The weird behaviour of Spybot

[Guest]

Wish I could have helped :-(

I've never heard of Xceed and have not idea what it does.

That's why I'm a geek With Out portfolio :-(

?
Tim

 

[robinb]

from what i read in the spybot forum seems like users using other AV
programs other than AVG are also seeing the same problem.
for those using AVG they claim to shut off the Residential shield in AVG
that fixes the problem for some.
I think i will wait till spybot comes up with a fix before i do the new
updates since other av programs are interfering with spybot too so it tends
to make me feel it is something new in spybot since none of these ppl had
problems before.
robin

 

[Guest]

I think i will wait till spybot comes up with a fix before i do the new
updates

The guys at Spybot are successfully working towards a fix now, I believe
(though there's still a good deal of uncertainty about why this suddenly
became a problem). See here:
http://forums.spybot.info/showthread.php?t=10443&page=11

 

[robinb]

i am wondering if it has anything to do with teatime on or off.
I just downloaded the original updates and also downloaded the dll that was
told to replace with.
I do not have teatimer on and on this notebook i am typing on it only has
the avg free 7.5 version
spybot' scan ran fine, under 15min like it normally does.
I have not tested it yet on the desktop computers.
Out of commission for a few days until they figure out what this is- I
pulled a muscle or have a hernia in my groin
I am going for a MRI at 3:30pm EST
Will not have results for a day or two but the doctor told me i have to be
off my feet for a few days and cannot pick up anything heavier than an 8oz
can of coke, so i am typing to you on the sofa.

robin

 

[Randy Knobloch]

My best information is that the folks at Safer-Networking;
(SpyBot) - are well aware of the situation. The fix will likely
come in the form of an update.

For me, taking forever to scan is unacceptable.
Fifteen or so minutes on a current machine should be long
enough, if longer, your settings may be incorrect.

Do not use any of the Beta components offered during an
update unless you are looking for a research project!

**Do Not disable your anti-virus to complete a scan**
If you do so, completely disable your Internet connection.

Randy

--
siljaline

MS - MVP Windows (IE/OE) & Windows Security, AH-VSOP

Security Tools Updates
http://aumha.net/viewforum.php?f=31

Reply to group, as return address is invalid that we may all benefit.

 

[Guest]

**Do Not disable your anti-virus to complete a scan**
If you do so, completely disable your Internet connection.

Randy, could you explain a little more, please? I must admit that I assumed
that my firewall wouldn't allow anything in during the 7 minutes that Spybot
was scanning with the AVG resident shield switched off (since I wasn't doing
anything else at the same time). But your comment suggests I was mistaken to
think this?

 

[Randy Knobloch]

Randy, could you explain a little more, please? I must admit that I assumed
that my firewall wouldn't allow anything in during the 7 minutes that Spybot
was scanning with the AVG resident shield switched off (since I wasn't doing
anything else at the same time). But your comment suggests I was mistaken to
think this?

When you say firewall, Alan - the Windows XP firewall? It doesn't provide
sufficient protection against viruses and worms floating on the Net.

Unfortunately, I am not familiar with AVG to make a recommendation.
The AVG Forum *may* have an answer but then again, I have never run AVG.
For your reference; http://forum.grisoft.cz/freeforum/

Good luck!

Randy


--
siljaline

MS - MVP Windows (IE/OE) & Windows Security, AH-VSOP

Security Tools Updates
http://aumha.net/viewforum.php?f=31

Reply to group, as return address is invalid that we may all benefit.

 

[Guest]

When you say firewall, Alan - the Windows XP firewall? It doesn't provide
sufficient protection against viruses and worms floating on the Net.

No, I'm using the AVG firewall, Randy.

What I mean is - with the firewall working, with all ports stealthed (as
confirmed by the Gibson Research site), and with Internet Explorer not
running - I don't understand how a virus or worm could actually get into my
machine even if the real time AV were switched off briefly while Spybot ran
its scan. It's the general principle I don't understand - not the specific
case.

(One of the online scanners - I think Kaspersky - actually recommends you to
disable your onboard real-time AV protection while it does its full system
scan.)

 

[Guest]

Hi Alan

I think the answer is that it would be very difficult. Nothing is impossible
these days and perhaps the advice Randy is giving is `better safe than
sorry.` I guess the argument must be : If you`re not connected then quite
simply, you will not be compromised. On the other hand, if you lower your
defences by turning off RTP while connected, it could be argued you will
always be vulnerable. Having said that, I must confess to NOT practising this
procedure myself but have often wondered whether or not I should. Some might
argue this could be the paranoid approach but I guess a little paranoia never
did anyone any harm. Trouble is, online scanners require an online connection
and installation of Active X controls - the very things we have been educated
to view with extreme caution !! Where do we draw the line ?

Stu

 

[Robin]

well i beg to differe a bit since the beta offered came from the people at
Spybot themselves.
and after reading several posts of people who tried the beta and found very
good results, I did it too.
One one computer, I updated spybot and found it scanned to a crawl.
I replaced the dll that was given by spybot and she ran the 15min it
normally runs with no problems.
I tried this on the second computer- same thing and again replaced the dll
and all went well.
I have had 3 clients call me explaining it took over an hour to run spybot.
I walked them through the dll fix and everything worked great after that.
So far Spybot has not issued an update which surprises me because this dll
seems to be the problem
robin

 

[Guest]

So far Spybot has not issued an update which surprises me because this dll
seems to be the problem

I believe (but haven't checked) that they've issued a beta update for the
fix. If I remember correctly, Patrick (I think that's his name?) was hoping
to continue working on the temporary fix, and then issue it as a non-beta
update. I presume he's still tinkering with it?

I was slightly surprised by my willingness (or was it foolhardiness?) to be
the first person to try the new Spybot dll and report back to the forum with
news of its success. I believe it's called 'living on the edge'..... I may
even risk going out without an umbrella someday.

 

[Guest]

I guess the argument must be : If you`re not connected then quite
simply, you will not be compromised.

Well, that makes sense of course, Stu; and I suppose one has to ask - why
take the risk when all it takes is a click of the button?

That still leaves a question mark over what to do with the Kaspersky online
scanner though.

 

[Randy Knobloch]

I believe (but haven't checked) that they've issued a beta update for the
fix. If I remember correctly, Patrick (I think that's his name?) was hoping
to continue working on the temporary fix, and then issue it as a non-beta
update. I presume he's still tinkering with it?

I was slightly surprised by my willingness (or was it foolhardiness?) to be
the first person to try the new Spybot dll and report back to the forum with
news of its success. I believe it's called 'living on the edge'..... I may
even risk going out without an umbrella someday.

I think I've mentioned it in this thread, there is a temporary fix, which I do not
recommend since it requires tweaking the SpyBot installation.

A non-Beta fix should be available by Friday of this week, or perhaps a bit later.

Randy

--
siljaline

MS - MVP Windows (IE/OE) & Windows Security, AH-VSOP

Security Tools Updates
http://aumha.net/viewforum.php?f=31

Reply to group, as return address is invalid that we may all benefit.