The anti-spyware software recently announced by Microsoft is now mature enough to evaluate so I downloaded a copy and ran it head-to-head with a free utility: Lavasoft's Ad-Aware SE (Personal Edition). There is no word yet on whether Microsoft plans to charge for the product once it is out of beta.
Although Microsoft's AntiSpyware isn't intended to do exactly the same thing as Ad-Aware, the goals are similar -- to locate and quarantine software that can capture information from your computer and transmit it to others without your knowledge or agreement. Most of these are relatively harmless cookies used to monitor advertising hits, but the same technology can be hiding code that captures keystrokes and harvests other critical information from systems.
Without the use of some tool it is very difficult for Windows users and administrators to detect these programs and know what they may be doing.
You can only obtain AntiSpyware, which is about 6 MB in size, as a download from Microsoft's Web site. The beta version won't be made available on CD-ROM. Installation went smoothly, although while trying to view some options it did lock up, and I had to kill it via Task Manager. The program started right up again when I tried it. I already had Ad-aware on my machine, but if you want a copy it can be downloaded from ZDNet UK's download area.
I ran both utilities on an older 2-GHz P4 Dell with 512MB of RAM and running XP SP2. Both took about 12 minutes to complete a deep file scan but the results were significantly different.
AntiSpyware reported scanning 2398 memory processes, 18,973 files, and 8693 registry keys, finding no problems. I had just purged the system an hour earlier with Ad-Aware. There are few details provided about just how the software works so I don’t know why a later automatic scan reported checking 33970 files.
Immediately after running the Microsoft program Ad-Aware scanned 2564 process modules, and 157,212 "objects", the term Ad-Aware uses that approximates files. The important difference was that the Lavasoft utility found five data-mining objects, including one from trafficmp.com and another from doubleclick.net. It’s a rare system that doesn’t have some doubleclick data mining objects, but AntiSpyware apparently isn’t intended to detect them.
AntiSpyware is more than just a spyware scanner; it also provides some management tools and provides real-time protection by watching for more than 50 ways spyware can insinuate its way onto your system. I’ve seen reports that this works pretty well, although it failed to block or notify me of six new tracking cookies installed on my system in a half hour online. Ad-Aware found them on a "smart" system scan while AntiSpyware failed to do so even on a deeper scan.
One AntiSpyware tool, Security Agents, monitors program and Internet activity as well as system changes.
System Explorers, another tool, provides a simple method to manage ActiveX, running processes, startup programs, IE settings, and other features that can be fine-tuned to make your system work the way you want it to.
The Running Processes tool is especially useful because it makes it easy to learn just what the processes do in considerable detail -- far more than you get with Task Manager -- although you still need TM to see what CPU time is being allocated to each process. One shortcoming is that additional information beyond some fairly basic data such as file path and version isn’t available yet for many processes, but bear in mind that this is a beta program.
Talkback
Is it worth bothering with? You bet!
I use Ad-Aware and Spybot (always with the latest adware dictionaries) on a regular basis, and when I saw details on ZDNet of MS's new AntiSpyware beta I naturally thought I'd give it a go, out of curiosity. Thank god I did.
I ran Ad-Aware & Spybot first, on 2 PCs. Both machines were found to have an assortment of the usual tracking cookies but nothing nasty. I then let the MS tool loose and was horrified when it found a keystroke logger embedded on my corporate laptop and an ad displayer on the other machine, a corporate desktop.
So what if it isn't designed to root out pesky tracking cookies? These aren't really a threat, though they irritate the heck out of me. The MS jobbie saved my bacon and I have recommended all my colleagues to try it.
God knows how long that malware was on those machines; as a supposedly savvy consultant I pride myself in running clean machines. Much like Firefox users, I felt that any tool offered by MS would be grossly inferior to the excellent Ad-Aware & Spybot, but it turns out that their aquisition of Giant Software was a bloody smart move.
I hate to sound like an MS flunky, and if they charge loads for this once it's out of beta then I take it all back, but for now I am bloody thankful they released it.
Chris, strange that your anti-virus software didn't detect the keystroke logger. Which keystroke logger was it anyway? And was it a confirmed find or a false positive?
Not sure how it got past AV, I think I may have turned On Access Scan off for a couple of hours while trying to find why McAfee hogs CPU. So partly my fault.
I don't recall the malware's name byt Microsoft AntiSpyware gave full details, one of the best reports from a tool such as this I've seen yet. Using it I went on-line and checked out the keylogger and found it was a professional version used by corporations to monitor staff, but also available as Shareware. Worryingly it also had the capability to remotely view my screen!
Whether my fault for disabling AV for a short while or not, only the MS tool found this hideous system invader. It gets top marks from me!
Interestingly Spybot detects "Avenue A, Inc" attempting to install itself when accessing this web site!
Try runnning it on a PC that's been connected to the Internet with 'Ordinary Users' hammering it for years and you'll see the Microsoft one wins hands down,
Most of the machines Browsers have been hijacked and the Microsoft Utility allows you to resert the Hijack easily. Just hope they don't charge.
I am a techie, and manage about 500 customers. The reviewer did the scan on a relatively clean machine used by an advanced user. This is is thus an inaccurate review.
What he shoudl have done is load it on a novice users pc. It worked a dream and most importantly continued to run in the background. It also has a great anti hijack facility.
For advanced users don't bother and just keep running ad aware. if you are a novice (like most of my clients) who don't know what to do with ad aware then install it now!!
Great tool for novices but techies and advanced users don't bother
By the way the tracking cookies that lavasoft finds are regenerated within a day and they are watching you again! thus even lavasoft is not very effective!
I installed the Beta MS anti spyware on Jan 9, and it was runnign smoothly until i had an auto update from MS on 2-10, when the MS antispyware was then unable to access the internet for updates. My experience is that the MS anti spyware did get malware which Adaware and Spybot missed, and this is matches Eric Howes from Uof Illinois in his test of popular anti malware tools. He said that of 134 "planted" malware items, the MS found 100, while spybot only found 40. Adaware I think was at 70's and Spysweeper in the 80's.
Meanwhile, I did a system restore to B4 the MS update, as I am not a techie and want the protection of the updates...I'm attempting to put a link the the eweek article showing the test results here: http://www.eweek.com/article2/0,1759,1731474,00.asp?kc=EWRSS03129TX1K0000614
Ashwin
Well, I've seen this Microsoft AntiSpyware in action.
First of all, I have my doubts about the License Agreement that comes with this product but then I'm not a laywer.
Also, on a perfectly clean machine (checked by pro's) it claimed to have found XferPro based on nothing but registry keys (no executable found) that have nothing do with XferPro.
That's not hopefull but then this is still beta software. But that might be a reason why Microsoft AntiSpyware finds things that others do not.
Other then that this Microsoft AntiSpyware seems no better then the more proven solutions already available out there. With the exception that Microsoft AntiSpyware falls into the category of nagware as far as I'm concerned because it keeps on popping up questions for as long as the user doesn't comply with what the program thinks is best. As such I wouldn't recommend putting beta software into production. Certainly when there are more experienced and proven solutions out there that don't nag as much.
This "review" was so lame i laughed!
it was good in the sense that he wanted to compare them but the article sounded rushed.
I used both earlier today, Adaware == 9 spywares
MS Antispyware.......14254
what a difference. the MS antispyware was the correct one!! adaware fell a long way short!
I tried the BETA for about 2 weeks and was unimpressed. The thing deleted my Kazaa registry keys so now Kazaa is useless even though I have taken the files out of quarrantine. I mean the program did what it was supposed to do but as pointed out i nthe article some spyware was missed and well I just think that a combination of spyware and adware ttols would be better, personally I use Spyware Blaster, Spy Bot S&D, and Ad-Aware and with these 3 I am very impressed with the amount of protection my computer has.
This post has been removed by a moderator.