I am getting an error trying to attach the results of my scans.

I have done all the scans in the "read and run me first" and I am trying to send the results but when I click on manage attachments It doesn't do anything and it says error on page. When I click on that it says, "Problems with this web page might prevent it from being displayed properly or functioning properly. In the future you can display this message by double clicking on the warning icon displayed in the status bar. When I click on details I get:
Line: 207
Char: 2
Error: Object required
Code: 0
URL:http://forums.majorgeeks.com/newthread.php?do=newthread&f=35

 

IF you can not attach teh logs using manage attachments. Then paste teh contnets of the logs directly into your reply and I will convert them to attachments.

 

~ LOG ATTACHED ~ SPD

 

Thank you for converting the files for me. I am running windows XP SP 2. Do you need any more info?

 

Uninstall the Logitech Desktop Messenger using Add or Remove Programs in the Control Panel.

Scan with HijackThis and fix the following:

Download
- Pocket Killbox
- ExplorerXP

Now run Pocket Killbox:

Choose Tools -> Delete Temp Files and click the RED X.

Run Killbox.exe. Paste the below filenames into KILL BOX one at a time. Check mark the box that says "Delete on Reboot" and checkmark the box "Unregister DLL" (If available) Click the RED X and it will ask you to confirm the file for deletion…say YES and when the next box opens prompting you to reboot now...click NO...and proceed with the next file. Once you get to the last one click YES and it will reboot. Note many of the file list below may not exist but we need to check for them anyway.

If Killbox does not reboot or you get a Pending Operations type error message just reboot your PC yourself.

Now boot into SAFE MODE

Open ExplorerXP navigate to and DELETE the following: (Some of these may have already been deleted by Pocket Killbox)

Now run CCleaner. If you have Windows XP delete the contents of C:\WINDOWS\Prefetch.

Then, as an added precaution, Go to Start -> Run and type: cleanmgr and then click OK. Make sure the boxes for these are checked:
Temporary Files
Temporary Internet Files
Recycle Bin

And Click OK.

REBOOT to Normal Mode.

Follow the directions for Running Ewido Security Suite.

Post the Ewido log and a fresh HijackThis log.

 

I don't have a Logitech Desktop Messenger in my add or remove programs. Is there somewhere else I should look?

 

Delete this folder after afte you have run HijackThis. C:\Program Files\Logitech\Desktop Messenger

 

OK, I did everything you asked except I still never found Logitech Desktop Messenger in the add and remove programs. I have windows XP but was unable to find C:\WINDOWS\Prefetch. I am still getting the same error when trying to send the attachments. And also I ran the Ewido scan in the safe mode and can't even find the log I saved. Any ideas? Should I copy and paste the HJT log in here again?

 

OK, I may have figured out how to do the attachment thing? Let me know if it's wrong....I still can't find the ewido log though. I saved it to my desktop in safe mode but it doesn't show up in regular mode. Thank you.

 

Most of what I had you fix is still there.

Follow the directions for Running Spy Sweeper. Make sure you update the definitions before running a full system scan.

Post the SpySweeper log and a fresh HijackThis log.

 

Ok, I ran spysweeper and a new HJT log. My computer has slowed considerably and I am unable to attach the logs again. It seems to be getting worse.

 

SpySweeper is what is causing the slow down. In manage attachments after your browse to teh file you must click the upload button. If the log is too large then zip it.

 

Nothing happens when I click on manage attachments. I don't get a browse option, just the error that I told you about in the begining of my post. Nothing happens when I click on the paperclip either.

 

I deleted spysweeper out of my add and remove programs and am now able to send the logs.

 

Please Reboot your computer abd post a fresh HijackThis log.

 

Here is a new log....Thank You.

 

Print These instructions. You will need them when not connected to the Internet.

Reach behinfd your computer and remove the LAN cable physically diconnecting your computer from the Internet.

Scan with HijackThis and Fix the following:

Now open ExplorerXP, navigate to and delete the following:

Now reach behind your computer and unplug it. Yes you read that correctly physically unplug the computer; DO NOT power down normally. We want to avoid a clean shut down.

