1) I have a hundred or so restricted sites defined. One
or two of the registry-entries are detected as bad. We
know the sites are bad; that's why they're restricted.

2) I've had to disable hosts-file scanning, because
largish files are not parsed properly. Entries detected
as bad are displayed all munged-up like, instead of:

ads.zedo.com 127.0.0.1 # (loopback)

it will read it as something like

o.com|127.0.0.1 127.0.0.1

Other than these couple things:

The software appears to get updated frequently (for now);
is free (for now?? -- would never use if our enterprise
had to pay extra). In sum it has the potential to be as
good as other similar programs we are already using,
particularly the very similar, very well-supported, free
programs whose names we are loathe to mention lest they
be squashed out of business (SB & SG).

Inline Response:

Steve Dodson [MSFT]
MCSE, CISSP
PSS Security

--

This posting is provided "AS IS" with no warranties, and confers no rights.
Use of included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm

Note: For the benefit of the community-at-large, all responses to this
message are best directed to the newsgroup/thread from which they
originated.
--------------------
>Content-Class: urn:content-classes:message
>From: "Phony McRingRing" <(E-Mail Removed)>
>Sender: "Phony McRingRing" <(E-Mail Removed)>
>Subject: Couple AntiSpyware buglets
>Date: Wed, 26 Jan 2005 08:14:03 -0800
>Lines: 23
>Message-ID: <07ed01c503c2$0da20d70$(E-Mail Removed)>
>MIME-Version: 1.0
>Content-Type: text/plain;
> charset="iso-8859-1"
>Content-Transfer-Encoding: 7bit
>X-Newsreader: Microsoft CDO for Windows 2000
>X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4910.0300
>Thread-Index: AcUDwg2izCdeFNDKS6a0URCA6PZC/g==
>Newsgroups: microsoft.private.security.spyware.announcements
>Path: cpmsftngxa10.phx.gbl
>Xref: cpmsftngxa10.phx.gbl
microsoft.private.security.spyware.announcements:1050
>NNTP-Posting-Host: tk2msftngxa12.phx.gbl 10.40.1.164
>X-Tomcat-NG: microsoft.private.security.spyware.announcements
>
>1) I have a hundred or so restricted sites defined. One
>or two of the registry-entries are detected as bad. We
>know the sites are bad; that's why they're restricted.

What does MWAS attempt to do with this registry key?
What does MWAS flag the reg keys as?

>
>2) I've had to disable hosts-file scanning, because
>largish files are not parsed properly. Entries detected
>as bad are displayed all munged-up like, instead of:
>
>ads.zedo.com 127.0.0.1 # (loopback)
>
>it will read it as something like
>
>o.com|127.0.0.1 127.0.0.1
>
>Other than these couple things:
>

Is this just the pop-up, or your actual host file.


>The software appears to get updated frequently (for now);
>is free (for now?? -- would never use if our enterprise
>had to pay extra). In sum it has the potential to be as
>good as other similar programs we are already using,
>particularly the very similar, very well-supported, free
>programs whose names we are loathe to mention lest they
>be squashed out of business (SB & SG).
>