I down loaded this new version this morning. Thought I'd ask to see how its working before loading it up.

Thanks

Works/looks the same as the previous version.
Scan time is the same and still have to set its service back to manual after doing an on-demand scan and reboot to clear it.
Otherwise, it's business as usual - no surprises, good or bad.

-{ Quote: "Works/looks the same as the previous version.
Scan time is the same and still have to set its service back to manual after doing an on-demand scan and reboot to clear it.
Otherwise, it's business as usual - no surprises, good or bad." }-
Thanks coolbluewater. I loaded it up this evening. I see they added a "behavioral detection" option to sweep settings (maybe some kind of heuristics?) but I think that's only for SS w/AV. They also added an e-mail attachment shield but my ZA firewall is blocking it from working. I think you have to add your ISP mail server to trusted zone to make it work. I don't really need it anyway since NOD32 checks e-mail. Everything else seems to be as before. Scan time appears unchanged.

So the behavioral guard is this? Sophos Behavioral Genotype® Protection. I tried the anti-virus in the previous version, but I thought it was incomplete. I'm trying to get a copy of the regular Spy sweeper version through customer support because I use AntiVir now.

-{ Quote: " They also added an e-mail attachment shield but my ZA firewall is blocking it from working." }-
In my case the e-mail attachment shield worked fine with ZA but it blocked receiving emails. I had to make the following changes to the port assignments for this shield in E-mail Attachments Shield Options to fix this problem:

POP3 = 10110
SMTP = 10025

I use MS Outlook as my mail client.

After updating, and having all the shields turned off, including the new ones, I wasn't able to change the SSDP Discovery Service from Disabled to Manual start. Access Denied. Event Viewer showed Event ID 7006.

I reverted to a FirstDefense snapshot taken immediately prior to the update and was able to change the service to Manual start. I think the new Services shield, even though it was turned off, had altered some permission setting.

I've searched on google for an hour or two but couldn't find anything that helped.

The GUI also took a lot longer to open after the update.

XP SP2 Admin Account.

-{ Quote: "In my case the e-mail attachment shield worked fine with ZA but it blocked receiving emails. I had to make the following changes to the port assignments for this shield in E-mail Attachments Shield Options to fix this problem:

POP3 = 10110
SMTP = 10025

I use MS Outlook as my mail client." }-

Thanks Ranger Bob. I use outlook express but I'll take a look at your solution. There is a page on the Webroot site that gives "fixes" for firewall interference with the e-mail shield for various firewall programs. For ZA they recommend allowing all web access for SS pgms in pgm control (green checks across) and listing e-mail IPs as trusted. They even have a "how to" video.

-{ Quote: " ZAAS 7.0.337 (AS off), Nod32 2.7, Spysweeper 5.5 " }-


Hi Oldshep,

sorry a bit off topic question... you are running ZASS with AV OFF? AS OFF?
and SS with AV OFF. Isn't it a bit overkilling your machine?

As far as I know ZASS AV will still load KAV processes even if disabled... and its a quite substancial memory footprint.

Cheers,
Fax

-{ Quote: "Hi Oldshep,

sorry a bit off topic question... you are running ZASS with AV OFF? AS OFF?
and SS with AV OFF. Isn't it a bit overkilling your machine?

As far as I know ZASS AV will still load KAV processes even if disabled... and its a quite substancial memory footprint." }-

Hello fax,

On my desktop PC, I'm running ZA Anti-Spyware (check the signature - ZAAS) with the AS turned off. I don't have the Spysweeper Antivirus add on either (using NOD32). Seems to run pretty well actually. I think ZAAS is the lightest way to use the ZA firewall in a layered securtiy setup.

My laptop has ZAISS 7.0.337 (AS off) and Spysweeper (No AV). This combo has not had any problems either so far ... knock on wood.

As I have stated in other posts, I think the KAV engine in ZAISS is probably good enough so that the SS isn't needed on the laptop. But hey, it works ok so why not keep it? Subscription is paid for. SS has been like a security blanket for me for the past 3-4 years.

-{ Quote: "Hello fax,

On my desktop PC, I'm running ZA Anti-Spyware (check the signature - ZAAS) with the AS turned off. I don't have the Spysweeper Antivirus add on either (using NOD32). Seems to run pretty well actually. I think ZAAS is the lightest way to use the ZA firewall in a layered securtiy setup.

My laptop has ZAISS 7.0.337 (AS off) and Spysweeper (No AV). This combo has not had any problems either so far ... knock on wood.

As I have stated in other posts, I think the KAV engine in ZAISS is probably good enough so that the SS isn't needed on the laptop. But hey, it works ok so why not keep it? Subscription is paid for. SS has been like a security blanket for me for the past 3-4 years." }-

OOoops, sorry must be sleeping!!
Forget about my question... and thanks a lot anyway for your detailed report on ZAAS and ZASS on your systems....

Cheers,
Fax

After I upgraded to Spysweeper 5.5.1.3354, browsing (loading new webpages) slowed noticably. All webpages were affected, but at the Speakeasy website, only the download speed test functioned reliably. Often, the upload speed test never ran.

