Check out some similar questions!

GTX_SlotCar · Aug 10, 2004, 11:55 AM

I think you're saying that you fix the DSO and a few days later you run Spybot and it's there again. Right?
If you've added the security updates to windows, it's not a problem. You won't get it again, even though spybot shows it.
Here's what happens. Run spybot and get rid of the DSO, then run it again, right away, and you'll see it's still there. But, it's really not. Spybot just thinks it is because things in the registry haven't been put back together correctly.
If you don't fix the registry, you'll never know whether you've actually got the DSO again or not because it'll always show up like it's there. (If you've added the security updates, it really won't matter.)

If you want to put everything back properly, you need to:
1. Open the 0 folder (s)
2. In the right pane, right click on 1004 and delete it
3. Right click on the 0 folder and choose New then DWORD Value
4. A new DWORD key will appear named New Value #1. Rename it to 1004 and hit Enter
5. Hit Enter again (or double click 1004) to open your new 1004 DWORD
6. A dialog box will appear. The Name Value at the top will be 1004. On the left is a box to enter a Value data. Place a 3 in this box. On the right is a place to choose the BASE. Make sure hexadecimal is chosen
7. Click OK and close the registry
The next time you run spybot, the DSO should be gone.

Gary

latrial33 · Aug 11, 2004, 07:37 PM

DSO Exploit

DSO Exploit is a glitch with spybot itself.
Here's hot to get rid of it.

1. Open Spybot and select "Advanced" mode.
2. Select "Setting" in left column.
3. Select "Ignore Product" on left.
4. Select "Security" Tab.
5. Put a checkmark in the little square beside DSO EXPLOIT.
6. Close Program.
7. Open Spybot and run a scan.

DSO Be Gone! :)

Whiskey14 · Aug 11, 2004, 07:57 PM

I turn first to the Internet. For instance, this week I have
Several questions about DSO Exploit. When I put that name in
Google (http://www.google.com), it returned 100 pages.
From them, I learned that DSO Exploit is actually a flaw in Internet
Explorer. It has been patched by Microsoft. However, according to
Several Web sites, a bug in Spybot Search and Destroy causes it to
Continually pop up. You should be OK, so long as Windows is updated.
Also, be sure Spybot is updated. You may be running an old version.

From Kim Komando Newsletter

Hope this helps!
Whiskey14

GTX_SlotCar · Aug 11, 2004, 09:17 PM

I'm surprised this thread is still going. I think all the misinformation is because people don't know what the DSO Exploit is.

1st, I wouldn't advise anyone to tell spybot to just ignore this. It only takes a few seconds to fix it right.

2nd, DSO's are part of Windows, much the same as dll's are (files with the .dll extension). They are Dynamic Shared Objects. You shouldn't say "DSO be Gone!", you should be saying "Exploit be Gone!"
DSO Exploit is not a flaw in Windows. There was a security flaw in this DSO (which is part of Windows) and someone has Exploited it (taken advantage of it). Now MS has patched it so that exploit can't happen on that DSO anymore.
Spybot gets rid of this exploit, but unless you do a security patch update on windows, you could get it again. Unfortunately, Spybot doesn't put the registry entry/entries back the correct way, so when you run spybot again, it thinks the exploit is still there and reports it again.
It only takes a short time to fix this the right way.

Gary

Cossack · Aug 12, 2004, 07:20 AM

And the RIGHT way is... this, huh?
1. Open the 0 folder (s)
2. In the right pane, right click on 1004 and delete it
3. Right click on the 0 folder and choose New then DWORD Value
4. A new DWORD key will appear named New Value #1. Rename it to 1004 and hit Enter
5. Hit Enter again (or double click 1004) to open your new 1004 DWORD
6. A dialog box will appear. The Name Value at the top will be 1004. On the left is a box to enter a Value data. Place a 3 in this box. On the right is a place to choose the BASE. Make sure hexadecimal is chosen
7. Click OK and close the registry

Cossack · Aug 12, 2004, 07:21 AM

And the RIGHT way is... 8) this, huh?
1. Open the 0 folder (s)
2. In the right pane, right click on 1004 and delete it
3. Right click on the 0 folder and choose New then DWORD Value
4. A new DWORD key will appear named New Value #1. Rename it to 1004 and hit Enter
5. Hit Enter again (or double click 1004) to open your new 1004 DWORD
6. A dialog box will appear. The Name Value at the top will be 1004. On the left is a box to enter a Value data. Place a 3 in this box. On the right is a place to choose the BASE. Make sure hexadecimal is chosen
7. Click OK and close the registry

GTX_SlotCar · Aug 12, 2004, 08:05 AM

And the RIGHT way is... 8) this, huh?

