md usa spybot fan
2007-09-13, 00:05
There appears to be a defect in immunization "Undo" in Spybot 1.5.
Example of the problem (HKCU registry key):
When you do a Spybot immunize facility "Immunize" the immunization routine adds the follow registry entries:
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\2006ooo.com]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\2006ooo.com\www]
*=dword:00000004
When you do a Spybot immunize facility "Undo" the immunization routine deletes the follow registry entry:
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\2006ooo.com\www]
*=dword:00000004
This leaves the following registry entry in place:
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\2006ooo.com]
The problem only occurs when only the subkey of the site is set to "*=dword:00000004". If both the site and the subkey are set to "*=dword:00000004" than both entries are deleted as in the following example:
When you do a Spybot immunize facility "Immunize" the immunization routine adds the follow registry entries:
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\163.com]
*=dword:00000004
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\163.com\www]
*=dword:00000004
When you do a Spybot immunize facility "Undo" the immunization routine deletes both entries.
It appears that there are currently 123 occurrences of this immunization "Undo" problem. The 123 occurrences times the 6 registry keys of that type (restricted zone by domain) where immunization is done on my Windows XP Home system leaves 738 orphaned registry entries when I do a Spybot immunize facility "Undo".
Example of the problem (HKCU registry key):
When you do a Spybot immunize facility "Immunize" the immunization routine adds the follow registry entries:
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\2006ooo.com]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\2006ooo.com\www]
*=dword:00000004
When you do a Spybot immunize facility "Undo" the immunization routine deletes the follow registry entry:
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\2006ooo.com\www]
*=dword:00000004
This leaves the following registry entry in place:
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\2006ooo.com]
The problem only occurs when only the subkey of the site is set to "*=dword:00000004". If both the site and the subkey are set to "*=dword:00000004" than both entries are deleted as in the following example:
When you do a Spybot immunize facility "Immunize" the immunization routine adds the follow registry entries:
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\163.com]
*=dword:00000004
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\163.com\www]
*=dword:00000004
When you do a Spybot immunize facility "Undo" the immunization routine deletes both entries.
It appears that there are currently 123 occurrences of this immunization "Undo" problem. The 123 occurrences times the 6 registry keys of that type (restricted zone by domain) where immunization is done on my Windows XP Home system leaves 738 orphaned registry entries when I do a Spybot immunize facility "Undo".