Slashdot Mirror
Microsoft Releases AntiSpyware Program
Nathan Weinberg writes "Microsoft released this morning Microsoft AntiSpyware, the product of last month's acquisition of GIANT. As I write in my report on my site, the program is very powerful, and certainly measures up to and may even beat Spybot and Ad-Aware. However, it's also pretty buggy, and Microsoft might have already sneaked in a pay subscription service."
Comment removed based on user account deletion
for them to charge consumers for what they have allready charged consumers for.
You are about to give someone a piece of your mind, something which you can ill afford...
This is just scary:
1. Release buggy browser
2. Sell antispyware software
3. Profit?
Direct and indirect download links
I just had NAV2005 installed on a friend's infected PC and it did Virus and Spywares at the same time. This and Ad-Aware seems a good solution which I'd trust more than any Microsoft "security" stuff.
Trolling using another account since 2005.
...how does it identify Windows Media Player?
The next version of Windows will have things that only their spyware removal program is able to remove, due to restrictions that the OS places on letting third party programs modify things..
Of course the spyware will be able to make it through backdoors in things like caluclator and notepad, because God knows they're wired to the central part of the Windows kernel!
Job? I don't have time to get a job! Who will sit around and bitch about being broke and unemployed then?
Shocking - they don't seem to support DOS based Windows (9x and ME) even though there are arguably millions of infected consumper PC's. WinME boxes aren't THAT old.
I do understand not supporting NT4 tho..
...yup...
Supported Operating Systems: Windows 2000, Windows 2000 Advanced Server, Windows 2000 Professional Edition , Windows 2000 Server, Windows 2000 Service Pack 2, Windows 2000 Service Pack 3, Windows 2000 Service Pack 4, Windows Server 2003, Windows XP, Windows XP Home Edition , Windows XP Media Center Edition, Windows XP Professional Edition , Windows XP Service Pack 1, Windows XP Service Pack 2, Windows XP Tablet PC Edition
Great, go windows 98!
I guess all of my relatives will keep using ad-aware and spybot, they refuse to buy a new computer to check their email with.
Runnin' On Empty
So i would expect this version to be pretty solid (old companies code), as time goes on and more MS code is introduced, expect quality to go down a bit, well possibly
I'd like to see some better real-time scanning... Adaware's ad-watch isn't very for end users. It monitors for system config changes. Not effective when the user doesn't have a clue.
Spybot S&D immunizes your browser, but spyware can get in other ways too through adware programs. It helps but isn't perfect.
If Microsoft can get a good, real-time scanning software package going, then it might just be onto something.
09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
Hmmm I ran this, but I still seem to have windows on my computer.
Well, let's hope this program will be free for all people who are plagued with IE hijaking programs. With patches so slowly coming, this might be a good PR for Microsoft who is taking some hard hits from critics.
Some call me Howie Feltersnatch
However, it's also pretty buggy, and Microsoft might have already sneaked in a pay subscription service
Bastards. How dare they! They're in the software business after all.
Anonymous Twit: news aggregation sites (like slashdot) do tend to need to pull in news from other sources; which even a very basic understanding of the nature of time will tell you; means AFTER the other source has posted it.
Get a clue, FFS.
Blocking the holes that all these spyware programs use?
Probably because this is a way to make more money for them, but hopefully it will also let a few more people know the way MS want to treat their customers
Best I can discover, he's just some guy who writes blog entries. I can't find any information on what this gentleman actually does for a living, nor can I find any information suggesting that he ever actually HAS done anything for a living.
His various bios on the various blogs he writes in all list him as a "journalist" but give no clue as to who employs him, or what his technical background is.
My question is this: what is it that Nathan Weinberg knows or does that should make me believe what he has to say about Microsoft's new product?
Alito: A vote for Alito is a punch in the eye to put that bitch back in her place!
You have to validate (Send your Serial Number) to microsoft in order to download this.
I've never seen this before for a microsoft download and hope it isn't a growing trend. When is the last time you knew where your product key was?
And Microsft claims that open source software stifles innovation...
How long would this 'beta version' have taken to be released, if at all, if it were not for Firefox pushing the standards to a higher level?
You are about to give someone a piece of your mind, something which you can ill afford...
Does nobody see this as a potential problem, as Microsoft will now have a vested interest in NOT fixing their O/S so that spyware can't get in?
Get OS X or Linux, then you won't need anti-spyware, anti-virus and anti-worm protection. People need to take these costs into account when buying a new computer. With Apple offering a $500 (or so) Mac it is becoming a lot cheaper to run Apple products. Not to mention the time spent scanning for viruses, cleaning out your computer or lost productivity. I know preaching to the choir, but its a slow day at work.
Amusingly it doesn't recognise it's Shell Hook:
"Microsoft.Antispyware.ShellExecuteHook.1 This is an unknown Excecute Hook.".
That's the original spelling too!
Otherwise the scan seemed to do a decent job, picked up a couple of things, but nothing serious because I'm mostly clean to start with.
And lastly, there doesn't seem to be any evidence that Microsoft is making it a subscription service. I was able to download, install, and run the program all without signing up for a subscription of any sort. Maybe that's because the program is still in beta or maybe it's just anti-MS FUD on the subscriber's part... who knows.
Reading the review would reveal why the submitter said that. The review says it might have a subscription based on the fact that it had 206 days until it expired. My personal opinion is that the expiration is there because it's Beta, but it may very well lead to a subscription service.
As far as the summary not saying it's a beta... Well, seemed pretty obvious to me. They just bought the company afterall.
- AMW
I'm willing to bet that there will be a subscription service after a while. The service will most likely give the "premier" subscribers the early warnings and leave everyone else in the dark. Kind of like their security warning service.
"OK, we've got a really buggy product, how about we charge the client to fix it?"
"Brilliant, B.G.!"
I run Ad-Aware once in a while and way pretty sure I didn't have any spyware. No such luck...Microsoft AntiSpyware apparently classifys eMule *and* TightVNC as spyware! I think I'll stick with Ad-Aware.
It tagged Firefox as spyware!
I hope in the final version this is controllable by group policy because it's detecting all of my management apps such as vnc/dameware as spyware.
On a sidenote: Funny how they forgot to change the processname and still shows up as GIANTAntiSpywareMain.exe in task manager
I have often regretted my speech, never my silence.
-Xenocrates
Beaten like a red-headed stepchild caught in a sausage fest behind the couch with his cousin.
Go to help, about:
Microsoft AntiSpyware Version: 1.0.501
This version expires on: 7/31/2005
-From My Install This Morn.
Expire? Why should it expire if it is free?
Now Microsoft can make money (even if the program is free, they make money or at least dominance) on anti-spyware applications so that they can save money on not improving the flaws and vulnerabilities in their other products that allow for such spyware to exist in the first place.
You gotta hand it to them - that IS a nice strategy. Not so for the consumers though.
It's the old razors-and-razorblades model. Except this time it's like they're selling you a flat tyre, then selling you a puncture repair kit.
Comment removed based on user account deletion
This is like patching a broken chain link fence with a paper bag. Why would I trust a company that's know for buggy code, to all of a sudden produce something that works to protect their own buggy code? Other companies have been making good anti-spyware products for a while, so I think I'll pass on this one.
One line blog. I hear that they're called Twitters now.
On another note, I loaded this beast and started a 'deep scan,' which takes an estimated 29 minutes, after running updated Adaware and Spybot scans and it has already found a few 'threats.' It also provides active protection, alerting the user of services such as 'messenger' that are active and pose a threat.
Microsoft released this morning Microsoft AntiSpyware, the product of last month's acquisition of GIANT
Wait a minute, I thought Microsoft was the giant? Man I need to keep up with the news.
"this might be a good PR for Microsoft who is taking some hard hits from critics"
You got that right. Its about time they did something. Talk about TCO. Think of the amount of money spyware ridden Windows machines have costed end users and businesses to repair.
You are about to give someone a piece of your mind, something which you can ill afford...
Microsoft refuses to patch their browser wich is the cause of most "crapware" at least for all the AOL people and now they relese a sftware product to clean up or try to clean up what is initially their fault. As long as they don't bundle this with the OS it is not anticompetetive. But microsoft itself is. I mean they now bundle a firewall so no one needs to get kerio or zone alarm. If this thing get's bundeled along with the Antivirus the bought someone is gonna sue them again and then the government is going to look the other way because they are gonna say windows can't work with out. I just hope I'm wrong.
Microsoft AntiSpyware... Isn't that somewhat like Military Intelligence?
...and I was suprised to find that it picked out two items as spyware - remenants of an application I uninstalled ages ago.
Neither AdAware or Spybot, which I run on a regular basis, ever pulled tyhis out. It also gave a nice detailed description of the offending items as well as recommending actions based upon whether it thought they were "high risk" (action was Remove) or "low risk" (action was Quarantine).
Colour me suprised!
I don't know how Microsoft keeps coming up with these imaginitive product names... Windows, Word, AntiSpyware. Wow, the hits just keep on coming.
You'd think that since the products themselves are so pedestrian, they'd at least try to come up with better names.
It had to be rejected 5 times first, before being accepted by the original submitter with the exact same write up. Don't you know anything?? :)
the release is only a beta version, not a final release. That might explain the bugs.
It's called Microsoft AntiSpyware. The first half of the name explains the bugs pretty well for me.
Now, what I wanna know: Is clippy involved? "You are trying to clean your machine. Would you like to give us money?"
You can't take the sky from me...
And without giving too much away, the GenuineCheck program that it offers for download (if you're not using IE) doesn't really do its job. I mean, I DO have a licensed Windows product key, I just didn't use it for this install. Still, it didn't seem to pick up on that.
Or maybe the goons are on their way as we speak. Who knows.
I'm shocked, shocked I say.
-------- In Soviet Russia, "Soviet Russia" sigs hate Slashdot.
Kinda defeats the purpose of having validation in the first place, doesn't it?
I thought that was for people who want to verify their supposed legal copy is really legal and not some some pirated copy from a seedy company that goes through a couple name changes a year. At some point they might make people go through it.
by Microsoft AntiSpyware that I have spyware called RealVNC on my computer! I notice it says NOTHING about spyware called Microsoft Remote Desktop. I know lots of people out here use VNC, for goodness sakes, its SPYWARE now?! wtf
Electrons are free; it is moving them that becomes expensive.
Does it remove this spyware "msmsgs.exe" from automatically starting on my windows? And does it uninstall it correctly without causing a catastrophy?
Live forever, or die trying.
What would happen if it tries to prevent itself from spying your machine ? a blue screen ?
They just bought the company afterall."
True enough, but does this illegally extend their monopoly or are they finally owning up to the problems they have caused by releasing a sub-standard (contrast Firefox) browser for all to use and abuse?
You are about to give someone a piece of your mind, something which you can ill afford...
Can be found here.
Only 6 years after it became a huge problem, MS is doing something about the insecurity of their software: they are releasing a copy of other's company's software which cleans up attacks AFTER they happen.
I suspect this innovation will be so great it has to be bundled with the OS. Why actually write secure software when you can monopolize a market created around your own insecurity?
As much as I hope this program will be free, I have my doubts. Microsoft bought out this company and need to make the money back somehow. Bill Gates dies not make his billions for nothing.
Some call me Howie Feltersnatch
and installs Linux.
-------- In Soviet Russia, "Soviet Russia" sigs hate Slashdot.
Expire? Why should it expire if it is free?
Because it's a Beta. Most Microsoft Betas expire.
- AMW
But I'm still being picky. Why isn't this software multi-threaded? When I click on the menu in the middle of the scan, it stops the scan. Oh, yeah, and the MSN Desktop search tool doesn't work at all on my windows xp.
I'll do the stupid thing first and then you shy people follow...
Microsoft AntiSpyware? That's the best that their marketing department could come up with? Cmon, throw an -eon or a "Solution" or a 2k5 on there...
One man's Funny is another man's Offtopic.
Microsoft AntiSpyware has found spyware on my system! Guess it's time to uninstall that evil RealVNC program I use since it's spyware. Thanks Microsoft, all this time I thought it was a cool program!
Microsoft has often done this. They don't want customers to run beta software forever. They want the customer to realize that he or she must get the latest version.
It is just Giant rebranded with a few things missing(which I assume is just because it is in beta). Giant was a very good anti-spyware program so I expect the MS rebrand will be just the same.
The real question will just be how much effort MS puts into keeping the definitions and program updated as new types of spyware come down the pipeline. As effective as the program is right now, it is how effective it will remain in the ever changing world of spyware that is what really matters.
No beta will answer that question, only the test of time will. But, this is just Giant rebranded and it is a very solid platform, which is why MS bought it in the first place.
You are who you are, let no one tell you different. But, never close your mind to a new point of view.
You gotta love it - I just ran a scan to test this puppy out and found that Microsoft has decided to flag WinPCap as spyware. Anyone who runs tools like nmap, Ethereal, and other open-source network utilities that have been ported to Windows must be evil!
They give it a "low" threat rating, and automagically tell the software to "ignore" it (that is, don't remove it), but I'm still offended.
Then again, if WinPCap is on your system and you don't know what it is, I guess it's not a horrible idea to let the clueless know about it...
As to the resutls, it turfed up three bits of possible Spyware which Ad-Aware and Spybot were missing/ignoring. The first was what it thought was Kazaa, but was infact Kazaa Lite (I've never had the original Kazaa installed). Second was some legacy registry keys left behind by WeatherBug which had piggybacked its way onto my PC with some shareware some time ago - fixed and reported to Spybot/Ad-Aware. Finally, it detected something called SearchSquire, but this turned out to be part of the Immunization feature of Spybot.
So, aside from the conflicts with Spybot's Immunization feature and the false positive on Kazaa Lite's registry keys, both of which can be fixed by setting the detection to "Always Ignore" it's not a bad little tool at all. Expect of course, for the fact that Microsoft is clearly planning of getting people to pay for this tool according to the webpage and EULA. Hmm. Getting people to pay for cleaning up the mess that you helped create in the first place... Unless this product is *vastly* better than Spybot and Ad-Aware on a thoroughly owned PC, I don't think so, and even then I think not...
UNIX? They're not even circumcised! Savages!
Anyone else scared to read that MS now has a community called SpyNet?
.
Last time someone did that, Arnold had to come in and kill some poor bastard named Sarah Conner.....
The real litigious bastards...
It's common for beta software to expire. Paint Shop Pro comes to mind.
I'll let it go because it's a beta, but its really annoying that you can't run a scan and X-out and/or click any links in the application without it cancelling the scan. ANY good utility should be able to be run from the taskbar.
Funny.... Friends and Family are heavily infested everytime I visit. Install Firefox and Mike's Ad Blocking Host File and guess what, no more spyware. The best solution is prevention.
Or do they really mean SkyNet!?? Fu*ktards didn't see that one coming at QC now did they??? Or maybe....~pzbtpt~...~pztpbt~....aaaaaghhhhhh!!!
Where's my free iPod!? Until then, I'll settle for a kiss...
dont mind, I am installing it.
If you're not a part of the solution there's good money to be made in prolonging the problem
Sanity is the trademark of a weak mind. -- Mark Harrold
The probably saw this:
2. TIME-SENSITIVE SOFTWARE. The software will stop running on July 31, 2005. You may not receive any other notice. You will not receive any further updates when the software stops running.
and figured OMG SUBSCRIPTION!
Another interesting EULA box is the actual definition of the software's function:
4. POTENTIALLY UNWANTED SOFTWARE. The software will search your computer for "spyware," "adware" and other potentially unwanted software ("Potentially Unwanted Software"). If it finds Potentially Unwanted Software, the software will ask you if you want to ignore, disable (quarantine) or remove it. The software will only remove or disable Potentially Unwanted Software as you instruct it. Removing or disabling the Potentially Unwanted Software may cause other software on your computer to stop working, and it may cause you to breach a license to use other software on your computer, if the other software installed the Potentially Unwanted Software on your computer as a condition of your use of the other software. You should read the license agreements for other software before authorizing the removal of any Potentially Unwanted Software. By using this software, it is possible that you will also remove or disable software that is not Potentially Unwanted Software. You are solely responsible for selecting which Potentially Unwanted Software the software removes or disables.
When I worked at Dell, they wouldn't let us dick with spyware stuff because of potential legal problems -- that is, the law might side with the malware.
REM Old programmers don't die. They just GOSUB without RETURN.
Spybot and SpywareBlaster are still a better combo. Spybot scans while SpywareBlaster prevents the spyware in the first place. SpywareBlaster will work with IE _and_ Firefox. Will this offering from MS help protect non-IE browsers?
If Tyranny and Oppression come to this land,
it will be in the guise of fighting a foreign enemy. -James Madison
And lastly, there doesn't seem to be any evidence that Microsoft is making it a subscription service. I was able to download, install, and run the program all without signing up for a subscription of any sort.
I wonder if Microsoft were to sell a subscription "spyware removal tool" that they would be caught in the same legal shit that Ralsky is caught in (Infecting computers with spyware, then trying to sell anti-spyware programs that don't really work)
I mean, granted, Microsoft probably isn't deliberatley infecting users with spyware, but they're the ones that made it possible in the first place.
--You will rephrase your request for me to go to hell. Goto statements are not acceptable programming constructs
well, your comments notwithstanding, Microsoft BUYS innovation.
Speak for yourself.
Substandard? IE is standard :)
Microsoft providing anti-spyware tools to me is like being given a bottle of poison and the CDC phone number at the same time...
How would this extend their monopoly? They know they have a problem and are trying to fix it. It's a good thing, be happy...
John Doe and his new M$ piece of software 1- Install M$ Antispyware.
2- Run the thingy.
3- Reboot to finish the cleaning.
4- At c:\ prompt call M$ for support *OR* install Linux.
Home of Faramir Paint Shop Pro scripts
Let me guess, it removes the e-vil spyware (Windows) from the computer.
Sounds like the shizzle.
Oh yeah, how do you upgrade it after it deletes Windows?
free ipods
I ran the software, and it was kind enough to suggest that I "Restore Hijacked Internet Explorer Browser Settings" because these values apparently differ from the recommended.
Good thing Microsoft is looking out for me and keeping those darn open source spyware programs away from me...
By reading this sig, you agree to be bound by all terms and conditions I choose.
I do like the restore features, and the proccess details, but that was left over from Giant. I hope that the proccess details and star-up info become more accurate with MS providing the details.
--
So who is hotter? Ali or Ali's sister?
Whay did they have to buy a software company to be able to offer software to fix their problems?
This is just crap, and Joe/Josephine Sixpack will never realize how much crap it is. He/She will just merrily download the fix and go on about their day and applaud Microsoft for fixing a huge problem. When actually they did not, Giant did. No one will be the wiser and Microsoft continues on making crap.
And then there is the problem that this is just a bandaid and the underlying problems are not fixed just covered up and we have a reactive solution to problems instead of proactive solutions to them. Which by and large is the current state of virus, spam, and adware solutions.
It would be very nice if Microsoft does do something to combat the many problems IE has for users and system administrators. What would be ideal if Microsoft includes this program with all versions of Windows because (as you and everybody else knows) wants users to use IE.
Something like this would be nice too: "We apologize for all the problems Internet Explorer has caused you our loyal customers. We now have a free anti-spyware for you to use"
With more and more people migrating to alternate browsers, this might have been a wake up call for Microsoft to do something about it. How they will do it is up to question as well, ie. subscription to get rid of the spyware on an already spyware prone browser.
Another interesting thing to note is Microsoft buys a company that makes anti-spyware. In the tradition of Microsoft, they sure like buying other peoples' software and build on it (Good ol' DOS, heh).
Some call me Howie Feltersnatch
With the threat of people jumping ship to another OS, MS may make back their money by just keeping their customers?
You mean like how makers of P2P software make it possible for people to violate copyright law?
There's a Mercedes gap too. I want one and can't afford one, but it's not government's job to do anything about it.
I can see it now... "We have found spyware on your system: firefox, thunderbird, gimp, openoffice, filezilla, nvu, and gaim. Would you like to remove and visit our online store?"
Here a Sig There a Sig Everywhere a Sig Sig...
How long would this 'beta version' have taken to be released, if at all, if it were not for Firefox pushing the standards to a higher level?
Personally, I think Adaware and SpyBot had more to do with it than Firefox. Not to mention Symantec is now bundling spyware detection into theie security software, and CA just acquire PestPatrol so that they can incorporate it into their software.
It seems to me that Microsoft's closed source products has created so many exploits for malware to take advantage of, that a new emerging market with great potential has been created. Microsoft is now getting involved in this lucrative market. This is a prime example of how Microsoft feels about closed source products being good for innovation.
Create a crappy product that others can't openly fix, so that it will innovate new products, so that it will make a new market that they can try to dominate.
>> How would this extend their monopoly?
Well for one it detected RealVNC as a potential spyware threat, even though it's a low risk one and recommended action is ignore... I remember a while ago when XP came out there was a hassle regarding XP licensing and other non-MS remote software to access the machine...
