Microsoft AntiSpy B1

[JackR]

Microsoft AntiSpy beta1 is out.On the surface its look the same as the previous giant release, with the name Giant changed to Microsoft.Get it here: Microsoft® Windows AntiSpyware 1.0.501 (Beta 1).I scanned few drives and got results similar to what is discussed in this thread.http://forums.scotsnewsletter.com/index.ph...topic=10057&hl=The Scanned Hard Drive includes Windows XP with office XP installation as well as many other programs and files.On a 2.4GHz computer with 1GB memory.Fast Scan Mode took 3min. Under fast scan it scans the Memory, Registry, and the Files under the Program Files directory, and Windows directory.Switching to deep Scanned Mode, which perform a more thorough scan resulted in 19Min. 33,000 files were scanned.The beta phase is dated through July 2005. and it is Free.MS did not yet disclosed the plan after the Beta.Try it really slick.

Edited January 6, 2005 by JackR

[Marsden11]

I have it set to Auto Update and Auto Run... it works as advertised...

[siljaline]

<paste>At this time, support for the beta version of Microsoft Windows AntiSpywareis being provided through the following Microsoft newsgroups:- microsoft.private.security.spyware.announcements- microsoft.private.security.spyware.appcompat- microsoft.private.security.spyware.general- microsoft.private.security.spyware.install- microsoft.private.security.spyware.networking- microsoft.private.security.spyware.signatures- microsoft.private.security.spyware.onlinecommunityThese newsgroups can be accessed via NNTP or HTTP.To access these newsgroups using HTTP, please go to the following location:http://communities.microsoft.com/newsgroup...pyware&sLCID=usTo access these newsgroups using NNTP, please use the following informationfor your NNTP client (such as Microsoft Outlook Express):- NNTP Server: privatenews.microsoft.com- Account name: privatenews\spyware- Password: spywareNOTE: No password will be required via the HTTP link</paste>Silj

[b2cm]

Very nice. Found two Spybot and Sweeper didn't.

[siljaline]

Very nice. Found two Spybot and Sweeper didn't.

What were the flags that MS anti-spyware found? Silj

[b2cm]

IncrediFindSearchSquire

[ross549]

http://www.flexbeta.net/main/articles.php?action=show&id=84First review I have seen of ASW. From reading it, though, I don't think it is worth the cost if you are already running Ad-aware and Spybot. That is, however, my personal opinion.

[havnblast]

all the reviews I have read say it does better than adaware - I ran it on a machine here at work to test it out and it came out clean. My question is should MS charge for a product that cleans and helps protect exploits in it's own software?? I think for the whole sake of computing that they don't charge for it after the beta testing.

[Guest Paracelsus]

From reading it, though, I don't think it is worth the cost if you are already running Ad-aware and Spybot.

I don't quite follow. Is MS going to charge for this once the release version is ready?Have run the app on two systems, and it found a few things that AdAware and SpyBot didn't. On my office PC, they where the same as b2cm reported.On my home system, those two, and three others, were flagged.I hadn't bothered to check on the work PC, but at home, I took the time to actually check the locations reported. Two were empty Folders in Program Files... and at least one was a orphaned Registry string (the string pointed to a location that no longer existed on my HD). Not sure about the other two Reg Entries.I may probably be wrong, but from this, I would think that the MS tool flags anything that contains the "names" of the Spyware in it's database... Even if the actual exploit is no longer active or resident.It is fast though... and has a pretty GUI Edited January 11, 2005 by Paracelsus

[Guest LilBambi]

I am testing it out as well. I do not have it set to auto update or auto run.I updated and ran it manually with full system scan. It found one registry entry for WhenU that had previously been missed by others. WhenU wasn't on the system, it was just a leftover registry entry.I am using it till the beta is over and then will judge from there once we find out how MS intends to handle the piece of software beyond the beta.I like it. I also will continue to use Ad-aware and SpyBot S&D ... you never have enough spyware protection and they are still free.No one Spyware removal program takes care of everything and I don't think they ever will. They try hard, but there are tons of new ones and/or revised ones out there all the time. Better safe than sorry.

[ross549]

I have a thought on whole issue of x program not catching y file while z program does. I think that it is a highly misleading to attempt to benchmark ASW programs this way. I would be willing to bet a nickel that the ASW companies do not all share information. They probably keep their findings somewhat secret, so they can have an advantage over the other company. For that reason, y file may not be caught by x program today, while it might in a week. This does not make z program any better than x, they just found the file earlier, and wrote a definition for it, so it would be caught by their respective program.My $0.02.

[teacher]

Mine at work found "SearchSquire" then it complained that the browser had been hijacked and did I want to restore my default browser to IE! As if, I don't think so! I did not know switching to Firefox was hijacking a browser! I am running it again.The one concern I had was the default setting of passing "spyware versions found" between all users of AntiSpyware. That just did not sound safe to me. I don't want my computer hooked up to all the other computers.

[Ed_P]

I have a thought on whole issue of x program not catching y file while z program does. I think that it is a highly misleading to attempt to benchmark ASW programs this way. I would be willing to bet a nickel that the ASW companies do not all share information. They probably keep their findings somewhat secret, so they can have an advantage over the other company. For that reason, y file may not be caught by x program today, while it might in a week. This does not make z program any better than x, they just found the file earlier, and wrote a definition for it, so it would be caught by their respective program.My $0.02.

Definitely a possibility. So to is the priority of the programs. One's focus may be to stop a particular piece of scumware and thus removes the EXEs and DLLs and etc another's may look primarily for folder names and even though they may have been cleaned out by another app reports them anyways to show that it is doing it's job. Or one is more complete in removing everything or one is careless in it's removal of all aspects or some aspects can't removed until the infection is disabled. etc etc etcBottom line there could be a variety of reasons.

I don't quite follow. Is MS going to charge for this once the release version is ready?

That is how many companies make money. They may have considered simply adding it into Windows but were concerned the US Justice Dept or European courts would sue them for being anticompetitive and force them to remove it.They can't please everybody.

[Guest Paracelsus]

They may have considered simply adding it into Windows but were concerned the US Justice Dept or European courts would sue them for being anticompetitive and force them to remove it.

Well... They don't have to bundle it. They could just make it an optional "Update" for their OSs. After all...As someone pointed out in another thread on this subject...It was all the code vulnerabilities in their software that created most of the problems to begin with.

That is how many companies make money.

When did that happen??

[havnblast]

I have to say this program is good - it removed the coolwebsearch even!Ran it on the machines at work after adaware and spybot and it found more. I really hope MS keeps it free in the long run.

Edited January 11, 2005 by havnblast

[Peachy]

I hope they keep it free and part of the OS. If they make people pay for it then we're no better off in the war against spyware because the people who really need it most won't pay for it. So, I don't believe the argument that bundling AntiSpy would violate any anti-trust laws. Microsoft has a buggy and insecure operating system; the least they could do is provide a means to fix its mess. Making money off of Microsoft's poor coding shouldn't be a business model. And I really think antivirus protection should be part of the operating system.That other operating system is going in the right direction, I think. iptables has been part of the 2.4.x kernel from the beginning. And I'm hopeful the National Security Agency's work with Security-Enhanced Linux (SELinux) will become more prominent in more distros than just Fedora Core.

[Peachy]

While we're at it, Microsoft also released today it's virus and malware removal tool: The Microsoft Windows Malicious Software Removal Tool helps remove specific, prevalent malicious software from computers that are running Windows Server 2003, Windows XP, or Windows 2000

[b2cm]

When AntiSpyware detects files, make sure you note down their names and locations. After it has 'fixed' the problems, go and check these locations for the files. You will have to manually remove these files if still there.

[jeffw_00]

While we're at it, Microsoft also released today it's virus and malware removal tool: The Microsoft Windows Malicious Software Removal Tool helps remove specific, prevalent malicious software from computers that are running Windows Server 2003, Windows XP, or Windows 2000

I don't get this -it ships as a automatic windows update every month - - does that mean that if you have automatic updates enabled it -checks your system- automatically every month?thx/j

[Ed_P]

I don't get this

I don't either. Like how does one execute this new feature? It's not under any All Programs menu I can find. Or in Control Panel that I can see.

[Peachy]

Ed, it won't install any app that you can visibly see. Thus it looks like during Super Patch Tuesday a new version of the tool is released that scans your system for malware and viruses.

[jeffw_00]

When AntiSpyware detects files, make sure you note down their names and locations. After it has 'fixed' the problems, go and check these locations for the files. You will have to manually remove these files if still there.

so it doesn't actually 'remove' anything?

[Guest Paracelsus]

The Anti-Spyware app show in my Start/All Programs and there is an icon on the desktop.Or are talking about the virus tool?

[jeffw_00]

it's the virus tool i was asking about

[Ed_P]

The Anti-Spyware app show in my Start/All Programs and there is an icon on the desktop.Or are talking about the virus tool?

The virus and malware removal tool.I'm still a little confused about it. According to Peachy's reply it runs as a part of Windows Update which is fine but what happens if you get infected after the last Windows Update? Are you suppose to wait a month for the next one to run? Shouldn't there be a means to manually reinvoke it? If not, what good is it?I like the idea of it and it should help clean up those people's pcs that don't run an AV or whose updates have expired. Anything that fights viruses and/or scumware I'm in favor of but there has to be a way to run it on demand.

[Marsden11]

The MS Antispyware program can run everyday and grab updates if they are available.The MS Virus removal tool only removes viruses that have infected your machine. It will have updates every month.Spyware is not the same as Viruses.

[nlinecomputers]

The anti-virus tool that MS released is not a full AV program it only removes the listed viruses and you'll note that those viruses can only infect you if you have not patched your system. So if you have MSblast and run Windows Update you'll get the patch to fix the exploit that msblast infects with and a tool to remove that infection. After that you shouldn't be able to be reinfected.

[Ed_P]

... it only removes the listed viruses and you'll note that those viruses can only infect you if you have not patched your system.  ...

I hadn't picked up on that relationship nlinecomputers. Thanks for pointing it out. Now it all makes sense.

[jeffw_00]

and a tool to remove that infection.

so the infection will be removed as part of the automatic run of Windows update, yes? Edited January 17, 2005 by jeffw_00

[Ed_P]

That's my understanding of it, now, jeffw_00.