[THIN] Re: Spyware Tools

  • From: "PETERSON, DAVID" <DPETERSO@xxxxxxxxxxx>
  • To: <thin@xxxxxxxxxxxxx>
  • Date: Fri, 15 Oct 2004 17:03:30 -0400

Has anyone tried an app like AppSense Application Manager for spyware?
It might be overkill, but may be more likely to stop them from
installing if a program is only allowed to run or install if the owner
is a preset trusted user.


From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On
Behalf Of Trevor Fuson
Sent: Friday, October 15, 2004 4:56 PM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: Spyware Tools

Autoruns from sysinternals, it is similar to Hijack this however
autoruns can hide MS signed components and executables.  This makes
malware disguised as MS components really pop out. 
The problem with all spyware removable tools is that they will never
detect all malware.  In fact most malicious software is actually valid
software that has been specially configured to host all sorts of
undesirable services from your computer.  Types of software such as FTP
servers, Web Servers, SMTP Servers, Task Schedulers, Packet Sniffers and
Remote Control tools will all most likely be not be detected.
Run autoruns with every option under the view menu selected, then
inspect each entry on an individual basis.  You should see a few items,
like your antivirus and terminal services related tools.


From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On
Behalf Of Rusty Yates
Sent: Friday, October 15, 2004 11:37 AM
Subject: [THIN] Spyware Tools

What is everyone using to scan their servers for Spyware?  We are
currently looking for options.
Thanks, Rusty

NOTICE: This electronic mail transmission from the law firm of Dinsmore & Shohl 
may constitute an attorney-client communication that is privileged at law.  It 
is not intended for transmission to, or receipt by, any unauthorized persons. 
If you have received this electronic mail transmission in error, please delete 
it from your system without copying it, and notify the sender by reply e-mail, 
so that our address record can be corrected.

Other related posts: