How to get a "safe" report in MSAS?

  • Thread starter Thread starter huangch
  • Start date Start date
H

huangch

Hi,
My product needs to install a LSP, but each time it
installs LSP, MSAS will popup a window to notify there's
a LSP being install. And also it shows my LSP in the
System explorer as "Unknown", that make my customers
confused. So is there any process to make my LSP shown
as "safe"? And is there any process to make MSAS not
popup the notify window when my LSP is being installed?
Thanks.
 
Hi,
Highlight the said LSP then send it to Spynet for analysis. Yes, you can
disable the Internet Agent to stop alerting you every time a new Winsock LSP
is being installed or modified. Open Microsoft AntiSpyware>Tools>Realt Time
Protections>Internet Agent>View Internet Agent Checkpoints. In Checkpoint
details, look for Winsock Layered Service Provider then select it. Click
Deactivate checkpoint.

Note: Doing the above will stop Microsoft AntiSpyware in monitoring the
Windows Winsock LSPs that is sometimes manipulated by spyware applications
known as Winsock Hijackers.

--
Donna Buenaventura
MVP Windows Security
http://www.dozleng.com
Hi,
My product needs to install a LSP, but each time it
installs LSP, MSAS will popup a window to notify there's
a LSP being install. And also it shows my LSP in the
System explorer as "Unknown", that make my customers
confused. So is there any process to make my LSP shown
as "safe"? And is there any process to make MSAS not
popup the notify window when my LSP is being installed?
Thanks.
 
Thanks for your quick response.
For re-analysis, do I need to submit a request form
on http://www.spynet.com/vendors.aspx?
And for the LSP notification, what I mean is that as
a product not a user, how to make it install LSP without
popup the MSAS's notify window? If my LSP passes the
MSAS's analysis and shown as "safe", will that LSP
installed notification window still popup? Because I
don't want my customers being aware of the LSP
installation, they may feel confused or scared. Thanks.
 
Hi again,
Your LSP was classified as unknown and hopefully when you send it for
analysis, it will be known to Microsoft AntiSpyware later on. I believe
that the http://www.spynet.com/vendors.aspx applies to vendors which
products are detected as not safe/hazardous, if it is in their library
already and if the product need to be re-analyze. I think submitting it via
Spynet (within the program) should do it. If you have a product page or
website, I suggest that to inform your users/customers who is maybe is using
Microsoft AntiSpyware on this LSP of yours. If detected unknown, tell them
to send it also to Spynet for analysis. Let them know too that a security
application might alert them about it. That's only a suggestiong :) After
submission and if found safe, it will be marked as safe. Over here, I
submitted some items to Spynet which is unknown to the antispyware program.
After few days, it is marked as safe.

I don't think Microsoft AntiSpyware alert will stop (unless the user
configured the the Antispyware not to receive alerts on successful and
blocked installations or modifications on particular checkpoints). If your
LSP is already installed to the users' system then there shouldn't be a
pop-up from Microsoft Antispyware unless it updated/modified or being
installed while the antispyware real-time monitoring is enabled.

--
Regards,

Donna Buenaventura
MVP Windows Security
http://www.dozleng.com
Thanks for your quick response.
For re-analysis, do I need to submit a request form
on http://www.spynet.com/vendors.aspx?
And for the LSP notification, what I mean is that as
a product not a user, how to make it install LSP without
popup the MSAS's notify window? If my LSP passes the
MSAS's analysis and shown as "safe", will that LSP
installed notification window still popup? Because I
don't want my customers being aware of the LSP
installation, they may feel confused or scared. Thanks.
 
Back
Top