At the risk of speaking too soon, I may have found the solution. If I either disable Mcafee Site Adviser or the Internet Communications Shield, the problem appears to go away. That makes some sense since both functions appear to be similar.

I'm running XP SP2 on an AMD X2 5600+, 2GB RAM, M2N4-SLI m/b. The problem does not occur on my son's PC, which does not use Mcafee Site Advisor.

i had big problems with spysweeper 5.5
i uninstalled 5.3 rebooted and installed 5.5
i told it to check for updates and it told me the commnication shield had blocked a danagerous site and then froze my whole pc.
had to do hard reboot.
then i looked the at alerts and noticed the commnication shield wasnt loaded properly.
so i turned the shields off and it updates fine.
hopefully one day spysweeper will be bug free rofl ;D ;D ;D

@edelbeb and ladore,

Strange... I have seen no bugs whatsoever with SS 5.5. Maybe I'm just lucky. My guess is possibly conflicts with other security apps?

As security programs try to do more and more, they inevitably clash with each other. Makes me cringe every time one of my security apps makes an upgrade available.

-{ Quote: "hopefully one day spysweeper will be bug free " }-

It was,back is the days of SS 3.5 ;D
Seresley thou I remember when I used SS and it worked great but that was before 5.0 rolled out and problems started. Maybe someday when all is back to running smooth I'll try it again.

true the version 3.0 and 3.5 where bug free.
lodore

-{ Quote: "I down loaded this new version this morning. Thought I'd ask to see how its working before loading it up.

Thanks" }-
I found a conflict between 5.5 and NIS 2007 that stopped my Outlook 2003 e-mail from running. Webroot tech support suggested unchecking box in 5.5 to scan e-mail for spyware. That fixed the problem.

For those that don't already know Spy Sweeper 5.5.1.3356 is available.

current build ive got is build 3354
i might do a fresh install of build 3356 tomorrow.
lodore

-{ Quote: "Thanks coolbluewater. I loaded it up this evening. I see they added a "behavioral detection" option to sweep settings (maybe some kind of heuristics?) but I think that's only for SS w/AV. They also added an e-mail attachment shield but my ZA firewall is blocking it from working. I think you have to add your ISP mail server to trusted zone to make it work. I don't really need it anyway since NOD32 checks e-mail. Everything else seems to be as before. Scan time appears unchanged." }-

Hi oldshep:

Likewise, I loaded a few days back. It loads faster now at boottime on my pc.

I turned off it's email scanning as it's asw is weaker than BD 10's and like you I don't need double email scanning.

Don't have ZA issue cause I don't have it running right now. CFW doesn't force me to add an isp mail server as trusted. You trust the application not the server.

-{ Quote: "Hi oldshep:

Likewise, I loaded a few days back. It loads faster now at boottime on my pc.

I turned off it's email scanning as it's asw is weaker than BD 10's and like you I don't need double email scanning.

Don't have ZA issue cause I don't have it running right now. CFW doesn't force me to add an isp mail server as trusted. You trust the application not the server." }-

Hello Escalader,

Glad to see SS works well with CFW.

Looks like a new update is available. (build 3356 - from the update website: "Webroot has released a critical product update for Spy Sweeper. This update resolves a compatibility issue with Windows.") So here we go again... I've gotten in the habit of completely removing old SS versions with Webroot's SSCCleanup tool before loading the upgrades.

I'll give the new version a try and report back on any issues.

@oldshep,
where do i get the 5.5 SSCCleanup tool ?
ive got the 5.3 one but thats not much use since ive got 5.5 older build installed.
lodore

-{ Quote: "Hello Escalader,

Glad to see SS works well with CFW.

Looks like a new update is available. (build 3356 - from the update website: "Webroot has released a critical product update for Spy Sweeper. This update resolves a compatibility issue with Windows.") So here we go again... I've gotten in the habit of completely removing old SS versions with Webroot's SSCCleanup tool before loading the upgrades.

I'll give the new version a try and report back on any issues." }-

Great, I have build 3354 but I'll check the update button and see as well.

The SSCCleanup tool came from the vendor web site didn't it?

-{ Quote: "@oldshep,
where do i get the 5.5 SSCCleanup tool ?
ive got the 5.3 one but thats not much use since ive got 5.5 older build installed.
lodore" }-
@lodore and Escalader,

the closest I can get you is this link

http://support.webroot.com/ics/support/default.asp?deptID=776

Type "ssccleanup" in the search string (upper left) and that will take you to a "knowledge base" question link. Click on that and click on "here" in the following text:"Please use our cleanup tool to remove Spy Sweeper. You can download the SSC Cleanup tool from here: (NOTE: This utility is for Windows 2000 and XP users only. Not compatible with Windows Vista)".

Sorry for the round about directions but the direct link to the download page doesn't seem to work.

I should add that I'm not sure this SSCcleanup utility has been updated for V5.5.

-{ Quote: "@lodore and Escalader,

the closest I can get you is this link

http://support.webroot.com/ics/support/default.asp?deptID=776

Type "ssccleanup" in the search string (upper left) and that will take you to a "knowledge base" question link. Click on that and click on "here" in the following text:"Please use our cleanup tool to remove Spy Sweeper. You can download the SSC Cleanup tool from here: (NOTE: This utility is for Windows 2000 and XP users only. Not compatible with Windows Vista)".

Sorry for the round about directions but the direct link to the download page doesn't seem to work.

I should add that I'm not sure this SSCcleanup utility has been updated for V5.5." }-

Okay, here is what I just did.

1) Downloaded the 3356 build saved to desktop
2) Uninstalled old SS
3) Reinstalled new version

All seems to be working okay, I didn't use the cleanup utility. But if I run into trouble I'll run it .
2)

-{ Quote: "Okay, here is what I just did.

1) Downloaded the 3356 build saved to desktop
2) Uninstalled old SS
3) Reinstalled new version

All seems to be working okay, I didn't use the cleanup utility. But if I run into trouble I'll run it .
2)" }-

I just went through the install again myself. To reduce the likelihood of problems, I do as follows:
1.) Downloaded the 3356 build and save to desktop
2.) Download fresh copy of SSCcleanup
3.) shut down internet
4.) shut down ZA and NOD32 and disable load at startup for each.
5.) reboot
6.) uninstall SS
7.) run SSCcleanup
8.) install new SS build
9.) restart and re-enable ZA and Nod32
10.) reboot
11.) reconfigure SS

A tedious process no doubt but I've had no problems since I started using it.

I decided to load my POP3 and SMTP sites as trusted to try the new e-mail shield. Works pretty well - no noticeable lags when receiving a 500k attachment.

I just installed over the previous version after shutting down the application. I have had no problems with either of these two versions other than the port adjustment to run MS Outlook with the new EMail Attachment Shield.

An update.
i uninstalled spysweeper 5.5 build 3354
rebooted.
i installed spysweeper 5.5 build 3356.
it rebooted showed a odd yellow screen.
then windows had a odd screen and said please wait.
so i rebooted and it loaded up normally.
the communication shield still has the same problem not loading properly.
so i disabled all shields and tryed to update.
it told me i had the lastest defs and to check the IE windows for program updates. but it completely froze my pc.
so i told spysweeper not to load at startup and im gonna ignore it for now.
so im just gonna use superantispyware pro for scans for now.
lodore

-{ Quote: "I just went through the install again myself. To reduce the likelihood of problems, I do as follows:
1.) Downloaded the 3356 build and save to desktop
2.) Download fresh copy of SSCcleanup
3.) shut down internet
4.) shut down ZA and NOD32 and disable load at startup for each.
5.) reboot
6.) uninstall SS
7.) run SSCcleanup
8.) install new SS build
9.) restart and re-enable ZA and Nod32
10.) reboot
11.) reconfigure SS

A tedious process no doubt but I've had no problems since I started using it.

I decided to load my POP3 and SMTP sites as trusted to try the new e-mail shield. Works pretty well - no noticeable lags when receiving a 500k attachment." }-

Good 11 steps oldshep! I'm going to copy them to my hints folder for future use unless you have them copyrighted! ;D

lodore, I understand your plan to ignore SS.

But I have a strong feeling that if you followed oldsheps 11 steps exactly in your fairly complex setup SS would work okay. If you did the cleanup alone after uninstalling SS it would probably be okay. Up to you of course.

Let us know what you decide if you have the time.

Oh 1 other thing, remember the list we started of the top 50 things? Did you by chance ever keep any of those? I still thought that was a good idea for newbies as a sort of tutorial thread that a lot of old hands here could add and improve upon on an ongoing basis? Like a sort of knowledge base that grew day by day? I think some of those posts are still around.

-{ Quote: "Good 11 steps oldshep! I'm going to copy them to my hints folder for future use unless you have them copyrighted! ;D " }-

Thanks Escalader. No copyright. After the problem you and I worked through with the Zone alarm - Spysweeper conflict (slow scan speeds), I figure that the extra 5-10 minutes used to go thru that process saves time in the long run.;D

-{ Quote: "Thanks Escalader. No copyright. After the problem you and I worked through with the Zone alarm - Spysweeper conflict (slow scan speeds), I figure that the extra 5-10 minutes used to go thru that process saves time in the long run.;D" }-

Yes, absolutely!;D

My scan speed issues went away! I even had better ones with ZA Pro still installed. Both products updated themselves during that nightmare and I removed both at one point or another. So we well never no which was the cause and which was the result. I'm pretty sure I know as you may do as well. But it doesn't matter now.

BTW, I have just heard from a BD forum guy that he thinks that they just allow the standard ports for email scans in and out. In our terms that means BD hard wired the ports in a bad design call.

So, for me on BD that means I may turn it off on email scans and let SS do the job.

In choosing AV's this open port choice thing becomes important for me anyway.

So does ZA let you choose, I think it did but can't remember ?

I have another way, just let my ISP gather all my email since it scans them with (NORTON) and move the ones I want to keep to my PC at my convenience. This scheme may have a flaw but I thinking about it.

See you:thumb:

Hi Escalader,
I havent thought of anymore things for the list of 50 for newcomers yet.
I dont think the lis of things to do for cleaning out spysweeper will work.
lodore

Hi Lodore:

I was unclear again. I was not asking for more stuff for the top 50 but when that thread we were in got closed off I lost track of how ever many we had listed.

