masplin Posted June 9, 2008 Posted June 9, 2008 I'm not sure where to post this problem, but them ost obvious effects are within IE7. For example when I tried to register for this site i couldn't see the "image verification" words in IE7. I can see them when using Firefox or Safari. Lots of my Google gadgets don't display in IE7, just says loading. At the bottom the pages that seem to have problems all say Javascipt xyz. I also have problems with in some applications where the forms are not displaying properly. Dell Support Centre opens up a window that is blank. This account is an adminstators account. I have another administrators account and that works fine. I tried creating anew account, but that doesn't work. i have tried uninstalling/reinstallling Java 7 Flashplayer. I have reset al lmy IE7 settings to default. I am really at a loss as the problem is not just within IE7 and seems to be account specific. This problem only started a few days ago, but all my restore points seem to have disappeared. Grateful any advice. Quote
Guest Wolfeymole Posted June 9, 2008 Posted June 9, 2008 Hello Masplin Welcome to FPCH With the restore points disappearing and the Dell site coming up blank it may well be that you may be infested with some form of malware. Please follow the instructions below and get back to us as to how your pc is performing then. Malware is software designed to infiltrate or damage a computer system without the owner's informed consent. It is a combination of the words malicious and software. The expression is a general term used by computer professionals to mean a variety of forms of hostile, intrusive, or annoying software or program code. Required Cleanup Steps Disable the Spybot Search & Destroy TEA TIMER if you use it and if it is enabled Run a Temporary file and cache cleaner (ATF) Run 2 Anti-Malware scanners (Listed Below) Run an Online Anti-Virus / Anti-Malware Scanner (Listed Below) Clear out old System Restore points If continued Malware type activity is present you may be asked to post a TrendMicro™ HijackThis™ Log file, do not do so unless requested. The reason to run multiple scanners is to ensure that no single scanner is missing something. The time it takes will vary depending on your system and your internet connection speed. Typically the SUPERAntiSpyware and Malwarebytes scanners will take between 10 to 90 minutes. The ESET online scan should take between 1 to 3 hours. In most cases, these scans will suffice to clean and disinfect your computer. Heavily infected systems or slower PCs can take much longer to scan and clean. For best results print the following instructions and bookmark this Web page To keep this guide printer-friendly, use your cursor to highlight the contents below. From your browser select File - Print and in the printer dialog box under "Print range" click the Selection choice to print out these instructions for removal of malware.http://kixhelp.com/wr/images-freepchelp/printer-selection.gif__________________________________________________ STEP 1 Disable Spybot Search & Destroys' TEA TIMER: (if installed) Run Spybot-S&D in Advanced Mode. If it is not already set to do this Go to the Mode menu select "Advanced Mode" On the left hand side, Click on Tools Then click on the Resident Icon in the List Uncheck "Resident TeaTimer" and OK any prompts. Restart your computer. __________________________________________________ STEP 2 Follow these instructions carefully. Download ATF-Cleaner from Snapfiles.com to remove un-needed temporary files from your computer that may contain malware. You can also download it from Majorgeeks.com When you run ATF-Cleaner, check the items as shown below for Main. For FireFox, be sure to click on the FireFox tab on top and check the items as shown below for FireFox NOTE: If you don't have FireFox or Opera installed then they will be grayed out and can be ignored Then click on "Empty Selected". http://kixhelp.com/wr/images-freepchelp/atf-cleaner01.gif . http://kixhelp.com/wr/images-freepchelp/atf-cleaner02.gif__________________________________________________ STEP 3 Install and run the free version (not the Professional version) of SUPERAntiSpyware from SUPERAntiSpyware.com Accept any prompts to allow SUPERAntiSpyware to install the latest rules and infection definition files. You do not have to send them your e-mail address, just click next. You can leave the automated check for updates on. You can uncheck "Send a diagnostic