| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: pwicks at oxygen.com (James Patterson Wicks) Subject: Microsoft AntiSpyware - First Impressions We knew that Microsoft was going to put out an anti-spyware product after they bought Giant in December, but I did not figure they could re-brand Giant's software in under a month. Their first shot at anti-spyware came out today - Microsoft AntiSpyware (Beta). I installed it on a test machine that I have in the office. Just to be safe, I ran a full Spybot S&D scan and then uninstalled the resident TEA program since Microsoft AntiSpyware will install an agent if you so wish. The only part of the installation that was strange was the "recommended" option of joining the "Spynet AntiSpyware Community" their 'Spyware Neighborhood Watch' that connects you to other computers running the Microsoft AntiSpyware software. Don't know how many people will choose that option, but to me it does not make sense to connect to a peer-to-peer network of infected computers, encrypted traffic or not. I ran a full system scan and to my surprise, the software found some old Timbuktu and Dameware DLL's that I thought were uninstalled a year ago. Were the files harmful? The tool stated that the Dameware files were low risk, but the Timbuktu files were high risk. The tool also found "iLookup.GlobalWebSearch Browser Hijacker", "StartNow Hyperbar Toolbar" and a bunch of "MiniBug" instances. I was somewhat surprised since my machine was "clean" already. I then set up two lab desktops and applied the same clean image on both of them (no anti-virus or firewall installed). I then used IE to surf to the first ten sites Google brought up when searching for "online gambling" sites. I then ran full system scans using Microsoft AntiSpyware on one desktop and Spybot S&D on the other machine. Spybot found 65 objects, the Microsoft tool found 92 objects. The results were similar except that the Microsoft tool found a few more cookies, a bunch of minibugs and something called "SearchSquire." While this was just a quick test to satisfy my curiosity about the Microsoft tool, my initial feeling is that the Microsoft AntiSpyware is worth a test deployment in the office. This beta expires in July. Hopefully the final version will be free and allow for centralized domain management. It's the least that Microsoft can do. Pat Wicks Systems and Network Engineer This e-mail is the property of Oxygen Media, LLC. It is intended only for the person or entity to which it is addressed and may contain information that is privileged, confidential, or otherwise protected from disclosure. Distribution or copying of this e-mail or the information contained herein by anyone other than the intended recipient is prohibited. If you have received this e-mail in error, please immediately notify us by sending an e-mail to postmaster@...gen.com and destroy all electronic and paper copies of this e-mail. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20050106/4ee26610/attachment.html
Powered by blists - more mailing lists