1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

IE Error msg, HJT log attached

Discussion in 'Web & Email' started by mn4tcl, Feb 8, 2005.

Thread Status:
Not open for further replies.
Advertisement
  1. mn4tcl

    mn4tcl Thread Starter

    Joined:
    Aug 2, 2004
    Messages:
    19
    When accessing any page on the internet, at some point this message below pops up in a dialogue box, usually before I have had chance to click on any item within the page.


    "Microsoft Internet Explorer has encountered a problem and needs to close. We are sorry for the inconvenience.

    If you were in the middle of something, the information you were working on might be lost.

    Please tell microsoft about this preoblem.

    We have created an error report that you can send to us to help us improve microsoft internet explorer. We will treat this report as confidential and anonymous.

    To see what data this error report contains, click here"

    I then have the option to either "Send error report" or "Don't send". I have tried both options, but there error is persisting, and getting worse. Can anyone give any advice? I have already re-installed internet explorer v6 direct from Microsft website. I am running Windows ME.

    Here is my HJT log file:

    Thanks for any help......

    Logfile of HijackThis v1.98.1
    Scan saved at 00:07:08, on 09/02/2005
    Platform: Windows ME (Win9x 4.90.3000)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\SYSTEM\KERNEL32.DLL
    C:\WINDOWS\SYSTEM\MSGSRV32.EXE
    C:\WINDOWS\SYSTEM\mmtask.tsk
    C:\WINDOWS\SYSTEM\MPREXE.EXE
    C:\WINDOWS\SYSTEM\MSTASK.EXE
    C:\WINDOWS\SYSTEM\SSDPSRV.EXE
    C:\WINDOWS\SYSTEM\STIMON.EXE
    C:\WINDOWS\EXPLORER.EXE
    C:\WINDOWS\SYSTEM\UNLDR32.EXE
    C:\WINDOWS\TASKMON.EXE
    C:\WINDOWS\SYSTEM\SYSTRAY.EXE
    C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
    C:\NORMAN\WIN95\CLAW95.EXE
    C:\WINDOWS\LOADQM.EXE
    C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
    C:\PROGRAM FILES\HEWLETT-PACKARD\HP SHARE-TO-WEB\HPGS2WND.EXE
    C:\PROGRAM FILES\ACCESSORIES\LOGITECH\ITOUCH\ITOUCH.EXE
    C:\PROGRAM FILES\MUSICMATCH\MUSICMATCH JUKEBOX\MM_TRAY.EXE
    C:\PROGRAM FILES\HEWLETT-PACKARD\AIO\HP OFFICEJET 7100 SERIES\BIN\HPOGRP07.EXE
    C:\PROGRAM FILES\HEWLETT-PACKARD\HP SHARE-TO-WEB\HPGS2WNF.EXE
    C:\WINDOWS\SYSTEM\WMIEXE.EXE
    C:\PROGRAM FILES\NIKON\NKVIEW5\NKVMON.EXE
    C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE\OSA.EXE
    C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOTDD01.EXE
    C:\PROGRAM FILES\ACCESSORIES\LOGITECH\MOUSEWARE\SYSTEM\EM_EXEC.EXE
    C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOHMR08.EXE
    C:\PROGRAM FILES\FINEPIXVIEWER\QUICKDCF.EXE
    C:\WINDOWS\SYSTEM\SPOOL32.EXE
    C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOEVM08.EXE
    C:\PROGRAM FILES\BT BROADBAND\HELP\BIN\MPBTN.EXE
    C:\PROGRAM FILES\HEWLETT-PACKARD\AIO\SHARED\BIN\HPOEVM07.EXE
    C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOSTS08.EXE
    C:\WINDOWS\SYSTEM\HPOIPM07.EXE
    C:\WINDOWS\SYSTEM\HPOID407.EXE
    C:\PROGRAM FILES\HEWLETT-PACKARD\AIO\SHARED\BIN\HPOSTS07.EXE
    C:\PROGRAM FILES\HEWLETT-PACKARD\AIO\SHARED\BIN\HPOFXM07.EXE
    C:\WINDOWS\SYSTEM\DDHELP.EXE
    C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
    C:\WINDOWS\SYSTEM\PSTORES.EXE
    C:\MY DOCUMENTS\MY PICTURES\TREVOR\HIJACKTHIS.EXE

