Full Disclosure mailing list archives
Microsoft AntiSpyware - First Impressions
From: "James Patterson Wicks" <pwicks () oxygen com>
Date: Thu, 6 Jan 2005 23:28:40 -0500
We knew that Microsoft was going to put out an anti-spyware product after they bought Giant in December, but I did not figure they could re-brand Giant's software in under a month. Their first shot at anti-spyware came out today - Microsoft AntiSpyware (Beta). I installed it on a test machine that I have in the office. Just to be safe, I ran a full Spybot S&D scan and then uninstalled the resident TEA program since Microsoft AntiSpyware will install an agent if you so wish. The only part of the installation that was strange was the "recommended" option of joining the "Spynet AntiSpyware Community" their 'Spyware Neighborhood Watch' that connects you to other computers running the Microsoft AntiSpyware software. Don't know how many people will choose that option, but to me it does not make sense to connect to a peer-to-peer network of infected computers, encrypted traffic or not. I ran a full system scan and to my surprise, the software found some old Timbuktu and Dameware DLL's that I thought were uninstalled a year ago. Were the files harmful? The tool stated that the Dameware files were low risk, but the Timbuktu files were high risk. The tool also found "iLookup.GlobalWebSearch Browser Hijacker", "StartNow Hyperbar Toolbar" and a bunch of "MiniBug" instances. I was somewhat surprised since my machine was "clean" already. I then set up two lab desktops and applied the same clean image on both of them (no anti-virus or firewall installed). I then used IE to surf to the first ten sites Google brought up when searching for "online gambling" sites. I then ran full system scans using Microsoft AntiSpyware on one desktop and Spybot S&D on the other machine. Spybot found 65 objects, the Microsoft tool found 92 objects. The results were similar except that the Microsoft tool found a few more cookies, a bunch of minibugs and something called "SearchSquire." While this was just a quick test to satisfy my curiosity about the Microsoft tool, my initial feeling is that the Microsoft AntiSpyware is worth a test deployment in the office. This beta expires in July. Hopefully the final version will be free and allow for centralized domain management. It's the least that Microsoft can do. Pat Wicks Systems and Network Engineer This e-mail is the property of Oxygen Media, LLC. It is intended only for the person or entity to which it is addressed and may contain information that is privileged, confidential, or otherwise protected from disclosure. Distribution or copying of this e-mail or the information contained herein by anyone other than the intended recipient is prohibited. If you have received this e-mail in error, please immediately notify us by sending an e-mail to postmaster () oxygen com and destroy all electronic and paper copies of this e-mail.
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Microsoft AntiSpyware - First Impressions James Patterson Wicks (Jan 07)
- Re: Microsoft AntiSpyware - First Impressions Paul Laudanski (Jan 07)
- Re: Microsoft AntiSpyware - First Impressions KF (lists) (Jan 07)
- Re: Microsoft AntiSpyware - First Impressions KF (lists) (Jan 07)
- <Possible follow-ups>
- RE: Microsoft AntiSpyware - First Impressions irfan . syed (Jan 07)
- Re: Microsoft AntiSpyware - First Impressions Kyle Maxwell (Jan 07)
- Re: Microsoft AntiSpyware - First Impressions Valdis . Kletnieks (Jan 07)
- RE: Microsoft AntiSpyware - First Impressions jerome.athias (Jan 09)
- Re: Microsoft AntiSpyware - First Impressions Andrew Smith (Jan 09)
- Re: Microsoft AntiSpyware - First Impressions Mary Landesman (Jan 09)
- Re: Microsoft AntiSpyware - First Impressions Kyle Maxwell (Jan 07)
- RE: Microsoft AntiSpyware - First Impressions James Patterson Wicks (Jan 09)