AOL problems w/spybot

[md usa spybot fan]

Truchaos:

Before uninstalling Spybot did you "Undo" the immunization?

If not try reinstalling Spybot without SDHelper and TeaTimer. To do that:

• When you get to the "Select Additional Tasks" screen during the installation, uncheck the following two items:
  
  • Use Internet Explorer protection (SDHelper)
  • Use system settings protection (TeaTimer)

After Spybot is installed:

• Go into Spybot > Immunize.
• Make sure that all immunization catagories in the right hand pane are checked.
• Click the "Undo" button at the top of the right hand pane.
• See if you can access the internet using AOL broadband.

_______________

Note: If you are unable to connect to the internet to install and update Spybot, you will need to download two files and transfer them to the non-internet connected system.

1. spybotsd152.exe
   
   • Located here:
     
     • Mirror selection - The home of Spybot-S&D!
       http://www.spybot.info/en/mirrors/index.html
2. spybotsd_includes.exe
   
   • Located here:
     
     • Downloads - The home of Spybot-S&D!
       http://www.spybot.info/en/download/index.html
     
     
     • the item is:
       
       • Detection updates 2008-02-06 - product description
         md5: 133D3F3CDA0C76726F1F75306D367F13
         
         This updates the detection rules. Only needed if you do not want to use the update function integrated into Spybot-S&D.

To install Spybot and update:

• Execute the installation program spybotsd152.exe
• When you get to the "Select Components" screen during the installation, uncheck "Download updates immediately" (see attachment).
• After the installation completes execute spybotsd_includes.exe to update Spybot.

[ithildin]

Howdy Y'all !

I'm still struggling thru this and have not checked out the possible solutions mentioned earlier (ie post #2), but I have found that my connection problems with AOL started only after I ran the Immunize app (step 6? of 7 during installation). My AOL connects fine again after I clicked the UNDO Immunize button (which also takes awhile). I also noted that I never had a problem connecting via Internet Explorer.

I found that UNinstalling Spybot did NOT restore AOL connection function, I had to do a Windows System Restore (Start> Accessories> System Tools> System Restore). But as I said above, this is not necessary, as my AOL problem was solved just by UNDOing the Immunize process.

I'll post again when I figure anything more out.

Don

Thank you Don! This worked perfectly for me. I too have a Dell laptop running Win XP with AOL 9.1 and ran into the problem above. Very glad to find your solution when searching for help. Thanks!

[Glenn20]

I too, have found my way to this thread, because I am having the exact same problems. My broadband connection is fine, but the final password step of accessing AOL fails. This happened immediately after updating to the new 5.? version of Spybot. I have had Spybot all along, but it is just this new upgrade that caused the issue. I also have a Dell desktop, although I'm not sure if that has anything to do with it. I hope that with enough of us speaking up, the Spybot people will analyze this a little closer and put in a fix.

[Glenn20]

Ok I got mine fixed I THINK! Not 100% sure what did it but looks like a conflict between McAfee and AOL after running spybot. I disabled all of McAfee AGAIN and now can sign back on to AOL. I have turned back on McAfee and it looks like it is in systemguard as that is all I have disabled now.

Not sure I can be anymore help than that though as Im not totally sure that is the problem yet since I did a bunch of disableing/deleteing/restoring also. What can I say I was to the point of total meltdown (me not computer )

I think that Trigrhpyx is definitely on to something. Before trying any other steps I followed Trig's advice and disabled SystemGuards within McAfee Security Center. I can now log on to AOL. While this would make it appear to be a McAfee problem, the fact remains that it is Spybot which created the problem. If you open your McAfee Security Center and go to "View Recent Events", you'll see that during the time you were installing Spybot there are a bunch of entries stating "SystemGuards have allowed a one-time change to your computer". Click on the "View Log" button, and under "Computers & Files" click on "SystemGuards Log". You'll see that each one of those one-time changes was for "Internet Explorer Security Zones - Allowed". Next, highlight any one of those by clicking on it and read the "Details" at the bottom of that screen. Notice that each one is a registry change made by Spybot - Search & Destroy.

BUT -- I don't think I should keep McAfee SystemGuards disabled. So the question remains -- what is the best way to fix this?
1. Is there a way to correct it within McAfee?
2. Can it be corrected within Internet Explorer? Is there something that has to be done in Security Zones to allow AOL?
3. Or, does the change have to be reversed within Spybot? I really don't want to undo Immunize. If 99% of the process was worthwhile, it's a shame to have to undo the whole thing .

Glenn

[basic15]

I have only received the actual error once or twice, but the logon to AOL is very slow. It hangs on checking password for 30 to 50 seconds. It also hangs that long when switching users on AOL. I also have 1.52 installed and have done the update to immunization. At the bottom of the error message from AOL is System Information ACS 4.8.8.4,TCP/IP Connection err. 0x9000000,WinXP-SP2,Mcafee Personal Firewall (from AOL, installed 3/16/08).

