Anto Spyware Blocking sites

[Guest]

ok just finished installing it, ran the scan it found 3 items with high risk,
pc detective, which i removed, but now it keeps trying to re install itself,
and what a pain in the butt, and 2 others that were associated with the ebay
toolbar, which i decided to quarentine. Wow bad move, and talk about your
ultimate in spam. I cannot get to www.ebay, and my homepage was reconfigured
to msn.com. nice move ms, real nice. So I went back and un quarentined those
2 apps, and voila, ebay is back

 

[Guest]

Yeah the program IS nice, you are just TOO STUPID to read the dialog box that
came up that asked you if you wanted to allow your IE Start Page (i.e., Home
Page) to be changed from its default value (set in Tools > Advanced Tools >
Browser Hijack Settings Restore, which is the default value for IE I might
add) to the value currently set in IE, and YOU told it to Block the change!
So MSAS didn't hijack your browser, YOU DID!!

Next time take the time to read what you are allowing or blocking, because
not doing so IS how the people who write the spyware/malware end up getting
the stuff onto most computers. Its usually the user's actions that end up
getting their systems infected.

If you want to get rid of the toolbar, use Windows Add or Remove Programs
(Start > Run > Control Panel) and to uninstall the toolbar. The toolbar
probably has registered components that only th unistaller knows where they
are and not using the unistaller to remove it can cause the toolbar to only
be partially removed. This can happen even if you are using Ad-Aware,
Spybot, ewido, etc. to remove these types of items, as toolbars can be a big
PITA (pain in the a**) to remove if you don't use the unistaller to remove it
from the system.

Also make certain that you are using the administrator account that
installed the app otherwise the removal will fail to properly remove items.
We should see multiple-user account support when Beta 2 comes out later this
year. The reason it's not currently present is the original app, Giant
AntiSpyware was only a single-user app and the program went beta only 21 days
after MS bought out Giant Company, which was not enough time to totally
overhaul the source code to change it from single-user to multi-user.

AS for PC Detective trying to reinstall, make certain you aren't logging
into a limited user account after removing it using the correct administrator
account, otherwise this behavior is to be expected given the app does not
support multiple-user accounts. If not, check c:\windows\prefetch (XP only)
and delete the entire contents of the folder but not the folder itself. PC
Detective might have inserted code into the prefetch folder that allows it to
regenerate itslef once the app that it's code was linked to is launched,
usually IE.

In order to change the default IE settings in MSAS, go to Tools > Advanced
Tools > Browser Hijack Settings Restore. Now select the item you want to
change, click the "Change restore setting to a new URL..." hyperlink, type in
the page you want to use, and press Enter. Do this for every setting you
want to change. The reason they did this was to assure that if someone's
browser had been hijacked BEFORE installing MSAS that the settings could be
changed to ones that are known to be safe. Imagine the horror if they used
the settings that CoolWebSearch or ABetterInternet hijacked your browser to
for its restore settings. You'd be restoring the browser to what it was when
it was hijacked, which is totally asinine if you ask me!

Alan

 

[Guest]

First of all, the name calling is not needed or wanted, secondly, no box
popped up asking me squat, if it had, then this question would not of even
posted here. Maybe, just maybe, you should have asked, "did you not see a pop
up box asking to change.........instead of assuming that one did appear. and
well all know how to spell assume, don't we. Thanks for the input though. NOT

 

[Guest]

Hey CJ

The Ebay toolbar detection is abit strange Ive just tried installing the
toolbar from ebay as a test and MSAS didnt detect anything in the scan, It
was Version 2 of the toolbar so maybe this is why if you have the first
version. I'm not sure why it would detect Ebay as a problem though,

The PC Detective is a commercial spy program so its more likely that someone
else who uses your pc has installed it and keeps trying to re-install it or
from another pc connected via a network so you may be best asking them why
they want to spy on your computer use as it will collect details on
everything you do including websites visited, applications run, all
keystrokes, chat conversations, Instant messages and screen captures and will
then email the person who installed it with the information.

