What's a 'DSO exploit' and how do I get rid of it?

Read the article that everyone's commenting on.
Subscribe to the RSS Feed for comments on this article.

Will reloading all software from original boot disks/system restore disks get rid of all spyware including "DSO exploit"?
thanks

DSO exploit is not spyware. It's a vulnerability in Internet Explorer that is resolved by keeping IE up to date with the latest patches.

As I understand things Harry, the DSO exploit is more like a back door in the Windows operating system, that has been left unlocked. As I have heard here, there is a patch that puts a lock on this back door. I myself chose to delete it altogether. (although I have heard on more than one occasion that, that was not necessary) My best guess would be that reinstalling Windows would restore the DSO exploit, rather than getting rid of it. I do know that when I recieved my PS2 update from Microsoft, (although I had deleted the 1004 entry from my registry) my DSO exploit had returned. (so I deleted it again) For me it was a "peace of mind" thing, and efficiency didn't play a large role in my decision making process. Hope this helps, as it is "to the best of my knowledge" and "as I understand it". (L9)Ron

This may be a stupid question but how do I know I have IE updated with the latest patches! Thanks

All this advice hinges on the fact that staying up-to-date with patches will solves the problem. This is untrue. I am running XP Pro service pack 2 with all patches and am infected by the CWS (aka about:blank) about once every 48-72 hours. It is cleaned to a high degree of confidence with a cross check of several programs (ad aware, spybot, and manual removal) only to return with a DSO exploit and a reinstallation of all the malicious registry keys. I am not running antivirus or a firewall (beyond the XP) because I am trying to deal with the problem on a more fundamental level at this point. Rather than plug the dyke, I want to fix the hole.

These are the facts. The vulnerability must still be in the system.

What now?

Try this!

http://www.nsclean.com/dsostop.html

All the info you want on dso exploit is there. Keep in mind, Microsoft has a fix for it already, but for those of you who keep worrying....

I have purchased adware, spybot, spyvest, and desostop2, and all have identified the problem, and some are saying they have deleted the culprit.

However, when I open up IE my home page web site still wants to go to the promptview.info web site, I have changed it via the IE tools, it works until I reboot, than that sucker returns to the stupid search site as my home page.

Can someone show me how to get rid of this thing, or point me to the person who did it, so I can personnaly ring that jerks neck.

> Today I tried to install SP2.... Posted by: Linda Bond at September 3, 2004 04:29 PM

Linda, I don't know if you got a solution, but my advice:
Order the SP2 CD from MS (it's free... takes "4-6 weeks", but I got mine in 2 weeks) - you can order it from the Win Update site. I'm just thinking that maybe there was a fault in the download? I know the CD works, cos it worked perfectly on my machine.

Regards,
PhantomSteve

Sometimes for no reason and without warning that stupid "microsoft has had an encounted a problem and needs to close" message comes up, it is very frustrating and now even my programs are doing it. Is DSO exploit responsible for this, if not can you tell me what is. Thanks

No, that's probably not related to DSO exploit in anyway. That message happens when a program misbehaves, typically due to a bug in the program. What to do will depend on what program you were running at the time, or the program that should have been mentioned in the error message. If it was Internet Explorer, you can check this article for more: http://ask-leo.com/iexploreexe_has_generated_an_error_now_what.html

To post a comment on "What's a 'DSO exploit' and how do I get rid of it?", please return to that article's main page.