Microsoft Antispyware Beta 1

Discussion in 'other security issues & news' started by Dalek, Jul 28, 2005.

Thread Status:
Not open for further replies.
  1. Dalek

    Dalek Registered Member

    Joined:
    Jun 12, 2005
    Posts:
    22
    Location:
    Nova Scotia
    I have asked this question at the support forum, but unable to get a reasonable reply, so I would like to pose the question here if I can, maybe someone here can recognise what my sit is and respond.

    The problem is when the program scans it gets to a point and hangs, the sequence is 1.Intelligent Scan (Selected)
    2.Scans memory processes
    3.Scans for known files
    4.Scans registry

    It is when it completes the process at #3 and reads "Variable Browser Highjack Scan" and just before going to #4 that the program hangs, and I end up using TM to end program.

    I am using an account I created with Admin Privilages. I use Spybot S & D, Adaware SE, Spywareguard/Spywareblaster, processguard, Winpatrol, my AV is Trend Micro Internet 2005 (has spywarescanning capabilities), I also can use my System Mechanic Pro 5, plus I use Hostmans and teatimer, all are regulary updated, I have scanned numerous times and I can safely say I am spyware/virus/trojan
    So as it looks, you might think I am a bit paranoid with all of this on my PC, but I liked the previous version (614) of MS.

    I am also wandering if maybe because I didn't let the program update itself, and instead uninstalled the 614 and downloaded the new 615 this may cause a problem, I am pretty sure it is registry related
    So if anyone can help, it would be greatly appreciated.

    I have tried all this in Safe Mode.

    Dolphin Code: 33
     
  2. MikeH

    MikeH Registered Member

    Joined:
    May 15, 2005
    Posts:
    20
    It's the HOSTS file- try renaming the file to "HOSTS.txt" ,then run the scan.
    Hosts file location:
    Linux/Unix /etc/hosts
    Windows 3.1/95/98/ME c:\windows\hosts
    Windows NT/2000/XP Pro c:\winnt\system32\drivers\etc\hosts or c:\windows\system32\drivers\etc\hosts
    Windows XP Home c:\windows\system32\drivers\etc\hosts
    Netware SYS:ETC/HOSTS
    Apple System Folder: Preferences and in the System Folder itself.
    After scan, rename file to "HOSTS" again (hosts file will not be changed)
    (location data courtesy bleepingcomputers)
     
  3. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    MikeH is very right about this.
    I tested MSAS myself and a large hosts file is responsible for a much longer scan time.
    Renaming the hosts file will do the scan without any interruption.
     
  4. Dalek

    Dalek Registered Member

    Joined:
    Jun 12, 2005
    Posts:
    22
    Location:
    Nova Scotia
    Thanks heaps guy's.

    I followed your instructions, funny trying to rename as it kept saying in use by another program, so I closed/exited all my startups with the exception of my AV and went back to the etc folder to rename, only to my surprise did I see!!! nothing. the HOSTS file was missing.Which in a way now explains a few things. It turns out that when I updated my Hosts file from the MVSP site, (13-7-05) I figured I would try out the app Hostmans, and it was real soon after that, I started to experience the problems, so I uninstalled the Hostmans program (I kinda like it because you can edit and update) found the HOSTS file and renamed it HOSTS.txt, closed the window and ran a MS scan and kept my fingers crossed and Voila (French for there you go), it worked, funny no one at the MSAS support forum could tell me this, I will have to update them and let anyone else who may be using Hostmans to expect this and how to correct it.

    Thanks again.

    Dolphin Code: 1 (A)
     
    Last edited: Jul 28, 2005
  5. MikeH

    MikeH Registered Member

    Joined:
    May 15, 2005
    Posts:
    20
    Dalek: FYI- I downloaded and tried "HostsMan" last night. The upside is that disabling the Hosts file (or just clicking on the green "H") effectively does the same thing as renaming the Hosts file (it renames the file to "HOSTS.ehm", and puts in a temp "Hosts" file of 339 bytes). That's pretty quick and easy.
    The downside is that the updates seem to have an issue (at least on this PC); it looks like the links are mixed up, and the program tries to download the same Host files (rather than 4 different files, it dl's two-MVPS and HP-, but tries to add them as AdBlock and Mike's- this hosed the program up).
    I downloaded the Host files from each site respectivally, added ".txt" on each, and imported to HostsMan (select import, then "merge with current host"). Seems to work pretty well that way.
     
  6. Dalek

    Dalek Registered Member

    Joined:
    Jun 12, 2005
    Posts:
    22
    Location:
    Nova Scotia
    Hi MikeH

    I reinstalled the Hostsman program, I was able to rename the HOST file to txt through the windows folder option. (Note: the problems I quoted above were mostly of my doing, when I was trying to rename the HOST file to HOST.txt, the reason I couldn't was because there was allready a file there with that name, don't know why, anyhow, teaches me too actually read what I am looking at) as to Hostmans renaming it with the extension ehm and creating a temp file I don't see this, also when I went to look for the HOST file after reinstalling Hostsmans and running it the reason it wasn't there like I said before was because the program was hiding it, I had to go to view and uncheck system files, and then it appeared, like you said if the file is compressed to 339 bytes then MSAS will still run as it is now the HOST file is 1.2 mb and growing. You would think the boys over at MS would make the engine stronger to overcome the large HOST file, or something to that effect.

    Again thanks for the help.
     
Loading...
Thread Status:
Not open for further replies.