\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKserv.exe

O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe

O4 - HKLM\..\Run: [VAIOSurvey] c:\program files\sony\vaio survey\surveysa.exe

O4 - HKLM\..\Run: [ZZZ] C:\WINDOWS\Sonysys\Eflyer\EFlyer_Popup.exe

O4 - HKLM\..\Run: [ZTgServerSwitch] c:\program files\support.com\client\lserver\server.vbs

O4 - HKLM\..\Run: [CleanupProgram] C:\Sonysys\cleanup.exe

O4 - HKLM\..\Run: [McAgentexe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe

O4 - HKLM\..\Run: [McUpdateexe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe

O4 - HKLM\..\Run: [VirusScan Online] c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background

O4 - Global Startup: Billminder.lnk = C:\Program Files\Quicken\billmind.exe

O4 - Global Startup: PowerPanel.lnk = ?

O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe

O4 - Global Startup: Quicken Startup.lnk = C:\Program Files\Quicken\QWDLLS.EXE

O9 - Extra button: Related (HKLM)

O9 - Extra button: MoneySide (HKLM)

O9 - Extra button: Messenger (HKLM)

O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM)

O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople

O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/...8189.5807523148

Edited by glenn2003

##### Share on other sites

Hi there.

You are running hijackthis from your desktop, this is not a good idea because when we do a fix hijackthis will create backups and they will be spread all over your desktop. Can you please create a folder in My Documents and call it Hijack (or something similar) like this C:\HJT\HijackThis.exe. Then extract hijackthis into the folder you have created and run it from there. When you have done that, delete the copy of hijackthis that you have on your desktop.

Next;

Update HijackThis to version 1.98

• run HijackThis

select config> misc tools and select "update online". then yes.

Run a scan and post a new Hijackthis log after you are done.

##### Share on other sites
Hi there.

You are running hijackthis from your desktop, this is not a good idea because when we do a fix hijackthis will create backups and they will be spread all over your desktop. Can you please create a folder in My Documents and call it Hijack (or something similar) like this C:\HJT\HijackThis.exe. Then extract hijackthis into the folder you have created and run it from there. When you have done that, delete the copy of hijackthis that you have on your desktop.

Next;

Update HijackThis to version 1.98

• run HijackThis

select config> misc tools and select "update online". then yes.

Run a scan and post a new Hijackthis log after you are done.

It's not spreading back up icons on my desktop. But if you think it's a good idea to put hijackthis in a new folder, then I will, however, I have several questions, you said,

"Then extract hijackthis into the folder you have created and run it from there."

How do you "extract" it into the folder??? Do i just drag the hijackthis icon from the desktop into the new folder??? Or do I have to find where I originally put the hijackthis when i first installed it. If so, I can't find it or not sure how to locate it. Sorry, I'm not familiar with this stuff, if you could explain further, I would appreciate it, thank you.

Oh, also I accidently installed hijackthis two times, since I have two icons on my desktop, should I just highlight and delete one of them???

Edited by glenn2003

##### Share on other sites

Hi there,

Backups are not made until a fix is done, so currently there will be none.

Ok lets sort this for you, create a New folder in your My Documents folder, so it will then be like this C:\My Documents\HJT\HijackThis.exe. Next go to the folder where HijackThis is, right click over HijackThis and select cut, go to the new folder you created and paste HijackThis in there. Now delete the 2 desktop/or where you put the other copy/copies you have. Then run the updated version please.

##### Share on other sites

Not sure if something is wrong with my Dos system, but after downloading the new version of hijackthis, i clicked on it, and it pops up what looks like a black box (like the place where you write your dos) but it just appears for a short instance, and then dissappears. Weird.

##### Share on other sites

Hi there,

I would suggest you delete the new copy and download it again.

##### Share on other sites

Before I go thru the process again, i have a question......

When I Update HijackThis to version 1.98, do I put it in the same New folder you told me to make? You know the one you told me to put the other hijackthis in?? Or do I put the 1.98 band new version in another new folder???

##### Share on other sites

Hi there,

I would advise deleting the other version, so that the new copy is in it's own folder.

