Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

WebDialer & DSO Exploit on start-up


  • Please log in to reply

#1
CliffR

CliffR

    New Member

  • Member
  • Pip
  • 1 posts
Running XP Home. VirusScan, SpySubtract, CWShredder,AdAware & SpywareDoctor all come up "clean". However, Spybot detects "DSO Exploit - 5 Entries" and "WebDialer - 4 Entries". Spybot "removes" the DSO Exploit entries, but cannot remove WebDialer (suggests problem may be corrected on restart). However, if Spybot is allowed to run at next start-up, both DSO Exploit and WebDialer are again found.
Spybot detail shows "DSO Exploit: Data source object exploit (Registry change, fixed)" after "repair" and "WebDialer: RAS profile (Registry key, fixing failed)."

The indicated registry entries are:
DSO Exploit: "HKEY_USERS\S=1=5=19\Software\Microsoft\Windows\Current Version\InternetSettings\Zones\0\1004!=W=3"
WebDialer: "HKEY_USERS\S-1-5-18\RemoteAccess\Profile\eConnect" and "HKEY_USERS\.DEFAULT\RemoteAccess\Profile\eConnect" and "HKEY_USERS\S-1-5-18\RemoteAccess\Profile\OnlineDialer" and "HKEY_USERS\.DEFAULT\RemoteAccess\Profile\OnlineDialer".

Do I need to worry about removing these at all? If so, how do I get rid of them?
  • 0

Advertisements


#2
Metallica

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 33,101 posts
Problem 1 DSO Exploits, please read:
http://www.majorgeek...wnload4392.html

Problem 2 The Online dialer

Copy the bold part below into notepad and save it as dialerbgone.reg

Doubleclick the file you made and confirm you want to merge it with the registry.

REGEDIT4

[-HKEY_USERS\.DEFAULT\RemoteAccess\Profile\eConnect]

[-HKEY_USERS\.DEFAULT\RemoteAccess\Profile\OnlineDialer]

[-HKEY_USERS\S-1-5-18\RemoteAccess\Profile\OnlineDialer]


Then reboot and do another scan.

Regards,

Pieter

Edited by Metallica, 28 November 2004 - 05:25 AM.

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP