Hi all,
I usually search the forum
http://forums.net-integration.net/index.php? when I get something new while scanning with Spybot Search & Destroy.
1) DSO exploit
In the registry, the detected data entry 1004 of each key must be
"1004"=dword:00000003
(1004!=W=3 in Spybot screen means that it is not equal to 3)
The old version of Spybot had a bug in fixing it and make it instead
"1004"=dword:
That is it deletes the number (blank).
So each time it fixes it, the error stays as it is! No number!
The only way to fix it was by editing the registry (as I did) but it is risky for novice.
I heard that the new version of spybot has solved this problem.
Meanwhile one can safely ignore it in the Spybot settings (Advanced Mode):
Settings -> Ignore Products -> Security (or All products) -> check 'DSO Exploit' (scan will ignore it)
2) SearchForIt
It is a false positive. The entry of 'SearchForIt' that Spybot detects is indeed added by 'SpywareBlaster' to protect the PC from 'SearchForIt'!
So if it is deleted (so-called fixed) by Spybot, SpywareBlaster shows that one of its entry became unprotected. After re-running protection to all, the deleted key will be reinserted in the registry in order to be protected again from 'SearchForIt'!
So Meanwhile one can safely ignore it (not fixing it if it shows ONLY 1 line) or also in the Spybot settings (Advanced Mode):
Settings -> Ignore Products -> Hijackers (or All products) -> check 'DSO Exploit'
3) Evileye
It is also a false positive. I read that The file 'iun6002.exe' is a legitimate uninstaller file, placed in the Windows folder when you install Indigo Rose's Setup Factory software. So it could be ignored too.
Have a nice day
Kerim