Re:Re:Bothersome Reg. Entries

From: Sadie (anonymous_at_discussions.microsoft.com)
Date: 05/23/04 

Date: Sun, 23 May 2004 13:00:04 -0700

No worries!
There are two exceptions:Windows Update and the internet
interface for this news group which will not function
without active scripting.

At all other times when surfing the net I chose to
disable every facet of it.This is because the risk of
landing on a malicious site is too high.

The "detonator",for want of a better word,behind CWS is a
single active x control.No matter what precautions you
take in ensuring "moderate safe search" is enabled in
Google,the CWS domains will still spring up (They are no
longer exclusively "explicit",it appears.You can't avoid
them anymore by not being a perv.)
One solitary active x control is all it takes for them to
commandeer your computer.

I saw it for myself,a few days ago.Don't under estimate
the power of active scripting be it java or active x.One
snip of malicious code,and that's it.You won't even
recognise your computer anymore,let alone be able to run
it.

If you are visiting sites you trust and love to
visit,perhaps,you'd make an exception.Websurfing by its
very nature means exploring new domains and landing in
places you've never been before.

Trojan dialers,coolwebsearch,browser
redirectors,persistant pornographic pop ups...too much of
the bad stuff out there is accomplished via active
x.Don't take any chances.

Active x in the right hands is a beautiful thing,I'm
sure.For now though,those settings stay the way they are.

Sadie

>-----Original Message-----
>Sadie,
>why do you have active scripting disabled?
>I would like to know why,I'm nosy and may learn
>something....Thank you...
>>worried<
>
>
>>-----Original Message-----
>>http://forums.net-integration.net/index.php?
>>showtopic=15308
>>
>>No problem!It's a Spybot Search And Destroy bug-only
not
>>quite as described in the forum above.I flippin' well
DO
>>have active scripting disabled..
>>
>>Sorry to have bothered you.
>>
>>Sadie
>>>-----Original Message-----
>>>Hello,
>>>
>>>Spybot Search And Destroy keeps turning up these
>>registry
>>>entries every time I do a scan.
>>>
>>>I have never seen them before.I know they are Data
>>Source
>>>Object Exploits,but unlike other Microsoft DSO
>>>entries,they are unfixable.(They will return after
>>>being "fixed".)Which makes me wonder whether it might
be
>>>something more sinister.
>>>
>>>I have obfuscated the PID numbers here.What the blazes
>>is
>>>1004!=W=3 ?
>>>
>>>Admittedly,I am probably still jumpy after the CWS
take-
>>>over bid.
>>>
>>>DSO Exploit: Data source object exploit (Registry
>>change,
>>>fixed)
>>>
>>>HKEY_USERS\#####\Software\Microsoft\Windows\CurrentVers
io
>>n
>>>\Internet Settings\Zones\0\1004!=W=3
>>>
>>>DSO Exploit: Data source object exploit (Registry
>>change,
>>>fixed)
>>>
>>>HKEY_USERS\############\Software\Microsoft\Windows\Curr
en
>>t
>>>Version\Internet Settings\Zones\0\1004!=W=3
>>>
>>>DSO Exploit: Data source object exploit (Registry
>>change,
>>>fixed)
>>>
>>>HKEY_USERS\######\Software\Microsoft\Windows\CurrentVer
si
>>o
>>>n\Internet Settings\Zones\0\1004!=W=3
>>>
>>>DSO Exploit: Data source object exploit (Registry
>>change,
>>>fixed)
>>>
>>>HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentV
er
>>s
>>>ion\Internet Settings\Zones\0\1004!=W=3
>>>
>>>Many thanks for any light that can be shed on the
>>subject,
>>>
>>>Sadie
>>>.
>>>
>>.
>>
>.
>

Quantcast