View Full Version : auto scheduler does not run
ringtail
2006-01-25, 18:43
I have set the scheduler about 15 times now and it will not start and perform scans as I have scheduled them. Can someone please help me. I want to have it scan every hour around the clock because somehow DSO exploit keeps infecting my computer. 'Course I did just upgrade the S&D so maybe it's newer features protect better than the old ones?
Anywho, I have the scheduler set for daily, repeat every one hour, with a duration of 24 hours. Have I messed something up?:confused:
md usa spybot fan
2006-01-25, 19:34
Before we tackle the scheduler problem, I have a few questions.
... because somehow DSO exploit keeps infecting my computer. ...
...'Course I did just upgrade the S&D so maybe it's newer features protect better than the old ones?. ...
The "DSO exploit" has not been detected for quite a while by Spybot which leads be to suspect that you were running with old updates and I'm not sure exactly what you mean by "I did just upgrade the S&D".
Firstly, what Windows OS are you running?
Secondly, please run another Spybot-S&D scan. When the scan completes, right click on the results list, select "Copy results to clipboard" then paste those results to a new post. This will show the version and update level of Spybot-S&D as well as any detections that you are currently getting.
ringtail
2006-01-26, 19:32
Marketengines: Tracking cookie (Internet Explorer: Gecko) (Cookie, nothing done)
Market Engines: Tracking cookie (Internet Explorer: Gecko) (Cookie, nothing done)
--- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---
2005-05-31 blindman.exe (1.0.0.1)
2005-05-31 SpybotSD.exe (1.4.0.3)
2005-05-31 TeaTimer.exe (1.4.0.2)
2006-01-25 unins000.exe (51.41.0.0)
2005-05-31 Update.exe (1.4.0.0)
2005-05-31 advcheck.dll (1.0.2.0)
2005-05-31 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2005-05-31 SDHelper.dll (1.4.0.0)
2005-05-31 Tools.dll (2.0.0.2)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2006-01-20 Includes\Cookies.sbi (*)
2006-01-20 Includes\Dialer.sbi (*)
2006-01-20 Includes\Hijackers.sbi (*)
2006-01-20 Includes\Keyloggers.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2006-01-20 Includes\Malware.sbi (*)
2006-01-20 Includes\PUPS.sbi (*)
2006-01-20 Includes\Revision.sbi (*)
2006-01-20 Includes\Security.sbi (*)
2006-01-20 Includes\Spybots.sbi (*)
2005-02-16 Includes\Tracks.uti
2006-01-20 Includes\Trojans.sbi (*)
Why does the new version of spybot not detect DSO exploit!! I keep checking for it because it seems to slow my internet down considerably! Do I now need a different program in order to detect and remove it from my system?
The upgrade I mentioned is because I downloaded the newest version and intalled it on top of my older version.
Looking forward to some clarification on scheduler and DSO exploit issues:D
md usa spybot fan
2006-01-26, 23:29
Why does the new version of spybot not detect DSO exploit!!
The "DSO Exploit" was first reported by GreyMagic Software of Israel on February 27, 2002 and a preventative "workaround" for Microsoft's defective code was provided by Axel Pettinger and Garland Hopkins on March 3, 2002 involving the editing of the Windows registry to alter values contained within Internet Explorer's Internet Zones configurations.
http://www.greymagic.com/security/advisories/gm001-ie/
On March 28, 2002 Microsoft published Security Bulletin MS02-015 which addressed the problem and provided patches to correct the defective code making the preventative "workaround" unnecessary:
http://www.microsoft.com/technet/security/bulletin/MS02-015.mspx
Microsoft also issued an Internet Explorer Security Update, March 28, 2002:
http://www.microsoft.com/windows/ie/downloads/critical/Q319182/default.asp
The "DSO Exploit" that was detected by Spybot was based on whether or not the Axel Pettinger and Garland Hopkins preventative "workaround" was or was not present.
Spybot 1.2 detected if the "DSO exploit" preventative "workaround" had not been applied and applied it whether or not the Microsoft patches had been applied to the system. When Spybot 1.3 was released May 12, 2004 it also detected if the "DSO exploit" preventative "workaround" had not been applied, but did not apply the workaround properly. Therefore after fixing the "DSO exploit" with Spybot 1.3 you would get the "DSO exploit" again on a subsequent scans. The detection of the "DSO Exploit" was eliminated 2005-02-16. When Spybot 1.4 was introduced 2005-06-01, although it was capable of implementing the Axel Pettinger and Garland Hopkins preventative "workaround" the detection code for the "DSO Exploit" code that had been eliminated was not immediately reintroduced. It was added back into the detection database for a short period in August 2005.
In order for someone to currently detect the "DSO Exploit" with Spybot and not be able to correct the "DSO Exploit" they would have to be running the back leveled version of Spybot (Spybot 1.3) and running old detection updates dated between 2004-05-12 and 2005-02-16 or detection updates between 2005-08-19 and 2005-08-26.
Since Microsoft corrected the problem in the underlying code on March 28, 2002, it is felt the detection should longer be necessary.
The only concern that you should have in regard to the "DSO Exploit" is if you have not updated Microsoft Internet Explorer since March 28, 2002.
**************
Looking forward to some clarification on scheduler …
I am looking forward to an answer to the following question (unless I missed it somehow):
Firstly, what Windows OS are you running?
If the answer is XP just read the following:
With Windows XP the user account that adds the schedule entry must have a password. This is because Spybot uses the OS scheduler and XP requires a password to schedule. See:
Scheduled Tasks cannot run with a blank password
http://support.microsoft.com/default.aspx?scid=kb;en-us;310715
Possible workaround to password requirement:
Scheduling a Spybot scan under Windows XP
http://forums.spybot.info/showthread.php?t=1828
For additional information on scheduling parameters that can be used, see the following:
Are there any command line parameters?
http://www.safer-networking.org/en/faq/30.html
Common parameters used:
/TASKBARHIDE /AUTOCHECK /AUTOFIX /AUTOCLOSE