report to research center" if you don't want to send the information. DO NOT allow SUPERAntiSpyware to protect your Home Page settings. On the Top Left select the Scan your computer button. Make sure there is a CHECK MARK on all Fixed Drives. Click "Perform a Complete Scan". Click "Next" to Repair issues found and reboot the computer when prompted to do so. __________________________________________________ STEP 4 Install and run Malwarebytes' Anti-Malware from Malwarebytes - (direct download) Accept all defaults for the installer Allow the program to update the definitions Click on the Quick Scan and click Next. If any items are found allow it to clean them and then Reboot your computer. __________________________________________________ STEP 5 Run an online scan with ESET from Free Virus Scan: Use ESET's Online Antivirus Scanner You must use Internet Explorer for this online scan. FireFox, Opera, etc will not work for this scan. If your computer is running Window's Vista, then you must first start Internet Explorer as an Administrator. To do so, right-click on the Internet Explorer icon in the Start Menu and select "Run as administrator" from the popup context menu. Accept the terms and click "Start". Once the scanner is ready, check "Remove found threats" AND "Scan unwanted applications". Click "Start" to begin the scan. When completed restart your computer __________________________________________________ Make sure your internet firewall security is enabled, and then please return to Extreme Tech Support - Free PC Help and tell us how the computer seems to be operating. At that time, you will receive instructions to assist you in removing malicious programs from your Add/Remove program list if warranted. If required this is the download link for TrendMicro™ HijackThis™ Unless instructed to by the Technician helping you then do not download this tool. Once you and the Technician agree that your system appears to be clean then you should delete all your System Restore points and recreate a new one. Please follow the instructions here How to turn off and turn on System Restore in Windows XP How to turn off and turn on System Restore in Windows Vista Quote
masplin Posted June 9, 2008 Author Posted June 9, 2008 More info Just beofre i start on that wondered if this helped at all. I just tried looging into the account that was working and opening the applicatin i use to mange my finances. Al lthe pages are fine except one that opens really tiny. I now get 2 errors Line: 1 A null reference pont was passed to the stub Line :60 "System" is undefined Does that change your advice at all? Thanks a lot mike Quote
Goku Posted June 9, 2008 Posted June 9, 2008 Line: 1 Just beofre i start on that wondered if this helped at all. I just tried looging into the account that was working and opening the applicatin i use to mange my finances. Al lthe pages are fine except one that opens really tiny. I now get 2 errors Line: 1 A null reference pont was passed to the stub Hello and Welcome to Extreme Tech Support - Free PC Help Mike. For your problem regarding Line: 1, I have found something. It might be helpful to you. Have a look. Error: "A null reference pointer was passed to the stub..." when connecting to Fax-Sharing Host I know its not exactly relevant but they concern the same problem. Please try the instructions provided, run the Anti-Malware instructions and report back here. Good Luck. :) -- Goku Quote
masplin Posted June 9, 2008 Author Posted June 9, 2008 Results Ran Superantispy and got 15 Adware: Tracking cookie threats Ran Malwarebytes and got nothing Can't run ESEt as when I slick "Agree" the Start button doesn't light up. If i open it in Firefox the start buttion lights up but you say it won't work. this is obviously related to my problem. I could run a steganos 2008 AV scan if that helps? Quote
Guest Wolfeymole Posted June 9, 2008 Posted June 9, 2008 Please download the latest version of HijackThis from Trend Micro and click on Download Hijack This Installer and save it to your desktop. Doubleclick HJTInstall.exe to install HijackThis. By default it will install to C:\Program Files\Trend Micro\HijackThis . Click on Install. It will create a HijackThis icon on the desktop. Once installed, it will launch Hijackthis. Click on the Do a system scan and save a logfile button. It will scan and the log should open in Notepad. Include this log in your next reply. Notes: Do not use the AnalyseThis button, its findings are dangerous if misinterpreted. Do not have Hijackthis fix anything yet. Most of what it finds will be harmless, or required for your computer to run like it should. Quote
