SpyBot S&D found a "DSO EXPLOIT"!!!!!

Hi Friends, and HELP ME PLEASE!!! SpyBot S&D found the following; "DSO Exploit HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Internet Settings\Zones\01004=W=3" (without quotes). WHAT EXACTLY IS THE ABOVE???? I got so scared because it is a "registry change ", and I am entirely too new at using a PC to go and play around with the registry--I'm the one who just had the 2 "clean reinstalls "--I can't take any more PC disasters!! Is it safe to let SpyBot S&D remove the above item , and if so, what exactly will happen to my registry? I looked up DSO EXPLOIT on Google, and there's an article titled, "IE, Outlook run malicious commands without scripting "--it has TONS of tech-talk that I don't understand, but they have almost the exact same item that I mentioned above about the DSO Exploit! They stressed the importance of "backing up the registry" before removing the item--I hate to admit it, but I don't know how to do that yet--I DID create a "System Restore Point "--is that the same as backing up my registry? And what exactly is this DSO thing that SpyBot found--is it a trojan or something else bad? I did a Norton AV Scan, and it came back clean--will running the "Disk Cleanup" program that came with XP fix the registry after I let Spy Bot remove it? Any and ALL advice will be GRATEFULLY APPRECIATED--I'm afraid to use my PC with this "DSO EXPLOIT" thing in my registry--am I safe? HELP ME PLEASE!!!! Thanks again for your help! Spookie

 

Get rid of it!

It is a weakness in the OS that lets others get control.

After you remove it, run SpyBot again then get Adaware 6 and run it.

AdAware 6.0 http://www.lavasoft.com
Run only after SpyBot!
Make sure to configure to Max settings, all files and compressed files. Delete all it finds


Then also look at this site about DSO and others, run them all, number 2 will plug the DSO hole so it can not happen again:

NSClean cleanups and exploit fixes
http://www.nsclean.com/freebies.html
http://nsclean.com/dsostop.html
http://nsclean.com/htastop.html
http://nsclean.com/0click.html
http://nsclean.com/socklock.html
http://nsclean.com/sclean.html


Mike

 

Mike, after all half good--half bad things that have been said about AdAware lately do you still think it's a good idea to use it?

2nd--why doesn't Lavasoft have it's own direct site to download AdAware from?
Paul

 

paul43 - the latest version Ad-aware 6.0 is great. The only real knock on them was they went too long between updates. Not only no version update but no spyware-list updates. All corrected now.

And the practice of using mirror sites to handle downloads is common. Speeds things up quite a bit. The mirrors they recommend are sites they update regularly with the latest & greatest.

Their home site is lavasoft.de and for US users to always have to reach to Germany for downloads just wouldn't make sense. They do have lavasoftusa.com so there is a presence here but the fact they are available on so many download sites is more of a reassurance to me than otherwise.

While I still prefer sypbot (lots faster), I run both since almost always one will get critters the other missed.

 

Newt, 2 questions.
1)I just go to lavasoftusa click on download and it will take me to another page with a whole list of sites to download from--then I should just pick a site (say PC WORLD) and do it from there. Am I correct so far.

2) Do you agree with "mflynn" that I should always run AdAware before I run Spybot--which I use all the time after listening to you guys and so far it has perform exactly as advertised.

Thank you & all the other helpful people on this forum. Paul

 

I said after SpyBot!

Mike

 

YASARR BOSS!!!!

BTW--The Waffle house princess, new trailer & free food is still waiting if you get down around Mongomery, AL

P.S. Mike I need to talk to you over the phone someday in lenght about the best way to back my puter up.
If that agreeable with you e-mail at
paul43@cfl.rr.com

Thank you, Paul

 

I like AAW v6.0, still must be considered a beta to be used with caution. The breaking of internet connectivity is still not altogether solved with build 162:

http://www.lavasoftsupport.com/index.php?act=ST&f=24&t=4503&

Regards - Charles

 

Thanks Spookie

Spookie,

Thank you for posting this problem. I installed Spybot 2 days ago and got the "dsoexploit" as well. Just like you I was afraid to go forward with a registry change. Your posting and the responses to it gave me the needed info to delete it. I followed the advice and plugged the hole also (with dsostop2). I dont remember the name of the person who gave you the answers but thanks to you also .

Sincerely,

Tar Heel