Spybot-Search and Destroy

R

Richard P.

While I running ' Spybot-Search and Destroy' using
Windows XP Pro,Spybot detected 5 illegal entries
which,when fixed (or deleted),still reside in my
registry.My System remains Immunized under threat.
Are they malicious?
Do I have to manually delete or disable these objects?
Or are they a part of another program interacting with my
registry?

DSO Exploit = 5 illegal entries

Data Source Object Exploit
Hkey_Users\5-1-5-18
\software\Windows\Currentversion\InternetSettings\
Zones\0\1004!=W=3
......Registry Change

Data Source Object Exploit
HKey_Users\5-1-5-21-796845957-854245398-842925246-1003
\Software\Microsoft\
Windows\CurrentVersion\InternetSettings\Zones\0\1004!
=W=3 ......Registry Change

Data Source Object Exploit
HKey_Users\5-1-5-20
\Software\Microsoft\Windows\CurrentVersion\InternetSetting
s
Zones\0\1004!=W=3
......Registry Change

Data Source Object Exploit
HKey_Users\5-1-5-19
\Software\Microsoft\Windows\CurrentVersion\InternetSetting
s
Zones\0\1004!=W=3
......Registry Change

Data Source Object Exploit

HKeyUsers\DEFAULT\Software\Microsoft\Windows\CurrentVersio
n\InternetSettings
Zones\0\1004!=W=3
......Registry Change

Please Advise.............
 
R

Ray Lockhart

As reported elsewhere, this is a bug in SpyBot that they claim will be fixed
in a new release. SpyBot reportedly does clean out the DSO Exploit entrys
but still continues to report it as a problem.
 
B

Bruce Chambers

Richard said:
While I running ' Spybot-Search and Destroy' using
Windows XP Pro,Spybot detected 5 illegal entries
which,when fixed (or deleted),still reside in my
registry.My System remains Immunized under threat.
Are they malicious?
Do I have to manually delete or disable these objects?
Or are they a part of another program interacting with my
registry?

DSO Exploit = 5 illegal entries

Data Source Object Exploit
Hkey_Users\5-1-5-18
\software\Windows\Currentversion\InternetSettings\
Zones\0\1004!=W=3
......Registry Change

Data Source Object Exploit
HKey_Users\5-1-5-21-796845957-854245398-842925246-1003
\Software\Microsoft\
Windows\CurrentVersion\InternetSettings\Zones\0\1004!
=W=3 ......Registry Change

Data Source Object Exploit
HKey_Users\5-1-5-20
\Software\Microsoft\Windows\CurrentVersion\InternetSetting
s
Zones\0\1004!=W=3
......Registry Change

Data Source Object Exploit
HKey_Users\5-1-5-19
\Software\Microsoft\Windows\CurrentVersion\InternetSetting
s
Zones\0\1004!=W=3
......Registry Change

Data Source Object Exploit

HKeyUsers\DEFAULT\Software\Microsoft\Windows\CurrentVersio
n\InternetSettings
Zones\0\1004!=W=3
......Registry Change

Please Advise.............


You need to open Spybot S&D and click on the "Update" icon. The
most recent update will fix this well-known false-alarm issue.

The DSO exploit was patched long ago by IE Cumulative Update
MS02-015, in March of 2002. If you've installed this specific patch,
or any subsequent IE Cumulative Updates, or either WinXP Service Pack,
you're safe.

MS02-015 March 28, 2002 Cumulative Patch for Internet Explorer
http://support.microsoft.com/default.aspx?scid=kb;EN-US;319182

--

Bruce Chambers

Help us help you:



You can have peace. Or you can have freedom. Don't ever count on
having both at once. - RAH
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top