What I really was on about was whether it was still a good idea.:-\

On SS, well the steps may not work on yours but only trying will tell? Unless you see something that worries you?

What is OPen DSS all about in your signature? What is it's purpose?

I used the same upgrade method that Ranger Bob explained. I simply shut down the previous version of 5.5 (3354) before I ran the installer for upgrading to 5.5 (3356). I have not had a problem upgrading this way for the SS 5.2x or the 5.5x versions. In the SS program options I have disabled the common ads shield, turned off the email attachments shield, and the key logger shield is also turned off. With my setup everything is running very well at this point in time.

-{ Quote: "I used the same upgrade method that Ranger Bob explained. I simply shut down the previous version of 5.5 (3354) before I ran the installer for upgrading to 5.5 (3356). I have not had a problem upgrading this way for the SS 5.2x or the 5.5x versions. In the SS program options I have disabled the common ads shield, turned off the email attachments shield, and the key logger shield is also turned off. With my setup everything is running very well at this point in time." }-

Hi SoCalReviews:

Thanks, also smooth here (at the moment) but your post reminds me I now need to review my shields across products again. Eg email in/outs?

BitDefender hard codes in the scan ports saying they use the international standard, problem is millions of users on my ISP in this country don't use those ports, only the incoming port matches. So I'm turning off the BD outbound and going to try using SS for scanning just outbound. Not sure they will let me! What a pain.

From BD forum: "Most isp uses the default ports
that are assigned by the international assigned number authority. This is their
website: http://www.iana.org/ Here you will find the assigned default ports:
http://www.iss.net/security_center/advice/Exploits/Ports/"

What would be wrong though with doubling up on Keyloggers?
Are these real conflicts we are avoiding or just ones we fear might happen?

Does 1 suffice or like AV's use one for real time or active and another for on demand to bump up the % detection?

What do you think?

Hi Escalader,
I think the 50 things is still a good idea.
the list of 11 things to do to install spy sweeper seems a bit extreme.
I never turn off KIS7.0 and never see a reason to.
in my signature its opendns
read about it here
http://www.opendns.com/
lodore

-{ Quote: "Hi SoCalReviews:

Thanks, also smooth here (at the moment) but your post reminds me I now need to review my shields across products again. Eg email in/outs?

BitDefender hard codes in the scan ports saying they use the international standard, problem is millions of users on my ISP in this country don't use those ports, only the incoming port matches. So I'm turning off the BD outbound and going to try using SS for scanning just outbound. Not sure they will let me! What a pain.

From BD forum: "Most isp uses the default ports
that are assigned by the international assigned number authority. This is their
website: http://www.iana.org/ Here you will find the assigned default ports:
http://www.iss.net/security_center/advice/Exploits/Ports/"

What would be wrong though with doubling up on Keyloggers?
Are these real conflicts we are avoiding or just ones we fear might happen?

Does 1 suffice or like AV's use one for real time or active and another for on demand to bump up the % detection?

What do you think?" }-

Escalader,

The few SS shields that have been been disabled were done so to improve functionality and compatibility with the other security programs I use. The SS common ad sites shield has caused problems with popular web pages (i.e. cnn.com) loading on my system since SS v5.2x so I had to disable it.

I have the key logger shield disabled simply because I think that was the default SS setting after the installation on my system. I have key logger protection in my other security programs.

The email attachment shield flat out did not work on my system and caused glitches and lockups. I read in the SS notes that it should disabled if you are using secure connection ports (SSL) for your incoming or outgoing mail in Outlook or OE. I do use SSL so that is a documented recommendation to turn the email shield off. I let my other security software such as ZASS (which has email attachment protection) and NOD32 (email attachment scanning protection) handle incoming and outgoing mail threats. I have the active KAV engine in ZASS v7 disabled and use it for on manual demand scanning once in a while. I use ZASS instead of ZAP because I was interested in some of the other features only available in ZASS while the KAV engine is a nice addition in version 7.

I have nothing against having any of the shields enabled if it works on anyone else's system. I just have found that this is what works well along with my other security programs. Computer security is always a balance of effectiveness and functionality. The programs I use along with their settings seem to provide the maximum level of system security without using up too many resources. You can see in my signature most of the security programs I use on my main desktop but I don't have a problem with system slowdown, web browsing problems, connection issues or any of those problems.

I didn't want to get away from the main thread topic of the latest SS 5.5x by discussing system hardware but these system specs might provide a good reference. My main desktop home built system hardware is only an AMD Athlon XP 2600+ (using a low voltage notebook CPU running at 2 Ghz), MSI main board, 1GB DDR system memory, and a NVidia 6600 video card w/256MB DDR. I am still running the original Windows XP Pro installation done in mid 2002. I have installed all the Windows XP security updates including SP2. I can play many of the latest resource intensive PC games with the game settings toned down a bit but I don't need to shut down any of the security software I use.