Now plug all cables and cords back into your computer; power up and post a fresh HijackThis log.

 

OK, I unplugged from the internet. I fixed the files you asked me to fix in HJT. I opened ExplorerXP and was unable to find either file. I unplugged my computer from the wall. When I turned the computer back on a notepad thing came up that said hpothbo7.dat-notepad. System 32 came up also but that has been happening for some time. I did a new HJT scan after turning the computer back on. I did not look for all of the files but I noticed at least the first 2 of them are still there. I fixed them both this time and the last time you told me to, why do they not go away? And why can't I find the other 2 files in ExplorerXP? Ok, I am unable to send the attachment again too. I'm going to send this and keep trying.

 

Seems to send ok if I attach before I type......

 

Follow the directions for
Running WinPfind by OldTimer. Post WinPFInd.txt.

Download Blacklight Beta from here:
http://www.f-secure.com/blacklight/try.shtml

• Hit I accept. It will take you to download page.
• Download blbeta.exe and save it to the Desktop.
• Once saved... double click blbeta.exe to install the program.
• Click accept agreement and Click scan
  This app too may fire off a warning from antivirus. Let the driver load.
  Wait for it to finish.
• If it displays any items...don't do anything with them yet. Just hit exit (close)
• It will drop a log on Desktop that starts with fsbl....big number

Please post the log.

 

Thank You so much for spending this much time with me as nothing seems to work.. Here are my new files you asked for.

 

Download Registrar Lite.

Run Registrar Lite, navigate to the following keys:

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
MyWebSearch Email Plugin <<------ Locate and Delete
AuthConsoleStart <<------ Locate and Delete
oblypsjb <<------ Locate and Delete

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
LDM <<------ Locate and Delete

REBOOT

Post a fresh HijackThis log.

 

I could not find the "run" part of this one [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
LDM <<------ Locate and Delete

but I deleted all the rest of them. System 32 window no longer comes up when I log on but the notepad one still does.

Attached is my new HJT log....Thanks

 

Please follow the steps in the below link and attach the log:

Using GetRunKey

 

Here is my runkeys attachment.....Thanks

 

Copy the contents of the below quote box, and Save As RemoveKey.reg to your Desktop.

Now double-click on RemoveKey.reg and answer 'Yes' when asked if you want to merge with the registry.

REBOOT.

Start -> Run
type regedit
'OK'

Navigate to:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
Click on the Registry key, look in the right Window. If you see LDM delete it.

Navigate to:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentVersion\RunOnce
Click on the Registry key, look in the right Window. If you see DELDIR0.EXE delete it.

Close regedit, REBOOT.

How is your computer running?

 

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run

On this one there is no run after current version, only policies, explorer and sysyem. I see no LDM. Right hand window says default.

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentVersion\RunOnce

On this one I get all the way to run once but nothing happens when I click on it. There is no DELDIRO.EXE. Right hand window says default.

 

Computer seems to be running a little better, still a little sluggish and that notepad thing still comes up everytime I log on. also I don't think my toolbar is right.

 

This key exists because your logs show that it exists.

That's Good.

Post a fresh HijackThis log.

 

Thank You.....here is another HJT log.

 

Scan with HijackThis and fix the following:

REBOOT

Post a fresh HijackThis log.

 

Here is my new HJT log.....Thanks

 

Your HijackThis log is clean.

Disable System Restore and then enable System Restore. This will flush all your restore points and create a new clean one for your system.

System Restore
How to Protect yourself from malware!

How is your computer meeting?

 

I'm sorry, I had to leave town on an emergency before I got your last response. My computer was used while I was gone. Could you please check my HJT log one last time before I create a new restore pont? Also how do I get rid of the notepad thing that pops up each time I log on? Thank You......

 

Scan with HijackThis and fix the following:

Delete the followng file:

Post a fresh HijackThis log.

 

Thank You very much for looking at that again for me. How does it look now? If everything is OK, which of the tools (scans) that I used to get here can I delete and which should I keep?

 

You can uninstall Ewido.

Fix these:

 

Here is my new HJT log......Am I good now? Thanks!