Only thing found was Timbuktu and Kontiki(video delivery manager). Ermm no I don't think they need to be removed.
i think it's called "debian" or something...the most dangerous spyware it found was "windows", thanks God it's removed from my machine.
Must be beta... it started to uninstall my microsoft office windows media player and IE
That is most likely due to beta - alphas and betas of most MS software (and I'm speaking as an MSDN subscriber who can get hold of them) have expiry dates built in - I think the Longhorn tech release I have expires in August or something, and a beta of Windows 2000 expired before W2K was actually released. Can't speak for Office betas, but I feel it would be likely that they too expire.
How many people can read hex if only you and dead people can read hex?
Since MS is so closely "tied" to the spyware industry, they'll know EVERYTHING about the spyware! Hell, they make IE, they've gotta know SOMETHING about spyware, being that lots of their employees run spyware scans every day on their work computers.
It detected that well known evil spyware called Timbuktu Pro!
Way to go MS! (clap clap clap) Keep up the great work. You are the wind beneath my wings.
[MUTTER]Yer the wind outta me ass, matey...[/MUTTER]
--- Ban humanity.
Interesting question. Is a company that releases an inferior product, but that has a monopoly required to force their customers to pay subscription fees for multiple software packages by third parties needed to patch the vulnurability? And if they decide to release their own software to fix the problem, are they partaking in anti-competitive practices by wiping out companies that exist solely to patch the problem? If they charge a competitive fee for the software, is that better or worse than giving it out for free? On one hand they're screwing their customers who live with the bugs, on the other hand they're putting companies out of business.
- TightVNC
- RealVNC
- WinPCap
- MineBug
The only legitimate piece of spywear on that list is Minebug whatever it is. Perhaps this is Microsoft's way of removing "Unwanted" software from PC's running their operating system? In the description, they describe each item for exactly what it is. They tell you VNC is a valid remote administration utility, and they tell you that "WinPCap is an Open Source Windows Packet Filtering Library." However the fact that these items are listed and anyone not knowing any better can effectively make an administrators life (read: mine) hell by a click of a button bothers me somewhat.You would think that a company would try and find a way to make there OS less prone to spyware rather than releasing a program that will get rid of it. It just shows how MS thinks... don't go to the root of the problem just fix the symptoms. On the flip side i must say i do like the MS AntiSpware program as far as these things go. Who knows this could be a turnaround for 'em...
I ran Microsoft Antispyware Beta on a computer here at school. Then I purposely ran Internet Explorer through a few websites I knew were laden with spyware. IE returned several debug errors. I thought, same as everyone, "well, it's beta so what do we expect??"
Then I remembered that Microsoft bought GIANT. They had an award-winning product. Shouldn't the core of Microsoft Antispyware be GIANT-AS?? Just changing the GUI and slapping the Microsoft name on a proven program shouldn't automagically render it buggy...
Weird. I think MS is doing a lot of behind-the-scenes changes to GIANT-AS.
If you think you're protected from spyware programs (and any other type of virus that is new and can be installed the same way..) you're wrong... I got slammed last night by exdl.exe, Internet Optimizer, and a bunch of other programs by visiting torrentreactor.net. I called symantec and they said it is an extended threat that might be filtered by InterentSecurity 2005.. So I upgraded yesterday.. I for one would prefer a free, robust system included with the OS. In this regard, Good Work M$!
I just ran it on my work machine (which apparently was zombified and cleaned up before I started working here). Came up with a clean bill of health, so I guess whoever did the cleanup did a pretty good job (FYI, I also run Spybot and AdAware regularly on it). I noticed that the process/executable is still named GIANTAntiSpywareMain.exe. I'm assuming that's something MS plans to change in the future. Also, under the Advanced Tools > System Explorer > Shell Execute Hooks, it lists Microsoft.AntiSpyware.ShellExecuteHook1 as an unknown type. I would really hope they clean that up before final release....
I'll turn into a supernova and burn up everything. Well I'll turn into a black little hole and you'll turn into string.
There's a hidden feature to the Submit button that you catch all spelling errors 0.2 seconds after clicking.
I've got more mod points and GMail invi
Why don't they just fix the OS so that it doesn't suffer from spyware and viruses? Am I missing something (besides the obvious issues of backwares compatibility)?
(Yes, this is harder than just saying it, but Microsoft does a pretty lousy track record with preventable things (like IE and OE; though IIS6 seems to be much better than IIS5).
Perhaps they should just junk ActiveX and go with Java?
Fix your miserable Active X security and ditch that bastardised Java. More software from Microsoft is the last thing anyone needs to fix problems created by Microsoft's software.
Fiat Homos et Pereat Theos
Are you people for real? Your UPSET that it found things like VNC and WinPCap?
I've tested it on several machines at work, and it found spyware that Adaware and Spybot couldn't. It did also mark Dameware Mini Remote (a remote desktop program) as potential spyware, as well as the custom hosts file that I put on all machines. I think all these non-spyware programs were set to "Ignore" by default, but its not too hard to set to "Ignore All" if you know it should be there.
My point is, if you use VNC/Dameware/WinPCap/whatever... , you probably know it. But if you don't use them, and it's installed on your system, its probably a GOOD thing to have a scan pick it up and make you aware of it.
So far I'm impressed with this beta, and if the worst problem all you nay sayers can find is that it's too thorough, you should probably find something else to complain about. If this didn't have "Microsoft" in front of it, I bet I good deal of you would be hailing it as one of the best anti-spyware products out there.
[end of rant]
I run win2000 IE 5.0 FireFox 1.0 I don't use IE, But now I have to upgrade first. Do I have to inform the DOJ
Well, I'm more interested in MS wanting to "validate" my Windows installation before letting me download the product. Looks like they want to verify you're "legit" before letting you remove spyware (though, as pointed out, you don't HAVE to do this...).
Especially amusing is the idea MS promotes validation as a user benefit, with no mention that the idea is really a benefit to MS for anti-piracy reasons.
No thanks, Bill. While my Windows is legit, I see no reason to become another record in your database. You want to catch pirates? Why not try working harder?
In fact, most anti-virus/anti-spyware software requires a subscription in order to get updates. This is evil/bad how?
I'm proud of my Northern Tibetian Heritage
Try June 2005.
Comment removed based on user account deletion
> Kinda defeats the purpose of having validation in the first place, doesn't it?
It should be noted that the release is only a beta version, not a final release.
I agree somewhat. Many big companies are moving to alternate operating systems which is making Microsoft nervous. While they hold a giant share of the desktop market, they seem to be losing grip with the enterprise. Maybe that explains why steve ballmer gave the patent infringement speech to scare people to stay with them instead of looking elsewhere.
I do not see MS losing a huge market share anytime soon, but with other OS's getting more choices of software for end users as well as ease of installation and use (Mandrake, SUSE, Fedora) I can see these types of operating systems gaining some serious ground to negate the problems Windows has. I am not saying Windows is all bad because there is some nice features and a wide variety of software people just do not want to live without.
Some call me Howie Feltersnatch
It appears to me that such a practice would amount to a racket, as Microsoft sold the operating system which allows the spyware to flourish.
A feeling of having made the same mistake before: Deja Foobar
Ahaha apparently TightVNC and RealVNC are classified as 'Spyware' on my machine.
I downloaded microsoft anti-spyware from Kazaa, and now my bonzibuddy and weatherbug disappeared.
People think I'm dull and boring because my email has lost it's color and graphics.
My computer browses much slower since it appears my internet isn't optimized anymore.
And now I have no idea if my computer may or may not be infected with spyware because those courteous pop up alerts have stopped.
I defragged my computer and asked the paperclip for help in getting these back and that was no use. Microsoft stinks! I can't wait until my absolutely free dual G5 gets here.
Ftom torrentreactor.to : The torrentreactor.net domain was hijacked, please use only .com and .to! We will take legal actions, please stay with us and tell your friends about the changes!
Your fault!
Thanks guys, I just found a spyware/keylogger/adware what ever you call it. And it is from this same Slashdot, and once again thank you guys, for providing me with these kind of crap.
And yeah thank you once again, for not allowing me to post this here. Long live "free" speach. Long live "free" OS. And yeah long live "free" bullshit, as long its not we who are getting this.
I see a real conflict in the making here.
- Realplayer is a known distributor of spyware/adware.
- Likewise with Kazaa, Grokster, and other P2P apps.
- RIAA/MPAA pressures M$ to label P2P apps as "spyware/adware apps". After all, M$ has a business interest in such a move because they want industry adoption of their DRM/media player system. And it would be xxAA's underhanded sweet revenge after their loss in court against Grokster.
- M$ anti-spyware labels these apps as a source of spyware/adware and removes them.
- Realplayer files antitrust complaints to DoJ, claiming that M$ is maliciously deleting their apps to maintain their monopoly on media players.
- The animosity towards M$ and xxAA raises to a new level as millions of P2P users find their pipeline cut off.
The xxAA conglomerates are crafty and malicious. If they can't stop P2P in the courts, they will and have exploit other means at their disposal. They've already infiltrated WMA/V files with adware/spyware to thwart P2P. And the temptation for M$ to develop their anti-spyware to delete competing applications (OpenOffice users beware) is too great.Eternity: will that be smoking, or non-smoking? I Corinthians 6:9-10
It finds WinPCap (used for Ethereal and nmap on Windows) as spyware. Odd.
I have tried and continue to evaluate spyware removal techniques and software, and have found that the MS product though somewhat buggy is reasonable for a free product. Thats also true, to a lesser extent, of Ad Aware. By my pick and the choice of others (PC Mag Editors choice '04 and Wall Street Journal 04)who have reviewed the major players out there in spyware removal is a commercial program called Spy Sweeper from Webroot software. Its head and shoulders above the rest and is the only spyware removal software I have tried that can remove the nastier sort of spyware like Cool Web Search. Yes its commercial but you can use the full program for free for a month or two (cant remember exactly) before you make up your mind weather you want to subscribe to the update service. Seriously, are you going to trust Microsoft to handle cleaning up the mess they left for you?
But it does run fine under Wine, and produces a validation code. The code isn't recognized as valid by the MS web page, though. Strange.
Crews fighting the Chicago fire got a welcome respite from their duties when an anonymous benefactor supplied them with cold milk. Mrs. O'Leary's cow had no comment.
So I downloaded and installed this on my machine to check it out. Keep in mind that my machine routinely has spyware scans of all kinds run on it, as I test out almost every spyware system imaginable for work.
- It reported WinPCap as "spyware" (or rather an "enabler", whatever that means), but it did have a default action of "Ignore" associated with it when the scan was done.
- It disovered c:\program files\support tools\remote.exe as the Cyanure Remote Administration Tool, classified as a Severe threat. This is Microsoft-made tool that comes with their Windows 2000 Support Tools.
- Some leftover directories of Hotbar that Adaware apparently did not fully clean up from a previous intentional infection.
This is the first time I've ever seen WinPCap flagged on any kind of spyware scan, kind of find that amusing. Microsoft must hate Ethereal or something. The Remote.exe thing is sort of funny too, but probably not unexpected, though it did not have a problem with the copy of Remote Administrator I have installed on my machine (in server mode no less). It'll be interesting to see how this performs on some intentionally-infected machines, compared to AdAware and Spybot.
Why would you submit a link to your site on the front page of slashdot if your server can't even make it through the first hour of a story? At least make a text only (no db) version of the story to post. It may at least stand a chance then...
They don't want customers to run beta software forever
They took care of that already...
From the license agreement:
1. USE RIGHTS. If you comply with this agreement, you have the right to install and use the software on your computer until July 31, 2005, or until the date we release a commercial version of the software, whichever date is first.
2. TIME-SENSITIVE SOFTWARE. The software will stop running on July 31, 2005. You may not receive any other notice. You will not receive any further updates when the software stops running.
"Honeeey I'm 127.0.0.1"
No, there is nothing in that post about anything open source. It's funny because we all know that Microsoft software does have bugs...lots of bugs.
Who gives a rat's ass if it's more or less than those found in open source software...it's not about that. The statement is purely about Microsoft, nothing else implied.
Comparing Microsoft software to all open source software is like comparing a bushel of apples to all the oranges ever in existence. They have little to do with each other.
Not like the slashdot crowd ever compares Microsoft and open source software......
Hmm, Hotbar who is a Microsoft Certified Partner is flagged as "Low Risk Adware" and default setting is to ignore. Co-incidence or shall I fetch my Tinfoil hat? Jonathan
No MAS! No MAS!
You are being MICROattacked, from various angles, in a SOFT manner.
So what does this do? Uninstall Windows and replace it with Linux?
Slashdot 1|0 Productivity
Actually if you had taken time ro read the End User Agreement you would have noticed that:
1. USE RIGHTS. If you comply with this agreement, you have the right to install and use the software on your computer until July 31, 2005, or until the date we release a commercial version of the software, whichever date is first.
2. TIME-SENSITIVE SOFTWARE. The software will stop running on July 31, 2005. You may not receive any other notice. You will not receive any further updates when the software stops running.
3. PRE-RELEASE SOFTWARE. This software is a pre-release version. It will not work the way a final version of the software will. We may change it for the final, commercial version. We also may not release a commercial version of the software.
So basically theres a big chance they will make it a subscription service...
4. POTENTIALLY UNWANTED SOFTWARE.
Is Microsoft coining a new term - PUS? My machine is infected with PUS.
I can see it now...
The following has been identified as PUS. You may choose to keep it, however Microsoft cannot guarantee stability if you allow it to remain installed. Do you wish to disable the following PUS?:
Lilo - Identified as PUS
I ran it and I got two false positive.
First, my 'Messenger Plus!' got tagged by the program. Why ? Because if you say 'Yes' when you install it, you may have installed a spyware. But I've said 'No' to that installation. I think that Microsoft scan on premise that 'if the program can install spyware, we will tag it and urge consumer to remove it'.
My second false positive: Oracle 9i. Microsoft had confused it with: 'iMesh'.... And it's all the help file of Oracle 9i in Java.
An anti-spyware that is confused and tag software that could have installed a spyware instead of the spyware itself is useless to me.
That's my 2 cents.
The thing detected RealVNC as Spyware, go figure.
Expire? Why should it expire if it is free?
Because it's a Beta. Most Microsoft Betas expire.
Because its Microsoft. Most Microsoft stuff is not free.
Microsoft obviously doesn't care how their newest baby looks in Windows 2000.
:/
Check out this screenshot.
Many of the GUI quirks make it almost unusable.
Just a thought here.
.02 from a 10101100
Ok, when Jane and Joe Sixpack have problems with "slow" machines, they call us to help. We install odd programs, scan their systems, clean up the mess, and suggest/insist they change browsers/OS. All the while Joe and Jane sit there watching us, and their eyes glaze over. We tell them that we found X pieces of spyware, which they hear as "I found blah pieces of blahblah".
I don't know about the rest of you, but I only get the call when things have become very bad. When I suggest that they just run the tools (Spybot, AdAware, etc), they always say they don't know how, or don't know what the results mean (see "eyes glazed over").
I wonder if the PiratesOfRedmond will be able to make a tool so simple to use that Joe and Jane will be able to do it themselves? If they do, the next logical step for Joe and Jane will be actual PREVENTION. This step does not bode well for M$.
The way I see it, the big reason for such horrible infestations, is that the scan/remove process is not easy enough for many users, so they only address it when it becomes bad. If it is easy to check once a week, and you see that you are picking up 20 NEW infections a week, they may start to wonder "WTF is going on here, and how is this stuff getting in?".
I know for certain, that I have cleaned machines for people, who were NOT shocked to find 100+ items in the scan. The problem is they assume that it all came from a single source. They think that they must have hit one bad site in the last 6 months, and it did all of the damage. They would be shocked to find out that they are picking up a dozen a week, from a dozen different sites. Shocked enough to actually address WHY this is happening.
Maybe this will be the tool to get the "switch to Firefox" ball rolling down main street?
Just
We need every Windows machine to have up-to-date antivirus and antispyware software. That means reliable, automatic, free updates. Anything else leads to compromised boxes assailing everybody on the net.
Or they could just design their SW with security in mind so they don't need these band-aids in the first place.
the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff
eww. I guess that is an adequate description.
;)
Puss, not puss..., you perverts...
Microsoft also bought Internet Explorer, that's given away for free. They really don't need to make the money back with all the cash they have. The positive PR from giving it away for free could easily make up for the cost of the company.
-matt
"Possible Browser Hijack. Start page set to about:blank"
"Commercial Remote Control Software. RealVNC"
who do these people think they are?
No joke... here's what I found on the first scan:
WinPCap (10 signatures)
RealVNC (4 signatures)
TightVNC Commercial Remote Control
Remote Anything Remote Control
Though, I will note that my friend "New Shirt" Nick did get some legitimate spyware.
The thing that gets me is at the end of the scan, it asks if you want to send information back to spynet.net. I understand the logic, but does that not seem to also be a form of spyware? Heh, leave it to Microsoft to fight spyware with spyware.
This message was posted using recycled electrons.
Could be that MS will force or charge OEMS for this 'fix' and make it an option for boxed retail.
If they would only fix their OS in the first place, they wouldn't be in this mess.
if you steal from one source, that is plagiarism, if you steal from many, well, that's just research.
I've installed it (bypassing the genuine OS scan on the download page) and ran it once. It picked up a lot of stuff that neither Ad-Aware nor Spybot found, which was very impressive. It ran MUCH more quickly than Ad-Aware SE.
Strangely, it identified "Edonkey2000" (I have eMule) as a potential adware carrier. I've never known an ED2k client to show ads. Thankfully, the default action for eMule was "Ignore" and there was an "Ignore always" option as well.
Antispyware has the potential to raise the bar for this type of security application. However, I'm a little worried that this beta will turn out to be the best and most functional iteration of the product. The preferential treatment for IE in the options is to be expected, but it could become a troublesome feature if MS pushes their browser too hard.
So, Microsoft is going to sell anti-Spyware and anti-Virus tools to fix holes in their own product.
Won't they have an incentive not to fix bugs, and possibly even create bugs, in the OS? Because they can just charge you can extra $20 to fix it.
It told me that Dameware was spyware. looks pretty crappy to me
True, even dating back to the Windows 95 beta. The '95 beta would expire if your BIOS clock year was 1996 or greater.
Simple solution: Come expiry time, roll your clock back.
Frink: Nice try floyd, but you were designed for scrubbing, and scrubbing is what you shall do.
...never inform microsoft. after all they didn't make the spyware, they are 'third party softwares'.
I figured I'd test MS AntiSpyware against Lavasofts Ad-watch. I installed 'MSN Toolbar Suite'. That isn't malware but lavasofts program gives me the chance to block the registry modification whereas the MS product pops up a window from the sys tray saying the product doing the registry entry isn't known spyware and didn't let me say yay or nay, instead just disappearing faster than I could read the entire message.
I like the behavior of Ad-watch much better; leaving me in control and not making assumptions for me. I realize the MSN product was install by choice but could other programs slip through MS assumptions?
Here's the thing, if MS don't charge a sub won't everyone accuse them of trying to put all the other AntiSpyware companies out of business?
Maybe if MS just fixed IE they wouldent need to charge their customers more money to fix a problem that is caused mostly by the lovable and exploitable IE.
4. POTENTIALLY UNWANTED SOFTWARE.
I think PUS is an appropriate acronym.
With all their money and resources, the best they could come up with was Microsoft AntiSpyware?
did any of you bother to read the agrement? Of course not. This program will stop running July 31st 2005, and updates will not be supported after a comercial release. Yes, that means you will have to pay for it. It does go on to say they may not release a comercial version, but who are we talking about again? Oh, and they also limit their liability, you know if it crashes your system and you lose data, to $5. Will.
I stole this sig.
I tried running it and it told me that I had two regkeys, which was part of the Grokster adware bundle (I never installed that). When I looked at the keys, they pointed to LimeWire, which has no adware. Guess its like MSN Messager Plus being spyware (though it has some bundle stuff, you can choose not to install it).
I am going to test these three, but should I run simultaniously or seperatly? Billy
Since this is beta software, I'm not going to comment on stability or features. The early builds of Mozilla frankly sucked. Every product is buggy in early stages -- I actually commend Mircorosft for releasing a beta, since spyware is a pressing issue at the moment.
Now, Microsoft seriously needs to get their act together and support proper file-locking and implement unix-style permissions that actually work. I like Apple's approach that prevents you from EVER being logged in as root.
Spybot and Adaware are nice, but frankly I perfer SpySweeper (which costs money), but covers a lot more. It's only like $20. The week after I brought it, my ISP (AT&T) started giving it away for free. Go figure. I find the combination of SpySweeper and McAfee Virus Scan to be fairly strong.
McAfee and Symantec should be scared to death. They make a business of compensating for the inadequacies of Windows. Microsoft isn't stupid, and knows that it needs to play catch-up and fix the holes in their operating system. Expect *increased security* to be a major feature of longhorn.
