Skip navigation

Windows Client UPDATE--Microsoft Enters the War on Spyware--January 20, 2005

Subscribe to Windows IT Pro:

Make sure that overzealous antispam software doesn't block your copy of Windows Client UPDATE--add [email protected] to your list of allowed senders and contacts.

This email newsletter comes to you free and is supported by the following advertisers, which offer products and services in which you might be interested. Please take a moment to visit these advertisers' Web sites and show your support for Windows Client UPDATE.

Saving Time and Money with Network Faxing;13454697;8214395;s?

Exchange & Outlook Administrator;13454699;8214395;u?


1. Commentary
- Microsoft Enters the War on Spyware

2. News & Views
- Microsoft Plots the Next Exchange Server Version

3. Resources
- Tip: "System Log Full" Errors
- Featured Thread: Featured Thread: New Year's Resolution: W2K3!

4. New and Improved
- Manage Your Backups
- Recover Unbootable Machines in Minutes
- Tell Us About a Hot Product and Get a T-Shirt!

==== Sponsor: Saving Time and Money with Network Faxing ====

Despite the rise of e-mail and the Internet, fax continues to be an important means of business communication. Organizations can save significantly on long distance costs, increase worker productivity, and streamline their business processes simply by connecting a fax server to their local area network. In this free white paper, you'll understand the specific cost savings, security benefits, and productivity enhancements of implementing a fax server solution including the V.34 fax standard and how it can contribute to further productivity gains and cost reductions. Get this white paper now!;13454697;8214395;s?


==== 1. Commentary: Microsoft Enters the War on Spyware ====
by David Chernicoff, [email protected]

If I was asked what software I've recommended most during the past year, I'd probably have to say that it's a dead heat between Lavasoft Ad-Aware ( and Spybot Search & Destroy ( Although I don't think these are the greatest software products in existence, the problem associated with spyware and adware has become pandemic.

There has been a constant stream of comments from Windows users and the press wondering when Microsoft would do something about the problem that these threats represent to its OS. Unusually quiet about the topic for quite a while, Microsoft acquired antispyware/antispam vendor GIANT Company Software ( last month, and less than 4 weeks after the acquisition, has released a new version of GIANT's antispyware tool as Microsoft Windows AntiSpyware (Beta 1).

AntiSpyware installation is simple, and the scanning functionality appears to be fairly fast. I didn't have a severely infected system to try it on, but the tool did find some sample spyware-infected files that I keep around for testing, correctly identified the spyware, and reported what I should do about it. The software also switched my homepage to from the blank page it was set at, which is an annoyance common to spyware tools; they report a blank page as a hijack attempt, although the other spyware tools I use don't reset the page to something else. Fortunately, I was able to reconfigure the software, using the Advanced Tools settings, to tell it that about:blank was my preferred home page and to keep it set to that address.

The software also can install (at the users discretion) several real-time agents that monitor the status of system settings that spyware often uses. Broken down into the categories Internet, System, and Application, the 59 checkpoints that the agents monitor should be able to defeat most known spyware threats. I encountered the actions of these agents when I attempted to run a few scripts that I load at boot. The agent alerted me to the scripts attempting to execute and gave me the option to allow or prevent their execution. I told the program to allow the execution and to remember the setting, so after the first notification I no longer receive an alert when my system executes the startup scripts. By checking the Agent Events information, I can see which user allowed the scripts to execute, so if I was trying to determine spyware problems on a user's computer, I could check an audit log of actions that precipitated a possible infection.

Unlike many common spyware tools, the Microsoft tool does a good job of explaining what it can do, has done, or wants to do with spyware infections. The information is clearly presented, with useful levels of drilldown in many situations. Although this is the beta of the first Microsoft iteration of the software, it's obvious that the underlying technology that Microsoft purchased to build this product is a sound foundation to build on. AntiSpyware is worth checking out, even if you currently use another spyware solution; if you aren't using one, this is a good place to start.


==== Sponsor: Exchange & Outlook Administrator ====

Try a Sample Issue of Exchange & Outlook Administrator!
If you haven't seen Exchange & Outlook Administrator, you're missing out on key information that will go a long way towards preventing serious messaging problems and downtime. Request a sample issue today, and discover tools you won't find anywhere else to help you migrate, optimize, administer, backup, recover, and secure Exchange and Outlook. Order now!;13454699;8214395;u?

==== 3. News & Views ====
by Paul Thurrott, [email protected]

Microsoft Plots the Next Exchange Server Version
The next version of Microsoft Exchange Server, known internally as Exchange 12 (E12), will build on the many improvements Microsoft has made to Exchange Server 2003 since the company first released the product in late 2003. E12 will synchronize with a major update of Microsoft Office Outlook and Windows Mobile, both of which will be optimized for E12.

==== Announcements ====
(from Windows IT Pro and its partners)

True High-Availability for Microsoft Exchange Web Seminar--February 3
Discover solutions that minimize the likelihood of downtime in your Exchange implementation and help to ensure continuous Exchange application availability. In this free Web seminar, learn how you can ensure high-availability through the use of tools that analyze and proactively monitor the health of your entire Exchange environment. Register now!

