Jump to content

Dso Exploit


Flummoxed

Recommended Posts

For around 7 months, I've been trying to get rid of a DSO Exploit that Spybot s and d detected. It removes it successfully but on restarting, it's there again in 5 places.

last week, I remastered my hard drive after reformatting it and added SP2 perfectly. Within hours, the exploit was there again!!!!!!!! and I just can't get rid of the bloody thing.

I need to know what it is and how to get rid of it. I'm beginning to wonder if it's a false alarm problem from Spybot.

Also, within minutes of connecting to the internet after the re-master, I had 37 spyware and tracking cookie problems... only a few minutes was all it took... and with my firewall up and running :D they still slipped under the radar :o

Unbeleivably, many of them came from the MSN main page! MSN are supposed to be against this sort of thing. Everytime I visit MSN, Spybot has to block adware or spyware.

I'm considering purchasing Symantec's internet security package. Any comments on this?

Link to comment
Share on other sites

Your firewall isn't going to stop all the spyware you're getting when you're the one who is connecting to websites where this stuff comes from in the first place. :D

About the exploit that Spybot finds, you should go to the Spybot website where they have a forum where you can post your problem. Someone there will no doubt have had a similar problem and others will be able to advise you step by step on how to solve it. You do update Spybot every few days l hope as they're always releasing updates. Also use Ad-aware if you're not already doing so. Spybot and Ad-aware compliment each other nicely. :(

Then your next task is to stop the problem recurring. I surf the web a lot and can tell you that l run Spybot and Ad-aware twice a week and rarely find even one problem a month let alone 37 from one session of web surfing. :wub:

Next time you use Spybot look on the left hand panel and click immunize. Then download SpywareBaster from Java Cool like they suggest. Install it, set it to full protection and you will instantly stop a lot of spyware etc. from installing on your PC in the first place. Also read the info on Spybot about your HOSTS file. Sounds like you need to activate that as well.

If you're using Internet Explorer then look at your security levels. :D Set them higher for all but the most trusted of your most visited websites. Not sure if they can be trusted? :D If you visit file sharing sites, porn sites etc. do a search for the name of the site and include the terms spyware malware trojans. See if there are links to comments from other users who may have reported problems with the same sites you visit. Remember, most sites who give out stuff for free have to earn a living, often it's via adware, spyware. etc: not much is really free. :D

You may have noticed a lot of talk about Firefox. It's a great browser but many people are also switching to it because it's less vulnerable to spyware problems due to the way it handles ActiveX and Java. Firefox can be a quick fix to many spyware, adware, pop-up problems though you may need to spend some time to get it working with every site you visit although l rarely have problems myself.

You will find some useful reading on preventing spyware here at Spyware Warrior Forums.

Btw, the MSN problem you describe sounds possibly like a browser hijacker. :o There are some that exploit MSN as a home page. I always set mine to about blank as it loads quicker, but l don't always need to go to the same start page anyway.

You shouldn't need to purchase Symantec's internet security package as the problems you've described can be tackled by using the above methods. While many people use NAV l have seen many comments from people who experience problems using the full package. -_- Google will tell you more.

Link to comment
Share on other sites

yes set your explorer homepage to about:blank, though spybot will still call this an attempted browser hijack.

try firefox as your main browser, or you can use thunderbird which also integrates a pop3 email client within. www.mozilla.org

also search the forums here and read all the other advice that has been written about viruses , spyware , malware and firewalls, and the directions to free software that can control the problem for you.

Link to comment
Share on other sites

hi'

I have the same problem with netscape ...

I never tried to have a full day with firefox ... but I'll and I'll tell you if these DSO come back, the exact name is "data source objects exploits", spybot keep finding them but they are in the registry, and keep coming back, I thought at first that might come from MS site for update, but even browsing with netscape they are here ...

have they any purpose? I ain't sure, coz I don't use MSN, or any outlook (express or not)

I'll also try to change the key values to see if it has an impact on these ...

only IE for updates every time I get a message telling that a patch is available for a good reason that concerns my machine ...

so, firefox for one day after cleaning, and I'll tell you :D

it's seems that it's embedded with SP2 ...

never had this before with SP1a ... :o

anyway, the machine is working ok :D

cheers

francois

Link to comment
Share on other sites

You may find this article helpful Here Ask Leo

That has got to be one of the saddest pages on the net. The comments from some of these people makes you want to cry. I have never even heard of the DSO exploit.

Leo says: "After updating IE to the latest set of patches, folks using Spybot Search and Destroy may continue to see reports of the DSO Exploit as being a vulnerability on their machine. This is an acknowledged bug in Spybot Search and Destroy".

Now why would Spybot Search and Destroy not fix an acknowledged bug in their software I wonder?

Link to comment
Share on other sites

If you go to the Spybot Home Page and do a "quick search" on 'DSO Exploit' you will find this explanation:-

DSO Exploit [link]

The problem with the DSO Exploit is a little bug. We have already been able to locate and fix it. This fix will be included with the coming program (main) update. The DSO Exploit is a security gap in IE. Microsoft did already repair this, so if you have all Windows updates and patches installed, it will not be dangerous for your system. Spybot S&D will still find it, because it contains an invalid value. Spybot S&D just has to reset that value. Unfortunately, in the current version, it sets again an incorrect value, so it is found in the next scan. The main update is available as a beta version now. Run Spybot S&D, switch to the "Advanced mode" via the menu bar item "Mode", select "Settings" in the left bar -> "Settings" and tick the checkbox in front of "Display available beta versions". Then search for updates, download the beta update and "Search for problems" again and fix the DSO Exploit. If you don´t want to download beta updates you can also use the manual fix.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.



×
×
  • Create New...