Please create an account to participate in the Slashdot moderation system

 


Forgot your password?
Close
typodupeerror
×
Security Microsoft Operating Systems Software Windows

Two Reviews of Microsoft AntiSpyware 203

Posted by michael from the unsolved-problem dept.
jasondubya writes "PC Magazine released their review of Microsoft's Anti-Spyware Beta 1. While they agree with most that it has great potential, it has yet to take over their top spot. In an informal test, it removed about two-thirds of the spyware detected and blocked about fifty percent of the threats they attempted to install. After removal, they ran Webroot's Spy Sweeper 3.0. It was able to detect '900 traces of 48 distinct threats still present, including two keyloggers and three Trojans.' With that, it looks like Microsoft still has work to do before they are on top of the market." Several other readers sent in link to Mossberg's review in the WSJ.
This discussion has been archived. No new comments can be posted.

Two Reviews of Microsoft AntiSpyware More

Two Reviews of Microsoft AntiSpyware

Comments Filter:

  • I've used it (Score:3, Informative)

    by ikkibr ( 848955 ) on Friday January 14, 2005 @08:53PM (#11369722) Homepage
    I've used it and ...
    I liked it! It scanned like 500 spywares in my computer, all of them due to Internet Explorer Bugs(hey, i've used it only for 2 days since I formated my computer). The software is fast, gives information about the spywares and asks you what you wanna do. If I had to rate it I would give 9/10.

    • Re:I've used it (Score:3, Funny)

      by Anonymous Coward
      2 days and 500 pieces of spyware already? One must wonder exactly what kind of sites you're browsing to get that kind of infestation.
    • Exactly what web sites are you going to where you would end up with 500 pieces of spyware on your computer in just two days? I've serviced people's machines who have unprotected PCs (no firewall, no anti-spyware software, no virus scanner) and most of them were reasonably clean.
    • Funny how as Giant software it received top honors in recent spyscanner shootoffs, but now labeled as Microsoft it just can't get a top spot. I would be interested in seeing how the old Giant freeware compares to the new Microsoft Antispyware to see if people are just being blinded by their Microsoft bias in both directions.

      One reader pointed out that the older article [slashdot.org] meant the software was tops, but in truth Spybot and Ad-aware, while they are great together for spyware removal, are not sufficient on th

  • article quoted incorrectly (Score:5, Funny)

    by Triumph The Insult C ( 586706 ) on Friday January 14, 2005 @08:53PM (#11369726) Homepage Journal
    need to make a correction there at the end ...

    With that, it looks like Microsoft still has a few more companies to buy before they are the market."

  • My experiences in brief... (Score:5, Informative)

    by ZiZ ( 564727 ) * on Friday January 14, 2005 @08:54PM (#11369737) Homepage
    MS AntiSpyware is /extremely/ fast - faster than anything else I've tried - but didn't catch any advertisement cookies in Mozilla Firefox and only caught a very small number of them from IE. It also complains loudly about a number of things I use on a regular basis - FTP server, VNC, even a copy of SoftICE (which, yes, I use legitimately to debug device drivers). Could be good with some work, though.

    • Re:My experiences in brief... (Score:5, Insightful)

      by papadiablo ( 609676 ) on Friday January 14, 2005 @08:59PM (#11369777)
      It also complains loudly about a number of things I use on a regular basis - FTP server, VNC, even a copy of SoftICE (which, yes, I use legitimately to debug device drivers).

      Yes, but you can tell it to ignore them every time, meaning it won't bug you about them.

      I agree it's extremely fast. It is also free and in beta mode so I wouldn't expect it to be as good as commercially released subscription based software. It would be nice if it continues to be free and I expect it to only get better over time.
    • IE doesn't allow 3rd party cookies by default. So you don't have to worry about being tracked from site to site by banner ads. Though this don't apply for popup ads. To stop tracking cookies in firefox just disable 3rd party cookies.

      • IE doesn't allow 3rd party cookies by default. So you don't have to worry about being tracked from site to site by banner ads.

