OT: Spybot Search And Distroy

A

Art Sheppard

I have getting the same DSO Over and Over in
a Spybot scan. I have tired using my
firewall log to see if I can find the
violator, but as of yet I have not
succeeded. The offending DSO's are:

DSO Exploit: Data source object exploit
(Registry change, nothing done)

HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet
Settings\Zones\0\1004!=W=3

DSO Exploit: Data source object exploit
(Registry change, nothing done)

HKEY_USERS\S-1-5-21-839522115-854245398-1957994488-1003\Software\Microsoft\Windows\CurrentVersion\Internet
Settings\Zones\0\1004!=W=3

DSO Exploit: Data source object exploit
(Registry change, nothing done)

HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet
Settings\Zones\0\1004!=W=3

DSO Exploit: Data source object exploit
(Registry change, nothing done)

HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet
Settings\Zones\0\1004!=W=3

DSO Exploit: Data source object exploit
(Registry change, nothing done)

HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet
Settings\Zones\0\1004!=W=3

Does anyone know how to stop these from
reappearing after they were just Deleted?

Any assistance would be greatly appreciated.
Thanks
/art
 
C

Carey Frisch [MVP]

Basically what's happening is that Spybot is finding that the security setting
for "Download Unsigned ActiveX controls" for the (normally) hidden
"My Computer" zone in Internet Explorer is not set to disabled.

Visit http://forums.net-integration.net/index.php?showtopic=15308
for additional info.

Make sure you visit the Windows Update website and download any
recommended Critical Updates.

--
Carey Frisch
Microsoft MVP
Windows XP - Shell/User

Be Smart! Protect your PC!
http://www.microsoft.com/security/protect/

-------------------------------------------------------------------------------


|I have getting the same DSO Over and Over in
| a Spybot scan. I have tired using my
| firewall log to see if I can find the
| violator, but as of yet I have not
| succeeded. The offending DSO's are:
|
| DSO Exploit: Data source object exploit
| (Registry change, nothing done)
|
| HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet
| Settings\Zones\0\1004!=W=3
|
| DSO Exploit: Data source object exploit
| (Registry change, nothing done)
|
| HKEY_USERS\S-1-5-21-839522115-854245398-1957994488-1003\Software\Microsoft\Windows\CurrentVersion\Internet
| Settings\Zones\0\1004!=W=3
|
| DSO Exploit: Data source object exploit
| (Registry change, nothing done)
|
| HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet
| Settings\Zones\0\1004!=W=3
|
| DSO Exploit: Data source object exploit
| (Registry change, nothing done)
|
| HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet
| Settings\Zones\0\1004!=W=3
|
| DSO Exploit: Data source object exploit
| (Registry change, nothing done)
|
| HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet
| Settings\Zones\0\1004!=W=3
|
| Does anyone know how to stop these from
| reappearing after they were just Deleted?
|
| Any assistance would be greatly appreciated.
| Thanks
| /art
|
 
J

JAX

That is a known issue with S&D and they are working on a fix for it. You
probably see 5 instances of DSO exploit showing in your scan. It is nothing
to be concerned about. I read that, either on the S&D site or, some other
reliable source. Try entering "DSO exploit" in a Google search and you will
find the same information.

HTH, JAX
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

SpyBot Results 7
Help please re Spybot S & D result 1
SpyBot detected DSO Exploit 2
internet shut down help!!!!!!!!! 1
XP New User - spyware question 18
HKeys DSO 3
DSO Exploit 5
Cannot Remove DSO EXPLOIT found by Spybot 5

Top