Defender alert

[Guest]

WIndows defender pops up the alert window with a question mark in systray
everytime I staret windows. If does not recognize a shortcut I have in the
start up group. even though I have told it to permit it. It does not show up
in allowed group. I am signed up for advanced spynet. To my knowledsge I am
running release version of Defenders. The real strange thing is the icon
istartup is for Outlook 2003 amd MS product.

 

[Guest]

Permit really means allow this time only. The permit is not remembered. You
can only get scanned entries into allowed items. The real issue is why real
time protection is complaining about your shortcut. I'm guessing that since
Outlook 2003 typically gets updated by Microsoft Security fixes every month,
WD may be alerting you that the shortcut is now pointing to an updated
version of Outlook. Again, I'm not totally clear what criterion WD uses.
So, as a test, delete the existing shortcut and create a new one. If I am
right, WD should complain the first time. Now logoff and logon. WD should
not complain the second time. If WD does complain the second time, you might
be able to suppress the real time warning by putting the shortcut path in the
do not scan file or locations table. Use Tools->Options and scroll down to
Advanced Options. You should see a button to Add an entry. Good luck.

 

[Guest]

Well I recreated the shortvcut and the same thing. So I added the path
C:\Documents and Settings\All Users\ Start Menu\Programs\StartUp\Microsoft
Office Outlook 2003.Ink and it chganged it to
C:\Windows\INstaller\{91130409-6000-11D3-8CFE-0150048383C9}\outicon.exe so
since that was not the valid path that permit mentioned I removed it and
replied back. Also when I browsed to the path it change the entry to the
above Windows\Installer..... . Thanks

 

[Guest]

I understand what you did, but I am not sure if that was necessary. I went
to all programs and created a shortcut on my desktop (via right click, send
to, and create shortcut on desktop) for Outlook 2003. I then did a cut on
the desktop icon for Outlook and then went into explorer and did a paste on
the Startup folder. Windows defender complained the first time, but did not

 

[Guest]

Even after doing that it still wd did not like it so I tried putting the
path it wanted in the do not scan files under advanced option and it still
did not like it. After I tell it to permit it is fine until I reboot again. I
tried this on a couple machine with the same results.

 

[Guest]

Sorry, put my paw in my mouth. When I did a reboot of the system, Windows
Defender complained, so it is necessary to add the entry to the do not scan
locations folder. FYI, Outlook 2003 seems to be classified. You can verify
for yourself by using Tools->Software Explorer and then selecting Category:
Currently Running Programs. The actual start command for Outlook 2003 is in
the registry of the form ...Windows\Installer\.... So, I really don't
have a good explanation as to what Windows Explorer is complaiing about.
Could it be something as stupid as Outlook.lnk is not classified?

 

[Guest]

I think I can find an alternative workaround. Do you have Spybot S & D
installed on your system?

 

[Guest]

Even if I put it in the do scan list in the Windows\installer form it bulks.
Now I have not looked at my machine at home which is out look 2003 out look
2000 gives me the same behavior at work and if I look at software explorer it
is in the process of being classified. You started to mention a work around
with spy bot. I do not have it installed but could easily do so.

 

[Guest]

Go ahead and install Spybot S & D without Tea Timer (real time protection).
After the installation change the Mode Option (under the Spybot title line to
the left) to Advanced and click Tools. Clheck the box for System Startup.
Now click on System Startup (left side of screen) and you will see most of
the Run entries. Now you can create your own run registry startup entry. You
can create a startup entry for all users or your current user. You could
name the link Outlook and then use the browse box underneath the link name to
create the path to Outlook 2003. Don't forget to delete your shortcut under
Startup first. Now if WD complains, you can put the real path name to
Outlook in the do not scan file box under WD.

 

[Guest]

Forgot to say, under System Startup, click Insert Icon (just under the top
row) to create your startup entry.

 

[Guest]

I just tried your Spybot workaround at work and so far it appears to work.
Could I not also run reg edit go to HKEY Current
User\software\microsoft\windows\run and select add new string called out look
and for its data value asign it the path to outlook. Thus eliminating the
need for Spybot?

 

[Guest]

Yes. I didn't know what level of familiarity you had with Regedit, so I
advised Spybot. Also, I typically recommend the use of several anti-spyware
tools. Windows Defender is good at detection, but sometimes has
short-comings in the removal process. Also, the "passive" immunization
feature of Spybot prevents the inadvertant installation of third party
spyware software. I periodically (2 to 4 weeks) do full scans with WD,
Spybot, Lavasoft Ad-aware SE, ewido, a-squared, SuperAntispyware. I know it
is over-kill, but the software is free. Consider it like getting a second
opinion. I personally don't like the way WD real time protection handles the
startup folder; however, the existence of potentially malicious software
invoked via the startup folder can be easily overlooked. I haven't given you
a solution to your original problem. I hope you can live with the workaround.

 

[Guest]

Point well taken on using several Spyware programs. I currently use WD NIS
2006 however when I renew I plan on trying out Windows Live Care One as it is
getting to costly to protect 4 machines at home with NIS. I Also use
Lavasofts but only seems to find cookies plus the neglible stuff I never am
quite sure what to do with it so I usely leave that. I did use Spybot at one
time but started having some problems with getting updates. Maybe I will try
it again. I did not want to waist one of the support calls with WD on
something that realy was not abig issue. Maybe if enough people use spynet
and run into this issue they will classify the ink file and eliminate the
problem. Thanks for all the input.

 

[Guest]

You should not have any problems with the Spybot updates if you always select
Safer Networking #1 (Europe) to do the downloads. Also, the updates to
Spybot usually come every Friday. My personal bias against Symantec
precludes me from ever purchasing their software, although I felt Norton
Ghost was a good product. NIS is a very comprehensive suite; however,
Symantec has a history of support issues, NIS has high memory and resource
utilization , and never uninstalls cleanly. And as you indicated the cost is
prohibitive. Have a good one.