None of my antivirus (avast) or my spyware (Ad-Aware) programs load. When I try to download and install new ones they won’t open either. I also have an emachines and have big fix which won’t load. I am attaching my HJT logfile. I believe the problem is the following line.
O2 - BHO: (no name) - {0AD937E7-2F37-4873-A05E-548A67EF1D0E} - (no file)
I try to repair it but it keeps coming up. I don’t know where it is coming from. Any one suggest something? I can access the computer through safe mode and administrator and run the virus scan and adaware with no problems. However once I access it normally it stops working again.
Logfile of HijackThis v1.99.1
Scan saved at 7:09:32 AM, on 5/31/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
CHECKING HIJACKTHIS, WINDOWS, INTERNET EXPLORER AND FIREWALL :
Old version of Internet Explorer detected, please update.
Your Operating System is not up-to-date. (Latest service pack not installed)
No software firewall detected. If you are not using a
hardware firewall, it is highly recommended to install one.
THESE ITEMS ARE EITHER HARMFULL OR A SECURITY RISK
WE STRONGLY RECOMMEND TO FIX THEM :
I ran it through the log analysis. That is how I came up with that one line being the problem.
O2 - BHO: (no name) - {0AD937E7-2F37-4873-A05E-548A67EF1D0E} - (no file)
Everything that you suggested is harmful is part of some program I use as far as I know. All of them have valid uses. Weatherbug, smart bridge, verizon, or microsoft. Does anyone see anything wrong with this log from a different perspective? Did anyone else ever hear of someone having this line in their account and it disabling antivirus/spyware programs?
I’m not sure about the danger caused by this unknown object. However, if you want delete it, please deactivate the System Restore , restart, delete the suspicious BHO, turn off the machine and reboot. If the object is still live, try to download WinPatrol (freeware): this program cannot delete it but can deactivate this type of files.
I suspect that the BHO line is not responsible for your problem. It’s more likely to be a malware process running in memory and blocking anti-virus programs etc.
Some malware processes are stared by additions to the registry which don’t appear in the HijackThis log, so you will never remove them this way. The secret is to run several anti-malware programs one after the other and then manually remove anything that is left.
The anti-spyware programs you run will probably remove some programs you wanted to keep. You will have to do a Google search on these and see why they were removed and decide if you want to reinstall them: you may decide to accept any privacy concerns or advertising that comes with the program. As Bob mentioned, there are often ad/spyware free alternatives available.
Here are the anti-malware programs you should run:
A boot time scan with Avast! (A boot time scan is vital because it can detect malware before it loads into memory.)
A double check with Trend Micro Sysclean run in safe mode: download Sysclean and its defintion file:
When you’ve done all this, restart your computer and check for any suspicious activity: anti-virus programs nor working, suspicious processes in memory (use Process Explorer: malware writers sometimes give their processes an evil icon!) and suspicious internet traffic: a lot of traffic when you’re not doing anything.