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tiscali.co.uk/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by BT Business Broadband
    F1 - win.ini: run=c:\windows\system\unldr32.exe
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: (no name) - {F2A4407B-FFBC-4A1F-A18A-0F68C3E0FC9E} - C:\WINDOWS\SYSTEM\BOWALOD.DLL
    O2 - BHO: (no name) - {6B61EFE7-D110-A424-D64D-70FD4C9E6E6D} - C:\WINDOWS\SYSTEM\DAZUZOP.DLL
    O2 - BHO: E.HH - {9E992732-295F-4987-8BE3-16FAC1639198} - C:\WINDOWS\ALL USERS\APPLICATION DATA\IESERVICE\IESERVICE.DLL
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
    O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
    O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
    O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
    O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\Run: [Cat's Claw] C:\NORMAN\WIN95\Claw95.exe
    O4 - HKLM\..\Run: [OmgStartup] C:\Program Files\Common Files\Sony Shared\OpenMG\OmgStartup.exe
    O4 - HKLM\..\Run: [LoadQM] loadqm.exe
    O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
    O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Accessories\Logitech\iTouch\iTouch.exe
    O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
    O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
    O4 - HKLM\..\Run: [IKXGULGM] c:\windows\system\ikxgulgm.exe /install
    O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
    O4 - HKLM\..\RunServices: [SSDPSRV] C:\WINDOWS\SYSTEM\ssdpsrv.exe
    O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
    O4 - HKLM\..\RunServices: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
    O4 - HKLM\..\RunServices: [Unldr32] c:\windows\system\unldr32.exe
    O4 - HKCU\..\Run: [MSMSGS] C:\PROGRA~1\MESSEN~1\msmsgs.exe /background
    O4 - HKCU\..\Run: [\IEService.exe] C:\WINDOWS\ALLUSE~1\APPLIC~1\IESERV~1\IEService.exe
    O4 - Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView5\NkvMon.exe
    O4 - Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
    O4 - Startup: hpoddt01.exe.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
    O4 - Startup: hp instant support.lnk = C:\Program Files\Hewlett-Packard\hpis\bin\matcli.exe
    O4 - Startup: hp psc 1000 series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
    O4 - Startup: BT Broadband Help.lnk = C:\Program Files\BT Broadband\Help\bin\matcli.exe
    O4 - Startup: Exif Launcher.lnk = C:\Program Files\FinePixViewer\QuickDCF.exe
    O4 - Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Accessories\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: HPAiODevice(hp officejet 7100 series) - 1.lnk = C:\Program Files\Hewlett-Packard\AiO\hp officejet 7100 series\Bin\hpogrp07.exe
    O8 - Extra context menu item: &Google Search - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmsearch.html
    O8 - Extra context menu item: Cached Snapshot of Page - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmcache.html
    O8 - Extra context menu item: Similar Pages - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmsimilar.html
    O8 - Extra context menu item: Backward Links - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmbacklinks.html
    O8 - Extra context menu item: Translate into English - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmtrans.html
    O12 - Plugin for .PART: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin3.dll
    O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
    O12 - Plugin for .pdf: C:\PROGRA~1\INTERN~1\PLUGINS\nppdf32.dll
    O15 - Trusted Zone: *.musicmatch.com
    O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/en-gb/4,0,0,64/mcinsctl.cab
    O16 - DPF: {6F750200-1362-4815-A476-88533DE61D0C} (Ofoto Upload Manager Class) - http://www.ofoto.com/downloads/BUM/BUM_WIN_IE_1/axofupld.cab
    O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/EPUWALControl_v1-0-3-17.cab
    O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://static.photobox.co.uk/sg/common/uploader.cab
    O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 192.168.0.1
     
  2. Cheeseball81

    Cheeseball81 Retired Moderator

    Joined:
    Mar 3, 2004
    Messages:
    84,315
  3. mn4tcl

    mn4tcl Thread Starter

    Joined:
    Aug 2, 2004
    Messages:
    19
    OK, am now using most uptodate HJT.... pls help, I now cant use IE at all!! Thanks....