masplin Posted June 9, 2008 Author Posted June 9, 2008 Hijack This Tried to use the paper clip and upload hijackthis.log but says it is an invalid file. can't apste it in as too big? Quote
Goku Posted June 9, 2008 Posted June 9, 2008 Tried to use the paper clip and upload hijackthis.log but says it is an invalid file. can't apste it in as too big? Try posting the files in bits that is in parts. Don't care about the number of posts it takes. Just post the full log. Our Malware Experts will have a look at it for you. :) -- Goku Quote
masplin Posted June 9, 2008 Author Posted June 9, 2008 Hijackthis log 1 Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:28:05, on 09/06/2008 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\System32\mobsync.exe C:\Program Files\Raxco\PerfectDisk2008\PD91AgentS1.exe C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe C:\Program Files\SiteAdvisor\6253\SiteAdv.exe C:\Windows\sttray.exe C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe C:\Program Files\LogMeIn\x86\LogMeInSystray.exe C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe C:\Program Files\IC Desktop Alerts\ICDesktopAlerts.exe C:\Program Files\Steganos\AntiVirus 2008\avgcc.exe C:\Program Files\Philips\Auto Run Software for Photo Frame\PhotoManager.exe C:\Program Files\Adobe\Adobe Photoshop Lightroom 1.3\apdproxy.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Program Files\LogMeIn\x86\LMIGuardian.exe C:\Program Files\Research In Motion\BlackBerry\DesktopMgr.exe C:\Program Files\logitech\SetPoint\SetPoint.exe C:\Program Files\Common Files\Research In Motion\RIMDeviceManager\RIMDeviceManager.exe C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE C:\Program Files\RescueTime\RescueTime.exe C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe Quote
masplin Posted June 9, 2008 Author Posted June 9, 2008 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = iGoogle R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = about:blank R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: (no name) - AutorunsDisabled - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" O4 - HKLM\..\Run: [siteAdvisor] C:\Program Files\SiteAdvisor\6253\SiteAdv.exe O4 - HKLM\..\Run: [sigmatelSysTrayApp] sttray.exe O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe" O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe" O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe" O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [iC Desktop Alerts] "C:\Program Files\IC Desktop Alerts\ICDesktopAlerts.exe" O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe" O4 - HKLM\..\Run: [DriveSentry] C:\Program Files\DriveSentry\DriveSentry.exe O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Steganos\ANTIVI~1\avgcc.exe /STARTUP O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Adobe Photoshop Lightroom 1.3\apdproxy.exe" O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Steganos\ANTIVI~1\avgw.exe /RUNONCE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Steganos\ANTIVI~1\avgw.exe /RUNONCE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [rmoc3260.dll OCX] regsvr32.exe /s "C:\Windows\system32\rmoc3260.dll" (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Steganos\ANTIVI~1\avgw.exe /RUNONCE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [rmoc3260.dll OCX] regsvr32.exe /s "C:\Windows\system32\rmoc3260.dll" (User 'Default user') O4 - Startup: Copy email - Shortcut.lnk = Documents\Tech\Batch Files\Copy email.bat O4 - Startup: RescueTime.lnk = C:\Program Files\RescueTime\RescueTimeStart.exe O4 - Startup: SetPoint - Shortcut.lnk = C:\Program Files\logitech\SetPoint\SetPoint.exe O4 - Global Startup: AutorunsDisabled O4 - Global Startup: ColorVisionStartup.lnk = C:\Program Files\ColorVision\Utility\ColorVisionStartup.exe O4 - Global Startup: Desktop Manager.lnk = C:\Program Files\Research In Motion\BlackBerry\DesktopMgr.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll Quote
