[drphilohio]

My question (somewhat rhetorical I suppose) is, when is PepiMK Software and/or SoftSpy going to fix the problem of DSO Exploit supposedly being fixed, but showing up again and again on the next Scan and each additional Scan?

They and many others on various message boards say that DSO Exploit is actually being removed during the Scan and showing up on the next Scan is just a glitch (solutions on some boards just discuising the glitch at best)

SoftSpy and others say the glitch will be corrected on the next update, BUT THIS HAS BEEN GOING ON FOR A VERY LONG TIME, MANY MONTHS OR MORE

I can't find a Home Page for PepiMK Software when I do a search, so that I can ask them directly, WHAT GIVES ON THES PROBLEM??

It's gotten way old. Sorry for beig so long winded and non-technical

If anyone knows how to reach PepiMK Software or SoftSpy, by email, url or phone, please advise. I'm tired of wasting time on this and it seems many others are as well

I would like to get to the bottom of this once and for all

It seems all that's going on so far is TALK, and as an old friend of mine used to say, this is nothing but MENTAL MASTURBA..!

Well you know!!

[speedball1]

drphilohio needed a link to PepiMK software. Try this.
http://www.snapfiles.com/authorinfo/apps-7115596.html

[cremedies]

I don't know this for sure but I read an article a while back that said that the DSO exploit has already been addressed by Microsoft and although it continues to show up after each spybot scan, it really does the system no harm whatsoever. I've had it on my main computer for months and my system has had not problems at all. Since reading that article, I simply just ignore it and continue computing.

[Britania]

I used GTX's approach to resolivng the DSO Exploit on my computer and it worked fine. Spybot now shows no threats. However, when I attempted the same approach on a colleague's computer, I ran into a problem. I found a faulty "AB-1004" entry under the HKEY_CURRENT USERS" path and removed it. But there was another one under the ".Default" tree of the the "HKEY_USERS" main folder. When I tried to delete the faulty AB-1004 key from there I got the message, "Unable to delete specific values". I tried to reboot, thinking that it was because something was already running. But that didn't help. How do I go about getting that key out of the registry?

Thanks,

Brian

[Not Sure]

Hi all.

This is the most helpful forum I have found so far for this problem of DSO exploit, but I still have a query. I used GTX’s advice on the registry keys, and although Spybot still shows DSO exploit up, I am not so concerned as this is reportedly a bug in Spybot, and your computer is safe if you have updates up to date, which I have. So thank you!

But I hope that I can explain the rest of this coherently. I have not seen this answered in any of the forums I have looked at, including this one I think. On both my computers, at work and home, I have an issue with aggressive advertising:
- I get a blue Casino bar across the bottom of IE (which I don't use anymore because of this)
- I get another sort of unsolicited search bar across the top of IE
- I get six/ seven icons for casino sites/ travel sites/ printer cartridge sites etc. which keep appearing on my desktops.
- I keep having “advertisement” sites (for casinos etc. again) added to my favourites folder, which then annoyingly transfer themselves to Mozilla favourites too!
- Finally, Spybot keeps finding 103 instances of coolWWWsearch that it advises me to get rid of, which I do each time.

Is this all caused by DSO exploit, or is there something else that I worry about? How does this/ DSO exploit get on your system to begin with?

Also, although I have managed to remove the problem with DSO exploit using Spybot (even though it is still finding it), I still have the above problems occasionally, so I don’t really understand what is going on with my PCs.

Can anyone help? Thank you.

[urmod4u]

Try by starting Windows in SAFE MODE.
See http://www.computerhope.com/issues/chsafe.htm
If you don't know how to do it.

[eug2k]

The reason spybot search and destroy shows that your have a dso exploit is because there is a bug in spybot search and destroy! This dso exploit is security flaw in internet explorer that has been fixed, but spybot still thinks it hasn't been so it list it as a problem. If you don't believe me get it right out of the horses mouth http://forums.net-integration.net/in...howtopic=17159

[urmod4u]

The bug is in IE. Until you have updated IE, you are vulnerable. When the MS patch is installed, you are not vulnerable anymore, but Spybot still detects it.
But, who are you, with your first append, to call us stupid? A lot of people have not updated their IE. If you want to learn us something, go ahead, but don't lecture us. And don't insult us.
Behave yourself. Dropping in with a maiden-update yelling at people is not decent.

[Pam7]

I'm with you on this one Urmod4U! I had 2 entries in my Spybot of DSO. I downloaded DSOSTOP2 to my desktop... and it now says I'm safe... but when I run Spybot it still keeps showing that I have one entry of DSO Exploit. Also... now you're going to think me REALLY dumb... BUT... do I have to keep DSOSTOP2 on my desktop or can I put it in trash? :confused:

Many Thanks!! :)

[markaw1]

I've tried to get rid of DSO Exploit and I don't know if I've done it, S&D still shows it but I know that might still happen even if it's gone. I don't know if it's related but since I've had these problems I seem to have adverts and pop ups appearing even though Norton is fully updated. This never used to happen, adverts appeared as blank spaces.