        Actually, Internet Explorer allows third-party cookies, just as long as there's a P3P policy to go along with it.

      • Actually many banner ads are in frames that load from 3rd party sights. You can still get the cookie. Unless some very recent update fixes this (I stopped using IE before SP2 so It's possible) it's still a valid issue.
        Also IE does allow third partie cookies for some other instances. If they have a privacy policy, not if the have a GOOD privacy policy, just if they have one, it could easily be "what privacy, you get no privacy here". That and no personal info is in the cookie. Assuming IE can (correctl

    • Re:My experiences in brief... (Score:2, Informative)

      by Anonymous Coward
      Cookie Detection and Removal.

      GIANT AntiSpyware detects and removes cookies from your computer. Because many Web sites require the use of cookies to enable a great user experience, Windows AntiSpyware (Beta) does not remove cookies.

      From: http://www.microsoft.com/athome/security/spyware/s oftware/currentcustomers.mspx [microsoft.com]

    • Re:My experiences in brief... (Score:2, Insightful)

      by Anonymous Coward
      It's not /supposed/ to bother you with ad cookies. These aren't really 'spyware'; listing every cookie is just a cheap way to inflate the number of things caught, making the anti-spyware software seem more valuable than it really is.

      OMFG, that SuperSpywareRemover found 781 peices of spyware on my computer! Wow, the net's so dangerous, I need to pay for SuperSpywareRemover and run it every day! OMFGoneoneone!

    • Re:My experiences in brief... (Score:5, Insightful)

      by RonnyJ ( 651856 ) on Friday January 14, 2005 @09:05PM (#11369848)
      It also complains loudly about a number of things I use on a regular basis - FTP server, VNC

      It *should* pick up on these two - if you're advanced enough to have a use for them on your system, you're quite capable of telling the program to always ignore them.

      If, on the other hand, a typical home user finds a FTP server or VNC on their system, who has no idea what it is, or why it's there, it's likely it's not been put on there for their use.

      • No, it shouldn't. First off VNC and FTP are not spyware. Period.

        Secondly, look outside your slashdot bubble and you'll see people who share computers. Not everyone has three or four boxes laying about. One person (or the admin) may put a VNC server on there and then another person may remove it because they trust the MS app and don't know any better.

        Stick to spyware. Seriously. On one machine I tested it, it couldnt remove a common spyware browser helper object. MS cant remove stuff from their own brow
        • No, it shouldn't. First off VNC and FTP are not spyware. Period.

          Can VNC or an FTP server be used to spy on a computer? Yes, of course they can.

          In fact, it seems like an effective method of doing it, considering that most scanners wouldn't pick up on them.

          • IE can be used to spy on a computer too (cookies, installing software, etc). A fileshare could be used. And, assuming you have the right version of Windows, so could Remote Desktop. Are these being flagged too?

            I doubt it. Not because of a nefarious Microsoft plot - but simply because it's NOT spyware. Neither is FTP nor VNC.

            I understand the concept of why one would choose to flag VNC, an FTP daemon, etc. But when it comes down to it, that's a rather agressive and more than likely incorrect interpret
      • Gotta disagree. Case in point, I've got VNC installed on some of my relatives' PCs so I can help them when they have problems. Now, these are willfully computer-ignorant people who forget what they're supposed to click so I can access their computer (the "VNC server" icon I put on their desktop). Chances are if Microsoft's program found the VNC executable and brought up a warning, they'd follow whatever action it said without thinking. And next time they have a problem, we spend hours trying to figure o
    • I ran it with similar results. RealVNC was detected, but the default was to ignore it, so at least it realizes that this app could be legitimate.

      It also searches based on text strings, such as file and folder names. I have two bookmarks for crack sites in my IE bookmarks. The scanner reported the folder name, as well as one of the two sites listed as high warnings, recommending removal.

      It is very fast, and I noticed no slowdown of my machine when it ran the other night, regardless of being online playi
    • Complains loudly? VNC is considered a "low" (2/5 I think) threat and the default action is to "ignore" it. I'd hardly call that complaining loudly.