This is a double-edged sword, however. If they do indeed make major security improvements to Longhorn and neglect XP/IE6, they are guilty of extortion and racketeering. If AntiSpyware becomes a pay service, the DOJ will destroy Microsoft. There's no grey area like in the IE/Netscape lawsuit... it would be illegal, wrong, and immoral.
Expect IE7 to be a Firefox-Killer. While M$ isn't releasing any new browsers until longhorn, we would have heard if they laid off the IE development team. They're working on something big.
-- If you try to fail and succeed, which have you done? - Uli's moose
Geeze, when it's open source and beta and has bugs, the response is 100% "What part of BETA did you not understand?" but for Microsoft it's "What part of MICROSOFT did you not understand?"
It's not even funny, it's pathalogical. Slashdot is a serious illness that infects the readers brains with a sickly FUD that clouds all possibility of rational thought.
Speaking as a corporate IT guy (Help Desk / Jr. System Admin), I would love to see some sort of Central Administration that would let me run this on a server, and then run it on client PCs on a regularly scheduled basis.
We have Symantec Anti-Virus 9.0 set up this way, and it's wonderful. Nightly scans of every PC at 3:00 am - always clean, doesn't interrupt the work of our users, no effort on anyone's part except to check the logs. With current spyware solutions, they need to be updated and run manually. SAV claims to check for Spyware, but is not as good as other solutions yet.
I have the windows resource kit installed and it picked one of the files and called it a trojan.
c:\reskit\InstSrv.exe
Type: Trojan
Threat Level: High
Description: A Trojan software is any software on a user's computer that the user is not aware or intentionally installed. Most Trojan software is designed to perform some sort of actions that could jeopardize the user's security or privacy.
Did anyone else notice the similarities between the M$ AntiSpyware icon and the icon that bulls eye network uses?
I the icon and got scared but..... My verdict is this program (even though it's beta) works well and has some other cool features under the advanced options.
Microsoft gets a +1 (at least until they start charging for it)
I think it's funny that it identified MSN SmartTags Browser plug-in as spyware on my system.
Makes me wonder.... how long will it take before some 11 year old makes some spyware that makes use of bugs in the "new and improved" antispyware software of Microsoft. The vicious circle goes on and on and on.....
No thanks, gimme some ProMEPIS 2005 instead.
I guess the only solution is to regulate them like telcos should and require them to open up thier lines. This means, sure they can release anti-spyware program, but they have to make it so you can easily remove it and install another companies software. And no contracts forcing OEMS to use their software. All that jazz.
I support open competition and no regulations, but when government rules are used to create a monopoly (ie a telco or microsoft riding on government copywrite protections) government has to correct the problems they make.
What about to the companies making the spyware in the first place? Do they have a case against Microsoft if they make changes to their dominant OS that intentionally break spyware?
I don't think improving security in an OS, even if it harms third parties who make a profit off your bad security, is going to meet the standards for abuse of a monopoly in the same way that tying a new application that adds features instead of fixing problems to the OS would.
Don't blame me; I'm never given mod points.
Sounds like it's doing its job: removing Potentially Unwanted Software.
Brain kills internet cells.
"Bill, Ive got a problem. I think I have much spyware on my computer."
"All you have to do is install Microsoft AntiSpyware, and then the problem is fixed."
A few weeks later, he said to Bill:
"I have istalled the program, but it has not solved the problem."
Why not? Because M$ users dont know that they actually must START the program!
Paying for MS Anti-Virus or Anti-Spyware is like buying a car from a cealership.. then paying an extra fee if you want it to actually run.....
Those who dilegently defend MS are gaining nothing... thererfore seem idiotic!
So, Microsoft admitted they cannot make Windows secure....
How do we know they will offer updates to dectect new spyware any faster than they will offer OS patches?
UNIX/Linux Consulting
I have TightVNC Installed, it lists it as a Moderate Threat.
In the Details, it says that the program is legitimate, but that there is a threat if you don't know it's installed.
Are people actually using VNC for nefarious purposes?
LK
"Hi. This is my friend, Jack Shit, and you don't know him." - Lord Kano
I trust Symantec to come out with new rapid release definitons every few hours and automatically pull them down even at home.
The website indicates that the definitions will be updated monthly? On what planet will that be enough ? Is this an incremental update? Will the process do version checking ? How are new rogues submitted for analysis ? There is s lot of information not available anywhere I can see. Anyone ?
From an very quick initial look I see one dll that seems to have the list. A single point of failure updated only once a month ?
Yeah, a "pay subscription service" as in, company X pays microsoft on a subscription basis for its spywareX to not be considered spyware, and casually passed over by the antispyware .....
....
helllooooo wild tangent
No, something more along the lines of Polluter Pays Principle.
Microsoft's insecure software made spyware possible. Why should the end user pay microsoft again to fix the problem that Microsoft created?
(Or, why are we having the federal government pay for environmental cleanup of toxic waste when the polluters aren't being held responsible for the pollution they caused in the first place? [Not that I'm nessecairly opposed to environmental cleanup or anything like that.])
--You will rephrase your request for me to go to hell. Goto statements are not acceptable programming constructs
Okay , well there is a submission tool included I see. Wonder where that goes ?
As I recall, they `bought' IE in exchange for a percentage of IE sales.
I am TheRaven on Soylent News
Well ha ha ha!
Yes, it actually is! NWCLIENT can be exploited an used as a trojan.
No, I do not see it as a problem, unless they charge for it. There has been no indication that they will charge for it except for the Slashdot FUD.
Is it a potential problem that open source software business plans are based on services and support - meaning they have a vested interest in keeping their applications difficult to use and fix? I'm not saying it is, but would you?
How do we know they will block certain malware at all? They will probably sell access to your computer to the highest bidder, but having their anti-spyware program not list paid-for programs. Conversely, they will probably get sued for blocking certain other programs, as "restraint of trade" or some such.
Napster-to-go says "Fill and refill your compatible MP3 player", which is a lie. It's not MP3. It's WMA with DRM.
I can't wait to try this think inside VMWARE on linux. :)
-=fshalor
It won't be free if CTO Craig Mundie has anything to say about it. From 2002...
Asked why it has taken Microsoft 25 years to get trustworthy computing into the forefront of its efforts, he said: "Because customers wouldn't pay for it until recently."
...Rob
The American Dream isn't an SUV and a house in the suburbs; it's Don't Tread On Me.
Just ran up MS AntiSpyware, let it do a FULL scan. Sure, it caught stuff that both AdAware and SpyBot missed, including the software which was intentionally installed by our WinAdmins to enable them to monitor our desktop usage. Uh, I see a real problem for corporate America if end-users (I don't have Admin priv on my desktop) can install software which will nullify their ability to track and monitor desktop machines. Still, as betas go, it's on a par with every other beta Microsoft has released for sale (Win95, Win98, WinNT, Win2K, WinXP, W2003 ;^). I applaude the boys from Redmond; looks like this one's a winner! Once they get the polish on it, this looks like a real boon for Windows users!
"...but with other OS's getting more choices of software for end users as well as ease of installation and use (Mandrake, SUSE, Fedora)..."
Don't forget Mac OSX. If I had to make a choice on a new OS as an uneducated consumer, Apple would be my first.
Hades, PoD: Official Advocate
Allrighty , a bit more information is available here : http://www.winsupersite.com/reviews/ms_antispyware _preview.asp
It's active protection feature is being couched in the same kind of language used by Bill G at RSA2003 to describe the NX style Dynamic System Protection that never made it into SP2.
The software detected RealVNC when it was still under the GIANT name. It's not something MS just added.
Hades, PoD: Official Advocate
Microsoft selling antispyware software seems to be as smart as putting Charles Whitman in charge of gun control enforcement.
It's all fun and games until someone loses the key to the handcuffs.
Who says anyone is going to pay Microsoft for anything here? It's a free download, just like their service packs.
There's a Mercedes gap too. I want one and can't afford one, but it's not government's job to do anything about it.
I purchased a copy of Windows 2003 Server
I admit that my experience with Windows OS product activation extends only to Microsoft Windows XP Professional. In general, the law regulates businesses more than it regulates households, and thus server class products, which are intended for use by businesses, may have more onerous activation requirements.
I remember it asking me name, address, etc during activation.
I seem to remember that Microsoft Windows XP requires activation but suggests registration at the end of the activation process. Activation is anonymous; registration requires name and address. Windows Server, on the other hand, may require registration as part of activation. Did any Windows 2003 Server user reading this pay enough attention to its activation process in order to confirm this definitively?
Now, I wonder... where does that come from? As far as I can tell from http://www.giantcompany.com/commonQuestions.htm, it already uses a subscription service. It really sounds like the common anti-Microsoft slogans that seem to be based on nothing. You would expect more from /. :)
What nobody here is yet talking about is this:
a n0 5/01-06NewSolutionsPR.asp
http://www.microsoft.com/presspass/press/2005/j
The piece about the malware removal tool (and that fact it'll be automatically downloaded to people using Automatic Windows Update) is very interesting.
You would figure Microsft would remove all references to GIANT on this application, but alas they have slipped. If you're brave enough to install this application, have a look at the process name (Image Name in Windows Task Manager). You will notice the process is kindly named GIANTAntiSpyware.
There are 10 types of people in the world, those who know binary and those who do not!
I agree with your observations on the possible use of this library but this comes from WinPCap's site. "WinPcap is an open source library for packet capture and network analysis for the Win32 platforms. It includes a kernel-level packet filter, a low-level dynamic link library (packet.dll), and a high-level and system-independent library (wpcap.dll, based on libpcap version 0.6.2). The packet filter is a device driver that adds to Windows 95, 98, ME, NT, 2000, XP and 2003 the ability to capture and send raw data from a network card, with the possibility to filter and store in a buffer the captured packets. Packet.dll is an API that can be used to directly access the functions of the packet driver, offering a programming interface independent from the Microsoft OS. Wpcap.dll exports a set of high level capture primitives that are compatible with libpcap, the well known Unix capture library. These functions allow to capture packets in a way independent from the underlying network hardware and operating system." I use this everyday on my development systems (Ima codemonkey) for special protocol issues dealing the BacNet protocol. Kinda like the arqument for the use of p2p for piracy. I use a p2p "waste" daily but not for nefarious reasons.
*--- Sometimes a majority only means that all the fools are on the same side. ---*
Some spyware company sues over this piece of software hindering it's ability to provide advertising to it's customers by unfairly identifying it as spyware.
I can see it now: "Our customers want popups to have a better understanding of their options as they surf the net. They agreed to the terms and conditions of our software, by M$ removing our software and lableing it spyware they have defamed out company, our product, and cost us a boat load of cash. Er uh and OJ didn't do it!"
MS has always had a vested interest in making it easy for spyware to get into their browser/OS. They call it "a vibrant third-party market for user-experience-enhancing browser extensions", though. You can see it in the ambiguity in their term for spyware - "Potentially Unwanted Software". A lot of spyware gets into Windows through the "front door" via browser help objects, not through exploits.
The real problem here is that MS will now have to have a list, blessed by them, of whose browser extensions have acceptable behavior and whose don't. If the list is too loose, they'll piss off consumer advocates and the Windows cogniscenti; if it's too tight, they'll piss off their developer community.
To a Lisp hacker, XML is S-expressions in drag.
I went through a trial run using "Microsoft AntiSpyware Beta1", "Ad-Aware SE", and "Spybot - Search & Destroy". I, of course, did all the proper updating prior to running the full system scans, including getting the latest definitions. Also, of course, I didn't allow any of the apps to actually fix anything. The results were surprisingly underwhelming (Screenshot).
Ad-aware found 10 objects which it deemed "critical" along with 21 which it called "negligible". The 10 critical ones were all tracking cookies from ads on websites I'd visited before.
Spybot Search & Destroy found five problems which it called "Data Source Exploits", which simply related to Internet Explorer settings being set to a level which is possibly insecure.
However, Microsoft's Antispyware application found only two registry entries (which neither of the other programs detected).
I think all of these applications are probably pretty good about getting the really Evil Stuff (which I had none of, so I can't profess to know truly how good these things work).
With all these applications, I think the one you'll find works the best is the one that thinks more closely along the same lines as you as far as what you call spyware.
Downloaded and tried it out. Tried installing common spyware such as Lop, Webhancer, VX2, etc. Caught all of them upon infection with its security service.
I use the original program that this is blatantly ripped from at work on a regular basis, and it works amazing. ( www.giantcompany.com ) But what I find interesting is whats been removed in this beta. It seems MS took out the feature in the original that allows you to patch possible security holes in IE, such as certain activex controls. Another feature removed from the original is the ability to list all processes on the PC, and kill those PID's. It seems to me that MS is trying to jump into the anti-spyware foray, but not make it obvious by putting in their own product the ability to close holes. I'll definately be using the MS version . I'll stick to the last known ver from giant, more useful. Makes me wonder what else was taken out...
Is the new MS AntiSpyware effective against Bargain Buddy? I've been battling this gem of a program for quite a while now (second-hand). It looks like the only option I have is to dig into the registry and I'm reluctant to advise my boss to do that. How is Bargain Buddy not a virus?
Microsoft selling antivirus/anti-spy/ad software is like those street people in the Bronx who throw muddy water on your windshield so you have to pay them to clean it.
Unlikely. MS is not in any way threatened by AdAware or Spybot. AdAware and Spybot have helped MS by making it possible to clean spyware off of a Windows machine.
However, the fact that spyware is such a problem gives both IE and Windows a bad reputation for security. This has partially led to the rise of Firefox in the mainstream consciousness, and has also lead people to think about switching to Linux or OSX for their desktop OS. Therefore, MS is trying to build their security rep back up.
How long will it take MS to update their definitions for new spyware that comes out? 1 week, 1 month, 1 year?
I'm not a doctor, but I play one in bed.
Just like the subject says. I installed it on a WinXP Pro SP2 machine. I started it, ran a scan. Interesting that it thinks RealVNC is spyware... I can understand why, but it felt like overkill. The real issue: while the MS anti-spyware was running (realtime "protection"), PopFile, my favorite spam catcher was all whacked out. It would grab e-mail from the server, but pass blanks to MS Outlook. Take the MS beta out of the equation, and everything worked. Put it back in, and presto! Popfile is FUBAR level 3. Back to Ad-aware.
Just thought you'd want to know.
So if Microsoft or various partners want to keep an eye on your pc habits, they can just install some spyware through an automatic update, and their anti-spyware software won't find it.
How cool is that ?
Even if it was spying for the government, its not exactly fair.
I'll stick with ad-aware thanks.
Well, when the goons show up, it should prove interesting: I downloaded it onto a Fedora box for my friends who don't have DSL connections.
This just will not fly with customers. Paying to fix problems caused by bugs in an OS the customer has already paid for ?
The reason the program expires is because it is beta. They don't want you using beta version after it is officially released.
$VNC ne "spyware";
Sorry to be redundant but VNC is NOT spyware.
Other than that the jury is still out on how good this product is.
To its credit, it did find 3 instances of spyware / adware missed by Spybot and AdAware.
The word "pus" means is some Spanish-speaking countries (like Mexico) that yellowish liquid that an infected wound segregates. i.e. If you have "pus" in a wound, you have an infected wound.
PD: sorry four my loussy English.
Windows XP SP2
....
IBM T42 Laptop
After installing this beta, *all* of my network interfaces (Wired Ethernet, Wireless Ethernet, Dial Up) were messed up and none of them worked.
The system also became unstable and wouldn't shutdown on its own.
Uninstalling the software did not fix the problems.
I had to use System Restore to go back to yesterday's checkpoint.
I will stick with SS&D and Adaware for now
AC
Browsing using its "Advanced Tools" and looking under Window's Shell Execute Hooks you find an !! next to Microsoft.AntiSpyware.ShellExecuteHook.1
The !! means that it is unknown to the program. It is pretty funny that the program cannot recognise itself.
Relax it is beta software.
is it Windows Spyware or Microsoft Spyware, Will bill gates ever make up his mind?
this copy will expire 7/31/2005
Welcome to Microsoft SpyNet!
funny that you should say that, that's what I just did.
Speak for yourself.
The same thing happened to me. I thought I had really killed something.
But does it catch Microsoft spyware? Or is this the wolves watching the chickens.
Yes this happened to me as well. im glad someone else noticed this.
I'll just use my special getting high powers one more time...
Egad !
.INI files not BOTH. This is not to mention the other myriad way apps can get themselves loaded (via auto executed scripts etc.etc.) That way a user may have a chance of finding exactly what will get started and will have a cat in hells chance to stop these bastard spyware apps starting.
.dot files/directories ? What's wrong the excellent idea of a "home" directory ?
Microsoft are relasing anti spyware ? has the world gone mad ? Why don't they just fix their damned OS so that:
1 A user can see ALL running processes (NO exceptions) with complete information as to which file the bloody code was loaded from.
2 Give the user the facility to terminate ANY running process(es) they choose regardless of whether it wishes to close or not and regardless of what state it's in.
On this note they should mark their system services as being system services, document what they're called and what they do and then don't let third parties interfere with them (published file names, published checksums etc.) No more bloody "generic host" services either thanks.
3 Make sure applications are started in a consistent manner. i.e. Everything that is run at startup or login gets started either via registry entries or via
In fact on this note why are a users "application settings" in a different directory to their "documents" directory (i.e. "Documents & Settings" and "My Documents") Why aren't all a users settings in one place ? What's wonrg with hidden
In other words they should FIX THEIR FUCKING O/S instead of trying to paper over the gaping cracks.
Oh nurse, pass me the tablets.... Anyone who uses this is a moron. I hope it comes with spyware built in. I really do.
This is as bad as Ford making cars with razor blades in the steering wheels and then offering to sell you some thick leather driving gloves......
Sky subscribers are morons. They pay to be advertised at !
I think that the companies making the spyware DO potentially have a case against microsoft. They tried to get around it with a EULA that puts the responsibility in the hands of the end user. The ensuing (no pun intended) court cases may actually bring the validity of a EULA to the forefront -- How many people actually read them anyway? That one may be a loser, but more importantly: Who exactly is authorized to enter into a EULA? Does your 5 year old clicking YES to a popup make you legally responsible for the terms of the agreement? What if you didn't know that Party-Poker was even installed on your machine? I know that my grandma would probably run into these issues, and anyone else's grandma who lets their grandkids use the computer would too.
Speak for yourself.
New and uneducated users buy Apples for looks, not for the OS.
Murphy was an optimist.
Thanks, but it means the same in English.
Just a Tuna in the Sea of Life
Shocking - they don't seem to support DOS based Windows (9x and ME) even though there are arguably millions of infected consumper PC's. WinME boxes aren't THAT old.
If you are going to try and tear down MS, please at least use accurate information.
1. Windows 9x and ME are NOT DOS Based. The latest version of Windows that ran on top of DOS was Windows 3.x
2. Windows ME does not even support DOS applications, which was one of it's bigger gripes.
If the spyware could be removed by dragging it to the recycle bin, would Microsoft be legally required to remove the ability to delete any files from the OS, because it could potentially allow a user to violate an agreement with someone else?
Don't blame me; I'm never given mod points.
1998 called, they want their jokes back.
Did anyone else with Windows 2000 notice that it asked to close Windows Messager Service when they first ran it?
I ran the beta1, it found VNC and WinPCap, recommended that I ignore them, which I did. Then it took about 5 minutes (much of it with a frozen window) to report the results to "SpyNet".
Are there enough slashdotters running Windows to bog down the servers? I thought we were all running Linux?
Oh, and it reported "Microsoft AntiSpyware has removed spyware from your computer.", even though it (I hope) didn't remove anything.
-Anonymous Phil
I'm not a fan of spyware or DRM, I'm just saying that the courts might be.
Speak for yourself.
And they know nothing about Linux.
(As in, they're lucky to not have to ever work with that fucking piece of bloated shit.)
From Blocker3
The BETA Version is free for the testing. After the 90 Day Trial, Microsoft will Charge a $99.00 Licensing fee, per year. Updates will be available for a subscription fee of $45.00 per year, and will include any new variants of spyware. This will only work on legitimate versions of the "Licensed" OS Software.Later in the discussion Blocker3 mentions this as a result of someone else mentioning contrary information concerning it's status:
I am Team Leader for the Microsoft software development team on this project.
Thought you all want to know.
I ran it, and it told me that VNC was a "moderate to serious threat", and eMule, an open source P2P client, was an adware bunder. I can't comment on it accuracy with real spyware, but if it is going to bring software politics into it, warning me to get rid on non-Micro$oft supported software, I don't think I am going to run it much longer.
I imagine there will be a free version for home user and a corp version with extra features like scheduling, centralized updating and centralized reporting and Active Directory intergration.
Well, does it run on my Linux system?
And now we are going to trust them to make anti-spyware software that DOESNT GIVE THEM AND THEIR AFILLIATES A BACKDOOR? O_o Sorry but no.
Who mentioned Linux? My point was that your average computer-uneducated Joe doesn't really know what Windows is, or that computers are sold without it. People who don't know any different buy Apples and try to run Windows apps on them. It has nothing to do with Linux.
