Archived from groups: microsoft.public.windowsxp.newusers (
More info?)
Thank you very much for the information and the instructions. Will do right
now.
cksdjs
"Mike Hall" wrote:
> If you type 'Spybot and DSO exploits' into a Google search, you will find
> out all that you need to know about this known bug in Spybot.. there was a
> fix posted in these newsgroups recently..
>
> Open Spybot in ADVANCED mode.. click on SETTINGS and then click on IGNORE
> PRODUCTS.. scroll down to DSO EXPLOITS and check the box.. you have now
> fixed the problem..
>
>
> "cksdjs" <cksdjs@discussions.microsoft.com> wrote in message
> news:E8CF01F0-5231-4C19-B21F-493746C4F2A8@microsoft.com...
> > Then is it safe to ignore the DSO Exploits? or what do I do about them?
> > Someone else thought they were connected to a program I don't even use,
> > even
> > though it seems to be part of Win XP Pro. How do I know now, that it is
> > just
> > a mistake on the part of Spybot?
> > cksdjs
> >
> > "Mike Hall" wrote:
> >
> >> The DSO exploits are part of the process of IE that Spybot INCORRECTLY
> >> sees
> >> as threats.. the bug is with Spybot, NOT Internet Explorer..
> >>
> >>
> >> "cksdjs" <cksdjs@discussions.microsoft.com> wrote in message
> >> news:A49DA5B5-0B47-4BF2-8F9B-200997776ADC@microsoft.com...
> >> > I'm back again, after trying the Pest Patrol and also updating to the
> >> > latest
> >> > Windows Media Player.
> >> > Pest Patrol located 8 threats of cookies and other trackers, but did
> >> > not
> >> > find any of the 5 DSO Exploits that I needed it to remove.
> >> > The "Allow Internet sites to uniquely identify your Player" checkbox is
> >> > unchecked. Registry Mechanic did not remove any changes due to the
> >> > update
> >> > of
> >> > the program, and Spybot still found the same 5 threat entries.
> >> > So after all that, I am back to square one....again.
> >> >
> >> > cksdjs
> >> >
> >> > "MAP" wrote:
> >> >
> >> >>
> >> >> >-----Original Message-----
> >> >> >I have run a few spyware programs and they have all
> >> >> shown my computer to be
> >> >> >clean except for Spybot which consistently shows that I
> >> >> have 5 "DSO
> >> >> >Exploits". I click 'Fix the Selected Problems' only to
> >> >> return and find them
> >> >> >back there?
> >> >> >
> >> >> >Is there any problem with leaving these on my computer
> >> >> or is there more to
> >> >> >removing them.
> >> >> >
> >> >> >Thanks heaps in advance.
> >> >> >
> >> >> >
> >> >> >.
> >> >> >
> >> >> This is the most likely cause
> >> >>
> >> >>
> >> >> The Windows Media Player Exploit (also "Windows") was
> >> >> described by Microsoft back in May, 2001 in Microsoft
> >> >> Security Bulletin MS01-029.
> >> >>
> >> >> Microsoft describes the problem as "... a potential
> >> >> privacy vulnerability that ... could be exploited by a
> >> >> malicious set of web sites to distinguish a user. While
> >> >> this issue would not by itself enable a web site to
> >> >> identify the user, it could enable the correlation of
> >> >> user information to potentially build a composite
> >> >> description of the user."
> >> >> --
> >> >> http://www.microsoft.com/technet/security/bulletin/MS01-
> >> >> 029.asp
> >> >>
> >> >> When the Windows Media Player runs, it transmits your "IP
> >> >> address and the Player ID number, both of which are used
> >> >> by some streaming media server to identify your
> >> >> connection. The IP address is necessary in order to
> >> >> establish the connection to the Windows Media Server and
> >> >> is known by the server when you connect. If you are
> >> >> running any adware, spyware, hijacker, browser helper
> >> >> object or other software which "requires" Windows Media
> >> >> Player, the server for that product will be able to
> >> >> identify your machine with all future accesses."
> >> >> --
> >> >> http://www.microsoft.com/windows/windowsmedia/software/v8/
> >> >> privacy.asp
> >> >>
> >> >> Microsoft advises that users can protect themselves by
> >> >> upgrading to Windows Media Player 7.1 or later, then
> >> >> changing the appropriate settings in their player:
> >> >>
> >> >> On the Tools menu, click Options.
> >> >> On the Player tab, clear the Allow Internet sites to
> >> >> uniquely identify your Player check box.
> >> >> But it is easier and safer to simply run PestPatrol and
> >> >> let it remove the two registry entries that store the
> >> >> unique ID:
> >> >>
> >> >> HKEY_CURRENT_USER\software\microsoft\mediaplayer\player\se
> >> >> ttings|client id
> >> >> HKEY_USERS\.default\software\microsoft\mediaplayer\player\
> >> >> settings|client id
> >> >>
> >> >> This is more certain to protect your privacy, because
> >> >> your Player ID number is removed, preventing a web site
> >> >> from tracking you and your machine. With the ID removed,
> >> >> the machine should be less susceptible to exploit of this
> >> >> vulnerability. And delightfully, removal of these Client
> >> >> ID settings have NO impact on the operation of Windows
> >> >> Media Player. They are safe to remove, potentially
> >> >> dangerous to ignore. SpyBot detects this as "MS Media
> >> >> Player"; Ad-aware detects it as "Windows."
> >> >>
> >> >> You may, indeed, delete these two registry entries.
> >> >>
> >> >> Alias: MS Media Player, Windows
> >> >> Category: Exploit: A way of misusing or breaking into a
> >> >> system by taking advantage of a weakness in it.
> >> >>
> >> >> Similar Pests: Exploit
> >> >> Origins
> >> >> Date of Origin: May, 2001
> >> >> Distribution
> >> >> Prevalence: Windows Media Player Exploit: 0.1% of all
> >> >> pest reports (126 per 100,000 reports) More Info
> >> >>
> >> >> Clot Factor: Windows Media Player Exploit: On average, 5
> >> >> objects detected in each machine
> >> >> The "Clot Factor" is a measure of how much a pest "gums
> >> >> up" a machine by adding registry entries, files, and
> >> >> directories. As more objects are placed in a machine,
> >> >> manual removal becomes more difficult and more error-
> >> >> prone.
> >> >>
> >> >>
> >> >>
> >> >> Operation
> >> >> Detection and Removal
> >> >> Automatic Removal: PestPatrol detects this.
> >> >>
> >> >> PestPatrol removes this.
> >> >>
> >> >>
> >> >>
> >> >> Manual Removal: Follow these steps to remove Windows
> >> >> Media Player Exploit from your machine. Begin by backing
> >> >> up your registry and your system, and/or setting a
> >> >> Restore Point, to prevent trouble if you make a mistake.
> >> >> Clean Registry:
> >> >>
> >> >> Remove these registry items (if present) with RegEdit:
> >> >>
> >> >> HKEY_CLASSES_ROOT\typelib\{83f0d6aa-cd15-46b5-aa4e-
> >> >> bdb506b4ae53}
> >> >>
> >> >>
> >>
> >>
> >>
>
>
>
Facebook
Twitter
Instagram