      I have yet to have it suggest I remove something I actually wanted.

      -Dan
    • Does anyone else think that they achieve their amazing speed from secret system calls [qwest.net]?
      • First off, it's only been a MS product for a month - hard to rewrite it in that time.

        Also, that article seems to indicate that the undocumented APIs are somehow "faster" than their documented equivilants, but it doesn't cite any evidence of that...

  • Typical.... (Score:3, Insightful)

    by SpyHunter99 ( 568391 ) on Friday January 14, 2005 @08:54PM (#11369740)
    Anything good about this program is attributed to Giant and anything bad is attributed to Microsoft.

    • Re:Typical.... (Score:3, Insightful)

      by TedTschopp ( 244839 )
      Now what is typical, Microsoft acting this way, or someone on Slashdot basing Microsoft?

    • Re:Typical.... (Score:3, Insightful)

      by winkydink ( 650484 ) *
      I don't know that they've had it long enough to contribute much good or bad, unless you have something against the way it's branded, I guess. At this point, it's pretty much a rebranded Giant product. It will be interesting to see how it evolves in beta.
    • well. it would be quite easy to compare to the pre-ms buyout version, surely?

      i must say though that had never even heard of giants anti spyware tech before they managed to sell themselfs to ms.

    • Re:Typical.... (Score:2, Interesting)

      by detlev409 ( 673380 )
      You may have a valid point someday, but at this point, that's where the credit deserves to go. The truth is, the program known as Microsoft Antispyware is just Giant with a facelift. To see just how superficial the change is, install the program and then check your registry. The program still registers under Giant Software. As of right now, what's under the hood has very little to do with Microsoft.

  • My experience (Score:5, Interesting)

    by yfmaster ( 686465 ) on Friday January 14, 2005 @08:55PM (#11369746) Homepage Journal
    I've tried it and it found some stuff that ad aware didn't even pick up. It also correctly identified tight vnc as a possible spyware app, but labeled it as low priority. I was more then happy with it.
    • See, this is why I won't use it. False positives.

      VNC ISNT SPYWARE!

      It also lists FTP software as spyware.

      WTF???

      Sorry, but under that logic, lets get on listing Outlook, IE, AIM, Keyboard Drivers, Webcam software and sound recorder as fricken "possible spyware".

      OF course, beyond the braindead detection issues, I don't want to reward MS for coming up with a spyware program (assuming they make it subscription based after beta, which seems likely). I want to reward MS for FIXING WINDOWS!

      I'm not even going

  • For the pirates... (Score:5, Informative)

    by StevenHenderson ( 806391 ) <[stevehenderson] [at] [gmail.com]> on Friday January 14, 2005 @09:00PM (#11369789)
    Just an FYI to all the pirates out there:

    Even though it says you need to "validate" Windows, it prompts you after you click the download link, and then you can click "no." Good news for me^H^Hthe pirates out there with illegitimate XP copies.

    • Re:For the pirates... (Score:5, Interesting)

      by Zocalo ( 252965 ) on Friday January 14, 2005 @09:18PM (#11369963) Homepage
      This is also useful for getting updates and other stuff from Microsoft's website site using alternative browsers like Firefox, which obviously won't run the ActiveX control this validation requires. I make a point of avoiding using Windows Update (which requires IE) and manually getting any applicable Windows patches each second Tuesday using Firefox, and I'm pretty sure I'm not alone in this. Hopefully someone at Microsoft is paying attention to their webserver reports and realises that making sections of their websites require IE isn't going to be very popular. How many legitimate Windows users are they willing to annoy just to make it a smidgeon harder for people with unlicensed copies of their software and/or privacy concerns to get updates and so on?
      • Why do you care about using IE to connect to M$? I just let it connect and check for, download, but not install updates. Then, I flip through them to make sure they are applicable to my system before installing.

