Spywares not detected

G

Guest

Hi,

I have 2 questions. The first one: Is there a way to know what the user
accepted when MAS prompted them asking if it was ok or if a certain spyware
process should be blocked when it tries to install on the computer?

Second one is: Is it logical to say that MAS doens't protect you against
all threats? Meaning I have a laptop that came back to me recently with a
Winhound spyware and some other stuff on it. How come MAS doesn't pick this
up?
 
B

Bill Sanderson

See if Tools, real time protection, view security agent events is what you
are looking for. You can also see all blocked events.

Yes, Microsoft Antispyware can fail to protect a system. Some threats are
not in the signature base. Some users will answer prompts incorrectly.
I've had similar experiences--in fact have a machine now which is
definitely "dirty" but which Microsoft Antispyware has pronounced clean. I
suspect a combination of a trojan using root-kit like techniques to hide
other software, together with more run-of-the-mill spyware. I don't know of
a good forensic method to try to spot how this infection got started--I
should go back and read the log reference I just gave you on that machine.

It isn't clear to me whether such infections are always user error, or
whether they involve unmonitored startup vectors, or software
vulnerabilities that allow a drive-by install, to which a user perhaps
mistakenly assents.

The goal is certainly to prevent this kind of occurrence, and getting
Suspected Spyware reports in where possible is one way to help at the
moment.
 
G

Guest

Thank you very much you answered my questions and I just found the Spyware
reports that you can fill out. This will be very useful.

Gabriel
 
B

Bill Sanderson

Unfortunately, there's a bug that a good many users see which results in a
proxy error upon submission of these reports.

If you get this error, don't spend time troubleshooting it unless you really
are behind a proxy and might have the settings for IE wrong.

--
 
R

Richard Urban

There is no single program, or combination of programs, that will protect
you from "all" threats.

Any program that could do so, would have to protect your computer from
"you", as "you" (hypothetically speaking - don't take offence) are the
single biggest threat to your computer.

A combination of good antivirus programs, anti spyware programs and safe
on-line viewing/surfing/email habits is the best protection - though still
not 100% certain!

--


Regards,

Richard Urban
Microsoft MVP Windows Shell/User

Quote from George Ankner:
If you knew as much as you think you know,
You would realize that you don't know what you thought you knew!
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

some observations on MAS (oh... and the tracks eraser doesn't work properly) 6
Comparability of Spyware systems 8
Problem wiiht Hijacker and AntiSpyware not removing it - Help 4
wireless expresscard not detected 2
"Computer is infected" - but MSAS shows "No Known Issues Detected" 2
CD/DVD drive is not detected 8
MS Spyware not picking known spyware 3
MS AntiSpyware - doing anything? 11

Top