PDA

View Full Version : MS AntiSpyware & Spybot



Tony
27-05-2005, 12:38 PM
An FYI to maybe save people some work and analysis:

MS Spyware was showing an "unidentified" BHO and ActiveX object. When I saw these I was a bit concerned, but after spending ages blocking all my startup items and then re-allowing them one by one I was able to identify them as loaded by TeaTimer - which I guess is OK, although it would be nice if Spybot properly identified them.

Murray P
27-05-2005, 02:24 PM
An FYI to maybe save people some work and analysis:

MS Spyware was showing an "unidentified" BHO and ActiveX object. When I saw these I was a bit concerned, but after spending ages blocking all my startup items and then re-allowing them one by one I was able to identify them as loaded by TeaTimer - which I guess is OK, although it would be nice if Spybot properly identified them.

Considering Spybot is in the path, it's hardly Spybot's fault that MS Antispyware refuses to recognise it. This is a limitation of the MS product (in that it does not recognise or scan a lot of non-MS products thbus leaving gaps in info and security) and the reason why people should not use it to the exclusion of other products. It's another goodish weapon in the armoury though.

Tony
27-05-2005, 05:54 PM
In MS Antispyware, there is a column headed "details" against each object. Several non-MS objects are identified - Macromedia, Adobe, Fresh Devices, et al. I don't know where those details come from, but presumably Spybot could supply them in the same way.

I not really complaining about Spybot, after all the price is right :) And you are right, MS Antispyware is not the be-all and end-all.

I was just trying to possibly save others some work in the future.

Murray P
27-05-2005, 06:30 PM
In the left hand column, mine is clearly identified as Spybot. Some others are harder to fathom, a Java plugin for eg. Mainstream stuff seems to get listed, alot O.S or free stuff doesn't. Not everything will be nicely identified, but AFAIK, before it became MS Antispyware, the Giant programme would list them as accurately as it could a wider range of files.

Maybe it's a function of MS-AS's inability to check such prammes as Firefox but will check IE. It makes one a little suspicious as to why it lacks this simple ability to sacn pragammes, which should be system wide, when it is built in for others. The implication I gain from that is, that it is specefically disabled from scanning and testing some files. The logic of such an approach to security defies me though.

Apparently it has thrown a few false positives (to be expected in beta), so be wary of what you have it fix.

Tony
27-05-2005, 08:07 PM
I agree about being suspicious of the Microsoft-centricity (how about that for a new word?), but I think we need to wait for the proper release before finally passing judgement. I think MS would be shooting itself in the foot if it did deliberately exclude non-MS environments.