- Sign-up Now!
 - Current Issue
 - Edit Your Profile/Unsubscribe

Subscribe | Media Kit | About Us | All Issues | Subscriber Feedback | Contact Us | Privacy Statement
Sunbelt W2Knews™ Electronic Newsletter
The secret of those "who always seem to know" - Over 500,000 Readers!
Mon, May 2, 2005 (Vol. 10, #18 - Issue #523)
MOM and SMS Marriage On The Rocks
  This issue of W2Knews™ contains:
  1. EDITORS CORNER
    • Adware, Rootkits and Worms: Translating Malware Speak
    • Need Enterprise Antispyware? Don't Wait For Redmond
    • Sunbelt Scoops Up Google-like Spyware Sniffer
  2. ADMIN TOOLBOX
    • Admin Tools We Think You Shouldn't Be Without
  3. TECH BRIEFING
    • Check Out The New Windows IT Download Library
    • New Products Announced at MMS 2005
    • MOM and SMS Marriage On The Rocks
    • Windows Security Clinic: You've been hacked! Now what?
  4. NT/2000 RELATED NEWS
    • OK, 64-bit Computing is Officially Here
    • So, What Finally Wound Up In Longhorn?
    • Public W2K3 Server R2 Beta Set For This Week
    • Microsoft Plans Joint Research With French Government
    • SQL Server 2005 Express: A free version of SQL Server 2005
    • Microsoft Puts Admins and Developers On The Same Page
  5. NT/2000 THIRD PARTY NEWS
    • HIPAA Kicks In This Month; You Need Spyware Protection
    • Unisys Offers Long-distance Fail-over
    • CounterSpy Wins Laptop Magazine Editors' Choice Award
    • First Look: Symantec's So-So Spyware Protection
  6. W2Knews 'FAVE' LINKS
    • This Week's Links We Like. Tips, Hints And Fun Stuff
  7. PRODUCT OF THE WEEK
    • CounterSpy Compared To Spyware Doctor And MSAS
  SPONSOR: Tech.Ed
Learn, solve and grow at Tech?Ed 2005 -- June 5-10, Orlando, FL.
Get the most from the applications, languages, and code for the
Microsoft® platform you work with every day. Evaluate and test-
drive the latest software. Meet and talk to the architects and
engineers who built it. Network with thousands of your peers.
See the largest collection of Microsoft and Microsoft Partner
Solutions. Register now. Microsoft.com/TechEd
Visit Tech.Ed for more information.
  EDITORS CORNER

Adware, Rootkits and Worms: Translating Malware Speak

If you have trouble differentiating between adware and spyware or viruses and worms, attend this webcast: "Detecting and removing rootkits in Windows" sponsored by Sunbelt Software. Microsoft's Kurt Dillard defines common malware terms. You can pre-register right now.

When: May 10, 2005, 9:00 EDT (13:00 GMT) Sign up here, please forward this item to any friend that might be interested!
http://www.w2knews.com/rd/rd.cfm?id=050502ED-Rootkits

Need Enterprise Antispyware? Don't Wait For Redmond

If you think you might want to wait for MS to come out with their enterprise antispyware, well, they just said it will take another YEAR. You cannot afford to wait that long with spyware potentially infecting your systems NOW. Microsoft's Security Products Chief just gave an interview where he admits it will take that long. As you are well aware of the usual product release delays in Redmond, here is a short quote that illustrates that waiting for Redmond is not going to cut it:

"Initially, some 14 million users have downloaded Microsoft's free anti-spyware tool... and a for-fee enterprise anti-spyware product is expected as early as the first half of 2006". Full interview at:
http://www.w2knews.com/rd/rd.cfm?id=050502ED-Redmond

Sunbelt Scoops Up Google-like Spyware Sniffer

eWeek had the scoop, even before W2Knews, imagine that! Sunbelt has acquired spider technology that will crawl spyware sites so that new outbreaks can be identified faster. This "mini google" (which we called SPECTRE) automates the identification of new junkware "variants" that come out daily. Sunbelt will have 50 machines scanning the net 24/7 for new spyware! Story at eWeek:
http://www.w2knews.com/rd/rd.cfm?id=050502ED-Spyware_Spyder

