|
|||||||||
|
|||||||||
| |||||||||
|
|||||||||
|
|||||||||
| |||||||||
|
|
|
| |||||||||
 |
|
|
«
Previous Thread
|
Next Thread
»
|
Thread Tools | Search this Thread | Rate Thread | Display Modes |
Dev Shed Forums Sponsor:
|
|
|
|
#1
June 18th, 2004, 05:55 PM
|
|||
|
|||
|
Spyware S&D cannot remove DSO Exploit
Have Run spyware S&D 5 or six times and cannot remove DSO exploit. HJT log follows:
Logfile of HijackThis v1.97.7 Scan saved at 6:47:20 PM, on 6/18/2004 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Documents and Settings\Agent\Local Settings\Temp\Temporary Directory 1 for hijackthis.zip\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = URL O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [WinVNC] "C:\Program Files\RealVNC\WinVNC\WinVNC.exe" -servicehelper O4 - HKLM\..\Run: [EXSHOW95.EXE] EXSHOW95.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [D-Link Air USB Utility] C:\Program Files\D-Link\Air USB Utility\AirCFG.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O9 - Extra button: Related (HKLM) O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM) O9 - Extra button: Messenger (HKLM) O9 - Extra 'Tools' menuitem: Messenger (HKLM) O10 - Broken Internet access because of LSP provider 'imslsp.dll' missing O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - URL O17 - HKLM\System\CCS\Services\Tcpip\..\{85660002-EABF-4819-BA0D-011FE6752ACC}: NameServer = 67.104.187.66,204.117.214.10
|
|
#2
June 18th, 2004, 11:15 PM
|
||||
|
||||
|
I'm not too sure how to read that logfile but I heard it's recommended to run both Spyware S&D + ADaware by lavasoft... So try getting adaware and see if that can take care of it...
|
|
#4
July 23rd, 2004, 11:31 AM
|
|||
|
|||
|
DSO exploit is spyware that comes stock on a computer. It will not harm your computer. If you do want to get rid of it go into regedit(start, run, type regedit) Go into HKEY USER, and you must go to each of the listed items that ends in 18,19,20,and the long 21 but none that end in classes. If those you go to software, microsoft, windows, internet settings, zones, and choose 0 and in the right pane erase the value that is red and has a number of 1004. in spybot you can also see the path to delete it manually and then you dont really need my instructions. Sorry if i confused you
|
|
| Viewing: Dev Shed Forums > System Administration > Antivirus Protection > Spyware S&D cannot remove DSO Exploit |
| Thread Tools | Search this Thread |
| Display Modes | Rate This Thread |
|
|
 |
|
|
Del.icio.us
Digg
Google
Spurl
Blink
Furl
Simpy
Y! MyWeb
Spyware S&D cannot remove DSO Exploit
Linear Mode