##### Share on other sites

Logfile of HijackThis v1.98.0

Scan saved at 3:50:49 PM, on 7/22/2004

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe

C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\igfxtray.exe

C:\WINDOWS\System32\hkcmd.exe

C:\Program Files\Apoint\Apoint.exe

C:\WINDOWS\System32\ICO.EXE

C:\Program Files\Sony\HotKey Utility\HKserv.exe

C:\WINDOWS\System32\ezSP_Px.exe

C:\WINDOWS\Sonysys\Eflyer\EFlyer_Popup.exe

C:\WINDOWS\System32\WScript.exe

C:\PROGRA~1\mcafee.com\agent\mcagent.exe

C:\PROGRA~1\mcafee.com\vso\mcvsshld.exe

C:\Program Files\Apoint\Apntex.exe

c:\PROGRA~1\mcafee.com\vso\mcshield.exe

C:\Program Files\Sony\HotKey Utility\HKWnd.exe

c:\progra~1\Support.com\client\bin\tgcmd.exe

C:\Documents and Settings\Windows XP User\Local Settings\Temp\Temporary Directory 1 for hijackthis.zip\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sony.com/vaiopeople

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/

O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: CheckHO Class - {576EB0AD-6980-11D5-A9CD-0001032FEE17} - C:\Program Files\Yahoo!\Common\ycheckh.dll

O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\System32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe

O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe

O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE

O4 - HKLM\..\Run: [HKSERV.EXE] C:\Program Files\Sony\HotKey Utility\HKserv.exe

O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe

O4 - HKLM\..\Run: [VAIOSurvey] c:\program files\sony\vaio survey\surveysa.exe

O4 - HKLM\..\Run: [ZZZ] C:\WINDOWS\Sonysys\Eflyer\EFlyer_Popup.exe

O4 - HKLM\..\Run: [ZTgServerSwitch] c:\program files\support.com\client\lserver\server.vbs

O4 - HKLM\..\Run: [CleanupProgram] C:\Sonysys\cleanup.exe

O4 - HKLM\..\Run: [McAgentexe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe

O4 - HKLM\..\Run: [McUpdateexe] C:\PROGRA~1\mcafee.com\agent\mcupdate.exe

O4 - HKLM\..\Run: [VirusScan Online] c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background

O4 - Global Startup: Billminder.lnk = C:\Program Files\Quicken\billmind.exe

O4 - Global Startup: PowerPanel.lnk = ?

O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe

O4 - Global Startup: Quicken Startup.lnk = C:\Program Files\Quicken\QWDLLS.EXE

O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm

O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm

O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE

O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople

##### Share on other sites

Hi there,

I find nothing suspicious on your log, are you having any specific problems?

##### Share on other sites
Hi there,

I find nothing suspicious on your log, are you having any specific problems?

Oh no, nothing. I was just wondering if their was something bad in my log. By the way, I'm using Mozilla browser. Do you think that helps in preventing viruses and spyware from entering my computer compared to the internet explorer??

##### Share on other sites

Hi there,

Yes Mozilla is very popular and recommended, but I don't see it on your log, I see IE. To help protect your system from abuse when using IE do this;

IE-SPYAD puts over 5000 sites in your restricted zone, if you use IE, so you'll be protected when you visit innocent-looking sites that aren't actually innocent at all. Download

Both are very small free programs that you run once, and then just weekly to check for updates.

##### Share on other sites

thanks!! i really appreciate that!

##### Share on other sites

You are very welcome

##### Share on other sites

deleted

Edited by glenn2003

##### Share on other sites

Hi there,

I think the short answer to this is that your DVD player, probably not a recently bought one, is not compatable with VCD's. If the VCD is a copy, that may be a factor too.

##### Share on other sites
Hi there,

I think the short answer to this is that your DVD player, probably not a recently bought one, is not compatable with VCD's. If the VCD is a copy, that may be a factor too.

I recentlty bought my dvd a year ago. It can't play super video stuff, but it can play regular video stuff. I did make cds on my comp and played it on my dvd player so it can do this, but i forgot how i did it. I know i downloaded a converter from the net, and then did something, but i forgot.

The vcd is a copy, but i can copy that vcd on my computer, and is there anyway i can convert it to a format in which i can copy it back on another cd that will play on my dvd player. Sorry, i hope you guys understand what I'm talking about, please help.

##### Share on other sites

Hi there,

I am sorry I cannot give you a definitive answer on this, but try posting your question here

##### Share on other sites

Another question....

It found 746 items. Should I check and "fix" them all ????

Nothing will go wrong when I do this would it??

##### Share on other sites

Hi there,

Having had no personal experience with Regsupreme, I cannot comment on the performance. I have no recollection of a discussion on here about it either. Again I would suggest posting your question in the Software forum, where someone with experience of the software may be able to give you further advice. It may be best to say whether you have a trial version or you have purchased it