Quotes Of The Week:
"All mankind is divided into three classes: those that are immovable, those that are movable, and those that move.", and "Drive thy business or it will drive thee." both by Benjamin Franklin

Warm regards,
Stu Sjouwerman (email me with feedback: [email protected])

  ADMIN TOOLBOX

Admin Tools We Think You Shouldn't Be Without

  TECH BRIEFING

Check Out The New Windows IT Download Library

The Windows IT Download Library offers a one-stop shop for free trial demos of the latest Windows tools and technologies. This site includes commercial software, freeware and shareware. You can search for downloads by topic and you'll find detailed download descriptions so you can learn everything you need to know, including:

  • Target user
  • What IT problems the download solves
  • Product capabilities
  • System requirements
  • And more...

Access the latest downloads focused on the challenges of the Windows IT Pro in the SearchWin2000 library now:
http://www.w2knews.com/rd/rd.cfm?id=050502TB-Download

New Products Announced at MMS 2005

MMS stands for Microsoft Management Summit. They announced their SMS 2003 Scripting Guide - provides over 40 scripts, such as creating advertisements and running queries. It provides how-to examples as well. Get it at the Microsoft site at:
http://www.w2knews.com/rd/rd.cfm?id=050502TB-MMS

MOM and SMS Marriage On The Rocks

At the MMS they also revealed that they decided to cancel a product called System Center. This new code was supposed to combine future versions of SMS and MOM, plus reporting tools into an integrated suite. That ain't gonna happen. The tools will stay separate but will only get a new umbrella name.

Windows Security Clinic: You've been hacked! Now what?

A workstation may be hacked and you need a fix - fast. Three Windows security experts offer a four-part action plan to help you diagnose and remedy the problem. Article at SearchWindowsSecurity.com.
http://www.w2knews.com/rd/rd.cfm?id=050502TB-Security_Clinic

  NT/2000 RELATED NEWS

OK, 64-bit Computing is Officially Here

Microsoft chairman and chief software architect Bill Gates on Monday launched the x64 editions of Windows and gave a public preview of the much-anticipated Windows "Longhorn" user interface at the Windows Hardware Engineering Conference (WinHEC). The 64-bit stuff was expected for a long time so there is not a lot of news to report, except that you can now get your own hot little hands on it. But beware... there may very well be driver problems. Read more:
http://www.w2knews.com/rd/rd.cfm?id=050502RN-64_Bit

So, What Finally Wound Up In Longhorn?

Microsoft Veep Jim Allchin released some more data about Longhorn, the next-generation Windows slideware. It's now expected mid 2006. Microsoft is already starting the hype-machine. They say it's going to rock. Allchin said "[Longhorn] is not incremental. The world, in my opinion, thinks this is perhaps the next version of a service pack. It's not. It's a very big deal. There will be massive marketing. The point here is this is a big deal. XP SP2 was a big deal, but this is a really big deal. We will put a lot of money and marketing emphasis behind this and work with our partners to make sure there's a lot of opportunity for them."

Some of the new features are Instant Desktop Search, a new SyncManager that will have wireless support so it can run more seamlessly between work and home, better security, whole-volume encryption, easy deployment, and "IE 8.0" (more advanced than V7) but will not include anti-virus technology.

