Re: DSO Exploit glitch in Spybot?

From: Carey Frisch [MVP] (mrxp2004_at_nospamyahoo.com)
Date: 07/13/04

Next message: Bruce Chambers: "Re: Firewall"
Previous message: drwegs: "Re: transferring address book and old message archive"
In reply to: KillerQ: "DSO Exploit glitch in Spybot?"
Next in thread: JAX: "Re: DSO Exploit glitch in Spybot?"
Messages sorted by: [ date ] [ thread ]

Date: Tue, 13 Jul 2004 08:10:55 -0500

Basically what's happening is that Spybot is finding that the security setting
for "Download Unsigned ActiveX controls" for the (normally) hidden
"My Computer" zone in Internet Explorer is not set to disabled.

Visit http://forums.net-integration.net/index.php?showtopic=15308
for additional info.

Make sure you visit the Windows Update website and download any
recommended Critical Updates.

-- 
Carey Frisch
Microsoft MVP
Windows XP - Shell/User
Be Smart!  Protect your PC!
http://www.microsoft.com/security/protect/
--------------------------------------------------------------------------------
"KillerQ" <KillerQ.19bzja@news.nospam.local> wrote in message:
 news:KillerQ.19bzja@news.nospam.local...
|
| Hey all,
|
| This is my first post on here -- so I hope that this is in the correct
| section. I have had my battles with virii and spyware in the past, as
| well as homepage hijackings, etc..... And since I run AVG, Adaware,
| and now spybot, regularly, there seems to be nothing that i cannot get
| rid of for good. I have recently run cwshredder, and removed some
| things as well....
|
| Anyway, my question is -- even after everything seems clean, when i
| run spybot i get the following results (the top part is self
| explanitory to me, it's the DSO EXPLOIT reg-entry part at the bottom
| that I do not totally understand).  ALso, I hear that this may be a
| glitch that is known in the current version of Spybot -- I just wanted
| to make sure that it's nothing to worry about -- and I have updated all
| thye critical patches for XP home, as well.....  Here is the info:
|
|
| -----------
|
| DoubleClick: Tracking cookie (Internet Explorer: Matt) (Cookie,
| nothing done)
|
|
| Avenue A, Inc.: Tracking cookie (Internet Explorer: Matt) (Cookie,
| nothing done)
|
|
| DSO Exploit: Data source object exploit (Registry change, nothing
| done)
| HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet
| Settings\Zones\0\1004!=W=3
|
| DSO Exploit: Data source object exploit (Registry change, nothing
| done)
| HKEY_USERS\S-1-5-21-1307759246-3641812577-2111303108-1008\Software\Microsoft\Windows\CurrentVersion\Internet
| Settings\Zones\0\1004!=W=3
|
| DSO Exploit: Data source object exploit (Registry change, nothing
| done)
| HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet
| Settings\Zones\0\1004!=W=3
|
| DSO Exploit: Data source object exploit (Registry change, nothing
| done)
| HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet
| Settings\Zones\0\1004!=W=3
|
| DSO Exploit: Data source object exploit (Registry change, nothing
| done)
| HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet
| Settings\Zones\0\1004!=W=3
|
|
| --- Spybot - Search && Destroy version: 1.3 ---
| 2004-07-09 Includes\Cookies.sbi
| 2004-07-09 Includes\Dialer.sbi
| 2004-07-09 Includes\Hijackers.sbi
| 2004-07-09 Includes\Keyloggers.sbi
| 2004-05-12 Includes\LSP.sbi
| 2004-07-09 Includes\Malware.sbi
| 2004-07-09 Includes\Revision.sbi
| 2004-07-02 Includes\Security.sbi
| 2004-07-09 Includes\Spybots.sbi
| 2004-07-09 Includes\Tracks.uti
| 2004-07-09 Includes\Trojans.sbi
|
| -----------------------
|
|
| Well, there it is.... Now since the DSO entries each say "Registry
| change, nothing done" i don't know if this is something that windows
| automatically changes all the time, and this is normal for this to
| show in the scan results - or if it's a harmless preference that I
| change that makes those appear or what..... Or if it is, in fact, the
| glitch.  I looked on the spybot FAQ and they didn't really go ionto
| detail...If you could explain this
| to me -- i would greatly appreciate it!!!
|
|
| Thanks in advance,
|
| Matt
| (magicianstalk@hotmail.com)
|
| P.S. Has anyone noticed that cwshredder is not able to update via the
| program lately?
|
|
| -- 
| KillerQ

Next message: Bruce Chambers: "Re: Firewall"
Previous message: drwegs: "Re: transferring address book and old message archive"
In reply to: KillerQ: "DSO Exploit glitch in Spybot?"
Next in thread: JAX: "Re: DSO Exploit glitch in Spybot?"
Messages sorted by: [ date ] [ thread ]

Relevant Pages

Re: DSO Exploit glitch in Spybot?
... the makers of Spybot will soon fix this bug. ... Ignore Products> Security> DSO Exploit, to turn off the false alarm. ... Data source object exploit (Registry change, ...
(microsoft.public.windowsxp.help_and_support)
DSO exploit question
... When I run spybot a highlighted in red a problem listed ... service pack 2 on it last week and I am still getting this DSO error when I ... Data source object exploit (Registry change, ...
(microsoft.public.windowsxp.help_and_support)
Re: DSO exploit question
... When I run spybot a highlighted in red a problem ... it lists 5 registry entries DSO Exploit: ... Data source object exploit (Registry change, ...
(microsoft.public.windowsxp.help_and_support)
RE: DSO exploit question
... When I run spybot a highlighted in red a problem listed ... > service pack 2 on it last week and I am still getting this DSO error when I ... Data source object exploit (Registry change, ...
(microsoft.public.windowsxp.help_and_support)
Re: XP New User - spyware question
... or any subsequent IE Cumulative Updates, or Service Pack 1, you're ... Ignore Products> Security> DSO Exploit, to turn off the false alarm. ... Data source object exploit (Registry change, ...
(microsoft.public.windowsxp.help_and_support)