D
digiman57
Hi,
I am running MS Antispyware under a Windows XP Pro.
I am testing for future use for corporate and possibly
home users.
I have all the realtime agents activated. Is there a bug,
when allowing...for example...a reg script to run and
choosing to uncheck "Remember this action." If the script
is run again, there is no popup from the Realtime agent
asking you to "block" or "allow"....it is as if you
clicked on "Remember this action" anyway...which I
didn't. I have to go hunt Script Blocking, Managage
blocked/Allowed....and remove the allowed entries. This
is hopefully a glitch. If someone allows malware to
install multiple items and they remove it manually or use
someother software removal process, it seems that MS
Antispyware will let the same process thru without
prompting....because the install is still listed in
the "Allowed" sections of various RealTime protection
settings. There is nothing I can find on removing
all "Allowed" events in one spot. I have to go hunt
Scripting, Startup Registry Files....etc..and remove them
manually.
Any Ideas on if this is a bug or intended function. Other
programs that block Registry run keys will activate again
and again if you choose not to remember the allowed
action...unlikde the beta version of Microsoft
Antispyware. I like the protection and it looks
promising, it is just scary that if a mistake is made on
a users part in allowing something and not
chking "Remember this action" it remembers anyway.
Any thoughts..
Thanks again.
Jeff L.
I am running MS Antispyware under a Windows XP Pro.
I am testing for future use for corporate and possibly
home users.
I have all the realtime agents activated. Is there a bug,
when allowing...for example...a reg script to run and
choosing to uncheck "Remember this action." If the script
is run again, there is no popup from the Realtime agent
asking you to "block" or "allow"....it is as if you
clicked on "Remember this action" anyway...which I
didn't. I have to go hunt Script Blocking, Managage
blocked/Allowed....and remove the allowed entries. This
is hopefully a glitch. If someone allows malware to
install multiple items and they remove it manually or use
someother software removal process, it seems that MS
Antispyware will let the same process thru without
prompting....because the install is still listed in
the "Allowed" sections of various RealTime protection
settings. There is nothing I can find on removing
all "Allowed" events in one spot. I have to go hunt
Scripting, Startup Registry Files....etc..and remove them
manually.
Any Ideas on if this is a bug or intended function. Other
programs that block Registry run keys will activate again
and again if you choose not to remember the allowed
action...unlikde the beta version of Microsoft
Antispyware. I like the protection and it looks
promising, it is just scary that if a mistake is made on
a users part in allowing something and not
chking "Remember this action" it remembers anyway.
Any thoughts..
Thanks again.
Jeff L.