[B]Spybot S n D is a cracking piece of kit.... BUT.... be aware! Some of the wee beasties which it removes are fighting back! HereToFind is onei will use as an example.

So, "whats it doing?", i here you all cry!

Ok.... firstly you need to switch on your mode tab from default, to Advanced! Then, after you've confirmed that this is what you want, and you know what your doing, click on the Settings tab which is now at the bottom right of your screen. Then, click on the "Ignore Products" option still on the left of the screen.

You are presented with a set of tabs which you can scroll thru to see which spyware you are currently protected against. You can select certain products to allow them to run if for some reason you decide you want to.

Click "All Products" and then scroll down through the list. and
PRESTO!! HereToFind is mysteriously clicked so as spybot doesnt detect it!

Lop.com also does this too, so i'd advise anyone using Spybot SnD to check your ignored product settings at least once a week.

Incedentally.. im now using Firefox... and have not had any form of infection since using it whatsoever. There are a few short comings...but they are workable, and all in all i'd recommend it too!

For online scan of trojans and spyware while using IE i'd recommend Trend Micro Housecall. Have a crack at it n see what it throws at ya. I found it better than panda.

Enjoy!

Alistair Wiseman :)[B]

That behaviour is due to the prutect trojan that does the same with several other security softywares including adaware and spysweeper

Patrick's already been notified.

In the meantime, it would serve everyone well to check their "All Products" ("Settings"/"Ignore Products"/"All Products") and make sure that nothing in there doesn't have a check mark in there that you don't WANT to have a checkmark. Pete

-{ Quote: "[B]Spybot S n D is a cracking piece of kit.... BUT.... be aware! Some of the wee beasties which it removes are fighting back! HereToFind is onei will use as an example.

So, "whats it doing?", i here you all cry!

Ok.... firstly you need to switch on your mode tab from default, to Advanced! Then, after you've confirmed that this is what you want, and you know what your doing, click on the Settings tab which is now at the bottom right of your screen. Then, click on the "Ignore Products" option still on the left of the screen.

You are presented with a set of tabs which you can scroll thru to see which spyware you are currently protected against. You can select certain products to allow them to run if for some reason you decide you want to.

Click "All Products" and then scroll down through the list. and
PRESTO!! HereToFind is mysteriously clicked so as spybot doesnt detect it!

Lop.com also does this too, so i'd advise anyone using Spybot SnD to check your ignored product settings at least once a week.

Incedentally.. im now using Firefox... and have not had any form of infection since using it whatsoever. There are a few short comings...but they are workable, and all in all i'd recommend it too!

For online scan of trojans and spyware while using IE i'd recommend Trend Micro Housecall. Have a crack at it n see what it throws at ya. I found it better than panda.

Enjoy!

Alistair Wiseman :)[B] " }-

Thanks for the advice. I have just had a look at my three weeks old SpyBot S&D and these were checked to be ignored.

LSP New Net,
My Search,
New Net
Side Step

HereToFind was not there.

-{ Quote: "Thanks for the advice. I have just had a look at my three weeks old SpyBot S&D and these were checked to be ignored.

LSP New Net,
My Search,
New Net
Side Step

HereToFind was not there." }-

EXACTLY THE SAME 4 HERE.

Good stuff. I posted the same message on a few forums, and for 1 person who's said We already know that, there have been 5 who said thanks n found problems! Good to see that forums are useful. Some i've been to are all about people thinking they know more than u, rather than helping others!

:) Alistair Wiseman

-{ Quote: "Thanks for the advice. I have just had a look at my three weeks old SpyBot S&D and these were checked to be ignored.

LSP New Net,
My Search,
New Net
Side Step

HereToFind was not there." }-Those four are different. Spybot is released ignoring those by default. See these topics for more on those and why the author sets them as ignored.

http://www.wilderssecurity.com/showthread.php?t=52411
http://forums.net-integration.net/index.php?showtopic=21644
http://forums.net-integration.net/index.php?showtopic=15420

-{ Quote: "Thanks for the advice. I have just had a look at my three weeks old SpyBot S&D and these were checked to be ignored.

