SpyBot Results

  • Thread starter Thread starter Milt
  • Start date Start date
M

Milt

I've recently installed SpyBot. It shows the following information, but I'm
not able to understand what it means and if I should have SpyBot delete
them. Can someone please explain?

DSO Exploit: Data source object exploit (Registry change, nothing done)
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet
Settings\Zones\0\1004=W=3

DSO Exploit: Data source object exploit (Registry change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet
Settings\Zones\0\1004=W=3

DSO Exploit: Data source object exploit (Registry change, nothing done)

HKEY_USERS\S-1-5-21-1715567821-1645522239-1801674531-1004\Software\Microsoft
\Windows\CurrentVersion\Internet Settings\Zones\0\1004=W=3

DSO Exploit: Data source object exploit (Registry change, nothing done)
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet
Settings\Zones\0\1004=W=3

DSO Exploit: Data source object exploit (Registry change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet
Settings\Zones\0\1004=W=3

NewsUpdate: Typelib ( (CTMarq ActiveX Control module)) (Registry key,
nothing done)
HKEY_CLASSES_ROOT\Typelib\{C1B43B7E-8B3C-11D4-B615-00A0C98E9F5B}

Windows Media Player: Client ID (Registry change, nothing done)
HKEY_USERS\S-1-5-20\Software\Microsoft\MediaPlayer\Player\Settings\Client
ID=

Windows Media Player: Client ID (Registry change, nothing done)
HKEY_USERS\S-1-5-19\Software\Microsoft\MediaPlayer\Player\Settings\Client
ID=

Thanks,
Milt
 
I think those messages only indicates that Spybot has only tighten some
security settings. Those messages doesn't indicate that you had any
spywar/malware.
 
from the wonderful said:
I've recently installed SpyBot. It shows the following information, but I'm
not able to understand what it means and if I should have SpyBot delete
them. Can someone please explain?
Click to expand...

<snip list>

You have to read the details and decide, however I had Spybot wipe them
all, with no ill effects. Unless you delete the backup file, you can
always undo the changes later.
 
Thanks for the reply. I did read the details. I believe that all but the
last two relate to the browsers security settings. I just don't understand
the effect of deleting the registry entries. I know that the last two relate
to identifying me to Windows Media Player. I thought Media Player requires
that I.D. to work properly.

The fact that you "deleted them all and saw no problems" is the information
that I was after.

Thanks,
Milt
 
from the wonderful said:
Thanks for the reply. I did read the details. I believe that all but the
last two relate to the browsers security settings. I just don't understand
the effect of deleting the registry entries. I know that the last two relate
to identifying me to Windows Media Player. I thought Media Player requires
that I.D. to work properly.

The fact that you "deleted them all and saw no problems" is the information
that I was after.
Click to expand...

The media player ID, afaik, is used to uniquely identify you to content
providers, if you go acquiring stuff (through MP) on the web. Think of
it as a mega-hard-wired-cookie. Since I don't download via media player,
I didn't worry about it - it certainly doesn't stop MP working normally
'offline'.
 
The 6 registry changes have to do with a security problem in IE that was the
subject of a hotfix released by MS sometime ago (see MS02-015, Q319182, Q319236;
also see http://security.greymagic.com/adv/gm001-ie/ for an original description
of the problem and a proposed (non-MS) fix.

The changes suggested by Spybot are those proposed in the GreyMagic article
above. It's not clear that these changes are needed if you have, in fact,
installed the MS patch. They do not seem to be harmful, however, and are
probably a good idea anyway. What these registry changes do is prohibit
downloading unsigned ActiveX controls in the "My Computer" zone. See KB 182569.
 
Back
Top