masplin Posted June 9, 2008 Author Posted June 9, 2008 Hijackthis 3 O13 - Gopher Prefix: O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100 O18 - Protocol: bw+0 - {FF3EC3EC-3CC7-4A10-98C9-F17D60615017} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {FF3EC3EC-3CC7-4A10-98C9-F17D60615017} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {FF3EC3EC-3CC7-4A10-98C9-F17D60615017} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {FF3EC3EC-3CC7-4A10-98C9-F17D60615017} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {FF3EC3EC-3CC7-4A10-98C9-F17D60615017} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {FF3EC3EC-3CC7-4A10-98C9-F17D60615017} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {FF3EC3EC-3CC7-4A10-98C9-F17D60615017} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {FF3EC3EC-3CC7-4A10-98C9-F17D60615017} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {FF3EC3EC-3CC7-4A10-98C9-F17D60615017} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {FF3EC3EC-3CC7-4A10-98C9-F17D60615017} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {FF3EC3EC-3CC7-4A10-98C9-F17D60615017} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {FF3EC3EC-3CC7-4A10-98C9-F17D60615017} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {FF3EC3EC-3CC7-4A10-98C9-F17D60615017} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {FF3EC3EC-3CC7-4A10-98C9-F17D60615017} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {FF3EC3EC-3CC7-4A10-98C9-F17D60615017} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {FF3EC3EC-3CC7-4A10-98C9-F17D60615017} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {FF3EC3EC-3CC7-4A10-98C9-F17D60615017} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {FF3EC3EC-3CC7-4A10-98C9-F17D60615017} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {FF3EC3EC-3CC7-4A10-98C9-F17D60615017} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {FF3EC3EC-3CC7-4A10-98C9-F17D60615017} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {FF3EC3EC-3CC7-4A10-98C9-F17D60615017} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {FF3EC3EC-3CC7-4A10-98C9-F17D60615017} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {FF3EC3EC-3CC7-4A10-98C9-F17D60615017} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {FF3EC3EC-3CC7-4A10-98C9-F17D60615017} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {FF3EC3EC-3CC7-4A10-98C9-F17D60615017} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {FF3EC3EC-3CC7-4A10-98C9-F17D60615017} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {FF3EC3EC-3CC7-4A10-98C9-F17D60615017} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {FF3EC3EC-3CC7-4A10-98C9-F17D60615017} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {FF3EC3EC-3CC7-4A10-98C9-F17D60615017} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {FF3EC3EC-3CC7-4A10-98C9-F17D60615017} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {FF3EC3EC-3CC7-4A10-98C9-F17D60615017} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {FF3EC3EC-3CC7-4A10-98C9-F17D60615017} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {FF3EC3EC-3CC7-4A10-98C9-F17D60615017} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {FF3EC3EC-3CC7-4A10-98C9-F17D60615017} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {FF3EC3EC-3CC7-4A10-98C9-F17D60615017} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {FF3EC3EC-3CC7-4A10-98C9-F17D60615017} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {FF3EC3EC-3CC7-4A10-98C9-F17D60615017} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {FF3EC3EC-3CC7-4A10-98C9-F17D60615017} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {FF3EC3EC-3CC7-4A10-98C9-F17D60615017} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {FF3EC3EC-3CC7-4A10-98C9-F17D60615017} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {FF3EC3EC-3CC7-4A10-98C9-F17D60615017} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {FF3EC3EC-3CC7-4A10-98C9-F17D60615017} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {FF3EC3EC-3CC7-4A10-98C9-F17D60615017} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {FF3EC3EC-3CC7-4A10-98C9-F17D60615017} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {FF3EC3EC-3CC7-4A10-98C9-F17D60615017} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {FF3EC3EC-3CC7-4A10-98C9-F17D60615017} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {FF3EC3EC-3CC7-4A10-98C9-F17D60615017} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {FF3EC3EC-3CC7-4A10-98C9-F17D60615017} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {FF3EC3EC-3CC7-4A10-98C9-F17D60615017} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {FF3EC3EC-3CC7-4A10-98C9-F17D60615017} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {FF3EC3EC-3CC7-4A10-98C9-F17D60615017} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {FF