I am not recommending that my security software setup would be best for everyone's needs. You need to evaluate whether the software you use provides the level of protection you want without compromising the system performance that you need. If you can't find that balance with your current PC hardware and software setup then it might be time to consider changing your security software or upgrading the PC hardware.

SoCalReviews

Interesting setup you have, looks strong!

My ISP indicates outbound SMTP authorization required, nothing in manual on SSL. So at the moment I have SS checking the unique port numbers 110 and 587 but Bitdefender won't let me change from the standard! So it only checks incoming since users can check in , out or both. On SS you can change the port numbers but if you try to blank out one to avoid double scanning it won't let me.

But I wanted to ask you, in your NOD32 can you change port numbers and allow SSL or Not and have say in or out only checking?

If this question is OT I could start a separate thread on the various email scanning options by different products.

Escalader,

Your ISP probably requires a secure password authentication which is different than SSL which is a secure connection. I would recomend you contact your ISP tech support for specific information about your email service.

NOD32 has a separate email module specifically for MS Outlook called EMON. There is also an "internet monitoring" module called IMON that has configuration settings for inbound POP3 email checking. Besides port 110 there is a space and description for entering other the ports that are used. Since I am still relatively new to using NOD32 this would be a great question to post in the NOD32 section of this forum for more information.

It would be an excellent idea to start a separate thread in the AV area on email security, how different AV programs scan incoming POP3 and outgoing SMTP email and how to configure the security settings for common AV programs for use with the more popular email programs.

can someone remind me what i have to press to access the spysweeper secret menu.
it seems that for some reason quicktime is crashing along with opera.
all i was trying to do was watch the darn safari video.
didnt happern before i installed lastest spysweeper thou.
lodore

No problem with install or running (S S anti-spy only). I disabled the email scan since I also have NOD32. Besides, my email goes through PopTray and K9 which may complicate things, but my set up never affected the NOD scans.
The setup (http://forum.poptray.org/viewtopic.php?t=2883)!

-{ Quote: "Escalader,

Your ISP probably requires a secure password authentication which is different than SSL which is a secure connection. I would recomend you contact your ISP tech support for specific information about your email service.

NOD32 has a separate email module specifically for MS Outlook called EMON. There is also an "internet monitoring" module called IMON that has configuration settings for inbound POP3 email checking. Besides port 110 there is a space and description for entering other the ports that are used. Since I am still relatively new to using NOD32 this would be a great question to post in the NOD32 section of this forum for more information.

It would be an excellent idea to start a separate thread in the AV area on email security, how different AV programs scan incoming POP3 and outgoing SMTP email and how to configure the security settings for common AV programs for use with the more popular email programs." }-

Hello again:

I'll work on this thread idea a bit and report back later. 8)

-{ Quote: "can someone remind me what i have to press to access the spysweeper secret menu." }-

Hi Lodore,

Here you are:

http://www.wilderssecurity.com/showpost.php?p=872555&postcount=90

-{ Quote: "Escalader,

It would be an excellent idea to start a separate thread in the AV area on email security, how different AV programs scan incoming POP3 and outgoing SMTP email and how to configure the security settings for common AV programs for use with the more popular email programs." }-


DONE! SEE thread:

http://www.wilderssecurity.com/showthread.php?t=178498

-{ Quote: "Hi Lodore,

Here you are:

http://www.wilderssecurity.com/showpost.php?p=872555&postcount=90" }-
thanks Chubb
i see that once you disable sps it stays disabled.
but its very unlikely some malware will disable the service so i will let spysweeper.exe run but turn sps off so i can stop the service whenever i want.
lodore

What follows is the promotional email I got as a SS customer. I already installed it a few days back.

My question (dumb one I know :-[ ) is

Is this "Enhanced real-time protection" and the "Behavior-based spyware removal" the same as what a HIPS does? If not as I suspect what in lay terms is the difference. ?

"Now Available: New and Enhanced Protection with Webroot Spy Sweeper with Antivirus 5.5

You use Webroot Spy Sweeper with AntiVirus to keep your computer free of harmful spyware and viruses. Now, update to Webroot Spy Sweeper with AntiVirus 5.5 FREE, and receive the complete product benefits:

* NEW! Scans inbound and outbound email attachments
Automatically quarantines files containing spyware

* Enhanced real-time protection
Proactively blocks activity that may be damaging to your computer

* Behavior-based spyware removal
Identifies changes in spyware programs and removes them from your computer

If you're not using the latest version of Webroot Spy Sweeper with AntiVirus, you're not fully protected. "

-{ Quote: "I down loaded this new version this morning. Thought I'd ask to see how its working before loading it up.
" }-
I've had good results with prior versions, was last using whatever version was current in early Jan. '07, which I ran with no problems until recently. Builds 3354 and 3356 have been disastrous for me. Lots of sudden, inexplicable hangs when doing routine things, like trying to navigate folders in Windows Explorer, or open Control Panel, or even Shut Down. Trying to get out of the hang with Task Manager just leads to a blank white screen and that's it. Hardware Reset becomes the only option. I wrote Webroot and sent them program generated Bugreport Logs over a week ago, and have heard nothing back from them. (A veteran consultant told me that many companies these days drop that stuff immediately into the circular file. He also said that SS is kind of notorious for having a couple of really bad builds each year, even though he recommends the product overall.)

