Re: CD-TRAY

From: David H. Lipman (DLipman~nospam~_at_Verizon.Net)
Date: 08/12/04 

Date: Thu, 12 Aug 2004 16:35:44 -0400

Ah yes, the Geschenk!

I had almost a dozen platforms where this was found in the mid '90s.

Dave

"Bruce Chambers" <bruce_a_chambers@h0tmail.com> wrote in message
news:eaJ1iaGgEHA.3132@TK2MSFTNGP10.phx.gbl...
| Greetings --
|
| While there is one rather old "joke" virus that can eject CDs,
| this problem is most often caused, in my experience, by a defective CD
| Drive.
|
| Joke.Geschenk
| http://securityresponse.symantec.com/avcenter/venc/data/joke.geschenk.html
|
|
| The DSO exploit was patched long ago by IE Cumulative Update
| MS02-015, in March of 2002. If you've installed this specific patch,
| or any subsequent IE Cumulative Updates, or Service Pack 1, you're
| safe. It would appear that the latest version of Spybot S&D is only
| checking for Internet zone settings in the registry that could be used
| as work-around protection, and not for the presence of any corrective
| patches. Hopefully, the makers of Spybot will soon fix this bug.
|
| MS02-015 March 28, 2002 Cumulative Patch for Internet Explorer
| http://support.microsoft.com/default.aspx?scid=kb;EN-US;319182
|
| If you like, you can test your system for this particular
| vulnerability at this web site:
| http://www.greymagic.com/security/advisories/gm001-ie/
|
| The makers of SpyBot S&D have acknowledged the problem and will
| fix it on their next update:
| http://www.safer-networking.org/index.php?page=paragraphs&detail=currentfaqs
|
| In the meantime, in SpyBot S&D, click Mode > Advanced > Settings >
| Ignore Products > Security > DSO Exploit, to turn off the false alarm.
|
|
| Bruce Chambers
| --
| Help us help you:
| http://dts-l.org/goodpost.htm
| http://www.catb.org/~esr/faqs/smart-questions.html
|
| You can have peace. Or you can have freedom. Don't ever count on
| having both at once. - RAH
|
|
| "Bilal" <anonymous@discussions.microsoft.com> wrote in message
| news:4b7901c4802e$06fd6fe0$a601280a@phx.gbl...
| > Please i need help in removing some sort of a virus from
| > my computer that is controlling the CD-Tray. The tray
| > opens and closes on its on timings. The computer displays
| > messages indication rundll error messages. I have AVG but
| > it doesnt pick up any of the files and nither does ad-
| > ware. On spy-bot it names two files that cannot be
| > removed, they are called DSO exploit and GXB LTD. please
| > help me come up wit a soultion.
| >
| > Thanks for your time and all the help that you give me
| >
| >
| > Bilal
|
|

Relevant Pages

  • Re: After reading the posts about about:blank I am so confused.
    ... NAV fix a DSO exploit? ... I've seen that DSO exploit before in Spybot ... try Spybot scan in Safe-Mode. ...
    (microsoft.public.windows.inetexplorer.ie6.browser)
  • Re: Spybot DSO Exploit
    ... > Once you've done all the registry entries showing in SPYBot's DSO ... It would appear that the latest version of Spybot S&D is only ... checking for Internet zone settings in the registry that could be used ... the makers of Spybot will soon fix this bug. ...
    (microsoft.public.windowsxp.basics)
  • Re: How to remove DSO Exploit spyware from the registry?
    ... but I can't seem to get rid of DSO Exploit. ... When I try to remove it after running a scan, Spybot says the ... the makers of SpyBot will soon fix ... Ignore Products> Security> DSO Exploit, to turn off the false alarm. ...
    (microsoft.public.windowsxp.general)
  • Re: After reading the posts about about:blank I am so confused.
    ... I got rid of the DSO Exploit by going into safemode and then Spybot gave me ... the same master search page with links to sleasy sites as before. ... Here is the message I get now when I run Spybot S&D: ... > and it normally was able to fix it. ...
    (microsoft.public.windows.inetexplorer.ie6.browser)
  • Re: adware/spyware
    ... > The DSO exploit was patched long ago by IE Cumulative Update ... > patches. ... the makers of Spybot will soon fix this bug. ...
    (microsoft.public.security.virus)