    Logfile of HijackThis v1.99.0
    Scan saved at 12:47:53, on 15/02/2005
    Platform: Windows ME (Win9x 4.90.3000)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\SYSTEM\KERNEL32.DLL
    C:\WINDOWS\SYSTEM\MSGSRV32.EXE
    C:\WINDOWS\SYSTEM\SPOOL32.EXE
    C:\WINDOWS\SYSTEM\MPREXE.EXE
    C:\WINDOWS\SYSTEM\MSTASK.EXE
    C:\WINDOWS\SYSTEM\SSDPSRV.EXE
    C:\WINDOWS\SYSTEM\STIMON.EXE
    C:\WINDOWS\SYSTEM\PSTORES.EXE
    C:\WINDOWS\SYSTEM\mmtask.tsk
    C:\WINDOWS\SYSTEM\MSMON.EXE
    C:\WINDOWS\EXPLORER.EXE
    C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
    C:\WINDOWS\TASKMON.EXE
    C:\WINDOWS\SYSTEM\SYSTRAY.EXE
    C:\NORMAN\WIN95\CLAW95.EXE
    C:\WINDOWS\LOADQM.EXE
    C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
    C:\PROGRAM FILES\HEWLETT-PACKARD\HP SHARE-TO-WEB\HPGS2WND.EXE
    C:\PROGRAM FILES\ACCESSORIES\LOGITECH\ITOUCH\ITOUCH.EXE
    C:\PROGRAM FILES\MUSICMATCH\MUSICMATCH JUKEBOX\MM_TRAY.EXE
    C:\PROGRAM FILES\SPYWARE DOCTOR\SWDOCTOR.EXE
    C:\PROGRAM FILES\HEWLETT-PACKARD\AIO\HP OFFICEJET 7100 SERIES\BIN\HPOGRP07.EXE
    C:\WINDOWS\SYSTEM\WMIEXE.EXE
    C:\PROGRAM FILES\HEWLETT-PACKARD\HP SHARE-TO-WEB\HPGS2WNF.EXE
    C:\PROGRAM FILES\NIKON\NKVIEW5\NKVMON.EXE
    C:\PROGRAM FILES\ACCESSORIES\LOGITECH\MOUSEWARE\SYSTEM\EM_EXEC.EXE
    C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE\OSA.EXE
    C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOTDD01.EXE
    C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOHMR08.EXE
    C:\PROGRAM FILES\FINEPIXVIEWER\QUICKDCF.EXE
    C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOEVM08.EXE
    C:\PROGRAM FILES\BT BROADBAND\HELP\BIN\MPBTN.EXE
    C:\PROGRAM FILES\HEWLETT-PACKARD\AIO\SHARED\BIN\HPOEVM07.EXE
    C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOSTS08.EXE
    C:\PROGRAM FILES\HEWLETT-PACKARD\AIO\SHARED\BIN\HPOSTS07.EXE
    C:\PROGRAM FILES\HEWLETT-PACKARD\AIO\SHARED\BIN\HPOFXM07.EXE
    C:\WINDOWS\SYSTEM\DDHELP.EXE
    C:\WINDOWS\DESKTOP\HIJACKTHIS.EXE

