(SpywareNo ) HJT Log I DONE READ ME FIRST.

Hi There,
PLease Help Me.... SpywareNo has got into my computor used Ad-aware full system scan and it found 9 entries of this little bloodsucker....Iv'e done all the read me first steps but no good this bleeder still returns upon reboot. I have run CWshreder and it says Coolweb search was not found I have included Bdscan Log Panda Log and HJT-Log (hope that's ok)
Please advise me It's driving me nuts I would be very grateful.
Thank's in advance.
Layne

 

Scan with HJT and have it fix the below entry:

O2 - BHO: (no name) - {A491D208-B353-490F-B81A-A8A3DC97042D} - (no file)

Your log looks good, what problems are you having?

 

Hi There,
Thank you very much for your fast response !
The problem I'm having is deleting O2 - BHO: (no name) - {A491D208-B353-490F-B81A-A8A3DC97042D} - (no file)

I scan with HJT tick box Fix problem as you have instructed but upon reboot the above BHO returns ?

I looked into deleting it with HJT (delete a file on Reboot) but I dont know where to direct HijackThis to locate the problem file it goes to my documents.

Is it My Computor /Windows/ Registry somewhere ???

Thank's in advance for your help !
Layne.

 

First, disable Ad-Watch and Tea Timer because they will block this fix.

Then reboot into Safe Mode, scan with HJT and try again to fix this entry.

 

Hi,
I have done exactly as you have instructed but......oh dear ran HJT and the little Bloodsucker is back
I will try anything you advise which I greatly appreciate.
Thanks in advance.
Layne.

 

Please see the below thread on how to run WinPfind and attach the log, also attach a current HJT log.

• Running WinPfind by OldTimer

 

Hi.
Here are the log files you requested Thank's

 

If your not going to disable Ad-Watch and TeaTimer uninstall Spybot and Ad-Aware.

You must disable or uninstall or else this entry will not get removed.

 

Hi.
Ok Iv'e done exactly as instructed scanned again with HJT and as you can see the O2 - BHO: (no name) - {A491D208-B353-490F-B81A-A8A3DC97042D} - (no file) is now Gone

I scanned again with Ad-Aware and...... Oh dear It shows SpywareNo 6 Objects found

I have included new HJT log and Ad-Aware Log I'm not giving up with this Bloodsucker what should I do next ?

Thank's in Advance
Layne.

 

The value data on those entries is set to "0" so they are disabled. They are no thread, the other is a false positive, nothing to worry about.

Copy the contents of the below Quote Box to Notepad. Then click File and then Save As. Change the Save as Type to All Files. Name the file fix.reg and then click save. (make sure you save it somewhere you can find it. Saving it to your Desktop may make that easy.) Then double-click on the fix.reg file on your desktop (or locate it with Windows Explorer and double click on it if not saved to the Desktop) and when it prompts to Add in to the registry, say yes.

 

Your logs look good, are you having any further problems?

 

Hi,
Well this is bizzare I done exactly as instructed above (notepad/fixreg etc) scanned again with HJT and the
O2 - BHO: (no name) - {A491D208-B353-490F-B81A-A8A3DC97042D} - (no file) Reapeared how can this happen
I got rid of it once

Do you thin'k I should uninstall ad-aware and spybot then run HJT to rid myself of this BHO for once and for all ?
What I'd like to know is did this BHO return once I re enabled ad-aware / spybot ?
this spyware thing is starting to take over my life phew !
I fully appreciate your help and advise
Layne.

 

I would uninstall Ad-Aware & Spybot and fix the entry. Personally I would not use Tea Timer or Ad-Watch because of things like this. There are many programs that do better and use less resources.

See the below thread,

How to Protect yourself from malware!

 

Hi bjgarrik,

I have bit the bullet uninstalled ad-aware/spybot and ran HJT fixed the BHO rebooted scanned again with HJT and I can safely say that O2 - BHO: (no name) - {A491D208-B353-490F-B81A-A8A3DC97042D} - (no file) HAS LEFT THE BUILDING

I reinstalled ad-aware/spybot scanned with both and because of the new file definitions ad-aware is now showing NO NEW OBJECTS FOUND

I would like to THANK YOU VERY MUCH for your time and patience for your help I can rest assured You and the boys are always at hand your doing a mighty fine job Phew !

Layne.

 

Your Welcome!

Be sure you go thru the "How To Protect" thread and you will be fine.

Surf Safely!