3EC3EC-3CC7-4A10-98C9-F17D60615017} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {FF3EC3EC-3CC7-4A10-98C9-F17D60615017} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {FF3EC3EC-3CC7-4A10-98C9-F17D60615017} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {FF3EC3EC-3CC7-4A10-98C9-F17D60615017} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {FF3EC3EC-3CC7-4A10-98C9-F17D60615017} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {FF3EC3EC-3CC7-4A10-98C9-F17D60615017} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {FF3EC3EC-3CC7-4A10-98C9-F17D60615017} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {FF3EC3EC-3CC7-4A10-98C9-F17D60615017} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {FF3EC3EC-3CC7-4A10-98C9-F17D60615017} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {FF3EC3EC-3CC7-4A10-98C9-F17D60615017} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {FF3EC3EC-3CC7-4A10-98C9-F17D60615017} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll Quote
masplin Posted June 9, 2008 Author Posted June 9, 2008 Hijackthis 4 and last O18 - Protocol: bwt0 - {FF3EC3EC-3CC7-4A10-98C9-F17D60615017} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {FF3EC3EC-3CC7-4A10-98C9-F17D60615017} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {FF3EC3EC-3CC7-4A10-98C9-F17D60615017} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {FF3EC3EC-3CC7-4A10-98C9-F17D60615017} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {FF3EC3EC-3CC7-4A10-98C9-F17D60615017} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {FF3EC3EC-3CC7-4A10-98C9-F17D60615017} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {FF3EC3EC-3CC7-4A10-98C9-F17D60615017} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {FF3EC3EC-3CC7-4A10-98C9-F17D60615017} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {FF3EC3EC-3CC7-4A10-98C9-F17D60615017} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {FF3EC3EC-3CC7-4A10-98C9-F17D60615017} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {FF3EC3EC-3CC7-4A10-98C9-F17D60615017} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {FF3EC3EC-3CC7-4A10-98C9-F17D60615017} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {FF3EC3EC-3CC7-4A10-98C9-F17D60615017} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {FF3EC3EC-3CC7-4A10-98C9-F17D60615017} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: offline-8876480 - {FF3EC3EC-3CC7-4A10-98C9-F17D60615017} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O20 - Winlogon Notify: avgwlntf - C:\Windows\SYSTEM32\avgwlntf.dll O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: Steganos Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Steganos\ANTIVI~1\avgamsvr.exe O23 - Service: Steganos Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Steganos\ANTIVI~1\avgupsvc.exe O23 - Service: Steganos Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Steganos\ANTIVI~1\avgrssvc.exe O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\480\g2aservice.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe O23 - Service: PD91Agent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe O23 - Service: PD91Engine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk2008\PD91Engine.exe O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe -- End of file - 21816 bytes Quote
Guest Wolfeymole Posted June 9, 2008 Posted June 9, 2008 I've moved your post to the Hijack This section of the forum Masplin. Please bear with us while one of the Security Team looks at this. Quote
Seth Posted June 10, 2008 Posted June 10, 2008 No malware showing in the log. You said you restored the default settings in IE7, but did you do an actual reset? (very different) 1.Click the Tools menu, and then click Internet Options. 2.On the Advanced tab, click Reset. 3.In the Reset Internet Explorer Settings dialog box, click Reset. 4.When Internet Explorer 7 finishes restoring the default settings, click Close, and then click OK two times. 5.Close Internet Explorer 7. The changes take effect the next time that you open Internet Explorer 7. Quote Need help with your computer problems? Then why not join Free PC Help. Register here If Free PC Help has helped you then please consider a donation. Click here
masplin Posted June 10, 2008 Author Posted June 10, 2008 Reset Yes I did the reset. However the problem isn't just within IE7 so thoguht it must be something more general. Quote