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tiscali.co.uk/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by BT Business Broadband
    F1 - win.ini: run=c:\windows\system\msmon.exe
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: (no name) - {F2A4407B-FFBC-4A1F-A18A-0F68C3E0FC9E} - C:\WINDOWS\SYSTEM\BOWALOD.DLL
    O2 - BHO: (no name) - {6B61EFE7-D110-A424-D64D-70FD4C9E6E6D} - C:\WINDOWS\SYSTEM\DAZUZOP.DLL
    O2 - BHO: E.HH - {9E992732-295F-4987-8BE3-16FAC1639198} - C:\WINDOWS\ALL USERS\APPLICATION DATA\IESERVICE\IESERVICE.DLL
    O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\TOOLS\IESDPB.DLL
    O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\TOOLS\IESDSG.DLL
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
    O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
    O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
    O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
    O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\Run: [Cat's Claw] C:\NORMAN\WIN95\Claw95.exe
    O4 - HKLM\..\Run: [OmgStartup] C:\Program Files\Common Files\Sony Shared\OpenMG\OmgStartup.exe
    O4 - HKLM\..\Run: [LoadQM] loadqm.exe
    O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
    O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Accessories\Logitech\iTouch\iTouch.exe
    O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
    O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
    O4 - HKLM\..\Run: [IKXGULGM] c:\windows\system\ikxgulgm.exe /install
    O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
    O4 - HKLM\..\RunServices: [SSDPSRV] C:\WINDOWS\SYSTEM\ssdpsrv.exe
    O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
    O4 - HKLM\..\RunServices: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
    O4 - HKLM\..\RunServices: [Msmon] c:\windows\system\msmon.exe
    O4 - HKCU\..\Run: [MSMSGS] C:\PROGRA~1\MESSEN~1\msmsgs.exe /background
    O4 - HKCU\..\Run: [\IEService.exe] C:\WINDOWS\ALLUSE~1\APPLIC~1\IESERV~1\IEService.exe
    O4 - HKCU\..\Run: [Spyware Doctor] "C:\PROGRAM FILES\SPYWARE DOCTOR\SWDOCTOR.EXE" /Q
    O4 - Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView5\NkvMon.exe
    O4 - Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
    O4 - Startup: hpoddt01.exe.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
    O4 - Startup: hp instant support.lnk = C:\Program Files\Hewlett-Packard\hpis\bin\matcli.exe
    O4 - Startup: hp psc 1000 series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
    O4 - Startup: BT Broadband Help.lnk = C:\Program Files\BT Broadband\Help\bin\matcli.exe
    O4 - Startup: Exif Launcher.lnk = C:\Program Files\FinePixViewer\QuickDCF.exe
    O4 - Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Accessories\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: HPAiODevice(hp officejet 7100 series) - 1.lnk = C:\Program Files\Hewlett-Packard\AiO\hp officejet 7100 series\Bin\hpogrp07.exe
    O8 - Extra context menu item: &Google Search - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmsearch.html
    O8 - Extra context menu item: Cached Snapshot of Page - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmcache.html
    O8 - Extra context menu item: Similar Pages - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmsimilar.html
    O8 - Extra context menu item: Backward Links - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmbacklinks.html
    O8 - Extra context menu item: Translate into English - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmtrans.html
    O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\TOOLS\IESDPB.DLL
    O12 - Plugin for .PART: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin3.dll
    O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
    O12 - Plugin for .pdf: C:\PROGRA~1\INTERN~1\PLUGINS\nppdf32.dll
    O15 - Trusted Zone: *.musicmatch.com
    O15 - Trusted Zone: *.musicmatch.com (HKLM)
    O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/en-gb/4,0,0,64/mcinsctl.cab
    O16 - DPF: {6F750200-1362-4815-A476-88533DE61D0C} (Ofoto Upload Manager Class) - http://www.ofoto.com/downloads/BUM/BUM_WIN_IE_1/axofupld.cab
    O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/EPUWALControl_v1-0-3-17.cab
    O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://static.photobox.co.uk/sg/common/uploader.cab
    O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 192.168.0.1
     
  4. dmonixed

    dmonixed

    Joined:
    Feb 11, 2005
    Messages:
    73
    first off your problems all originate from using IE it is very unsecure, you should get firefox, there really isnt any need to use IE afterthat www.mozilla.org, and do you have adaware se if not you need it. scan with that and and fix any problems which im sure it will find, and you might want to get spybot search and destroy it searches for other spyware than adaware does. Reboot computer after scanning with each program for best results, then when you have done that post another hjt log but do not have ANY program windows running while you do this. it will probably get rid of a few things and by then im sure a moderator will give you some more help... i dont know that much about MEs processes but from your log i can see some things that look suspicious....in your running proccesses you seem to have a lot of HP digital imaging items were you running a picture editing software or something at the time of the HJT scan and do you know what this process is----, C:\WINDOWS\SYSTEM\DDHELP.EXE, like i said not experienced with ME processes but might be something but dont do anything til you have scanned with adawarese and spybot and posted another log....what type of internet connection do you have..... and here is what i think might be some problems in you HJT log.....O2 - BHO: (no name) - {F2A4407B-FFBC-4A1F-A18A-0F68C3E0FC9E} - C:\WINDOWS\SYSTEM\BOWALOD.DLL
    O2 - BHO: (no name) - {6B61EFE7-D110-A424-D64D-70FD4C9E6E6D} - C:\WINDOWS\SYSTEM\DAZUZOP.DLL, F1 - win.ini: run=c:\windows\system\msmon.exe. are these files types that you recognize and use on your ME system thru a plugin in IE start with value 012 in hjt---.PART, Spop?(.pdf--nppdf32.dll-is this from a trusted site) these could be possible hijacker installed plugins.

    im just giving you some ideas to help get you started but do not do anything til you scan and post another log and a destinguished member comes back, but you can learn what all of the files listed in you HJT log do and what danger they could possibly pose by clicking INfO in the OTHER STUFF box in the bottomr right hand corner of HJT.

    for now you can get adaware and even firefox(which wont allow hijacking of your browser currently it is too secure) and you can safely scan with adaware, i bet you will find more that you think well you scan tho click scan now, then full system scan and then uncheck the scan for negligible objects, then scan , and i dont know nething about spyware doctor never used it but you would prolly be safe to get rid of unless you like it, because adaware and spybot are all you really need and once you scan and remove things if you use firefox you wont even have a need for them anymore, let me know if you have any more questions, i have been through the same kinda problem with IE several times

    here is a adaware site http://www.lavasoft.de/ that is a must have program for spy/adware i never seen another one come close to the amount it finds, you would prolly be fine with just it but if spydoctor is not finding anyproblems id say its time to switch that to spybot search and destroy, and here is there website, http://www.spybot.info/en/index.html,
    with all that you can probably fix your problem on your own but i know that an administrator is gonna want you to boot up in safe mode and delete temp files, and there is specific way you should go about this, and im not too familar with how HJT effects your pc, but for a temp fix scan for spyware and get firefox
     
  5. MFDnNC

    MFDnNC

    Joined:
    Sep 7, 2004
    Messages:
    49,014
    Do a couple online scans from this list

    http://forums.techguy.org/t110854.html

    Then get the free AVG 7 install it, check for updates and run a full scan

    AVG 7 - http://free.grisoft.com/freeweb.php/doc/2/

    SpywareBlaster http://www.javacoolsoftware.com/spywareblaster.html
    AdAware SE 1.05 http://www.majorgeeks.com/download506.html
    SpyBot S&D 1.3 http://www.safer-networking.org/en/download/

    DL them (they are free), install them, check each for their
    definition updates
    and then run AdAware and Spybot, fixing anything
    they say.

    In SpywareBlaster - Always enable all protection after updates
    SpyBot - After an update run immunize

    Boot and post a new log
     
  6. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/328309

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice