lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20040210085509.GA2345@mail>
From: trik-news at gmx.de (Spiro Trikaliotis)
Subject: anti-adware and false positives (was: Virus infect on single user)

Hello,

* On Mon, Feb 09, 2004 at 02:35:05PM -0800 CHS wrote:
 
> I find that you should run both spybot S&D *AND* adaware together for the
> best possible adware/malware/spyware protection. they both catch stuff
> that the other does not. between the two though, you get rid of
> EVERYTHING.

Yes, you get rid of EVERYTHING - especially of things you still need.
:-(

Is there any developper on this list who uses a Microsoft DDK f?r NT4,
2000 or XP? You cannot use Adaware on such a machine, as it always
stumbles on the headers and source files of the provided examples,
especially the network examples. It tells me they would be part of some
malware.

Although its more than possible that these header files are part of some
malware which uses network connections, these false positives make
Adaware completely useless for a developper. Why can't it just check the
files that differ between "legal" examples and malware? An MD5 sum for
the files provided by MS would be enough to ensure these are left
unmodified, wouldn't it?

Just some thoughts,
   Spiro.


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