Problem...

cournioni

Hi, I have a problem with my computer as a result of a Trojan Horse downloaded by accident. I have pretty much dealt with everything but there is one problem still left. DSO Exploit is the problem, when I scanned my computer with SpyBot it keeps coming up, no matter how much I destroy it. It says that it has changed system registry.

Can anyone help? Any help would be very much appreciated.

Regards,

PORNAPZ.

hardCopy

I recently had the same problem, this is advice I found on other sites which worked for me.

The DSO exploit has been patched by microsoft, if you are up-to-date with patches it's not a problem, the reason for the problem showing up is apparently a bug in SpyBot. When spybot tries to fix the registry entry it uses the wrong data type.

Explore the registry using regedit(Don't use jump to locaton in Spybot)

Select the relevant entry as displayed by spybot entry 1004 in zone 0 needs to be a D-Word with a hex value of 3, if it is not then delete it and right-click to create a new one.

Double-click on the new 1004 entry and set the value to 3.

If you have multiple users on the machine spybot may show multiple reg entries for this problem, so you may need to do this in more than one place.

This is also easily found on google if you need 2nd opinion.

Lozjm

Try moving at adaware from lavasoft - this seems to deal with most - and almost daily updated reference files.

Sleipnir

link


The short answer: it's a bug in Internet Explorer that could, under certain circumstances, allow untrusted software to run - in other words, a vulnerability. The good news is that it's been fixed.

The confusion arises from the fact that at least on popular Spyware detection program reports the problem, but fails to apply its work around, and hence continually reports the problem. Even though it might not be a problem any more.

First, let's be clear. The vulnerability in Internet Explorer has been corrected. If you've patched IE and are staying up to date with current patches from Microsoft, you're safe, even if a DSO exploit is reported.

The confusion arises from a bug in Spybot Search and Destroy that continues to report the DSO Exploit problem, anyway. There are ways to force the report to go away, but it's more trouble than it's worth.

The bottom line: If you're fully up-to-date on Internet Explorer patches, you can safely ignore Spybot's report of a DSO Exploit. And update Spybot from time to time as well ... they do plan to fix the reporting problem.

cournioni

Thanks for the input lads,

I've fixed the DSO problem, using DSO stop and then changing the 1004 registry's back to DWORD's as hardCopy said. It is no longer a problem now. I've downloaded windows upgrades and everything to try to keep my pc secure.

Everything seems fine on the computer but there is one more small problem. When I open Internet Explorer when online, I get this extra explorer open which does not come up in the task bar, only in task manager. This thing seriously slows up my computer, and you can only view the page when you shut down the pc (after trying to end task and failing).

Would it be spyware? Adware? I'm not sure... Anyone know anything about this?

Thanks again for the help.

PORNAPZ.