Murphy was an optimist.
Well, that is true, I bought Mac OS X for the price and because it has UNIX at its core. But I am neither new nor uneducated.
Suprisingly good utility. Found stuff that both Adaware and Search and Destroy did not find! Is MS getting better?
I feel fantastic, and I'm still alive.
Hopefully that can be protected against, too... I'm not sure how it's configured in the Registry, perhaps they already encrypt it, but if XP can decrypt it to verify, then someone can debug while it does so...
I feel fantastic, and I'm still alive.
Not to mention that according to the EULA the maximum amount you can collect for damages from effects of the software is $5.00! That's so low as to be an insult. They might as well have said a penny and left it at that.
Have people beta test commercial software for free... BRILLIANT!!!!!
Distribute said beta anti-spyware software with windows updates.... BRILLIANT!!!!!
Hook clueless users on our anti-spyware software... BRILLIANT!!!!
Sell the software as a subscription.... BRILLIANT!!!!!
Sell advertising company's the ability to have us take their software out of our spyware definitions.... BRILLIANT!!!!
with apologies to Guinness
Anyone else notice the SpyNet Anti-Spyware Community? "SpyNet uses industry standard security methods to link thousands of personal computers, like yours, to the world's first anti-spyware network"...
Sounds spooky to me...
You forgot to mention Bob
Anything MS can do to make their products less vulnerable to this sort of malware is a good start. Spyware and Viruses have been a huge black eye for MS's "security" image and it seems that they genuinely want to improve this. SP2, lame as it is, is still an improvement. They were magnanamous enough not to charge for SP2, so I doubt they'd have the unmitigated audacity to charge for it. We all like to see pie on Redmond's face but ultimately we pay for it when our friends and family call us to clean up the mess.
I might know what I'm talkin' about, but then again, this is Slashdot...
What really pissed me off was that I was using WindowsUpdate v5, which was pretty slick, but the beta worked fine in Windows 2000, it could handle some things that v4 couldn't.
After XP SP2 came out, I found that WindowsUpdate v5 for w2k was canceled, I had to go back to v4.
It's obvious that they just didn't want to give anyone the benefit of using a better service on an older OS.
That's the sort of shit MS pulls that makes me not buy or use their products.
Apple has pissed me off pretty well too, mostly involving broken promises with OS features and shady enterprise support. I work at a place that upgraded to OS X 10.2 for the AD integration features, but it wouldn't work at all in our environment, 10.3 works adequately, and whenever I have even a minor gripe they tell me to buy 10.4, which isn't even out yet.
That's somewhere where Linux shines. I always seem to get what I expect, because I don't think lines like 'added fixes for sk98lin enet driver' in the kernel changelog are ever outright lies, and my expecations are lower in the 'lower because I expect realistic features in this timeframe' way.
"Sometimes, I think Trent just needs a cup of hot chocolate and a blankie." -Tori Amos on Nine Inch Nails
The validation (official name for it is "Windows Genuine Advantage") is only optional until MS is fairly confident that it works.
This isn't just idle speculation, I'm an MS "support engineer" (heh).
Interesting that I have Microsoft's Windows 2000 resource kit tools on my machine and the tool remote.exe gets reported as Cyanure (RAT) by Microsoft AntiSpyware...
Why should we hope for good PR for micros~1 from a smokescreen they're using to hide a complete contempt for their users' security? They're taking the hard hits because they deserve it, and much more. This is just another example of micros~1 trying to treat the symptoms rather than the cause long enough to outrun the bad press.
The Farewell Tour II
...is to see if it remove "Avenue A" that MSN wants to keep installing.
Sure it does. It just doesn't easily boot into DOS. The interesting thing about ME is that it's the last Windows that runs DOS apps smoothly. In contrast, XP has a clunky virtual machine that fails on a large amount of programs. Such as Quake, for example.
I regularly run DOS applications in Windows ME - not surprising really since it is just an upgrade of 95/98. What it does not offer is an easy way to boot into MS-DOS. The only way to do this without patching the OS (as far as I know) is to create an "Emergency Boot Floppy", delete most of the stuff in autoexec.bat (on the floppy!) and boot from that.
up in arms that this is yet another move, to take over yet another area of software which MS currently has no control over.
And if MS Control spy ware and Antivirus then they can set the precendence for what will be spyware and viruses !
how come this is released and no one is shouting blue bloody murder yet ?
or are the Anti Virus Share holders waiting for the big fat cheque to just go away in quiet ?
And thats why Firecrackers and kittens don't mix.
I remember hearing about that 'deal' a few years ago...likely on /. too.
I wonder how long SpyGlass (right company?) was to be paid a percentage of IE sales? If it was for perpetuity (not likely), then they may have a case that it's a product for 'sale' when the new version of Windows ships as IE is no longer freely downloadable...?
-Ben
Firstly, it should be noted that the release is only a beta version, not a final release. That might explain the bugs.
No. It's a Microsoft product - that explains the bugs.
I installed Giant - er, um - Microsoft AntiSpyware on an otherwise "clean" system (no Spybot, no AdAware, AntiVirus disabled during install, not online, etc.). When I run it, I get the bullseye icon in the systray but that's it. No dialog boxes or windows appear when I run/open the app nor the update. However, when I Alt-Tab, I see an interesting window titled "gcasDtServHolder" with three mini-bullseye icons and five buttons named "systrayhide," "systrayshow," "systraynormal," "systrayscanning" and "systrayupdating." This appears tied to gcasDTServ.exe (AntiSpyware Data Service) ... which appears tied to the system tray. Hmm.
All I know is I used the Giant version a while back and had no problems. I'm at a loss as to what's up. (Please don't tell me I'll have to reinstall Windows! Ugh.)
- Rob Wilco
Cheers,
-- RLJ
FYI - I know most of us don't read them, but... The license agreement clearly states that the product is a beta, will only run for a limited time, and may or may not be a commercial product for which they will charge.
Try this:
1) Add searchsquire.com and redv.net to IE's "Restricted Zone" list and to IE's "Always Block" cookies list.
2) Now, run a full scan of Microsoft's AntiSpyware Beta1
Notice anything? It wants to "Remove" your entries above! Personally, this is counter-productive.
I do not see MS losing a huge market share anytime soon
It is not necessary for Microsoft to lose huge market share in order to hurt the company a great deal. Even losing a small amount of market share will cut Microsoft's revenue growth to nothing and send Microsoft stock into a tailspin.
The increase in TCO due to this latest "get them coming and going" scheme will be just the thing to push the next large batch of Microsoft users over to more reliable alternatives like Linux and Apple.
When all you have is a hammer, every problem starts to look like a thumb.
I download the program and tried to install it. I use Firefox as default browser. The software said it wouldn't install unless IE 6.0 was installed on the computer.
Running my own PC repair business, I spend 90% of my time cleaning up and updating clients PCs. I study the subject of malware, spyware, scumware etc. everyday to stay up on the latest topic. I was ready to purchase the Giant Anti-Spyware product just before M$ snatched up the company; all 12 employees! A couple of months previous Eric Howes ( graduate student of UI, I believe) ran a effiency test of Anti-Spyware products both free and commercial. He used captive machines off line, infected with a known bunch of infected files and rated them accordingly based and what they detected and removed. To my surprise, Giant's package rated at the top. What made this more eye opening, was that what Giant was picking up was what AdaWare & SpyBot missed. These results were posted on the Anti-Spyware website: http://forums.spywareinfo.com/index.php?
Same here but I d/l from a Slackware box using Firefox and just skipped the validation... of course it wont run on Slack...maybe next year.
In contrast XP looks like a streetcorner crack whore.
. . . it flagged winpcap (from my cain & abel), tightvnc (from my vncpush dir), my installed realvnc, and a true spyware. The default action for the first 3 items was 'ignore', and the spyware default action was 'remove'. Not bad. And I forgot about tightvnc, so that made me paranoid for a moment. And it gives a good explanation of each item it finds, ala Spybot.
When it removed the spyware, it then reported _all_ the items (ignored or removed) to the 'spynet community' (I had opted in for that).
Then it offers to restore some default IE values in case of 'hijacking'. Not surprisingly, it doesn't mention anything about disabling activex in its activity (but it was already deactivated).
Why as an uneducated consumer would you choose a Mac over a PC? If you're uneducated I would expect you'd be basing your decision on what you see on the shelves at CompUSA, which as we know is virtually all Windows.
I'm not trying to flame you, just curious why you think an un-educated (aka un-informed) consumer would choose what is easily perceived as a niche system.
anyone that has WinPCap on their box and doesn't know exactly what it is and why it's there is infected with _something_.
remember, users choose to have this thing remove something. It doesn't just blow winpcap away. If you see winpcap in the list and say "duh, i do network traffic analysis on this machine, i need that", don't click remove.
otoh, if winpcap has been installed so enable some sort of nasty ddos packet crafting, it should be removed. The average user has no need for it.
My opinions are my own, and do not necessarily represent those of my employer.
I mostly agree with you but to some extent, free programs like AdAware and Spybot have exposed people to free software. If these users do a little more research, they start seeing alternatives to the Microsoft world and other commercial products. Once a user is comfortable with Spybot, how long till they try FireFox? One can almost see a slow acceptance by home users to open source software.
edonkey2000
kazaa lite
tightvnc
Atleast it labels tightvnc correctly as a commercial remote control. The others are listed as adware bundlers.
This is a sad day for computing. Microsoft is going to leverage their monopoly in yet another area.
A few weeks ago one of my home PC's became infected with Spyware after my daughter installed a malware ActiveX control from a website. I installed Spybot, SpywareBlaster and CWShredder and cleaned up the PC (took several "safe mode" reboots). Everything looked fine until two days ago when we started getting pop-ups and search page redirects in IE. I ran Spybot and found a bunch of new spyware that had been installed with a game CD my daughter got in a grab bag at a Christmas party. After some research I found out that eGames included (and possibly still includes) spyware on their game CD's. Needless to say the eGames product is removed and the CD is in the trash (My daughter didn't like the game anyway). :-)
I'll admit that browser protection is the most important but don't neglect real-time scanning to catch the spyware that shows up in shareware, freeware, and even commercial products. One nice feature in the new MS AntiSpyware program is the automated nightly scan. I'll be installing the MS product tonight on the home PC.
"We make our world significant by the courage of our questions and by the depth of our answers." Carl Sagan
"micros~1"
dude you are cleverest 13 year old boy evar! i masterbate to your coolness
It does its job pretty well... however someone overlooked one small tiny problem! When booting to Safe Mode, the user's screen is sometimes 640x480. The program is designed to run under 800x600, which creates quite a nuisance, trying to reach the "continue" button at the bottom of the window.
