Spybot Homepage (http://www.safer-networking.org/ )

I think it was Rink that said she preferred Adaware over Spybot because AA was updated more often.

I think I found out why...they released v1.3 and were no longer providing updates for v1.2. Not sure when 1.3 was released, but I'll bet it happened some time ago.

Download v1.3 (http://www.safer-networking.org/index.php?page=download)

Just installed and ran Spybot 1.3 tonight and it found 50+ items that Adaware and v1.2 were missing.

Be smart. Get both.

Thanks!! I'll be upgradin my Spybot thanks guys /ubbthreads/images/graemlins/icon16.gif

[ QUOTE ]
Rhino said:
Be smart. Get both.

[/ QUOTE ]
Absolutely!! Had both on my box for quite some time now.

Out of curiosity, I DL'd and ran SpyBot after not using AdAware for a week or two. It found a grand total of four items, one of which AAW would have located, since it has in the past (Alexa registry ref - who knows how they get in?). The other three were reg entries for "DSO Exploit", whatever the hell that it.

I'll wait a while, and then run AdAware followed by SpyBot, and see what happens.

Read about DSO Exploit here (http://www.greymagic.com/security/advisories/gm001-ie/).

There is also a free workaround tool for it here (http://www.nsclean.com/dsostop.html).

This is a different exploit from the DSO Exploit first reported in 2001 that involves netprint.

Norton instantly flagged "XMLid.Exploit" when i tried to run the check on the Greymagic page in both Opera and IE6 SP1. And, I use Opera 99.9% of the time anyway. Nonetheless, I fetched the EXE file and will run it when I happen to think about it.

Danke.

That's normal. I believe the page actually mentions that.

LOL you guys are so...... geeky, y'know that?

[ QUOTE ]
That's normal. I believe the page actually mentions that.

[/ QUOTE ]
It did.

[ QUOTE ]
Important Note: If you run anti-virus software, it may complain when you try to run these. This does NOT mean that you have a virus now, or that you're affected or unaffected by this vulnerability.

[/ QUOTE ]

IAC, the Symantec page on XMLid.Exploit (http://securityresponse.symantec.com/avcenter/venc/data/xmlid.exploit.html) labels it as a "zoo" type.

From their Glossary (http://securityresponse.symantec.com/avcenter/refa.html) page:

[ QUOTE ]
Zoo

A threat that exists only in virus and antivirus labs, not in the wild. Most zoo threats never get released into the wild, and as a result, rarely threaten users.

[/ QUOTE ]

If it has been around since March 6, 2002 and hasn't been exploited yet, I think it's reasonably safe to conclude that the badasses don't consider it a tantalizing tactic.

Still, better safe than sorry.

[ QUOTE ]
LOL you guys are so...... geeky, y'know that?

[/ QUOTE ]
Why, thank you. /ubbthreads/images/graemlins/biggrin.gif

You're welcome.

Mebbe we need the FC's Great geek Award here for the geekiest person?

[ QUOTE ]
Rink said:
LOL you guys are so...... geeky, y'know that?

[/ QUOTE ]
Well, somebody has to be!

[ QUOTE ]
DoctorDoom said:
IAC, the Symantec page on XMLid.Exploit (http://securityresponse.symantec.com/avcenter/venc/data/xmlid.exploit.html) labels it as a "zoo" type

[/ QUOTE ]
It's a URL spoof.

[ QUOTE ]
If it has been around since March 6, 2002 and hasn't been exploited yet, I think it's reasonably safe to conclude that the badasses don't consider it a tantalizing tactic.

[/ QUOTE ]
No, cause all it can do is make a different address appear when you hover over a link. That by itself is not damaging, just annoying.