        Are you really that frightened they will PWN you? Please visit my ebay store. The special this week: Tin-foil hats, half price!
        • No, I don't care about using IE to run Windows Update, even though I would have to manually start a couple of additional services (BITS and Automatic Updates) that I have disabled by default. Nor do I particulary care if it sends some information about my hardware/software back to Microsoft in order to enable it to do a better job. I care about the fact that Windows Update, and now this new "Genuine Windows" check, both require ActiveX to work, which in turn requires IE. It's not so much about paranoia a
          • It's not so much about paranoia as Microsoft once again trying to force its "solution" on me, despite my wish to make another choice.

            They aren't forcing anything. They just developed it to be used with the system's built in browser. Nothing big. If it bothers you, perhaps you should consider just running Linux? :)

    • I've validated my copy of XP Pro VLK that is definately not legal. Serial was generated and it validated just fine(atleast when I tried a few months back).
    • I tried it on my work PC which came from the factory with XP installed and has a license key on the bottom (is a laptop). I couldn't validate with either the key the factory put on the lappy or the key from the MS sticker underneath it. Could be they're corporate keys that won't go through the validator but no idea.

      Although its not a problem as you say that doesn't stop you using it. It's not just pirates that will struggle with validation though.

  • Three things (Score:4, Interesting)

    by RM6f9 ( 825298 ) <rwmurker@yahoo.com> on Friday January 14, 2005 @09:02PM (#11369807) Homepage Journal
    1. Does it work well? (not as well as many others)
    2. Does it uninstall cleanly? (HA!)
    3. How much does it cost for support (Better put, IS support even reasonably AVAILABLE for it?)

    No thanks, I'll stick with what I've got.
    • 1. Does it work well? (not as well as many others)

      Seems to work about as well as Spybot or Adaware, it does miss a few things, but hey - IT'S BETA.

      2. Does it uninstall cleanly? (HA!)

      um, yes. It does.

      3. How much does it cost for support (Better put, IS support even reasonably AVAILABLE for it?)

      Well, currently it's free and for support they have a technet section and freely available newsgroups with actual M$ employees responding to questions and bug reports.

      As far as cost & support, it appea

  • For a more unbiased approach..... (Score:3, Informative)

    by Anonymous Coward on Friday January 14, 2005 @09:05PM (#11369837)
    While these articles are mostly true, they seemed still to be biased against microsoft. Although i value /. and go along with its beliefs against a certain company, there are more balanced views out there...

    http://www.flexbeta.net/main/articles.php?action =s how&id=84

    In the articles here, they only say that some stuff was not removed by antispyware. But they never said if microfsoft antispyware picked up stuff others missed. Article above does this test.

    -SystemERRor

  • How is this "new software"? (Score:3, Interesting)

    by jaymzter ( 452402 ) on Friday January 14, 2005 @09:05PM (#11369841) Homepage
    Let me get this straight, Microsoft buys another company, does a badge job on the product to slap their logos all over it, and suddenly it's something new and exciting? We might as well be reading the last review of Giant's software.
    I guess it's news because it's Microsoft, just like a divorce is news if your name is Brad and Jennifer or whatever...
    • What's funny is that people are pointing to this as an example of good software produced by Microsoft. Except that Microsoft didn't produce this software, they just bought it and (apparently) haven't done much at all to change it.

      Max

  • Why Microsoft's product will not dominate (Score:3, Insightful)

    by fleener ( 140714 ) on Friday January 14, 2005 @09:08PM (#11369880)
    Their anti-spyware software doesn't work on older versions of Windows. Poor ol' me with WinME will continue to use measures that work on older versions of Windows.

  • The WSJ article is very biased. (Score:5, Insightful)

    by sllim ( 95682 ) <{ten.knilhtrae} {ta} {ecnahca}> on Friday January 14, 2005 @09:11PM (#11369905)
    Problems with these reviews:

    1. It really isn't fair to issue a review of a product in its beta form. Yes it can be argued that Microsoft throwing out this software in the public domain pretty much gives people the write to issue opinions on it, but it seems to me that in a respected news source like the WSJ should take there ability to influence people to heart and wait for a final version before issuing reviews.