Another possibility is that this is now another product that is no longer supported for Win 2000. (I'm running 2K at SP4.) Or maybe it was a big mistake on my part to install the recent 5.5 builds over top of the prior version, even though this never seemed to be a problem in the past.

Should I be using the Cleanup Tool -- even though the KB page says it is for the +AV version, which I don't use -- with an Uninstall first ?

I may have saved an installer for the 1/07 version that worked fine for me, so I could go back to that. But if this problem persists, I will not be renewing my subscription when it comes due, because I will have switched to something more reliable in this category.

-{ Quote: "I've had good results with prior versions, was last using whatever version was current in early Jan. '07, which I ran with no problems until recently. Builds 3354 and 3356 have been disastrous for me. Lots of sudden, inexplicable hangs when doing routine things, like trying to navigate folders in Windows Explorer, or open Control Panel, or even Shut Down. Trying to get out of the hang with Task Manager just leads to a blank white screen and that's it. Hardware Reset becomes the only option. I wrote Webroot and sent them program generated Bugreport Logs over a week ago, and have heard nothing back from them. (A veteran consultant told me that many companies these days drop that stuff immediately into the circular file. He also said that SS is kind of notorious for having a couple of really bad builds each year, even though he recommends the product overall.)

Another possibility is that this is now another product that is no longer supported for Win 2000. (I'm running 2K at SP4.) Or maybe it was a big mistake on my part to install the recent 5.5 builds over top of the prior version, even though this never seemed to be a problem in the past.

Should I be using the Cleanup Tool -- even though the KB page says it is for the +AV version, which I don't use -- with an Uninstall first ?

I may have saved an installer for the 1/07 version that worked fine for me, so I could go back to that. But if this problem persists, I will not be renewing my subscription when it comes due, because I will have switched to something more reliable in this category." }-

I am not on W2K so I have no direct knowledge of how SS gets along with S2K.

That said I would remove / uninstall SS 5.5 asap. Also I would run the cleanup product. I only hope that that tool works with W2K! There are uninstall tools but you need one that works on w2K.

If you move back to 1/07 that may be the last working SS version. All efforts by vendors now is to vista issues. They view W2K as past tense.

Why not move to XP sp2 or even vista so you can at least upgrade to new versions of all software.

-{ Quote: "I've had good results with prior versions, was last using whatever version was current in early Jan. '07, which I ran with no problems until recently. Builds 3354 and 3356 have been disastrous for me." }-

Hi GDev_111. Sorry to say... me too! My issues were some slowdown of web page loading and some lock-up of IE7 after reboot (intermittent). I called SS support, and they instructed me to disable the "SPS - self protection" shield and the "e-mail" shield. I did this, rebooted, with the tech on the phone and all was well. The next day when I started my PC, IE locked up again. So I uninstalled and reloaded my last good version (5.3.2.2361). I then sent a support request via the web and haven't heard back yet. I figure its probably some conflict with my other security apps but that's just a guess.

I believe you can use the SS cleanup tool with W2k - from the Webroot support site: "(NOTE: This utility is for Windows 2000 and XP users only. Not compatible with Windows Vista)" I have used it several times with no apparent issues. But your mileage may vary! There is some risk that it will change some registry entry on some program that fouls up the works.

If you are going to change apps, you may not need the cleanup tool - that is just uninstall SS and be done with it. Many others who have posted here never run the cleanup tool. I found that it helped a conflict with Zonealarm on my PC, so I have used it several times.

hey oldshep,
the self protective shield comes back on after reboot.
i found this out when i disabled the self protective shield.
then i shutoff the process in task manager.
and stopped the service in services.
then i left spysweeper service to start automatically at startup and one rebooted the service was protected again.
lodore

-{ Quote: "Hi GDev_111. Sorry to say... me too! My issues were some slowdown of web page loading and some lock-up of IE7 after reboot (intermittent). I called SS support, and they instructed me to disable the "SPS - self protection" shield and the "e-mail" shield. I did this, rebooted, with the tech on the phone and all was well. The next day when I started my PC, IE locked up again. So I uninstalled and reloaded my last good version (5.3.2.2361). I then sent a support request via the web and haven't heard back yet. I figure its probably some conflict with my other security apps but that's just a guess.

I believe you can use the SS cleanup tool with W2k - from the Webroot support site: "(NOTE: This utility is for Windows 2000 and XP users only. Not compatible with Windows Vista)" I have used it several times with no apparent issues. But your mileage may vary! There is some risk that it will change some registry entry on some program that fouls up the works.

If you are going to change apps, you may not need the cleanup tool - that is just uninstall SS and be done with it. Many others who have posted here never run the cleanup tool. I found that it helped a conflict with Zonealarm on my PC, so I have used it several times." }-

Hi Shep et al:

Glad to here the cleanup tool works with W2K. A client of mine has that!

Last nite I finally moved from IE 6 to IE 7 and got the 6 months of fixes for it that accumualated since it was released. (my super safe method of continuing the beta test in the real world 8) )

Right now with XP Sp2, SS 5.5, IE 7, FF 2.0.0.4, CFW 2.4, BD 10 I have no slow downs on anything.