If you have any filenames that are being detected on both ebay and pc
detective it would help identify them and find a method to fully remove them
,

Regarding your IE Homepage they will be reset if items are set to remove
but you can change this by going to the 'Advanced tools' area of MS Antispy
then 'Browser Restore' and clicking 'Start Page' then press 'Change restore'
settings however I'm not sure how well this works, Ive just changed mine to
Yahoo and then reopened MSAS and checked that area again, even though it
shows yahoo as the restore, if I press change it then still displays the
Microsoft address in the pop up box and does so each time I save yahoo and
reopen it ?

The other method that will work is open a IE window goto 'Tools' on the top
bar then 'Internet Options' , on the hompage address box type the homepage
you want and press Apply

Regards

Andy

 

[Guest]

Sorry for that, but every post I've read where people who had the same
problem did block the change without reading the message. The same is true
for many issues people have with the program, given the lack of support for
multiple user accounts. Some people have had to hack the registry to fix the
problems that either they or another user caused by not carefully reading the
dialog box.

As I said in my reply, make certain that you are using the administrator
that installed the app account to detect/quarantine/remove anything,
otherwise these types of problems are bound to come up, and are to be
expected given the lack of support for multiple user accounts. The same is
true when browsing the Internet since you will constantly get a dialog error
box asking if you want to allow or block the change of the Start Page for IE,
etc.

One question that I have is did you download the installer from Microsoft or
elsewhere? If you didn't download it from Microsoft this could be another
cause of the problem. A few months after the program went beta people
discovered copies of the installer on peer-to-peer networks that included
spyware. Also, what build are you running? The current build is 615. If
you don't have build 615 or you downloaded the app from somewhere other than
microsoft.com, the installer for the current build can be found at
http://www.microsoft.com/downloads/...A2-6A57-4C57-A8BD-DBF62EDA9671&displaylang=en.

Alan

 

[Guest]

OK
first of all, i think we are all off a little here. I was not complaining
about what it did, cuz i remedied it rather quickly, i was just shocked that
it blocked access to ebay completely, and didnt warn me, and i thought it was
because i had removed those 2 items. As a side note, pc detective, is a
keylogger, that lets you monitor usage of your computer, when used by others,
i never liked that pos software, and i can't find it in pre fetch, and i am
leary of del the entire contents of that folder. What I will do is move the
contents to a safe location, and see if that stops the gd thing from
installing or attempting to every time i click on the antispyware from ms. I
am pretty watchful over what i do and dont do, and like i said, it didnt
give me any warnings at all, about making those changes to the homepage, nor
about blocking access to the ebay site, without warning either. buggy?
mayhaps......As a side note, this is a home pc, on which I basically am the
only user, bar the once in a while kids sneaking on it...running xp pro sp2
all updates. I do appreciate all the time and input, as you had mentioned a
few things i certainly was not aware of, thank you for that.
The installer was dl direct from the ms site, as i don't screw around with
"other" sites spouting off that they have it too. No telling what they added
to it.

Jim

 

[Guest]

It's perfectly fine to delete the contents of the prefetch folder. The
folder is only used by Windows to speed up the launching of applications.
The problem is that many spyware/malware/virus/Trojan (you get the idea)
writers use it to cause their porgrams to get respawned the moment you launch
the app whose prefetch data is linked to the code placed there by the
infection. It's a good idea to check the prefetch folder regularly for any
new "what the...?" items in the folder and do a google search to see what
they might be.

What's bugging me about the problem with the eBay toolbar is that removing
it, or even not completely removing it should not have caused any problem
viewing ebay.com. That is, unless they (eBay) added hooks into IE that
caused problems since the toolbar was quarantined. Apparantly, if you have
the toolbar installed, it MUST be there to view eBay, which is kind of a
spyware-type stance for them to take. This isn't good for them, and it
certainly isn't good for the end-user.

Alan

 

[Guest]

One more thing about the prefetch folder.

Deleting all the contents allows you to remove any bad items from the
folder. The good items will repopulate the folder when you launch those apps.

Alan