    2. The reviewer faulted this tool for not finding cookies. Big whoop. Seriously, cookies are highly overrated. Ad-Aware is a pretty good tool, but its insistance in clearing out all my cookies causes me to have to redo passwords and such for websites that I would have rather left alone. This utility ignoring the cookies is a good thing.

    3. Resets hijacked home pages to MSN. Buyer beware? Oh thats right this software is free. The problem with hijacked home pages is that there is a script that keeps resetting them to the hijacked page, you can't get rid of it. I haven't tested this, but I imagine that the Microsoft tool simply resets your home page to MSN. You are free to change it back to whatever you want. I imagine it would be a simple enough thing for Microsoft to reset it back to what it was originally, but that requires that your home page wasn't hijacked when the tool was installed. All in all if Microsoft want's to make MSN the default home page with this tool, and the tool is free, I say we got what we paid for. Let them have it.

    4. Doesn't support Firefox. Let me get this straight. Microsoft offers a product for free that a good many of us would be willing to pay for and they don't offer support for there competing web browser? Say it aint so!
    Let me be the first to say that if you wan't Firefox support then maybe you should look at an open source solution or possibly a pay client that supports Firefox. As long as Microsoft is giving this thing away faulting them for this is bias pure and simple.

    • Re:The WSJ article is very biased. (Score:4, Insightful)

      by bogie ( 31020 ) on Friday January 14, 2005 @10:51PM (#11370637) Journal
      A few counterpoints

      1. Its not a Beta. Its a Final finished product that Giant has been shipping for some time. If someone bought Photoshop CS from Adobe and then called it "My Photo Editor Beta" would you really consider it a Beta product? I agree that some consideration should be given to the fact that MS may actually do some work on this before they call it final, but this really isn't a Beta in the true sense and should be able to stand up to some scrutany.

      2. Well cookies were really the first form of spyware. Not finding them is a flaw. I like you think ignoring them might be a good idea, but the option should be there and its a mark against MS's product that it can't do whats expected from a modern spyware product these days.

      3. Good that it can find hijacked homepages, bad that they don't give you the option to set your own homepage if the program really does think your page was hijacked. That's a no-brainer and something MS should have fixed already. Saying "well its Free isn't it?" is a total copout.

      4. I agree asking MS to support a competitor let alone an OSS one is too much to hope for. But if Firefox becomes a popular browser for many Windows users then they need to keep an open mind.

      • Good that it can find hijacked homepages, bad that they don't give you the option to set your own homepage if the program really does think your page was hijacked.

        I tried it out this evening, and that's exactly what it does. It asked me if I wanted to let it monitor home pages/bookmarks, etc, and gave me a dialog with about 8 or so 'system' bookmarks for me to edit as my 'approved' bookmarks. One of these was the homepage, which you can therefore set to be what you like.

        Of course, maybe they just ch

    • The reviewer faulted this tool for not finding cookies. Big whoop. Seriously, cookies are highly overrated. Ad-Aware is a pretty good tool, but its insistance in clearing out all my cookies causes me to have to redo passwords and such for websites that I would have rather left alone. This utility ignoring the cookies is a good thing.

      Two things:

      1. Tracking cookies, as used by e.g. DoubleClick, are a definite threat to your privacy online, and as such should be detected as spyware.
      2. Ad-Aware presents you w

  • Does not remove Back Orifice (Score:5, Interesting)

    by siliconjunkie ( 413706 ) on Friday January 14, 2005 @09:20PM (#11369977)
    Just a note: I have a copy of Back Orifice 2K on my laptop for running some chores on several machines on my home network (the boPeep plugin is very handy) which is detected by NAV2004, and Spybot as a trojan (it can be) but it is not detected by MS Anti-Spyware. Interesting.

    I would HATE to have BO2K on my machine without knowing it.
  • MS have the money, instead of wasting it trying to do what Spybot S&D and Adaware haven't managed to do in years, why don't they just buy up and close down some spyware companies - that's what they usually do to threats.....

