Lately, I have been receiving emails from my ISP's system administrator bouncing back emails sent from my account. When I examine the bounced emails, they are spams that I never sent.

I run adaware with no results. When I run spybot, it finds this,
"DSO Exploit: Data source object exploit (Registry change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Inter net Settings\Zones\0\1004!=W=3

DSO Exploit: Data source object exploit (Registry change, nothing done)
HKEY_USERS\S-1-5-21-507921405-839522115-1343024091-1004\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings\Zones\0\1004!=W=3

DSO Exploit: Data source object exploit (Registry change, nothing done)
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Inter net Settings\Zones\0\1004!=W=3

DSO Exploit: Data source object exploit (Registry change, nothing done)
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Inter net Settings\Zones\0\1004!=W=3

DSO Exploit: Data source object exploit (Registry change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Internet Settings\Zones\0\1004!=W=3"

I have it fix the problem then, when I reboot, it is back. NAV finds no infection on the computer.

Does anyone know what TH is causing it and what removal tool do I need to fix it?

It appears that you may need to run windows update as the DSO Exploit is an IE Security Hole. Make sure your system is up to date.

If your system is up to date, then I think this is a bug mentioned on several other sites within spybot.

Here (http://forums.net-integration.net/index.php?showtopic=15308) is a fairly detailed explanation that I found from here (http://forums.spywareinfo.com/index.php?showtopic=7407) which I found from this (http://www.google.com/search?hl=en&ie=ISO-8859-1&q=DSO+Exploit%3A+Data+source+object+exploit+%28Reg istry+change%2C+nothing+done%29) Google search.

Get the Windows patched, like Headache says.

If you still get this after installing all the relevant updates, don't worry. There is a small bug in Spybot, that can throw up this error.

Also the bounce-back emails are probably NOT coming from your machine, but from someone else who is infected. The Virus is spoofing the from address so that it looks like it is coming from your machine. It could be coming from anyone who has your address in their address book.