LSP New Net,
My Search,
New Net
Side Step

HereToFind was not there." }- Yep!....Me too!....These 4 exactly!!
EDIT: Just saw your post LWM, am reading now.

yes, same ones ignored.

SnD needs to get on the ball.
It was very good a long time ago, but the quality of it is so-so.
The signatures are slim...it's an ok backup for free.

Others have improved greatly like Ad-Aware SE.

Perhaps they need a paid version to keep them motivated -
which I can fully understand.

I'm just repeating LWM post ... as many of you have seemed to miss it.

-{ Quote: " Spybot is released ignoring those by default. See these topics for more on those and why the author sets them as ignored.

http://www.wilderssecurity.com/showthread.php?t=52411
http://forums.net-integration.net/i...showtopic=21644
http://forums.net-integration.net/i...showtopic=15420" }-

-{ Quote: "LSP New Net
My Search
New Net
Side Step

Are ignored by default ... the reasoning is explained in the links LWM provided" }-

Spybot is a great freeware program ... not only is it a great malware scanner but includes many other usefull utilities. ie. File Shedder etc. Rarely has any F/P because of extensive number of beta testers ... and continues to improve all the time ... not bad seeing as those developing the product do so free of charge ... for the benefit of your security.

Steve

I agree with you that it has , especially in the past been an excellent free application. I dont think it is what it use to be. The latest tests have shown this. I would also say that they may do ok with the 10 million plus downloads from donations from time to time . I think a lot of uninformed users were screwing there systems up over the DSO exploit . Not every user has the benefit of accessing forums such as this , nor understanding what is been said at forums in order to correct this error comfortably.. (i understand that after 5mths they have corrected this). I think there are better anti spyware apps appearing on the market that are ranking far higher in their detection abilities.

As an aside.....that 1.3.1 TX update was supposed to fix the DSO exploit thing??? Well I installed it and it didn't!
Buck.

-{ Quote: "As an aside.....that 1.3.1 TX update was supposed to fix the DSO exploit thing??? Well I installed it and it didn't!
Buck." }-

Hi Buck,

Actually that release wasn't ever supposed to be made public ... search the forum for Spybot and you'll find the post regarding it ... use my member name along with.

Are you using the beta ATM ... 1.4.B2?

Steve

Edit - Info Supplied

-{ Quote: "

Here's the TX info.


There are workarounds being discussed in the forums to some of those problems. Some websites have decided to put up the beta version 1.3.1 for download, even though Safer Networking has removed it from their server. This is an unauthorized and unsupported version. If you decide to use this, no support will be given for it here.
Also a test version (1.3.1TX) had been released which was never meant for the public. It contained debug code for a specific problem and that release was also pulled from Safer Networking's servers. This one too, found its way on some websites. This is also an unauthorized, unsupported version.
And yet another one....


http://forums.net-integration.net/i...showtopic=24284

Steve" }-

Yup.. i still get the dso exploit each time. Still, it really seems to be the best piece of free kit out there.
Put with Adaware custom configured they get most things, although i must add Webroots spysweeper is pretty exceptional too, picking things McAfee n norton miss out.
I also agree about ppl not having the benifit of these kind of places, which is a shame. I encounter may ppl who dont know where to go for help, and if i cannay help myself then i pass on here or other forums depending on the issue as a resource.
In my experience forums can be daunting for first time users too. If your just an every day user most of what is on here may sound completely alien. BHO's n HJT logs sound more like dodgy bodily functions than compu-speak lol

Alistair Wiseman

-{ Quote: "Hi Buck,

Actually that release wasn't ever supposed to be made public ... search the forum for Spybot and you'll find the post regarding it ... use my member name along with.

Are you using the beta ATM ... 1.4.B2?

Steve

Edit - Info Supplied" }- Thanks Steve! Should I uninstall? Only one mention in A/R Programs....just the TX vesrion, not the original!
Many Thanks,
Brad.