    Personally I hope this product doesn't work, as Spyware/viruses are currently the main reason people I know are moving from Windows to Linux.
    • And if Gator was responsible for most spyware, that'd be an option. But they're not. They don't even write it -- they just bundle it with their product, like a lot of other publishers.

      Until recently, most spyware was installed, directly or indirectly, by product bundles like Gator. (I say "indirectly", because of lot of spyware tries to download and install more spyware.) Which is why I am very careful about what I download. "Free" screensavers seem to be particularly nasty.

      But nowadays the authors of "

  • The other way round.. (Score:4, Insightful)

    by shird ( 566377 ) on Friday January 14, 2005 @09:25PM (#11370027) Homepage Journal
    Running spy sweeper afterwards and detecting traces of spyware still on the machine does not mean that you should assume that spy sweeper can detect all the stuff that MS anti-spyware has already detected and removed.

    Youd be better off running the two products on identically infected machines and see which detects and removes the most etc. If you were to run spy sweeper first and then MS anti-spyware, youd probably see similar results. (ie, MS anti-spyware detecting stuff that spy sweeper missed).

  • Works good so far. (Score:3, Interesting)

    by Deathlizard ( 115856 ) on Friday January 14, 2005 @09:38PM (#11370148) Homepage Journal
    I've been testing this thing against some of the worst laptops students can put in front of me and it does a great job so far.

    It's beating Spybot pretty much every time I've put them head to haed. It's still got a way to go against Ad-Aware but generally speaking it's not bad and it does a much more through job then just about every other automatic scanner I've used. I'm finding much less residue with hijackthis with MSAS than anything else so far. With a little more work on their definitions this could easily be a top notch antispyware utility.

    The on demand scanner is really through. If on demand virus scanners were written with a system similar to this it would be really impressive against viral attacks. It checks just about every startup point I can think of where spyware hides. MS definitly didn't waste money by buying this impressive scanner Giant Developed.

    The only problems I see is that it's questionable if MS is going to keep this program free and MS is a huge Lawsuit target. I can see every Spyware company suing the holy crap out of them for removing their product Screaming "Monopoly" and "Antitrust" all the way to the Judge.

  • It's not bad... (Score:4, Informative)

    by gordgekko ( 574109 ) on Friday January 14, 2005 @09:42PM (#11370180) Homepage
    I'm not the world's biggest fan of Microsoft -- I've pretty well shorn myself of everything but XP and Word -- but I have to admit that it's not bad. Caught some minor stuff after I hadn't done a scan with Ad-Aware in a while and cleaned them up. Not the best, nowhere near the worst.

    Interestingly, one service still says "GIANT Antispyware Data Service". I guess they didn't rebadge it all yet.
  • My biggest gripe is it's complete lack of compatibility for users running as a Limited account (non-Administrator). It runs, scans, and detects fine, but never remembers any of your choices. I'm assuming it performs the cardinal sin of trying to write choices to HKLM or a system folder.
  • But what the hell gets rid of the crap from lop dot com? (I dont reccomend going there if you use IE...)

    I have one system here at work that is infested - and Spybot Search and Destroy, Ad Aware, Giant (Microsoft) dont touch it.

    I have tried the suggestions on sites via google, but none have worked (and most are spam anyways).

    Who here has managed to remove the cancer that is Lop?
    • two words...

      format c:\

      Seriously. Ghosting a drive to save data and reloading windows takes 1.5 hours or less. If you find yourself taking more than an hour fighting spyware, bite the bullet and wipe the machine. You'll save time and money in the long run.
      Unless you're one of those people who installs every program ever written and then loses the CD's...
    • Believe it or not the makers of the LOP provide their own removal tool.

      http://lop.com/new_uninstall.exe [lop.com]

      I spent days running adaware, spybot, tweaking registry settings on my little sister's laptop (she had installed Messenger Plus), only to see the sucker come back every time I rebooted. I ran the unistall app above and LOP was totally gone from my system.