I am posting this to add to the information. I will try undoing the immunization.

I use Spybot extensively on my customer home computers and we need to find a fix. The problem is occuring on one of my machines.

[bitman]

This is a classic three way issue. It's also clearly covered by McAfee in the following document, who I'm guessing supplies the free security product to AOL users?

ERROR: AOL ERROR (AC-0000) error 0x90000000 (when logging in to AOL 9)
Summary: Intermittent errors when attempting to log in to AOL 9 with a third-party application used to secure Internet Explorer.

For those that still don't get it, McAfee's protection becomes inefficient when the large number of registry entries are added by Spybot S&D's Immunize, resulting in timeout delays that cause the AOL authentication to fail.

Remove any one of the three and the issue disappears.

Bitman

[basic15]

I have looked at BitMan's post and agree with him concerning the McAfee link. I had not been able to find this reference before i accidently came accross this issue on this forum.

I did proceed to undo the immunizations and this allowed a more prompt access to AOL. I do not like this kind of Fix? and plan to try to find a better workaround than the one that McAfee proposed. It looks as if they have slow code and just do not want to deal with the issue.

[Glenn20]

This is a classic three way issue. It's also clearly covered by McAfee in the following document, who I'm guessing supplies the free security product to AOL users?

...McAfee's protection becomes inefficient when the large number of registry entries are added by Spybot S&D's Immunize, resulting in timeout delays that cause the AOL authentication to fail.

Remove any one of the three and the issue disappears.

Bitman

Unfortunately, the one that had to go was Spybot. It's not worth all the hassle of manually editing my registry. So, after all these years, I am no longer a Spybot user. It's a shame.

As a side point, my McAfee product is provided by Comcast. They give a more complete version than AOL. This is probably true of most AOL members who access the AOL service via a Comcast broadband connection.

[bitman]

Glenn20: It wasn't necessary for you to completely stop using Spybot S&D, you only needed to remove the 'Restricted Sites' Immunizations to stop the problem, which are actually an optional component of protection anyway and have nothing to do with the core spyware scanning functions.

basic15: The issue is really with the functions of the Internet Explorer 'Restricted Sites', the Windows XP operating system itself and how McAfee has chosen to interact with these items to monitor for malicious behaviour.

This is really no one particular oraganizations fault, since it's only the combination of stuffing large numbers of entries into a registry key that was designed for manual entry and then monitoring it closely for any changes that causes the problem. So to some extent, Microsoft is at fault for underdesigning the function, but not really, since it was never intended to be used for thousands of entries. Spybot S&D (and others like JavaCool's SpywareBlaster) are at fault for stuffing it with thousands of entries, but not really, since it works fine if it's not monitored. Finally, McAfee is at fault for monitoring it so closely, but not really, because they are assuming it's being used as Microsoft originally intended and will only typically contain a few entries manually added by the user. Now you see how assumptions can create a problem, especially in a three way combination.

Individually there's nothing wrong with any of these design decisions, but in combination they create a problem. Thus, each organization believes they are correct because of their own assumptions and in some cases because "they got there first". In truth, they are simply different ideas of purpose or protection, so the real decision is who's idea you like better.

Many think that the stuffing of Restricted Sites and other registry keys were designed for malware protection because several programs have done this for several years, but Microsoft never intended this and was only providing a method for users to specify sites they personally chose not to trust. In fact, the only way provided by Microsoft to add these sites was within the Internet Options Security Tab in the Restricted Sites zone dialog box.

On the other hand, McAfee has designed some sort of monitoring program that actually watches these keys for changes and then flags or blocks these changes if they are deemed malicious. It seems that their design is inefficient and it may well be, but if only a few dozen entries exist it may not normally cause any issues. In fact, since these keys are known to be abused by malware to block access to security sites this monitoring makes sense.

This is one of many conflicting ideas of security that are occuring between security software programs lately. As each program attempts to protect more of the operating system, the minor or major conflicts between these various ideas begin to appear. Unless a vendor designs their product modularly as Spybot S&D has, you often have to choose between products to avoid the conflicts.

The issue of conflicts is nothing new, since it's been true of AV products all along, it's simply confusing to users of multiple anti-spyware applications, since in the past these could co-exist if only one "real-time" protection was enabled. Though the Spybot S&D Immunizations don't appear to be "real-time", to some extent they are since Internet Explorer accesses them dynamically during its operation, so the common belief that they are "passive" protection is actually false.

[miamibucki]

Thanks to all for the above discussion. The above listed fix, from McAfee worked like a charm, but I now have a few questions.

1. What do I need to do with the domains I exported to my desktop, can I delete them or do I need to save them.

2. Am I still immunized?

3. What happens if I update either Spybot or the immunizations? Do I need to rework the fix?

Thanks in advance,

Doug