If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Display Modes |
#1
|
|||
|
|||
DSO Exploit
I have been plagued by the DSO Exploit (Data Source Object Exploit) four
times this week which makes the computer real slow. I used Spybot Search and Destroy to find this "Exploit" and to fix the problem each time. Does anyone know how this is spread or acquired on the net. This exploit changes a registry value which I will list below. I would appreciate any help. This has become quite aggravating. HKEY_USERS\DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURR ENTVERSION\INTERNET SETTINGS\ZONES\0\1004!=W=3 Each time Spybot Search and Destroy found and fixed this. Is there something else that I need to do to permantely remove it and block it from happening again. -- Flowing Forward With Ease! |
#2
|
|||
|
|||
In article , =?Utf-8?B?
amV0Zmxvdw==?= says... I have been plagued by the DSO Exploit (Data Source Object Exploit) four times this week which makes the computer real slow. I used Spybot Search and Destroy to find this "Exploit" and to fix the problem each time. Does anyone know how this is spread or acquired on the net. This exploit changes a registry value which I will list below. I would appreciate any help. This has become quite aggravating. HKEY_USERS\DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURR ENTVERSION\INTERNET SETTINGS\ZONES\0\1004!=W=3 Each time Spybot Search and Destroy found and fixed this. Is there something else that I need to do to permantely remove it and block it from happening again. If you have all of the latest MSFT patches, up to SP2 for Windows XP, there is no DSO exploit. Spybot S&D has a bug. Assuming Windows is current, the solution is to configure Spybot S&D to ignore this "DSO Exploit". This is a well known problem, explained both here, and in the groups on the GRC NNTP servers. Did you search for other, related posts in the forum? -- Norman ~Win dain a lotica, En vai tu ri, Si lo ta ~Fin dein a loluca, En dragu a sei lain ~Vi fa-ru les shutai am, En riga-lint |
#3
|
|||
|
|||
Hello Norman,
Thank you for you reply to my inquiry. Your information was quite useful. Sincerely, "N. Miller" wrote: In article , =?Utf-8?B? amV0Zmxvdw==?= says... I have been plagued by the DSO Exploit (Data Source Object Exploit) four times this week which makes the computer real slow. I used Spybot Search and Destroy to find this "Exploit" and to fix the problem each time. Does anyone know how this is spread or acquired on the net. This exploit changes a registry value which I will list below. I would appreciate any help. This has become quite aggravating. HKEY_USERS\DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURR ENTVERSION\INTERNET SETTINGS\ZONES\0\1004!=W=3 Each time Spybot Search and Destroy found and fixed this. Is there something else that I need to do to permantely remove it and block it from happening again. If you have all of the latest MSFT patches, up to SP2 for Windows XP, there is no DSO exploit. Spybot S&D has a bug. Assuming Windows is current, the solution is to configure Spybot S&D to ignore this "DSO Exploit". This is a well known problem, explained both here, and in the groups on the GRC NNTP servers. Did you search for other, related posts in the forum? -- Norman ~Win dain a lotica, En vai tu ri, Si lo ta ~Fin dein a loluca, En dragu a sei lain ~Vi fa-ru les shutai am, En riga-lint |
#4
|
|||
|
|||
How To: Configure SpyBot Not to Flag DSO Exploit
http://forum.aumha.org/viewtopic.php?t=8435 If you've kept IE up to date with all of the Critical updates and have an AV that you've kept updated, then the system is not vulnerable to the DSO Exploit. Use the above instructions to get rid of it. MowGreen [MVP] =============== *-343-* FDNY Never Forgotten =============== jetflow wrote: I have been plagued by the DSO Exploit (Data Source Object Exploit) four times this week which makes the computer real slow. I used Spybot Search and Destroy to find this "Exploit" and to fix the problem each time. Does anyone know how this is spread or acquired on the net. This exploit changes a registry value which I will list below. I would appreciate any help. This has become quite aggravating. HKEY_USERS\DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURR ENTVERSION\INTERNET SETTINGS\ZONES\0\1004!=W=3 Each time Spybot Search and Destroy found and fixed this. Is there something else that I need to do to permantely remove it and block it from happening again. |
#5
|
|||
|
|||
Hello MowGreen,