      • Re:Lop? (Score:3, Informative)

        by Mr. Flibble ( 12943 )
        Believe it or not the makers of the LOP provide their own removal tool.

        http://lop.com/new_uninstall.exe

        Checked it out - Antivirus software goes insane: It detects 2 trojans within the exe. Both newer versions of lop...
        • What AV are you running? I was faced with having to reformat and reinstall her system, so I figured I didn't have much more to lose by running the uninstall. NAV didn't complain about the file, it cleaned the machine (or seemed to do so at least), and ad-aware & spybot gave the machine a clean bill of health afterwards (and continue to do so). I'm hoping it's a false alarm...
          • AVG went crazy. It is possible that it is just the latest version of lop, and that it gives you the ability to uninstall it with the latest version... all I know is that AVG went nuts.
  • I've used it now on a few systems, and it does a reasonably effective job, especially given that it's still in development. At this point, I have yet to see any anti-spyware tool that covers all the bases and finds every single case of infestation.

    What I have found works pretty well is this:

    - Use Spybot initially to clean as much as possible. For best results, run it in safe mode.

    - Then let the MS program take a run at whatever's left afterwards.

    - Finally, run HijackThis to go through all the startup

  • A bandage on a turd (Score:2, Interesting)

    by EllynGeek ( 824747 )
    I guess taking some of those billions and building a good, secure operating system isn't part of Microsoft's business plane. Funny how all those Linux and BSD hippies did it without billions of dollars to play with.

  • Fallacy (Score:4, Insightful)

    by fm6 ( 162816 ) on Friday January 14, 2005 @10:12PM (#11370414) Homepage Journal
    After removal, they ran Webroot's Spy Sweeper 3.0. It was able to detect '900 traces of 48 distinct threats still present, including two keyloggers and three Trojans.
    Means nothing, unless you're sure that Spy Sweeper doesn't do false positive. And it fact, that product seems to do a lot of them. Right now, it's insisting that I have the 2nd-thought and Slackbot trojans. But those guys are pretty well documented, and I can't find the slightest trace of either.

  • Too soon to tell... (Score:4, Insightful)

    by writermike ( 57327 ) on Friday January 14, 2005 @10:36PM (#11370552)
    Largely, this beta is little more than a rebranded GIANT Antispyware, which was already pretty good to being with. (Yeah, it doesn't support 95/98/ME any longer, but GIANT's software was a little flaky there.)

    (It would be interesting if one could go back in time, send the same software to the reviewer with the GIANT brand and see if the name, "Microsoft," somehow changed the review, but I digress.)

    I am less concerned with Microsoft's changing the underlying structure of the product than I am with their ability to keep up with the threat. Malware demands that an anti product get updated very, very often, sometimes daily. Microsoft, to date, has never demonstrated that they can keep up with the threat. How are they going to go from releasing one to two security updates every couple of weeks to keeping up with a threat that can change hourly.

    Sure, it'll piss us all off if Microsoft -- who presumably has more knowledge of and access to Windows' under-pinnings -- doesn't live up to this challenge, but the worst that will happen to it is this nice product they bought will quickly become irrelevant. And the community (or communisits, I'm not sure which) will, again, rise up to fill the vacuum.

    m
    • Since MS bought the company (GIANT) they now have all the (former GIANT) people who kept the threats up to date. Or updated the threats. Or ... you know what I mean.

  • hostfiles and the beta anti-spyware (Score:3, Interesting)

    by artifex2004 ( 766107 ) on Friday January 14, 2005 @11:03PM (#11370696) Journal
    I'm using a special hostfile I got online [someonewhocares.org], that helps me avoid a lot of ad servers, etc. The anti-spyware beta really dislikes this, however, and every time I run it picks ONE server it tells me is maliciously redirected. I can't easily tell it to just ignore that one component of the search, and when I ask it to ignore an individual server entry, it gives me warnings like I'm going to be really sorry I didn't let MS do what it wants.

