Well... but let's look at the logic of Microsoft's statement: Some spyware developers utilize features provided by WinPcap in their exploits Therefore: we should recommend removing WinPcap
By the same logic: Most spyware developers utilize features in Microsoft operating systems in the exploits Therefore: we should recommend removing all Microsoft operating systems. Well, at least it makes sense to me. ;-) --- Steighton Haley [EMAIL PROTECTED] Software Engineer "There are 10 types of people in this world, those who understand binary, and those who don't." > -----Original Message----- > From: Fulvio Risso [mailto:[EMAIL PROTECTED] > Sent: Thursday, January 06, 2005 11:07 PM > To: winpcap-users@winpcap.polito.it > Subject: RE: [WinPcap-users] WinPcap identified as spyware by > Microsoft AntiSpyware Beta 1 > > Hi. > Unfortunately, there are some spyware (cain, if I remember > well) which are using WinPcap for performing their job. > Hence, the alarm that comes from Microsoft is not so wrong. > > However, I feel there's nothing to do against this problem. > Unless convincing who is developing spyware not to use > WinPcap, but I fee this a bit tricky... > > fulvio > > > -----Original Message----- > > From: Philip Stoev [mailto:[EMAIL PROTECTED] > > Sent: giovedì 6 gennaio 2005 19.30 > > To: winpcap-users@winpcap.polito.it > > Subject: [WinPcap-users] WinPcap identified as spyware by Microsoft > > AntiSpyware Beta 1 > > > > > > Hello, > > > > WinPcap is identified as follows: > > > > WinPCap > > Type: Enabler > > Threat Level: Low > > Author: WinPCap Team including = Loris Degioanni > > Description: WinPCap is an Open Source Windows Packet Filtering > > Library. It provides low level internet & system traffic > data to other > > applications that leverage its utilities. > > > > Advice: This software is not necessarily hazardous unless > it is used > > by a particular spyware threat. If you quarantine or remove > all of the > > spyware threats from your computer you do not necessarily need to > > remove this program. Please note: if a legitimate > application is using > > functionality contained in an enabler application, removing the > > enabler may cause that application to cease functioning properly. > > This application is okay to have running on your computer, > as they are > > only dangerous if a Spyware application is also installed on your > > machine and exploiting it. However if you did not install this, or > > know of a legitimate application that did, you may consider > > quarantining or removing it. Please > > note: if a legitimate application is using functionality > contained in > > an enabler application, it may cause that application to cease > > functioning properly. > > > > About Enabler: While not spyware, it provides functionality that > > spyware products have been known to exploit. Normally, these > > applications are okay to have running on your machine, as they are > > only dangerous if a Spyware application is also installed > on your machine and exploiting it. > > However if > > you did not install this, or know of a legitimate application that > > did, you may consider quarantining or removing it. Please > note: if a > > legitimate application is using functionality contained in > an enabler > > application, removing the enabler may cause that > application to cease > > functioning properly. > > > > ===== > > > > Is it true that WinPcap is being exploted by spyware? If > so, can that > > be prevented? > > > > Philip > > > > > > > > > > ================================================================== > > This is the WinPcap users list. It is archived at > > http://www.mail-archive.com/winpcap-users@winpcap.polito.it/ > > > > To unsubscribe use > > mailto: [EMAIL PROTECTED] > > ================================================================== > > > > ====================== > This is the WinPcap users list. It is archived at > http://www.mail-archive.com/winpcap-users@winpcap.polito.it/ > > To unsubscribe use > mailto: [EMAIL PROTECTED] > ====================== > ================================================================= This is the WinPcap users list. It is archived at http://www.mail-archive.com/winpcap-users@winpcap.polito.it/ To unsubscribe use mailto: [EMAIL PROTECTED] =================================================================