Does anyone know what this is (a spybot s&d finding)

First I would like to say, after a week vaction it sure feels good to be back.

I ran Sypbot on my new compter and it found this: DSO Exploit: Data source object exploit (Registry change)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\01004=W=3


I have no idea what this is. Any one know? By the way it's a dell.

 

Hey notageek,

Welcome back.

I too came up with the DSO exploit while running Spybot a while ago.

I assumed it had something to do with what is written about here by Greymagic.

When I ran greymagic's test on their page which explains the exploit, whatever was supposed to happen - did not happen. Not sure if it was because of the change made by SS&D or my proxo settings...

Looks like it was proxo picking it off initially - I see a selected classid lighting up

proxo was killing some pretty interesting stuff on that test, also noticed when I lighten up on proxo settings, my AV picks off a bug, I'm sure if I let the bug go maybe the SS&D change would plug the gap, maybe not so just in case think I'll download & run DSO stop just to be sure.

whatever the exploit, it was not able to execute on my pc

also check here:

http://www.nsclean.com/dsostop.html

& here:

http://www.wilders.org/securing_your_pc.htm

 

Thanks Peakaboo.

Hey Peakaboo do you know if Proxo works with WinXP?

 

Looks like this was not a good assumption.

Glad I ran DSO stop as my pc was still vulnerable but for proxo picking off the test stuff.

After running DSO stop, I ran the test again with proxo bypassed. Great result, total defeat of this exploit.

dwnld DSO stop here:

http://www.nsclean.com/dsostop.html

more info. here:

http://www.wilders.org/securing_your_pc.htm

notageek, I would think proxo would work with XP, I visited the proxo site and the author states:

"It works with most any browser (not just the big two)"

http://home.arcor.de/six/index.html

 

Thanks Peakaboo. I'll try Proxo with XP.