The thing I did need was to set the shields in SS so as not to overlap with other software eg BD10 on email scanning.

One thing that worries me is if Nod32 is part of the problem you are experiencing?

Since I am considering switching to it to follow my own advice in the AV selection methods thread.

BTW can you guys contribute to my email scanning thread? Another poster suggested it yet no posts? Here is the link.

http://www.wilderssecurity.com/showthread.php?t=178498

See you later

-{ Quote: "hey oldshep,
the self protective shield comes back on after reboot.
i found this out when i disabled the self protective shield.
then i shutoff the process in task manager.
and stopped the service in services.
then i left spysweeper service to start automatically at startup and one rebooted the service was protected again.
lodore" }-

Hi lodore!

Could you expand a bit on those steps as to the reasons you did that or what triggered you to do it? this is not a challenge since you know me I just want to grasp the thinking! Here I go again picking your brain, no shame:-[

What is this self protect shield? Is it the behavioral shield? Mine is grayed out and I can't see out how/if I should turn it on? :-\

Have a look at my email scanning thread, no one seems interested in it so I may ask the admin guys to pull it!:-\

hello Escalader,
the self protective shield is used to stop malware shuttting down spysweeper processes.
if you go to task manager and try to shut down the spysweeper.exe or spysweeperui.exe it will tell you access denyed even with admin rights.
the only way to stop spysweeper engine service is to go to the spysweeper secret menu and turn off SPS.
then you can close spysweeper and shutoff the spysweeper.exe process in taskmanger.
once this is done you can change the service to manual of disabled if you wish.
but remember spysweeper engine service has to be started before the GUI will start.
the reason i done it was to try and work out if spysweeper was the reason why sometimes the pc doesnt start after a reboot.
it does the windows logo and bar but then the screen just goes black.
so i have to use the reset button and then press enter on start windows normally.
lodore

Thanks, but my version shows it grayed out, both those SS tasks you gave me are active? I think i'm just confused again:-[

-{ Quote: "I figure its probably some conflict with my other security apps but that's just a guess." }-
Thanks for your reply. Here's the big difference: I am not running the plethora of defense tools many here seem to be, so there is much less chance of such conflicts. I have AVG Free (antivirus only), which has always been well behaved. There is also Ad Aware (because I doubt that any single spyware program is going to give you complete coverage), but that is On Demand scanning only, and stays well out of the way. There have been no other changes on this system. I feel confident that this problem is due to SS 5.5 on its own -- because of changes Webroot has made -- and nothing else. And if there is no acceptable fix for it, they will soon lose me as a customer.

W2K is extremely similar to XP, but with a businesslike UI that I much prefer over what came later, so I'm rather disinclined to make the change anytime soon. The things I've found that can't be run just fine on 2K are pretty few and far between. (I think there are probably still a lot of large corporate customers who feel similarly.)

I've known about Wilders for quite some time, but was hoping there might be an official or semi-official SS users' forum here, as there is for some other products. So far, I haven't found anything like that, and the other discussion on point that I was able to find is here:

http://help.lockergnome.com/security/Webroot-Spy-Sweeper-forum-12.html

It is useful to get confirmation of problems like this. A number of them can often be dismissed -- for one reason or another -- but a pattern of them strongly suggests that the problems are real.

-{ Quote: "
One thing that worries me is if Nod32 is part of the problem you are experiencing?

Since I am considering switching to it to follow my own advice in the AV selection methods thread.
" }-
Hi Escalader. If there is a conflict, I suppose that it could be with Nod32. [But more than likely with ZA ;D] I haven't experienced conflicts with Nod in the past, but I suppose anything is possible. Nod32 has a module for internet traffic (Imon). This module checks e-mail (pop3) and malware trying to gain access to your PC from the web. I read on another forum (Castle Cops?) that another Nod32 user was experiencing web browsing slowdowns with SS5.5 but that is far from proof. So I am planning to wait till I hear from Webroot. V5.3 works just fine and I don't need the SS e-mail shield since Nod32 scans incoming e-mails already. I'll report back if/when I hear from Webroot.

-{ Quote: "GDev_111: I've known about Wilders for quite some time, but was hoping there might be an official or semi-official SS users' forum here, as there is for some other products. So far, I haven't found anything like that, and the other discussion on point that I was able to find is here:
" }-

Hi GDev_111. There is an "unofficial" SS forum at Castle Cops. Not a lot of posts but I have found some interesting info there from time to time. Try http://www.castlecops.com/f163-Spysweeper.html One question - Do you use a software firewall? Thanks

-{ Quote: "I'll report back if/when I hear from Webroot." }-

From Webroot Tech support:
"Hello,

If you are using Zone Alarm we would prefer if you would run the 5.3.2.2361 version of SpySweeper for now.

Thank you for contacting Webroot."

So I guess I'll stick with 5.3.2.2361 until a new release comes out.

