Bothersome Reg. Entries

[Sadie]

Hello,

Spybot Search And Destroy keeps turning up these registry
entries every time I do a scan.

I have never seen them before.I know they are Data Source
Object Exploits,but unlike other Microsoft DSO
entries,they are unfixable.(They will return after
being "fixed".)Which makes me wonder whether it might be
something more sinister.

I have obfuscated the PID numbers here.What the blazes is
1004!=W=3 ?

Admittedly,I am probably still jumpy after the CWS take-
over bid.

DSO Exploit: Data source object exploit (Registry change,
fixed)

HKEY_USERS\#####\Software\Microsoft\Windows\CurrentVersion
\Internet Settings\Zones\0\1004!=W=3

DSO Exploit: Data source object exploit (Registry change,
fixed)

HKEY_USERS\############\Software\Microsoft\Windows\Current
Version\Internet Settings\Zones\0\1004!=W=3

DSO Exploit: Data source object exploit (Registry change,
fixed)

HKEY_USERS\######\Software\Microsoft\Windows\CurrentVersio
n\Internet Settings\Zones\0\1004!=W=3

DSO Exploit: Data source object exploit (Registry change,
fixed)

HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVers
ion\Internet Settings\Zones\0\1004!=W=3

Many thanks for any light that can be shed on the subject,

Sadie

 

[Sadie]

http://forums.net-integration.net/index.php?
showtopic=15308

No problem!It's a Spybot Search And Destroy bug-only not
quite as described in the forum above.I flippin' well DO
have active scripting disabled..

Sorry to have bothered you.

Sadie

 

[worried]

Sadie,
why do you have active scripting disabled?
I would like to know why,I'm nosy and may learn
something....Thank you...

 

[Sadie]

No worries!
There are two exceptions:Windows Update and the internet
interface for this news group which will not function
without active scripting.

At all other times when surfing the net I chose to
disable every facet of it.This is because the risk of
landing on a malicious site is too high.

The "detonator",for want of a better word,behind CWS is a
single active x control.No matter what precautions you
take in ensuring "moderate safe search" is enabled in
Google,the CWS domains will still spring up (They are no
longer exclusively "explicit",it appears.You can't avoid
them anymore by not being a perv.)
One solitary active x control is all it takes for them to
commandeer your computer.

I saw it for myself,a few days ago.Don't under estimate
the power of active scripting be it java or active x.One
snip of malicious code,and that's it.You won't even
recognise your computer anymore,let alone be able to run
it.

If you are visiting sites you trust and love to
visit,perhaps,you'd make an exception.Websurfing by its
very nature means exploring new domains and landing in
places you've never been before.

Trojan dialers,coolwebsearch,browser
redirectors,persistant pornographic pop ups...too much of
the bad stuff out there is accomplished via active
x.Don't take any chances.

Active x in the right hands is a beautiful thing,I'm
sure.For now though,those settings stay the way they are.

Sadie