Yes :D

Cossack · Aug 12, 2004, 08:15 AM

Ok, there is one more thing. This isn't quite about DSO's. It's about Win Update, which is about DSO's. 8) So, I need to be up-to-date with my security, huh? But what if I got some burnt programs on my PC, like Musicmatch jukebox, burnt Microsoft XL, Word and Outlook, burnt RecordNow Max. Can an Update detect my burnt programs and do anything bad??

GTX_SlotCar · Aug 12, 2004, 09:00 AM

I don't know how it could, so I'll have to say "no".
The update only patches windows files. It doesn't look for other programs.

Cossack · Aug 12, 2004, 09:25 AM

Cause, you see, I had a burnt Windows before (which I did not know :o) and I updated my PC through Win Update, and after that it began tellin' me to activate my Win Xp Home. I pressed the activation button, but it said that there was some kind of an error (well, duh, my Windows is burnt :-/), so I had to buy a new one, and all the previous programs were lost, so my friend gave me the copies of his programs. And, you know, after that, I'm afraid to update my system. My Word, my XL, my Outlook, my RecordNow Max, my Musicmatch Jukebox... If I lose those programs... Well... I think the Update is just not going to be worth it... :-/

alicka · Aug 15, 2004, 08:21 PM

Don't bother updating, if your using a pirate version of windows and are on the net they know. You not the first nor the last, but you're an amateur. Your breaking the law mate... your a smartie alrite ;D

Slot<stil giving advice good to see 8) , anyone seen my cain??

Cossack · Aug 16, 2004, 08:39 AM

Yo, yo, yo. I just said: I had a pirated Windows BEFORE. I updated it. Next thing I know I got to buy a new Windows ;D. Yeah, so, you see, I'm paranoid now about updating :-/. Cause I still got some pirated programs on my PC. I'm afraid to lose 'em.

psi42 · Aug 16, 2004, 12:18 PM

Yo, yo, yo. I just said: I had a pirated Windows BEFORE. I updated it. Next thing I know I got to buy a new Windows ;D. Yeah, so, you see, I'm paranoid now about updating :-/. Cause I still got some pirated programs on my PC. I'm afraid to lose 'em.

Well AFAIK, Microsoft does not look for _other_ burnt programs on your system _yet_
I would think if you went to MS-office update, it would detect your office had a pirate cdkey... but I really doubt ms would go so far as to start deleting stuff _yet_

But you never know...

Just make sure to do a full backup... :)

Cossack · Aug 17, 2004, 10:11 AM

Well, if that's the case, then which is the best program to do that? And where do I get it? Thanks.

thorox · Aug 17, 2004, 05:21 PM

Hi
I'm New here
And I too found this site by a Google search that brought me here because of the DSO Exploit.
I did all that was suggested here and get rid
Of the anoying DSO Exploit, also I switched my
Spybot program to the Advanced Mode.
But after I run a new scan with the Spybot
Program, it found me another problem
Called: Avenue A, Inc.
And when I pressed on the Plus that's what opend:
Tracking cookie (Internet Explorer: Atid) (Cookie, nothing done)

My Qustion is:
What it means??
And do I need to fix it??

Thanks in advance for any help.

Grady · Aug 20, 2004, 12:30 PM

Sudbury person from up there where all that cold air comes from. Your simple , easy to understand , cure
Worked like a charm. New at this site and illiterate on a computer. I appreciate your cure for the DSO problem. Tnx. Grady

maysiekins · Aug 20, 2004, 03:19 PM

I finally got rid of DSO Exploit using "Spybot Search & Destroy" with the following method:

Have "Search & Destroy" look for problems the usual way and then (1) highlight one of the "Data source object exploit" items, (2) Right click the highlighted item to bring up the menu list and select "More details", (3) Now click "Jump to location", (4) You are now viewing the Registry and can use the path shown in the Search & Destroy window to get to the key shown, (5) I manually deleted each of 5 keys and no longer have it coming back. I haven't noticed any change in performance so I trust that I did no harm but I am happy not to have the damned thing any more.

:-*

THIS REALLY GETS RID OF IT. If you follow the other posts and just IGNORE the product in Spybot, IT'S STILL THEREThanks for your good words Cellarius, hope to return the favour someday 8)

Willowtree · Aug 20, 2004, 05:46 PM

Hi all, yes I am a newbie. Boy, am I grateful about not being the only one in this situation. I thought I had done something wrong! :-[
When I found this website I tried Sudbury's fix and I am free of
Dso! Thank you, Thank you, Thank you!

Willowtree

GTX_SlotCar · Aug 20, 2004, 06:05 PM

Obviously these people who are happy with that fix haven't read all the posts.

Willowtree · Aug 20, 2004, 06:17 PM

Okay GTX, what am I looking forward to? I take by your answer this is not the fix.

Am I "Jumping the Gun."

Willow