-{ Quote: "Thanks Steve! Should I uninstall? Only one mention in A/R Programs....just the TX vesrion, not the original!
Many Thanks,
Brad." }-

Yes I would remove it ... and re-install 1.3.1 ;) ... If you're up to it, the beta is running well ... you could update to the beta ... there currently aren't any F/P's I'm aware of ... the once you've updated to 1.4.2B you could uncheck the beta option/or only select to DL the Reg. Updates. If you would like to proceed this way and if you need instructions, let me know and I'll provide them. ;)

Steve

-{ Quote: "Yes I would remove it ... and re-install 1.3.1 ;) ... If you're up to it, the beta is running well ... you could update to the beta ... there currently aren't any F/P's I'm aware of ... the once you've updated to 1.4.2B you could uncheck the beta option/or only select to DL the Reg. Updates. If you would like to proceed this way and if you need instructions, let me know and I'll provide them. ;)

Steve" }- Thanks Steve for your help (even though i spammed your PM box!! ;D )....I chopped it and reinstalled 1.3. Will wait for the next version.
Kind Regards,
Brad.

I guess I'll stick with version 1.3 first, I'll wait for the new version to reach its final release.

Did the check as suggested and came up with the same results as, what appears to be evryone else....
LSP.New.Net
My Search.
New.net.
Sidestep.

I've read thro' and tried to make sense of the reasons why these items are ignored....i.e. 'Fading out from under the Malware Microscope' etc., but, unless I'm missng something here, I still can't grasp why these items are in by 'Default'??!!....
How often do we get people asking for help to get rid of 'My Search' that's crept into their OS, and yet here it is being ignored by Default?.. ???

By the way, I unchecked those four and then ran SB and checked again and they were gone, but I'am going to keep checking to make sure they stay GONE..... ;D


Cochise, 8)

Oh! and by the way, I'm using 1.4B2.....Works for me....Beta Sshmeta.. ;D



Cochise, 8)

I don't particularly agree with Spybot's decision not to target those 4 pests as they are still in the main stealthily installed along with other programs and rarely if ever are consciously and willingly downloaded
I always recommend removing them when I see them in HJT log unlss the user tells me he/she wants them and has deliberately downloaded them. The only time this occasionaly happens is with my search because they want smilie central which bundles my search and won't work without it

-{ Quote: "I don't particularly agree with Spybot's decision not to target those 4 pests as they are still in the main stealthily installed along with other programs and rarely if ever are consciously and willingly downloaded.
" }-


I quite agree, Derek - I removed the checkmarks from them on my copy of SBS&D, too.

Patrick's already aware of the Prutec Trojan issue and will be countering it before long. Pete

Sorry guys, looking for advice.
I took notice of these posts and went looking for the incorrect "ignore' check boxes and I couldn't find "Lop.com" or "Here to find" in the list.
Had/Have the default 4 checks and regularly uncheck them for scans.
Am using SS&D 1.31 with all updates.
What have i done wrong?
Are these two entries under different names in the SS&D All products list?
Thanks

Longboard - Not finding those two entries in the "All Products" list is a good thing (I think).

Unless I'm mistaken (and I'm sure someone will correct me if I am <g> ) it just means that you haven't been exposed to the Prutec Trojan.

dvk01? Pete

Thats useful to know that they check them for non deletion by default.. very odd. Thanks for that.

Alistair Wiseman! :)

-{ Quote: "Yup.. i still get the dso exploit each time. IAlistair Wiseman" }-
aliwise.,
At,
http://groups-beta.google.com/group/alt.comp.freeware

scroll down about 9 or 10 on the list under today's date and,

'OT How to remove DSO Exploit in Spybot S&D'

HTH,

Regards.

Thanks SPY1.
Other protections might be doing their thing!

Still, another annoyance to keep eyes out for.

myself i have the 1.3, the 1.3.1 tx and the 1.4 beta installed. each overtop the other. no probs with the exception of the mentioned 4 checked things . i had the very same 4. i unchecked them and ran another scan. picked up 8 entries under newnet. got rid of 7 have to reboot and scan for the final one.