Tom's Guide | Tom's Hardware | Tom's Games | PC Safety Suite

Computing.Net > Forums > Windows XP > What is DSO Exploit?

Computer Problems? Computing.Net has over 1,000,000 posts about all things technology related! Click here to start participating now! Also, check out the New User Guide.

What is DSO Exploit?

Reply to Message Icon

Name: setishock
Date: July 12, 2004 at 00:11:16 Pacific
OS: xp home sp1
CPU/Ram: p4-1.6ghz/768m pc133 ram
Comment:

Every time I run spybot I get 5 entries of DSO Exploit and it says it removed them. When I expand on the items it shows they are sitting in my user files in the reg. What I need to know is what keeps putting them back and what do they do?
thanks



Google Ads

Response Number 1
Name: FJ
Date: July 12, 2004 at 00:52:36 Pacific
+1
Reply:

DOS = Data source object exploit.

I would delete them all. Then go to Windows Update and run an update check.

It sounds like you need to download a few security updates.



Response Number 2
Name: c0pyfiles
Date: July 12, 2004 at 00:52:42 Pacific
+1
Reply:

it is more than likely caused by windows media player and its setup to locate and inform on what your music preferences are.
"Data Source Object" exploit was an original spyware that was so termed by spybot and was associated with coolweb search and some other spyware. with the new media player fix that M$ installed lately dealing with media player 9 spybot is using its protocol to name it a DSO exploit because it uses the same info to record the music info that you ask it too.
It is also popssible that it is an actual exploit and can be removed by spybot in the advanced mode and pathed to registry keys to be destroyed.

Self-reverence
Self-knowledge
Self-control
These three alone LEAD to SUCCESS
-Alfred Lord Tennyson



Response Number 3
Name: svg
Date: July 12, 2004 at 05:28:58 Pacific
+1
Reply:

Hi setishock,

[XP 104837] Spybot keeps finding DSO exploit
Spybot seems to have trouble when a registry-value isn't of the valuetype it thinks it should be.

Also check the permissions on those particular regkeys. Spybot may not have the right permissions to make its changes.
___________________________________________
[Belgium, GMT+1]_________________________svg



Response Number 4
Name: johnny2004
Date: July 13, 2004 at 17:54:24 Pacific
+1
Reply:

DSO Exploit cannot be removed with Spybot 1.3. You will need to remove two registry keys manually (Run-->regedit.exe):

HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1004

and:

HKEY_USERS\S-1-5-21-394927024-3472591751-2543970293-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\1004

Just select "1004" and press delete. You may want to export the registry to a backup first.



Response Number 5
Name: mitchellk
Date: July 31, 2004 at 09:32:13 Pacific
+1
Reply:

I can confirm that removing the registry entries above will stop Spybot from detecting DSO exploit. It's actually a fault with Spybot (false positive) and not actually an exploit on your system.



Related Posts

See More



Google Ads
Reply to Message Icon

Writing Scripts WbLogon.exe - Application...



Post Locked

This post is quite old and has been locked from receiving new replies. Please create a new posting instead.


Go to Windows XP Forum Home


Google Ads


Results for: What is DSO Exploit?
DSO Exploit??? www.computing.net/answers/windows-xp/dso-exploit/111156.html

DSO Exploit found by Spybot www.computing.net/answers/windows-xp/dso-exploit-found-by-spybot/108561.html

DSO Exploits and security event log www.computing.net/answers/windows-xp/dso-exploits-and-security-event-log/87624.html