    • You have to be careful with the nifty long hosts file. I have one that is about 17,000 lines long that I had to stop using. Got tired of windows lagging out for 7-9 minutes on the "preparing Network Connections" stage of loadup to scan it all...and when you edit it...compared to my usual 2 minute startup time that was fairly painful :P

  • The Best Microsoft AntiSpyware... (Score:4, Funny)

    by eomnimedia ( 444806 ) on Friday January 14, 2005 @11:13PM (#11370740)
    ...can be found at: [apple.com].

  • My problem with this review..... (Score:4, Informative)

    by King_TJ ( 85913 ) on Friday January 14, 2005 @11:48PM (#11370935) Journal
    I have to say, I'm basically at a loss to explain why there's been a lot of positive press about Webroot's Spy Sweeper 3.0 recently. This PC Mag. review is just the latest in "shoot-outs" and reviews I've read that gave Spy Sweeper top (or near top) honors.

    My personal experience, doing on-site PC service calls for a living, is completely different. I've cleaned literally hundreds of spyware infested PCs for customers in the last year or so, and I *often* find they have Spy Sweeper already installed and running, despite all their problems.

    People occasionally ask me if Spy Sweeper is "any good" since companies like Gateway like to try selling it to them over the phone when they call with problems. I've been advising to save the money and skip it.

    It may have a nice interface and claimed "feature set" - but from what I've observed, it doesn't really seem to be that effective at keeping spyware out, or detecting it after the fact.

    In the past, I've been an advocate of the SpyBot and Ad-Aware SE combo, but the new Giant/MS Anti-Spyware solution has done an impressive job for me so far. Just last night, I had a PC that both SpyBot 1.4 beta (w/latest update sigs) and Ad-Aware SE with latest update sigs. reported completely clean of spyware problems. Despite that, ads were randomly popping open in IE windows every 15 seconds or so. MS Anti-Spyware completely cleaned it up.
  • Why are all these tools evaluated based on left overs other tools find and counting them? If just pure counts are used then the makers have an incentive to label as many things as possible as spyware, and try to count the same thing several times over. For example they could count HotBar once, or they could counr each file of it, each registry key, each hook into IE etc as one item. And of course the makers now have a strong financial incentive for spyware to exist that others don't find. Guess how they

  • Good source of consolidated information (Score:3, Informative)

    by kooshvt ( 86122 ) on Saturday January 15, 2005 @02:26AM (#11371679)
    It might not be the best anti-spyware program, but its other features are nice. I run Spybot, Ad-aware and SpywareBlaster and decided to install the MS program as well. It didn't find anything, I didn't think it would with the combined efforts of the other 3 programs, but I was impressed by the consolidation of information it presents. In one place I can see the current running processes, startup applications, LSPs and installed activeX apps. It will make troubleshooting family members computer problems easier once they install this. I can just direct them to one app to answer most all my questions, instead of having them dig through the registry, downloading other obscure programs and goggling every unknown process they currently have running. I will still install the other 3 apps on the computers I am called upon to troubleshot and will definitely add this program as well for ease of information.
  • Since a few days, I use HitmanPro [hitmanpro.nl]. It's a program that has a bunch of anti-spyware apps rolled in one. Spyware blaster, AdAware, Spybot are a few that are being used. It auto-updates all packages and runs all of them sequentially without interference (you can put it on hold or exit the program though). Easy to use and works great. You'll have to be running windows 2000 or higher, but that's about the only catch I could find.
  • The really interesting thing about this development is that in order to be the BEST, MSFT will be relying on the community for reports of spyware. Although I certainly agree that they created this industry for themselves, I am glad that they are owning up to solving the symptoms, though imho there is still a problem when your browser is linked inherently into your OS.

    So admins, whitehats and FOSS people everywhere will be helping MSFT by reporting spyware/supporting MSFT anti-spyware stuff, and MSFT will

Slashdot Top Deals

"What man has done, man can aspire to do." -- Jerry Pournelle, about space flight

Close