Seth Posted June 10, 2008 Posted June 10, 2008 See if the problems persist in Safe Mode With Networking. (Keep tapping F8 as soon as you turn on the computer to access that mode). EDIT: BTW, what happened when you tried to make another account? Quote Need help with your computer problems? Then why not join Free PC Help. Register here If Free PC Help has helped you then please consider a donation. Click here
masplin Posted June 10, 2008 Author Posted June 10, 2008 Other account I made another adminstrators account and got the same behavior. My old adminstrators account was working fine the first few times are tried it but now also corrupted. Quote
Seth Posted June 10, 2008 Posted June 10, 2008 Sheesh, sounds like your Vista is falling apart. Try the other suggestion from my previous post. Quote Need help with your computer problems? Then why not join Free PC Help. Register here If Free PC Help has helped you then please consider a donation. Click here
masplin Posted June 10, 2008 Author Posted June 10, 2008 Safe Mode Exactly the same. I tried a new account again and no difference. The only slight difference i have between accounts is on my main account the Dell Support window opens blank. In my adminstrators account it has a tool bar, but the information window says no data available. I've got a horrible feeling your about to suggest reinstalling vista!!!!! Quote
Seth Posted June 10, 2008 Posted June 10, 2008 You're right. I see no way that the Vista corruption can be repaired without a reinstall. Try this long shot: Windows Vista Help: Startup Repair: frequently asked questions Quote Need help with your computer problems? Then why not join Free PC Help. Register here If Free PC Help has helped you then please consider a donation. Click here
masplin Posted June 10, 2008 Author Posted June 10, 2008 Startup Repair Found nothing to repair. There is an option to return my software to the factory settings which is a pretty extreme solution. Presumably I woudl need ot reinstall every program and documents I have created which would take ages. Sounds liek I am out of options though? Quote
masplin Posted June 10, 2008 Author Posted June 10, 2008 Suggestion I have an identical Vista PC my wife uses with almost identical software and it works fine. Is it worth trying coping certain key files form her computer to see if that fixes it? i have no idea what kind of files are involded, but as I said orignially al lthe pages on IE7 that fail to load have some "Javascript" message in bottom left corner. Quote
Goku Posted June 10, 2008 Posted June 10, 2008 I have an identical Vista PC my wife uses with almost identical software and it works fine. Is it worth trying coping certain key files form her computer to see if that fixes it? i have no idea what kind of files are involded, but as I said orignially al lthe pages on IE7 that fail to load have some "Javascript" message in bottom left corner. If you think that JavaScript has been turned off in Internet Explorer, then here is how you can re-enable it or at least enable the setting. How do I turn on JavaScript in my browser? How To Turn on Javascript Also, I think Maynard has gratefully made us a tutorial post on the same topic here. Hope that is all you need. Try and see if it helps or not. Good Luck. :) -- Goku Quote
Goku Posted June 10, 2008 Posted June 10, 2008 Also, if I might suggest, have you tried to switch browsers? See if that works or not. There are loads to choose from: 1. Mozilla Firefox 2. Avant Browser 3. Opera 4. Flock There are many more available on the net! Just try and experiment with at least two of them and see if they work or not. Incompatible browser scripts might also cause the problem you have been facing. See if changing the browser does the trick or not. Good Luck. :) -- Goku Quote
masplin Posted June 10, 2008 Author Posted June 10, 2008 Scipting Was already turned on as had reset secutiy to default lelvel, but turened it on and off with no effect. Also my browser works fine with Mozilla & Safari. If it was just the browser I would just give up on IE7. However it is more wide spread than that. As I said one important page within Microsoft Money no longer loads properly, and the Dell Support App doesn't load. I'm assumnig these thnigs are all linked as went at the same time. Makes me think it is a Microsoft component that al lthese things use that is the problem. What woudl be common between an application and a browser that coudl affect the display in both? Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.