Heya, I've been using the beta for this for a couple of
days, testing what it can pick up and how good it is by
infecting myself with spyware and browser hijackers to see
if the beta would pick them up. Unfortunately it missed
more than 3/4 of the infected files. Particurly:
.. Coolwebsearch files - i.e. smiley central spyware etc
.. Browser Hijackers
.. suspicious cookies - i.e. tracking cookies, data miners
.. Trojan generators and Trojans - didn't expect it to pick
these up, however they were obtained by simply going on a
webpage, infecting my pc in the same manner as spyware,
which is a serious security issue.
Most of these files were picked up using a combination of
other software:
..Ad-Aware Se
..Browser Sentinal
..Browser Hijack Recovery
..Avast! Antivirus
The majority of the files which were underdetected were
associated with doubleclick.net.

Yes that is bad! It shows that Microsoft Antispyware isn't
quite there yet; while keeping in mind thatt the threats
you mention are picked up by other detectors. That can be
fixed by better detection strings. Precisely why i use
several antispyware programs for scans.

>-----Original Message-----
>Heya, I've been using the beta for this for a couple of
>days, testing what it can pick up and how good it is by
>infecting myself with spyware and browser hijackers to see
>if the beta would pick them up. Unfortunately it missed
>more than 3/4 of the infected files. Particurly:
>.. Coolwebsearch files - i.e. smiley central spyware etc
>.. Browser Hijackers
>.. suspicious cookies - i.e. tracking cookies, data miners
>.. Trojan generators and Trojans - didn't expect it to
pick
>these up, however they were obtained by simply going on a
>webpage, infecting my pc in the same manner as spyware,
>which is a serious security issue.
>Most of these files were picked up using a combination of
>other software:
>..Ad-Aware Se
>..Browser Sentinal
>..Browser Hijack Recovery
>..Avast! Antivirus
>The majority of the files which were underdetected were
>associated with doubleclick.net.
>.
>

Rich wrote
>-----Original Message-----
>Yes that is bad! It shows that Microsoft Antispyware
>isn't quite there yet; while keeping in mind thatt the
>threats you mention are picked up by other detectors.
>That can be fixed by better detection strings. Precisely
>why i use several antispyware programs for scans.

I think we need more than just to detect malicious strings
beacuse these changes in this battle. example CWS,
About:blank, VX2.

A better "sandbox technology" to simulate with a
real "micro computer" and the run all new executable
files within this box is better than to only identify
strings.

Norman Antivirus and others vendors uses this technology
for viral detection.

http://www.norman.com/Virus/13927/en

--
plun

Hi Ross,
It would be interesting to see what % of the 'missed' items were dataminers
and cookies as this product doesn't currently scan for them.


Ron Chamberlin
MS-MVP

"Ross MacLeod" <(E-Mail Removed)> wrote in message
news:0cfa01c51cc1$96782810$(E-Mail Removed)...
> Heya, I've been using the beta for this for a couple of
> days, testing what it can pick up and how good it is by
> infecting myself with spyware and browser hijackers to see
> if the beta would pick them up. Unfortunately it missed
> more than 3/4 of the infected files. Particurly:
> . Coolwebsearch files - i.e. smiley central spyware etc
> . Browser Hijackers
> . suspicious cookies - i.e. tracking cookies, data miners
> . Trojan generators and Trojans - didn't expect it to pick
> these up, however they were obtained by simply going on a
> webpage, infecting my pc in the same manner as spyware,
> which is a serious security issue.
> Most of these files were picked up using a combination of
> other software:
> .Ad-Aware Se
> .Browser Sentinal
> .Browser Hijack Recovery
> .Avast! Antivirus
> The majority of the files which were underdetected were
> associated with doubleclick.net.
>