-{ Quote: "Thanks, but my version shows it grayed out, both those SS tasks you gave me are active? I think i'm just confused again:-[" }-
Hey again Escalader,
for more infomation and instructions to disable the self protective shields read the post by Chubb
http://www.wilderssecurity.com/showpost.php?p=872555&postcount=90
also open task manager and go to process tab.
highlight the spysweeper.exe process and click on end process.
if it says access denyed the self protective shield is active.
this has nothing to do with the new behaviour stuff.
lodore

for the last few days my internet connection has been really slow.
i was blaming my router since it was the problem in the past.
when i was using portable firefox it was using 100percent cpu trying to load a simple website but took ages.
i just used the instuctions from Chubb to disable the spysweeper self protective sheld and then shut off the spysweeper.exe process in taskmanager and now the internet is instant like its ment to be.
so at least now i know the problem.
in the lastest build of spysweeper if you disable the self protective shields and put the service to manual it will set itself to automatic if you lanch the gui.
so my internet will run fast until my dad decides to update spysweeper.
lodore

-{ Quote: "One question - Do you use a software firewall? " }-

No, I don't. At home, I have an industrial-strength hardware firewall. This is probably much more effective than a software-based approach. (It is also wired, rather than wireless, so that is one less issue to worry about.) On the road, I am usually going in through a router with its own firewall -- not up to the level of what I use at home, but should be adequate. My AV or spyware scans have very seldom turned up anything of more concern than a tracking cookie. I have seen the rare zipfile that was said to have a backdoor Trojan or worm in it (could also have been a false positive), but the download item was not of any great importance so I just deleted it.

-{ Quote: "From Webroot Tech support:
"If you are using Zone Alarm we would prefer if you would run the 5.3.2.2361 version of SpySweeper for now.
Thank you for contacting Webroot."
So I guess I'll stick with 5.3.2.2361 until a new release comes out." }-

Any idea how old that release is ? If it is newer than the 1/07 release I was using, I'd be satisfied (until the end of my subscription term) if Webroot offered me a download link for it. I may no longer even have that last version that worked for me. If I do, it is on an older hard drive that has been removed from service.

Edit: Just found this:
http://www.majorgeeks.com/download3263.html
but it is labeled as a trial version. If it is "unlocked" into full version by one's Reg. #, I might give it a try. Oldshep, thanks for the tip on Castle Cops. They seem to have at least 8 screens worth of threads on SS, many of the complaint variety. So far, I have just gotten to Page 2. If Webroot is insufficiently responsive to users regarding these problems, I hope that PC World, CNET, etc. will be aware of the situation, the next time they do a comparative roundup on these products.

-{ Quote: "No, I don't. At home, I have an industrial-strength hardware firewall.
...
Any idea how old that release is ?" }-

Hi GDev_111. I don't know much about hardware firewalls. I think they are good for inbound protection but I don't think they provide outbound protection against any malware that might slip past your AV and AS. ??? My router has a hardware firewall w/ SPI and NAT. But I use the software firewall as an extra line of defense for program control and outbound protection. Maybe just being overly paranoid;D

I'm not exactly sure when SS v5.3.2.2361 was released but the date on the setup file I have on my PC is 3/27/2007. I think you might find this setup file somewhere on the web if you can't get it at Webroot's site. You might try checking out the Castle Cops site I suggested. Seems like I read a thread with a link to this setup file... Yea, here it is:

http://www.castlecops.com/t193924-Spysweeper_5_5.html

Edit: I see you found the major geeks site for the file download. I think the link I gave refers to that same site. Cool.

-{ Quote: "Hey again Escalader,
for more infomation and instructions to disable the self protective shields read the post by Chubb
http://www.wilderssecurity.com/showpost.php?p=872555&postcount=90
also open task manager and go to process tab.
highlight the spysweeper.exe process and click on end process.
if it says access denyed the self protective shield is active.
this has nothing to do with the new behaviour stuff.
lodore" }-

Hi:

Ty, did the click on end process and it can't be deactivated. Good. Then the grayed out box is a mystery to me.

-{ Quote: "Hi GDev_111. I don't know much about hardware firewalls. I think they are good for inbound protection but I don't think they provide outbound protection against any malware that might slip past your AV and AS. ??? My router has a hardware firewall w/ SPI and NAT. But I use the software firewall as an extra line of defense for program control and outbound protection. Maybe just being overly paranoid;D

I'm not exactly sure when SS v5.3.2.2361 was released but the date on the setup file I have on my PC is 3/27/2007. I think you might find this setup file somewhere on the web if you can't get it at Webroot's site. You might try checking out the Castle Cops site I suggested. Seems like I read a thread with a link to this setup file... Yea, here it is:

http://www.castlecops.com/t193924-Spysweeper_5_5.html

Edit: I see you found the major geeks site for the file download. I think the link I gave refers to that same site. Cool." }-

What I ultimately did was to pull that 3/07 install archive off of a backup hard drive. I have since reinstalled SS v5.3.2.2361 (no use of the Cleanup Tool), and all appears well. We'll see if the stability continues. With luck, it will continue accepting new definitions until this subscription runs out, and remain a reasonably capable anti-spyware program until then. After that, I'm probably done with them. If I can find a Setting to turn off the "update program" alerts, I may do that.