DSO Exploit

  micklemouse 18:39 18 Jul 04

Every time I run Spybot this keeps coming up although I put it in quaranteen then delete next day. What exactly is DSO Exloit and how in heavens name can I get rid of it for good if it is harmful?

  Diodorus Siculus 18:45 18 Jul 04

click here for a similar thread.

  Nellie2 18:46 18 Jul 04
  micklemouse 18:50 18 Jul 04

lol,, didn't expect these replies so fast but great thanks to both of you,, I'll come back with news of any advancements due to your advice.


  micklemouse 15:34 19 Jul 04

I'm sorry to say this patch hasn't worked for me; I followed the instructions i.e come out of messenger and Outlook Express and Internet Explorer, then I applied the patch and rebooted. I checked the the DSOSpot2 and it confirmed that I was now protected, but having just run Spybot again (twice) it keeps coming up with these same results:

DSO Exploit: Data source object exploit (Registry change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1004!=W=3

DSO Exploit: Data source object exploit (Registry change, nothing done)
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1004!=W=3

DSO Exploit: Data source object exploit (Registry change, nothing done)
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1004!=W=3

DSO Exploit: Data source object exploit (Registry change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1004!=W=3

Please can anyone tell me what this means?

  Fruit Bat /\0/\ 15:59 19 Jul 04

You now only have 4 DSO exploits before you ran DSOstop you had 5.

DSOstop has closed the only exploit that would have given you problems.

Every time you run spybot s&d these 4 will still show up (not a problem your PC is safe)there is a microsoft bulletin describing all these and what they do but I can't remember where it is.

  micklemouse 16:09 19 Jul 04

Thanks Fruit Bat I will leave things as they are then. And thanks to Diodorus and Nellie too.

Regards Micklemouse

  bretsky 16:10 19 Jul 04

Did an ocr of this article from latest issuue of pca page 136

Spybot S&D has found five DSO exploits in my Registry. What are they and are the safe
to remove?

A DSO (dynamic shared object) exploit is a means by which, a website can use a security flaw in Internet Explorer. It allows the browser security settings to be changed and can permit a program to run on your PC without your knowledge. It could for example download and execute a browser hacker or premium-rate dialler.

What Spybot may have detected is evidence that a DS0 exploit has been used or at least that the security settings were changed. It is safe to allow Spybot to fix the problem.

But at the time of writinq. the latest version had a problem with DSO exploits. If you ask it to fix them they may still be present the next time Spybot is run.

If you are up-to-date with Internet Explorer security patches you are no longer vulnerable to DSO exploits anyway.

A GreyMagic Security Advisory (click here)
explains more about these exploits and includes links that test whether your computer Is vulnerable.

Use the second of these links and type the path of the program to run such as C:\WindowVNotepad.exe. The first link uses a path that is only valid if you are running Windows Nt. There’s also a free utility DSOStop (click here) that can protect your PC from DSO exploits, as can the immunize function of Spybot.

The best course of action, though. is to get those security patches - if you havent done so already.

Hope this is of some use.

bretsky ;0)

This thread is now locked and can not be replied to.

Nintendo Switch review: Hands-on with the intuitive modular console and its disappointing games…

1995-2015: How technology has changed the world in 20 years

The updated 'Corel Painter inside Photoshop' plugin ParticleShop offers new brushes

New MacBook Pro 2017 release date, UK price and tech specs: Kaby Lake MacBook Pro to launch in…