Can anyone help?

Thanks,
Mark

[uhzoomzip]

This program is designed specifically to deal with DSOexploit for those having trouble. I haven't tested the program so scan it with a virus scanner first but it sounds pretty easy.

http://www.nsclean.com/dsostop.html

[slunk]

I did not go through the entire thread, but I have a problem that can only seem somehow related to the DSO exploit or Spybot. First off, this is only happening on an IBM R40 laptop with XP and service pack 2 installed. However, the laptop will not gain Internet access over any broadband connection unless Spybot has been run and has removed the DSO exploit. Once that has been done, the system can access the Internet just fine. The computer can sit, connected to the Internet, for an hour without an Internet connection until Spybot has cleaned the exploit. This has been happening for over a week. All other computers on the network are fine. Plus, I use Firefox and never IE. Any ideas? I'm about to format and re-install everything. I've tried various virus scans, and nothing is detected. Also, other spyware cleaners find nothing. Thanks.

[Esso]

The previous version of spybot, spybotsd13rc5.exe is able to remove the DSO Exploit.

You can download it from this link.
http://www.spybot-updates.com/files/spybotsd13rc5.exe

[EpiC2z]

Hi I'm new and I have a question..
My com's been laggin lately.. and in task manager.. I notice something strange..
There is 3 rundll32 running and is that harmful or nothing is wrong..
I'm spyware free and virus and trojans.. free too
Thanks for you help
Sry for my english

[psi42]

hi im new and i have a question..
my com's been laggin lately.. and in task manager.. i notice something strange..
there is 3 rundll32 running and is that harmful or nothing is wrong..
im spyware free and virus and trojans..free too
thanks for ya help
sry for my english

Please post your question in a separate thread. That way, you will get your answer faster, and other people with the same question will be able to benefit from any responses. Thanks.

~psi42

[hef]

Just go to regedit then the following:

HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Internet
Settings\Zones\0\1004!=W=3*
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Inter net
Settings\Zones\0\1004!=W=3*
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Inter net
Settings\Zones\0\1004!=W=3*
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Inter net
Settings\Zones\0\1004!=W=3*
HKEY_USERS\S-1-5-21-796845957-746137067-1957994488-1003\Software\Microsoft\Windows\CurrentVersion\Int ernet
Settings\Zones\0\1004!=W=3*

after you get to each folder go through the steps to get to the Zones folder anything with 1004 nuke it!

Also don't use Internet Explorer if you don't have to use Mozilla,Opera,Firefox anything but I.E.
safe bet also use BLANK start up page and as always have all windows updates in and have a antivirus running and updated and a good spyware program Spybot and Ad-Aware will do and the usual safety steps don't open it if you don't who it is from as I tell my people stay away from the porno sites but to each his own and last but not least is a FIREWALL there's a few out there but ZONE ALARM will do and one more thing don't sign up for everything on the net if you don't need it leave it alone that's how they get your email address and if your going to BUY anything online please have all the above done and make sure the url in the address bar starts with the following HTTPS: and the padlock is locked, if you at least have this done and your email set up to nuke spam you should have happy surfing but if your using I.E. please clean out the crap as I call it (Cookies,Tempory Internet Files) its none of their business were you have been online so in closing HAVE A NICE DAY!

[Got DSO?]

I've had dso exploit for a couple weeks now and I want to get rid of it.
I did a windows update. I have norton's updated and ad-aware updated-both which don't show any problems.
But, spybot finds 5 entries of DSO exploit. I can "fix" the problem but spybots finds it again after I restart my computer.
I don't want to go into my registry and change anything.
Basically, I'm hoping someone can give me the best instructions for getting rid of this thing.
I've read all th eother fixes listed around here, but there are so many , so I'm hoping to hear from someone who can fix this good.
Thank you very much ;)

[hef]

The only real way to get rid of DSO is go to regedit and the folders I posted yesterday keep everything updated and you might reset your ad-aware settings
so backup your reg. if your not sure and only go to the folders your supposed to
thats it unless someone comes up with a quicker way this works.

[Peter Craig]

In Documents and Settings/allusers/applicationsdata/spybot.. /Recovery there are a lot of serially numbered DSOExploit*.zip files. It is easyto select them all and delete them. Then to the recycle bin to delete all found there. Recheck to be sure that all bad files in the directory site above are gone. Run Spybot and, voilà, one or more DSOExploit.zip files have been rewritten.

Anyone have an explanation for this?

[hef]

Well that should cure the problem all the way around then I dont use recovery dont need the headache with virus and trogans thats were most of em go to these days anyway so less hassle that way, but your way is worth checking into but did you have any of the files in regedit still?