Unremovable Spyware

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by Riplox, Sep 23, 2004.

  1. Riplox

    Riplox Private E-2

    Ok, here's he deal. I have spyware that my spyware killing-related programs cannot find. I have Adaware, Spybot, Spyware Killer, Hijack This, and another one I can't remember right off the top-o-my-head, and I can't find anything. I try to update the definitions every time I use the programs and HT doesn't find anything (that I can see is a problem anyway). I'll post my HT file so any experts with this can help. I ususally can fix most every problem with my computer, but this is just agravating the heck out of me. One of the main things I can't get rid of is that darn DSO Exploit. I "kill" it and it'll come back after a few hours of surfing even after I have immunized myself from it.
     

    Attached Files:

    Last edited by a moderator: Sep 23, 2004
    Riplox, Sep 23, 2004
    #1
  2. Major Attitude

    Major Attitude Co-Owner MajorGeeks.Com Staff Member

    Did you do our tutorials? Some links are invaluable, including links to bad spyware programs including Spyware Killer which probably infected you.

    http://www.spywarewarrior.com/rogue_anti-spyware.htm

    Since you do your own repairs, I will simply point you to your problems starting with the bold NO HIJACK THIS LOG FILES BEFORE READING THIS: HJT Tutorial & LOG File Posting at the top of this forum:
    http://forums.majorgeeks.com/showthread.php?t=38752

    Anything in Hijack This with a (no file) can be removed.

    Your problem sticks right out with:

    O2 - BHO: LocalNRDObj Class - {00320615-B6C2-40A6-8F99-F1C52D674FAD} - C:\WINDOWS\localNRD.dll

    Anything in 016 that you didnt install, remove.

    I saw C:\WINDOWS\System32\nvsvc32.exe which is nVidia Driver Helper service and can be disabled in services.

    You have SP1, get SP2 once cleaned up.
     
    Major Attitude, Sep 23, 2004
    #2
  3. Riplox

    Riplox Private E-2

    OOPS! I didn't mean Spyware Killer. I meant Spyware Blaster. Good program that, ya.
     
    Riplox, Sep 23, 2004
    #3
  4. Major Attitude

    Major Attitude Co-Owner MajorGeeks.Com Staff Member

    Hahha, ok, how are you making out with the instructions i left? If you need me to look at the file, sounds like your ahead of the game, so please post it if needed.
     
    Major Attitude, Sep 23, 2004
    #4
  5. Riplox

    Riplox Private E-2

    I thought you already saw the log file. I scanned with ALL my spyware removers and thwarters and I'm still getting popups. I looked in the HJT log file for anything out of the ordinary (I know my computer very well) and couldn't find anything. Oh, btw, those (no file) things in there keep coming back and I can't seem to get rid of them.
     

    Attached Files:

    Riplox, Sep 23, 2004
    #5
  6. Major Attitude

    Major Attitude Co-Owner MajorGeeks.Com Staff Member

    Ok, you can remove:

    O2 - BHO: (no name) - {00320615-B6C2-40A6-8F99-F1C52D674FAD} - (no file)
    O2 - BHO: (no name) - {01F44A8A-8C97-4325-A378-76E68DC4AB2E} - (no file)
    O2 - BHO: (no name) - {87766247-311C-43B4-8499-3D5FEC94A183} - (no file)
    O2 - BHO: (no name) - {C5183ABC-EB6E-4E05-B8C9-500A16B6CF94} - (no file)
    O2 - BHO: (no name) - {E8EAEB34-F7B5-4C55-87FF-720FAF53D841} - (no file)
    O16 - DPF: {34A44FCF-50E3-63A5-A8DA-7835752B9571} -
    O16 - DPF: {94837F90-A2CA-4A8A-9DA0-B5438EC563EA} - http://install.wildtangent.com/cda/islandrally/ActiveLauncher/ActiveLauncherSetup.cab

    Not sure anything there would cause a problem though, but try it. This logfile has less then the original.
     
    Major Attitude, Sep 23, 2004
    #6
  7. Major Attitude

    Major Attitude Co-Owner MajorGeeks.Com Staff Member

    Major Attitude, Sep 23, 2004
    #7
  8. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    If you follow MA's directions and you still have problems with the O2 lines coming back. It may be because of some DLL and more still hanging around on your PC. Take a look at what those lines are from. I list each O2 line followed by a link on what they are.

    O2 - BHO: (no name) - {00320615-B6C2-40A6-8F99-F1C52D674FAD} - (no file)
    http://www.doxdesk.com/parasite/Transponder.html

    O2 - BHO: (no name) - {01F44A8A-8C97-4325-A378-76E68DC4AB2E} - (no file)
    http://sarc.com/avcenter/venc/data/adware.ieplugin.html
    http://www.pestpatrol.com/PestInfo/I/IEPlugin.asp

    O2 - BHO: (no name) - {87766247-311C-43B4-8499-3D5FEC94A183} - (no file)
    http://doxdesk.com/parasite/HuntBar.html

    O2 - BHO: (no name) - {C5183ABC-EB6E-4E05-B8C9-500A16B6CF94} - (no file)
    http://doxdesk.com/parasite/Sidesearch.html

    O2 - BHO: (no name) - {E8EAEB34-F7B5-4C55-87FF-720FAF53D841} - (no file)
    http://www.pestpatrol.com/pestinfo/m/midaddle.asp
     
    chaslang, Sep 24, 2004
    #8

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds