|
Double post...sorry.
As an added note, any of you that had this, myself included, can attest that this is by far the most stubborn trojan in a long time. Cheers, |
Thank you Foghorn, for now its not hijacking my homepage but it if comes back then I will follow your instructions.
Damn trojans :cry: |
Does anyone know how to get rid of the DSO exploit? I have spybot and adaware but I can't seem to get rid of it!
|
Yes
If all your critical updates are installed you are protected against DSO Exploit and the finding in Spybot is just a nuisance. Eliminate this by doing the following: 1 Open Spybot and select 'advanced' mode. 2 Select 'settings' in the left column. 3 Select 'ignore product' in the left column. 4 Select 'security' tab. 5 Place check mark in box beside DSO Exploit. 6 Close program 7 Open Spybot and run a scan. You will find that DSO Exploit has been eliminated and if your computer does not harbour any other spyware you will see a congratulatory message. |
Ok update
I am so effin baffled right now I managed to get a version of Adaware Professional the one you have ot pay for, anyway it ran a scan and found various registry errors, apparently the Pro version is supposed to fix it. Whatever. Then I found out that Norton Anti Virus is as useful as a pimple on the ass. So I got Trend Micro Virus Scanner, apparently its the "shit" Well, ran that, and it found TROJ. AC. Ok so I did some research on that lil pain in the butt. Turns out its malware that hijacks this and replicates that...anyway, I dont care, it wasnt the most up to date version so I couldnt get the patch to clean this new virus. SO! it gave me other instructions on how to fix the Regedit. So I did that...nothing...not an effing thing. So I ran a few more scans and it sez its all clean. And I get.... https://img30.photobucket.com/albums.../Jimbo/xxx.jpg |
Originally Posted by Foghorn
If any of you got, or get, the CoolWebSearch (CWS) Trojan or any of it's more than 22 variations...then you're in for a bit of work.
AdAware, CWSshredder, HiJack This and many others will not single handedly, or together, permanently remove this from your system. CWS sets a hidden Registry Key that will launch the program, or recreate it, anytime a window is opened. This worked for me, I'm using Windows XP: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs You have to remove this key. The value of this key may look blank for you, but it is not. They hide the value so you can't see it. This registry key tells Windows to load the trojan DLL every time ANY application is run giving it complete control to do whatever it wants. So you need to remove it so that the trojan DLL cannot load and keep re-infecting your pc. The way to remove the registry key is not obvious. If you just delete it from regedit, since the trojan DLL is loaded, it will re-add it right back. (Try it. Delete the AppInit_DLLs registry key and hit F5. Notice that it's added right back by the trojan). So what you have to do is the following which worked for me. 1. Rename the HLM\Software\Microsoft\Windows NT\CurrentVersion\Windows folder to Windows2. 2. Now delete the AppInit_DLLs key under the Windows2 folder. 3. Hit F5 and notice that AppInit_DLLs doesn't come back. 4. Rename the Windows2 folder back to Windows. Now that AppInit_DLLs is gone, run the latest Adaware 6 to remove the trojan for good. Reboot your machine. Check the registry and make sure AppInit_DLLs is still gone. Your computer should be free of this for good now." You can find more info here; http://www.computing.net/security/ww...rum/11527.html http://forums.spywareinfo.com/index.php?showtopic=10007 Good luck! This was the fix that I tried as a last resort and I am truely sorry I did that. It completetly screwed my system. All my programs are screwed and are missing from the add remove program list. Also I lost the listing of my programs on my system when I go to all programs in Win XP. If anyone tries it, good luck. I have a few programs listed that I use then finally downloaded the AVG antivirus and it cleaned it all up for me. Norton didn't find any of it. |
This is the program I had to use to get rid of my friends about:blank issue
and it worked....did this and spybot 1.3'd the system and it is all gone CWShredder http://www.soft32.com/download_19014.html Spybot 1.3 www.safer-networking.org/ alternate download http://www.download.com/3000-8022-10122137.html |
We tried that already. I needed to go higher...
Dealing with some major issues here :? |
Same here I could run those programs and a couple minutes later it was all back. I used about 4 -5 different programs in combination to do the job.
|
Time to live life with Mozilla...
Effin the Effin IE We'll see how this goes :? |
| All times are GMT -4. The time now is 04:45 PM. |
© 2024 MH Sub I, LLC dba Internet Brands