Public W2K3 Server R2 Beta Set For This Week

Microsoft plans to publicly release the second beta test version of Windows Server 2003 R2 this week, an update to Windows Server that the company expects to ship in Q4 of this year.
http://www.w2knews.com/rd/rd.cfm?id=050502RN-W2K3_R2_Beta

Microsoft Plans Joint Research With French Government

Microsoft plans to open a research center in France in conjunction with a French government research organization. An announcement could be made as early as Tuesday afternoon during a visit to Paris by Microsoft Chief Executive Officer Steve Ballmer. More:
http://www.w2knews.com/rd/rd.cfm?id=050502RN-MS_France

SQL Server 2005 Express: A free version of SQL Server 2005

Along with the upcoming release of SQL Server 2005, Microsoft is introducing SQL Server Express -- a free version of SQL Server 2005. Serdar Yegulalp reviews the advantages and limitations of SQL Server Express in this tip. (SearchSQLServer.com)
http://www.w2knews.com/rd/rd.cfm?id=050502RN-SQL_2005

Microsoft Puts Admins and Developers On The Same Page

In an interview, a Windows Server executive explained why IT administrators should care about Microsoft's Systems Definition Model. This article can be found at SearchWinSystems.com:
http://www.w2knews.com/rd/rd.cfm?id=050502RN-MS_SDM

  THIRD PARTY NEWS

HIPAA Kicks In This Month; You Need Spyware Protection

Many employers are scrambling to get HIPAA-compliant. For instance, a national disability management company just put into place some kind of content filtering app for their WAN. But a lot of the case managers have company laptops and can connect into their VPN from home. They all work with confidential medical data.

Many of the laptops have freebie anti-spyware but it's not an enterprise version. There's no telling what kind of junkware people have on these company computers. One case worker got a company laptop but the person who had used it before had downloaded one of the rogue anti-spyware apps -- and it was one that actually installs adware. Luckily this was a spyware-literate case worker so she called the IT folks quickly and got that off.

Also many of this kind of employees use their home computers for work. And then their kids use the computers to download who-knows-what. A real recipe for disaster. Most of these users are not computer literate, much less understand about IT security.

Companies that have these kinds of environments should seriously consider CounterSpy Enterprise. For instance physicians' groups, large and small, are going online, having their patients' medical info available 24/7 from anywhere. All these organizations need enterprise spyware protection to guard their patients' confidential medical info.

Just as an example, this is the latest spyware threat database update number 145 for CS Enterprise.

Added from Microsoft:
Trojan.StartPage.IS
RBot.icp
SdBot.cet
SpyBot.lexplore
Trojan.desktop
Rbot.P3
Rbot.msgfix
Wootbot.snapple
Trojan.Ranky.windns32
RBot.navupdaterx
Worm.Bobax
Rbot.rant
SdBot.iexplore
Trojan.Ranky.msvc32
Trojan.Ranky
Trojan.Downloader.Bluestart
Worm.Wallz
Trojan.StartPage.CF
Trojan.Agent.BW
RBot.SVPHOST
SdBot.Work
Trojan.Downloader.WUViewer
RBot.jah
RBot.tskm0nitor
Rbot.winis
Trojan.Downloader.hiden
Trojan.Downloader.wldr
FizzleWizzleSearchbar.B
Adware.GamyunIeToolbar
Worm.Bropia.P
RBot.mdns
Trojan.StartPage.NAU
Worm.Plexus.C
Trojan.Downloader.nmmst
Spyware.OLEDbService
Trojan.ntddetect
Spyware.DOASearch
Trojan.ntfs32
Spyware.ABSPICS
PacerDMedia.Installer
Transponder.kz515

Updated:
CoolWebSearch
SearchMiracle.EliteBar
Coolwebsearch.greg-search
Spyware.SearchAssistant
Ist.Istbar

False positives fixed:
Spytech Shadow
PC-Watch

As you can see, there is a lot of stuff being added on a regular basis. Download a 30-day eval here, and scan your whole network to find out how badly infected your machines are:
http://www.w2knews.com/rd/rd.cfm?id=050502TP-CSE

Unisys Offers Long-distance Fail-over

ComputerWorld reported that Unisys Corp. this week released a business continuity system for its Intel-based ES7000 Windows servers, saying the technology will allow fail-over to a backup site thousands of miles away and recovery within 30 minutes.

