PDA

View Full Version : Can't remove DSD Exploit & Erodata



maxcalvada
2009-05-19, 18:27
Everytime I run Spybot, the search results in 5 entries for DSD Exploit and 2 entries for Erodata.

When I hit "Fix Selected Problems" I wind up with a message that a program using these items might currently be in use and that's maybe why they can't be deleted. I'm then asked if I'd like to automatically run Spybot next time I start my computer. I have clicked "yes" to this and when Spybot runs a search when I start my computer, I wind up with the same thing: I can't delete any of these items.

The 5 DSD Exploits have this folder trail: \internet settings\zones\0\1004!=W=3

The 2 Erodatas have this folder trail: \remote access\profile\telecoin

Any suggestions on how to get rid of these?

Thanks.

tashi
2009-05-19, 18:30
Hello maxcalvada,

Please open Spybot Search & Destroy > Help > About and let us know the version and date of last definitions.

Best regards.

maxcalvada
2009-05-20, 16:06
Spybot - Search & Destroy 1.3

spybotsandra
2009-05-20, 16:29
Hello,

You are running a six year old version that has old scanning routines and is not being updated anymore.

Please uninstall Spybot - Search & Destroy according to the following link:
http://www.safer-networking.org/en/howto/uninstall.html
Then make a fresh install of Spybot - Search & Destroy 1.6.2 (http://www.spybotupdates.com/files/spybotsd162.exe).

Best regards
Sandra
Team Spybot

md usa spybot fan
2009-05-20, 19:38
What version of Windows Internet Explorer are you running and when is the last time you updated it?

The "DSO Exploit" was first reported by GreyMagic Software of Israel on February 27, 2002. This exploit of defective code allowed the execution of dynamically insert HTML without using Active Scripting (ActiveX) in Microsoft Internet Explorer 5.01, 5.5 and 6.0. A "workaround" for Microsoft's defective code was provided by Axel Pettinger and Garland Hopkins on March 3, 2002 involving the editing of the Windows registry to alter values contained within Internet Explorer's Internet Zones configurations. This is the original article about the "DSO Exploit", edited after the "workaround" was discovered:
http://www.greymagic.com/security/advisories/gm001-ie/

On March 28, 2002 Microsoft published Security Bulletin MS02-015 which addressed the problem and provided patches to correct the defective code:
http://www.microsoft.com/technet/security/bulletin/MS02-015.mspx
Internet Explorer Security Update, March 28, 2002:
http://www.microsoft.com/windows/ie/downloads/critical/Q319182/default.asp

The bottom line: If you applied Microsoft's March 28, 2002 Internet Explorer Security Update or any subsequent cumulative security updates or upgraded Internet Explorer since then, you can safely ignore Spybot's report of a "DSO Exploit".