I have done a Spybot scan... and it returned an entry called DSO Exploit. It looks like 1 entry, although it is a root file with a tree, that branches down into five entries. Anyway, I select to fix the problem, and Spybot says it has fixed it... although the entry is still there. It gives information on the right side of the screen which says this:

-----------------------------------------------------------------------------------------------

Company: Microsoft
Product: Internet Explorer
Threat: Security hole

Company URL:
http://www.microsoft.com/
Company product URL:
http://www.microsoft.com/windows/ie/
Company privacy URL:
http://www.microsoft.com/info/privacy.htm

Description
There's a security hole in IE allowing websites to execute code without asking you first. You can find more information at http://security.greymagic.com/adv/gm001-ie/

-----------------------------------------------------------------------------------------------

Anyway, I go the greymagic website it suggests to find out more info. and what I can do, although it doesnt give any instructions on how to repair this. Any help from anyone would be greatly appreciated.

Thanks.

Since the injected <object> runs in the "My Computer" Zone changing the Internet Zone&#39;s settings didn&#39;t affect it, but changing the correct zone&#39;s settings will prevent this exploit from running.

Here is the registry information:

[HKEY_CURRENT_USER&#092;Software&#092;Microsoft&#092;Windows&#092;CurrentVersion&#092;Internet Settings&#092;Zones&#092;0]
Change the value of "1004" (DWORD) to 3.

Many thanks to Axel Pettinger and Garland Hopkins for this workaround.

from the site you mentioned.

just be sure to backup the key in question before trying.

and how do you know the dso exploit is still there? sometimes spybot needs a reboot to fix the item in question.

To repair this, Disable scripts; not recommended since alot fo sites use Java and other scripts.

Originally posted by dopey@16 June 2004 - 12:22

Since the injected <object> runs in the "My Computer" Zone changing the Internet Zone&#39;s settings didn&#39;t affect it, but changing the correct zone&#39;s settings will prevent this exploit from running.

Here is the registry information:

[HKEY_CURRENT_USER&#092;Software&#092;Microsoft&#092;Windows&#092;CurrentVersion&#092;Internet Settings&#092;Zones&#092;0]
Change the value of "1004" (DWORD) to 3.

Many thanks to Axel Pettinger and Garland Hopkins for this workaround.

from the site you mentioned.

just be sure to backup the key in question before trying.

and how do you know the dso exploit is still there? sometimes spybot needs a reboot to fix the item in question.
supersonic Posted: 16 June 2004 - 18:41

To repair this, Disable scripts; not recommended since alot fo sites use Java and other scripts.


-----------------------------------------------------------------------------------------------



supersonics idea seems completely pointless to me as the first sentence says do this.... and the second says... its not a good idea.

Thanks for advice buddy.

Hey Dopey... if you can show me exactly how to do what you suggest, that would be great, because I have no clue on this.

Cheers :D

To disable scripts:
IE:
Internet options>security>&#39;chose a security zone&#39; then go go "custome level" and disable scripting.
As I said, you CAN do it, but I DON&#39;T think you SHOULD do it.
Solution:
Get Firefox instead of IE, it might solve ur problem.

Yes supersonic... I understand you said CAN... and I say... why would you suggest to do something... then say " I dont recommend it" Kinda pointless eh?

Also, I dont plan on getting rid of IE. I wish would stop suggesting another browser. IE is fine... just like it was when I had another issue. It wasnt the damn browser it was the firewall. So no changing of the browswer for me.

And I still need info on how to fix the orginal problem. I don&#39;t want suggestions on what I &#39;CAN&#39; do, but not recommened. That is why I was asking Dopey... because he solved a problem for me before, without giving me "I wouldnt recommend doing this" lingo.

It sounds like the spybot bug (http://forums.net-integration.net/index.php?showtopic=15308) that&#39;s causing it to return.

Manually changing the registry key value should fix it, as posted earlier.

Originally posted by musicmaster@18 June 2004 - 21:07
Yes supersonic... I understand you said CAN... and I say... why would you suggest to do something... then say " I dont recommend it" Kinda pointless eh?

Also, I dont plan on getting rid of IE. I wish would stop suggesting another browser. IE is fine... just like it was when I had another issue. It wasnt the damn browser it was the firewall. So no changing of the browswer for me.

And I still need info on how to fix the orginal problem. I don&#39;t want suggestions on what I &#39;CAN&#39; do, but not recommened. That is why I was asking Dopey... because he solved a problem for me before, without giving me "I wouldnt recommend doing this" lingo.
you have such a bad attitude when asking for advice. if you don&#39;t like the advice given then don&#39;t follow it, no need to bitch and whine. what is wrong with saying "thanks but I don&#39;t wish to change my browser, does anyone know of a different fix?"

no-one is getting paid to put up with your crap.

from Jg427&#39;s link


The second choice would be to use a REG file to fix it. Open notepad and paste the contents of this block into is:



REGEDIT4

&#91;HKEY_CURRENT_USER&#092;Software&#092;Microsoft&#092;Windows&#092;CurrentVersion&#092;Internet Settings&#092;Zones&#092;0&#93;
&#34;1004&#34;=dword&#58;00000003


Save that to some place on your disk as something like: FIXDSO.REG
save as all files

Then you can simply double click that file and merge the change (fix) into your registry. This will fix the one for the "current user" you are logged into your system as. There is less chance of making an error this way. Note that it is always recommended to backup your registry before making changes to it. (If you are unsure about doing that, then I refer you back to my main recommendation above and wait for Spybot to fix it.)

to backup your registry, you can simply create a restore point.

http&#58;//www.microsoft.com/windowsxp/using/helpandsupport/learnmore/systemrestore.mspx

the gist of all the previous posts there recommended that you can make use of all the critical windows updates, and you should be protected, and/or wait for spybot to update to correct the problem.

I use dsostop2.exe it&#39;s freeware. :)

if there is a security hole, why not go to windows update and download the latest patches from there.

Originally posted by chinook_apache@19 June 2004 - 15:49
if there is a security hole, why not go to windows update and download the latest patches from there.
It&#39;s my understanding that after you get the security update to fix the exploit, spybot will still report it. When spybot attempts a fix, it writes an incorrect value to the registry, so it shows up again at a rescan.

Originally posted by manker+19 June 2004 - 06:14--></div><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td>QUOTE (manker @ 19 June 2004 - 06:14)</td></tr><tr><td id='QUOTE'> <!--QuoteBegin-musicmaster@18 June 2004 - 21:07
Yes supersonic... I understand you said CAN... and I&nbsp; say... why would you suggest to do something... then say&nbsp; " I dont recommend it"&nbsp; Kinda pointless eh?

Also,&nbsp; I dont plan on getting rid of IE.&nbsp; I wish would stop suggesting another browser.&nbsp; IE is fine... just like it was when I had another issue.&nbsp; It wasnt the damn browser it was the firewall.&nbsp; So no changing of the browswer for me.&nbsp;

And I still need info on how to fix the orginal problem.&nbsp; I don&#39;t want suggestions on what I &#39;CAN&#39; do, but not recommened.&nbsp; That is why I was asking Dopey... because he solved a problem for me before, without giving me "I wouldnt recommend doing this" lingo.
you have such a bad attitude when asking for advice. if you don&#39;t like the advice given then don&#39;t follow it, no need to bitch and whine. what is wrong with saying "thanks but I don&#39;t wish to change my browser, does anyone know of a different fix?"

no-one is getting paid to put up with your crap. [/b][/quote]
You have no business posting here.... so please leave. And if you must know, the reason I sound bitter, is because there are a number of people here who are very insistant not only in wanting me to change my browser to Firefox.... but saying that it is better than IE, and lastly saying that my problems are caused by IE.

If you look back into some other posts I have made regarding issues of another nature regarding not being able to log in to the board, it was caused not by IE... which is what I believe about 3 or 4 people said... and these same people said "IE sucks, get Firefox". It was caused by my Firewall.

So, in closing, as I said to start off with... please don&#39;t respond here if you have nothing positive to tell me. I was just telling the people who want my problem to be IE related, to not suggest that any more. TYVM

I believe I stated the solution in my previous post. But ignore it if you folks just want to bicker. :frusty:

I saw what you posted zap.... thanks. I dont want any arguments. I just like realistic advice, and if people want to keep saying the same thing over and over again, they will get my same responses.

Again, thanks.

:D