The system, called SafeGuard 30m, is the first in a series of offerings Unisys officials said will be released in the coming months under the company's broad Real-Time Infrastructure initiative, also announced this week. The RTI, which basically is similar to the on-demand and adaptive computing concepts advocated by other IT vendors, will include system tools for infrastructure management, consolidation, modeling and migration. Depending on the size of the deployment, SafeGuard 30m costs $200,000 to $1.2 million, Unisys said.

My 2 cents: Yowser! That's cheap at twice the price... er, half the price... or half the price of the tax would be cheap. Double-Take can do that too for literally a fraction of that. Article at ComputerWorld:
http://www.w2knews.com/rd/rd.cfm?id=050502TP-Fail-over

CounterSpy Wins Laptop Magazine Editors' Choice Award

CounterSpy Gets A Five-Star Rating, and Beats out Microsoft Antispyware, Webroot Spy Sweeper, McAfee, and StopZilla

April 27, 2005 Sunbelt Software announced that its antispyware product, CounterSpy, has received the Laptop Magazine Editors' Choice in the magazine's May issue. The review, in which CounterSpy received a five-star rating, compared five antispyware products: Sunbelt CounterSpy, McAfee Antispyware, Microsoft Antispyware, StopZilla, and Webroot Spy Sweeper. According to the review, "there's a new antispyware sheriff in town... CounterSpy is everything you'd want and need in a spyware killer, and then some."

Each product was judged on what it detected, what it permanently deleted, and how effective it was at recognizing and preventing unauthorized system modifications and other incoming attacks. Other evaluation criteria included the user interface, how much useful information was supplied with each tagged threat, and how easy it was to automate after the first couple of sweeps.
http://www.w2knews.com/rd/rd.cfm?id=050502TP-CounterSpy

First Look: Symantec's So-So Spyware Protection

Well, like I said in the last issue, Symantec's antispyware isn't up to snuff either. You could call it "promising" at best. Mary Landesman, PC World's expert on antispyware made the new Norton Internet Security 2005 AntiSpyware Edition go through its paces. Not very pretty. Here are some numbers she came up with: "33Meg download, installs 314MB of files, 11 services, 3 startup items, 2 toolbars and 2 BHO's. Result: 8 additional processes running in memory, which made my test system noticeably less responsive."

Symantec did not get a good spyware catch score either. The best test you can do is the following. Download a free trial version of Vmware, create a virtual machine, download Kazaa and see who cleans the most spyware. You can't survive with 32% detection. You can't survive with 60% detection. You need at least 90-100% detection in order to actually be able to clean those systems. Otherwise, you're right back to reformatting hard drives.

I actually installed the new Norton on my PC in the office. After 15 minutes I uninstalled it, as my pretty fast box slowed down to a point where is became a nuisance. Mary's last two lines were: "For the best overall protection, however, I'd recommend combining two separate products. I like Trend Micro's $50 PC-cillin Internet Security Suite 2005 for its virus protection, firewall, and spam filtering, combined with Sunbelt Software's highly effective $20 CounterSpy for spyware protection. Full PC World article at:
http://www.w2knews.com/rd/rd.cfm?id=050502TP-Symantec

  FAVE LINKS

This Week's Links We Like. Tips, Hints And Fun Stuff

  PRODUCT OF THE WEEK

CounterSpy Compared To Spyware Doctor And MSAS

As you know, PC World compared a whole bunch of antispyware tools in April. CounterSpy came up as the 2005 Best Buy. Chart:
http://www.w2knews.com/rd/rd.cfm?id=050502PW-CSC_Chart

But two products were not in that review: Spyware Doctor and the Microsoft antispyware beta. PC World decided to do another review, and compare CounterSpy to the two they could not do in April. Here's one line from the review: "For its part, CounterSpy continues to detect both Hotbar and WhenUSearch-- and its detection rate in this latest round of tests increased from an 85 percent overall average to an excellent 92 percent." This is a link to the NEW review from the PC World June 2005:
http://www.w2knews.com/rd/rd.cfm?id=050502PW-Top_Notch

Find out how much spyware sits on your PC:
http://www.w2knews.com/rd/rd.cfm?id=050502PW-CounterSpy