Got NDS? Get The Essential Guide to an NDS-to-Active Directory Migration
Migrating from NDS or eDirectory to AD can present complexities and pitfalls. For a smooth transition, you must prepare for the challenge and simplify your migration processes. The Essential Guide to an NDS-to-Active Directory Migration shows you how to perform a successful migration with minimal impact on your organization. Download this guide today.

Windows Connections Conference Spring 2005
Mark your calendar for Windows Connections Spring 2005, April 17-20, 2005, at the Hyatt Regency in San Francisco. Sessions jam-packed with tips and techniques you need to know to ensure success in today's enterprise deployments. Get the complete brochure online or call 203-268-3204 or 800-505-1201 for more information.;13381178;8214395;l?

Sensible Best Practices for Exchange Availability Web Seminar--January 27
If you're discouraged about not having piles of money for improving the availability of your Exchange server, join Exchange MVP Paul Robichaux for this free Web seminar and learn how to maximize your existing configuration. Survive unexpected outages, plan for the unplannable, and evaluate what your real business requirements are without great expense. Register now!

==== 4. Resources ====

Tip: "System Log Full" Errors
(contributed by David Chernicoff, [email protected])

While I was talking to a local small-business owner, he mentioned he was waiting for his computer consultant to show up. Several of his users couldn't access their computers; they would get an error message that said the system log was full. The owner asked me whether I knew a workaround for this logon problem, and I told him that any administrative account could log on to the computer and fix the problem. His own account had administrative rights, so I explained how to fix the problem.
1. Go to Start, Administrative Tools, Event Viewer (or go to Start, Run, and enter eventvwr.msc).
2. Right-click the Security entry in the left pane and select Properties from the context menu.
3. In the Log size section, select either "Overwrite events as needed" or "Overwrite events older than N days."
4. Click OK.

The problem occurred because the consultant who did his computer support had switched the setting to "Do not overwrite events" so that he could diagnose an access control problem the company had been having. Unfortunately, he didn't switch the settings back to the default, and when the user logs filled up (about 10 months later) the systems would no longer let users without administrative privileges log on.

Featured Thread: New Year's Resolution: W2K3!
Visit Sean Deuby's blog and join the discussion about problems and experiences with migrating Active Directory (AD) to Windows Server 2003.

==== Events Central ====
(A complete Web and live events directory brought to you by Windows IT Pro:

Ensure Successful Token Authentication
Take the first steps toward leaving passwords behind and implementing tokens for your users and systems. Register now for this free Web seminar and find out how you can future-proof your investment, while making a solid business case to justify the costs. Discover pitfalls to avoid, the right combinations to use, key evaluation and testing points and critical success factors for rollout time. Sign up today and become an expert on the range of technologies and applications supported by today’s token technologies!

==== 5. New and Improved ====
by Barb Gibbens, [email protected]

Manage Your Backups
Genie-Soft has released Genie Backup Manager Home Edition, a backup and restore utility whose wizard interface lets you easily automate backups of files and folders, emails, settings, applications, and more. The product supports backups to a variety of storage media, including internal and external hard disks, memory sticks, and removable devices. A catalog helps you keep track of file versions and lets you run, view, and extract files directly from the backup set without having to use the restore wizard, and 128-bit Advanced Encryption Standard (AES) encryption protects your data. Genie Backup Manager supports Windows 98 and later and costs $50. For more information or to download a trial version of the software, go to the vendor's Web site.

Recover Unbootable Machines in Minutes
UltraBac Software announces UltraBac Disaster Recovery (UBDR) Gold, an image-based backup and disaster-recovery utility for Windows workstations and servers. Image-based recovery is significantly faster than traditional file-by-file recovery. UBDR Gold supports virtually every type of storage device and provides integrated FTP recovery, which lets you restore an image from a LAN, WAN, or the Internet. The ability to script restores means that UBDR Gold can set up the network, restore the image to a preselected partition, and automatically reboot the machine. For more information, contact the vendor by phone at 425-664-6000, by email at [email protected], or on the Web.

Tell Us About a Hot Product and Get a T-Shirt!
Have you used a product that changed your IT experience by saving you time or easing your daily burden? Tell us about the product, and we'll send you a Windows IT Pro T-shirt if we write about the product in a future Windows IT Pro What's Hot column. Send your product suggestions with information about how the product has helped you to [email protected]

==== Sponsored Link ====

Argent versus MOM 2005
Experts Pick the Best Windows Monitoring Solution;13273616;8214395;i?

==== Contact Us ====

About the newsletter -- [email protected] About technical questions -- About product news -- [email protected] About your subscription -- [email protected] About sponsoring an UPDATE -- [email protected]


This email newsletter is brought to you by Windows IT Pro, the leading publication for IT professionals deploying Windows and related technologies. Subscribe today!

View the Windows IT Pro Privacy policy at

Windows IT Pro is a division of Penton Media, Inc.
221 East 29th Street, Loveland CO 80538
Attention: Customer Service Department

Copyright 2005, Penton Media, Inc. All Rights Reserved.

TAGS: Security
Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.