Couple AntiSpyware buglets

[Phony McRingRing]

1) I have a hundred or so restricted sites defined. One
or two of the registry-entries are detected as bad. We
know the sites are bad; that's why they're restricted.

2) I've had to disable hosts-file scanning, because
largish files are not parsed properly. Entries detected
as bad are displayed all munged-up like, instead of:

ads.zedo.com 127.0.0.1 # (loopback)

it will read it as something like

o.com|127.0.0.1 127.0.0.1

Other than these couple things:

The software appears to get updated frequently (for now);
is free (for now?? -- would never use if our enterprise
had to pay extra). In sum it has the potential to be as
good as other similar programs we are already using,
particularly the very similar, very well-supported, free
programs whose names we are loathe to mention lest they
be squashed out of business (SB & SG).

 

[Steve Dodson [MSFT]]

Inline Response:

Steve Dodson [MSFT]
MCSE, CISSP
PSS Security

--

This posting is provided "AS IS" with no warranties, and confers no rights.
Use of included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm

Note: For the benefit of the community-at-large, all responses to this
message are best directed to the newsgroup/thread from which they
originated.
--------------------

Content-Class: urn:content-classes:message
From: "Phony McRingRing" <[email protected]>
Sender: "Phony McRingRing" <[email protected]>
Subject: Couple AntiSpyware buglets
Date: Wed, 26 Jan 2005 08:14:03 -0800
Lines: 23
Message-ID: <[email protected]>
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Newsreader: Microsoft CDO for Windows 2000
X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4910.0300
Thread-Index: AcUDwg2izCdeFNDKS6a0URCA6PZC/g==
Newsgroups: microsoft.private.security.spyware.announcements
Path: cpmsftngxa10.phx.gbl
Xref: cpmsftngxa10.phx.gbl microsoft.private.security.spyware.announcements:1050
NNTP-Posting-Host: tk2msftngxa12.phx.gbl 10.40.1.164
X-Tomcat-NG: microsoft.private.security.spyware.announcements

1) I have a hundred or so restricted sites defined. One
or two of the registry-entries are detected as bad. We
know the sites are bad; that's why they're restricted.

What does MWAS attempt to do with this registry key?
What does MWAS flag the reg keys as?

2) I've had to disable hosts-file scanning, because
largish files are not parsed properly. Entries detected
as bad are displayed all munged-up like, instead of:

ads.zedo.com 127.0.0.1 # (loopback)

it will read it as something like

o.com|127.0.0.1 127.0.0.1

Other than these couple things:

Is this just the pop-up, or your actual host file.