For my personal use, I use a combination of MSAS, Spybot, and Ad-aware.
I find myself doing a lot of house calls lately to clean up
friends/family's computers that have been consumed by the devil of
spyware. I have seen the worst of the worst and with some patience; I
have gotten many of the computer I work on to a stable working order
with the 3 mentioned applications above without having to sing the song
of "fdisk, format, reinstall, Do Da, Do Da".
For the enterprise solution, I have tried Webroot's Enterprise
Spysweeper. The install went 'ok' but I couldn't even get the resource
hogging java based application to allow me to log in. And the support
was horrible. I eventually gave up and uninstalled it from my server.
I think we all dream of a day when computers will heal themselves, but
then we would be out of jobs.
-Brad Martin
-----Original Message-----
From: Joe George [mailto:j.george@conservation.org]
Sent: Wednesday, October 26, 2005 8:08 AM
To: Planz; Quark IT - Hilton Travis
Cc: focus-virus@securityfocus.com
Subject: RE: Microsoft AntiSpyware falling further behind
I would also recommend running MSAS and/or any other anti-spyware
utility on normal mode and once in safe mode for good measure. I was
amazed at what wasn't being picked up in some cases after running once.
I definitely agree with Bruce Klein. Using more anti-spyware apps maybe
overkill, but if it doesn't affect the host machine negatively, might as
well. Rebuilding computers should be a last resort.
Best,
Joe
-----Original Message-----
From: Planz [mailto:planz2009@gmail.com]
Sent: Tuesday, October 25, 2005 9:36 PM
To: Quark IT - Hilton Travis
Cc: focus-virus@securityfocus.com
Subject: Re: Microsoft AntiSpyware falling further behind
My experience with MSAS was also similar. To verify whether MSAS is
really working, I used SpybotS&D to scan my PC after surfing for
sometime. MSAS, didn't alert me during the surfing, but SpybotS&D
detected a lot. No single security solution is a saviour.
Quark IT - Hilton Travis wrote:
Hi All,
It seems that not only does Microsoft AntiSpyware recommend that
Claria's spyware is ignored, but it also misses a significant amount of
cookies that are placed on a system - I have a VPC environment where I
browse the Internet so that anywhere I go won't affect my regular
Windows session/installation. Regularly CounterSpy is detecting
cookies
(such as Cok.ad.yieldmanager, CGI-Bin, Cok.AssassinTrojan2.0 and Zedo
(from yesterday's browsing)) that Microsoft AntiSpyware simply does not
know about.
Now, this is not only disappointing, but potentially dangerous. Any
customer or end user running Microsoft AntiSpyware or CounterSpy is not
being protected from these cookies, and MSAS doesn't even detect them -
that's right, neither program's active monitoring is stopping the
installation of these cookies, but at least CounterSpy is detecting
them
post-installation.
AntiSpyware is far, far from the accuracy of antivirus, especially
something like NOD32. I wonder how long it will be before a decent
AntiSpyware application is released that, like NOD32 does with viruses,
actually stops spyware *before* it is installed?
--
Regards,
Hilton Travis Phone: +61 (0)7 3344 3889
(Brisbane, Australia) Phone: +61 (0)419 792 394
Manager, Quark IT http://www.quarkit.com.au
Quark Group http://quarkgroup.com.au/
Microsoft Small Business Specialists
http://www.threatcode.com/ <-- its now time to shame poor coders
into writing code that is acceptable for use on today's networks
War doesn't determine who is right. War determines who is left.
This document and any attachments are for the intended recipient
only. It may contain confidential, privileged or copyright
material which must not be disclosed or distributed.