Thank you for answering my post. I used your information to disable the search for this exploit while running SpyBot S&D. Problem solved. Thanks! "MowGreen [MVP]" wrote: How To: Configure SpyBot Not to Flag DSO Exploit http://forum.aumha.org/viewtopic.php?t=8435 If you've kept IE up to date with all of the Critical updates and have an AV that you've kept updated, then the system is not vulnerable to the DSO Exploit. Use the above instructions to get rid of it. MowGreen [MVP] =============== *-343-* FDNY Never Forgotten =============== jetflow wrote: I have been plagued by the DSO Exploit (Data Source Object Exploit) four times this week which makes the computer real slow. I used Spybot Search and Destroy to find this "Exploit" and to fix the problem each time. Does anyone know how this is spread or acquired on the net. This exploit changes a registry value which I will list below. I would appreciate any help. This has become quite aggravating. HKEY_USERS\DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURR ENTVERSION\INTERNET SETTINGS\ZONES\0\1004!=W=3 Each time Spybot Search and Destroy found and fixed this. Is there something else that I need to do to permantely remove it and block it from happening again. |
#6
|
|||
|
|||
Coool ... you're welcome. siljaline wrote the post so thank him, too
MowGreen [MVP] =============== *-343-* FDNY Never Forgotten =============== jetflow wrote: Hello MowGreen, Thank you for answering my post. I used your information to disable the search for this exploit while running SpyBot S&D. Problem solved. Thanks! "MowGreen [MVP]" wrote: How To: Configure SpyBot Not to Flag DSO Exploit http://forum.aumha.org/viewtopic.php?t=8435 If you've kept IE up to date with all of the Critical updates and have an AV that you've kept updated, then the system is not vulnerable to the DSO Exploit. Use the above instructions to get rid of it. MowGreen [MVP] =============== *-343-* FDNY Never Forgotten =============== jetflow wrote: I have been plagued by the DSO Exploit (Data Source Object Exploit) four times this week which makes the computer real slow. I used Spybot Search and Destroy to find this "Exploit" and to fix the problem each time. Does anyone know how this is spread or acquired on the net. This exploit changes a registry value which I will list below. I would appreciate any help. This has become quite aggravating. HKEY_USERS\DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\C URRENTVERSION\INTERNET SETTINGS\ZONES\0\1004!=W=3 Each time Spybot Search and Destroy found and fixed this. Is there something else that I need to do to permantely remove it and block it from happening again. |
#7
|
|||
|
|||
Hello Siljaline,
Just wanted to thank you as well for writing the post concerning my problem with Spybot S&D. "MowGreen [MVP]" wrote: Coool ... you're welcome. siljaline wrote the post so thank him, too MowGreen [MVP] =============== *-343-* FDNY Never Forgotten =============== jetflow wrote: Hello MowGreen, Thank you for answering my post. I used your information to disable the search for this exploit while running SpyBot S&D. Problem solved. Thanks! "MowGreen [MVP]" wrote: How To: Configure SpyBot Not to Flag DSO Exploit http://forum.aumha.org/viewtopic.php?t=8435 If you've kept IE up to date with all of the Critical updates and have an AV that you've kept updated, then the system is not vulnerable to the DSO Exploit. Use the above instructions to get rid of it. MowGreen [MVP] =============== *-343-* FDNY Never Forgotten =============== jetflow wrote: I have been plagued by the DSO Exploit (Data Source Object Exploit) four times this week which makes the computer real slow. I used Spybot Search and Destroy to find this "Exploit" and to fix the problem each time. Does anyone know how this is spread or acquired on the net. This exploit changes a registry value which I will list below. I would appreciate any help. This has become quite aggravating. HKEY_USERS\DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\C URRENTVERSION\INTERNET SETTINGS\ZONES\0\1004!=W=3 Each time Spybot Search and Destroy found and fixed this. Is there something else that I need to do to permantely remove it and block it from happening again. |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
DSO Exploit : Bla Trojan : SearchSquire | Marra | General | 5 | October 3rd 04 08:08 PM |
How To: Configure SpyBot Not to Flag DSO Exploit | siljaline | General | 3 | October 2nd 04 12:28 AM |
DSO Exploit | R.Dawe | Internet | 2 | September 22nd 04 01:37 PM |
DSO Exploit | L Tan | General | 2 | June 26th 04 02:23 AM |
DSO exploit | John | Internet | 0 | June 23rd 04 10:01 AM |