Spyware Windows DSO Exploit hkey registry

  • Thread starter Thread starter Carl
  • Start date Start date
C

Carl

I recently loaded Spybot S&D which let me know I have a
bug.
I have been unable to delete it. I am running Pest Patrol,
Spybot, EtrustEZArmor, AdAware, and ZoneAlarm. Here is a
copy of the reports.

Pests found: (from Pest Patrol)
Lop.com,HKEY_LOCAL_MACHINE\software\microsoft\windows\curre
ntversion\installer\products\c8d617f6f8933d11581e0005403868
90\webpublfiles|usage,na,na,07/03/2004,00-10-5A-AB-A4-
F3,USA

This Lop.com pest gives me a "Not deleted; insufficient
rights", when I try to remove it.
I upgraded my Pest Protrol this we and that is when I
found it.


Spybot allerts me to a DSO Exploit but I am not sure if
they are related.

DSO Exploit: Data source object exploit (Registry change,
nothing done)
HKEY_USERS\S-1-5-21-1177238915-1677128483-854245398-500
\Software\Microsoft\Windows\CurrentVersion\Internet
Settings\Zones\0\1004!=W=3


I am concerned about the DSO Exploit problem with Windows.
Has anyone run into this problem, and if so, how did you
resolve it?

Thanks,
Carl
 
I have not dealt with that particular problem. I suggest that you make sure you are
logged on as an administrator and try removal again. If you still have insufficient
permissions, as an administrator you can always give yourself full permissions to an
object in it's properties/security. If you can not you need to take ownership first
by going into properties/security/advanced/ownership where you can select the
administrators group to be new owners. Sometimes booting into safe mode will also
work when trying to resolve such issues. If none of that helps try searching
http://Google.com web AND groups for "lop.com removal. Also try CWShredder first and
then your other programs. The links below may be helpful. --- Steve

http://mvps.org/winhelp2002/unwanted.htm#
http://www.aumha.org/a/quickfix.htm
 
I had the IE DSO exploit show up under Spy Bot
search/Destroy on XP home. I cleaned it up and afterward
I had stop errors which can be attributed to IE
maintenance. After using restore points, this exploit is
back and I am booting fine, but is sucks having holes you
try to fix and it causes more problems. I would research
each exploit/bug you find and know what safe
actions/workarounds MS has.

Backup your registry using NTBACKUP, system state backup
(do all, recommend a copy backup) to save yourself a
headache. If you do not already have recovery console
installed, install it, It can save you in the right
situations.

Good luck.
 
Back
Top