-Palal
1. dump windows and use another os like linux 2. use firefox 3. install spybot and/or other anti-spyware programs if you can't do any of the above: 1. don't go to porn sites 2. don't connect to the net
It also picks up some of the registry entries for emule as belonging to edonkey, and says that this is spyware.
Edonkey is spyware, and the registry entries that make ed2k:// links work are much the same for both, but you would hope that it could tell the difference.
Not when the spyware is illegally installed.
There is some legit spyware and by golly it isn't removed by the likes of Ad-aware and Spysweeper. Notice I didn't mention Spybot (search and corrupt). The illegal and/or morally wrong applications that install without your consent will not stand in court if they try to sue Microsoft.
Wow, I ran this right after Spy-Bot -and- Ad=Aware, caught 7 more entries that weren't identified by the 2 previously mentioned (yes, they're all updated). This just raised one of my eyebrows 3mm higher and allowed me to let out a soft-yet-audible "hm?". Looks promising.
I'm a signature virus. Please copy me to your signature so I can replicate.
My comment implies that as an uneducated consumer, I'm looking for alternatives to Windows. The implication isn't very apparent; see parent.
Hades, PoD: Official Advocate
Gator / Claria sue people who call their program spyware "because even though it does spy on them, they agreed to it".
It would be much more diffult to sue for calling it potentially unwanted software. People might potentially not want their copy of Gator any more.
Indeed the same could be said for Microsoft Windows.
"Potentially unwanted software"
seems fair enough.
beat me to it!
I took a stab at it, gave it a go, and a writeup.
I decided to blog rather than post it here, so I can edit/modify corrections as necessary.
Microsoft AntiSpyware, a first look
I'm personally disappointed. I see signs of bad policy more than bad software.
The above in all likely is pure FUD.
So while I've been a huge fan of spybot and adaware, I did want to give Microsoft AntiSpyware and it's clever name a chance. I spent all morning downloading P2P programs, visiting casino sites and even clicking the mass of popups saying I had spyware and I should download their spyware program(which effectively put more on). As of this morning this was a fresh install of Windows XP with all the updates installed, by the afternoon it was taking 10 minutes to boot the thing up and almost impossible to navigate the internet without a dozen popups. I ran both the smart and full scan of Microsoft Anti-Spyware and it came up with around 7,000 items. Just under 6,000 of them being registry keys and just over 1,000 being spyware infected files. I held off on removing them so I could see how spybot and adaware held up against it. Adaware was not able to finish any type of scan, it would freeze or crash. Spybot found 170 problems. I opened the MS program back up and let it clean the spyware. I was then able to do an adaware scan afterwords and found an additional 117 problems. I'm impressed with the amount that the spyware the microsoft product found. Although buggy(as expected), it seemed to be pretty effective. I don't know what they are doing different, but they are doing it right, even if it IS microsoft.
- Profit from domination of OS market. Build huge piles of cash so you can make lots of mistakes without going out of business.
- Realize there's this thing called the World Wide Web that's all the rage, and you don't have any support for it.
- Meanwhile, more profit from your OS and application business.
- Hurriedly buy license for Mosaic web browser, relabel it Internet Explorer. Add a few lame features, then start giving away the product to destroy all competing browsers.
- Meanwhile lots more profit. You have to pay out a lot of money in lawsuits and antitrust cases, but it doesn't even make a dent in your cash flow. In fact, all that unspent cash is beginning to be a problem...
- Add tons and tons of features to your web browser, because, like all geeks, you love features, and because it helps you look like you're actually doing innovative tech.
- More profit, as people give up using anything but Windows on their desktop. This trend was well underway before you got into the browser business, but now that your mutated forms of HTML and your proprietary scripting and "active object" tech has become de-facto web standards, people move to your platfrom even faster than before.
- Spyware and adware authors start exploiting all the security holes you left while you were going feature happy. You start issuing security patches, but many of these patches have their own holes and bugs.
- More profit, even though more and more people are mad at you. Despite constant complaints about your screwups, nobody knows how to retool their infrastructure to do without your products.
- Your patches on patches on patches situation reaches critical mass. You start slowing down the patch process to get it under control, but that only makes people more antsy, as they face problems with no official fixes.
- More profit. By now your cash reserves are so out of control that you have to resort to the obsolete practice of paying your stockholders dividends.
- Your release a megapatch months behind schedule, only to find that lots of people can't even install it. You innocently suggest that they just buy new computers, but too many people find that joke in bad taste.
- More profit. Further explanations are pointless. It's just a law of nature.
- You dip into petty cash and buy an anti-spyware company. You give away their product as a "beta" (even though the product went gold long ago) hoping that the freebie will save what's left of your reputation.
- ....
- Profit!
- ....
- Profit!
You get the idea.I am running the beta of Messenger 7, and AntiSpyWare detected "Messenger Plus!" as spyware and says it is not to be trusted.
I have not installed any additional Messenger add-ons to my PC, so this must have come bundled with the beta.
Strange thing happened yesterday at work...all the copies of GIANT anti-spyware suddenly decided that the subscriptions had run out and it was time to pay (Microsoft) more money to keep up to date.
If they update this program as quickly as they post things to Windows Update, it will be completely useless at stopping anything within a year.
How am I supposed to fit a pithy, relevant quote into 120 characters?
I suspect that most "home users" have no idea what open source software is.
Defecation occurs.
Heh...as if Microsoft could guarantee stability otherwise.
And the l33t shall inherit the 34r7h.
For home PC I use open source and freeware wherever possible on XP PC.
It's triffic.
Thanks people behind Mozilla, Firefox, AVG, Ad-Aware, Spywareblaster, Spybot S&D, OpenOffice (and free versions of StarryNight cheers) for allowing reasonably stable, fairly secure and fun computing on a minimal budget.
I get asked to set up PCs for family & friends so they get to know open source because that's what's on the desktop from day one.
Suspect it's not that uncommon.
I went to run a scan and it said:
... Looks like Clippy the grammar wizard was on the blink!
"Less then 29 minutes".
Should be:
"Less than 29 minutes".
Way to go
http://shit.slashdot.org/article.pl?sid=05/01/06/1 521206
You got that right. Its about time they did something. Talk about TCO. Think of the amount of money spyware ridden Windows machines have costed end users and businesses to repair.
You don't actually work in this part of the industry, do you? In a corporate enviroment, the user gets the blame if he repeatedly gets spyware on his system. This tends to mean he was browsing external sites, having nothing to do with his job, while using company resources.
Typically, a user who does gets infected once or twice gets enough crap from coworkers and his boss that he will stick to a tighter circle of browsing.
There is also the fact that most of the systems we found infected in my prior group were re-imaged and configured in about 20 minutes.
At my last job: Out of maybe 850 users, we would have maybe 1-2 a week need some spyware help.
The lesson: Being a karma troll is bad business.
MS Antispam doesn't seem to deal effectively with Coolwebsearch.
I've got one on the bench now, with some Coolwebsearch variant (out of 3 today with this particular problem. One went back to the owner. The other's running WinME.) Adaware and Spybot won't touch it, and CWSchredder just dies. Alas, MSAS doesn't seem to handle it any better.
Spyware Identified:
C:\program files\mozilla
C:\program files\itunes
C:\program files\google
C:\program files\real playe...
C:\program files\America On...
C:\program files\Lotus
Click next to remove compeition.. oops.. uhh we mean infections!
But does Microsoft have a monopoly (in the area of operating systems, at least)? One can easily choose alternative OSs, as many have increasingly been doing. And as far as I know, the user agreement for a given piece of M$ software does not promise prompt updates to security risks.
I was kind of surprised when Microsoft AntiSpyware might think that it was a threat itself!
http://www.bsom.org/posts/spyware.html
investors can live with little or no growth in revenues in a mature company that dominates it's market, earns $40 billion a year and remains debt-free with $50-$60 billion in liquid reserves.
if the tech sector remains weak, you bet on the companies best positioned to weather the storm.
Does anyone else notice how incredibly similar this program looks compared to "Counterspy"?? Maybe they have some sort of license or something but still caught me off guard.
Screenshots of counterspy (you have to click the links to see the shots).
Did you see the video?
Let me quote the narrator:
"I'm learning the hard way so you don't have to."
-actually your users learned the hard way and MS just now got around to doing somehting about it.
"...so on my how dangerous is it scale, I give it a medium. It's like having an intruder in your house."
-Medium ?!? An intruder in your house a medium! I'd like to know what they rank as "high" and "low".
Bank accounts, Credit card information, Heck it would be possible to hijack a computer remotley and use it for illegal activities then make it appear that the owner of the computer was responsible for said actions thus sending the computer owner to jail. Now that probablly doesn't happen a lot. But I'd rank it a little higher than Medium!
--- Disclaimer ---
REMEMBER -- THIS IS BETA SOFTWARE, the first beta of a product that was just recently acquired by Microsoft, and cannot be expected to be anywhere near perfect. I reserve my judgment of the effectiveness of this software until it is released to the public in non-beta form.
The following results may not be very common. I use Firefox and several anti-spyware products on both computers I tested, so it's no great surprise that Microsoft AntiSpyware didn't find much.
And yes I posted this to Microsoft's beta forums.
--- Disclaimer ---
On the first computer I tested, every single one of the 7 "spyware threats" detected was a false positive of some kind.
The file c:\program files\winfingerprint\uninst-wfp.exe is not related to KaZaA - it's the uninstaller for winfingerprint (http://winfingerprint.sourceforge.net/). The default action was Ignore, so AntiSpyware Beta1 would have left it alone, at least.
The supposed "StartNow Hyperbar" infection is actually LANguard, which was legitimately installed. The LANguard objects should NOT be listed as StartNow Hyperbar objects, but should be listed *separately* as an Enabler, if at all. The recommended action was Remove, which would have permanently removed 4 registry entries for LANguard. The four entries are located in HKEY_LOCAL_MACHINE\SOFTWARE\cLASSES\clsid\{3f2bbc0 5-40df-11d2-9455-00104bc936ff}
What Beta1 detects as SearchSquire is NOT Adware; it's Spybot - Search & Destroy's immunization AGAINST SearchSquire. Two registry entries in HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Internet Settings\ZoneMap\Domains\ (one was "searchsquire.com" and the other was "searchsquire.com * 4"). Recommended action was Remove, which action removed the IMMUNIZATION that Spybot-S&D had made! (I verified this: After removing these entries, Spybot had 1 protection disabled. I reenabled it in Spybot, ran the Beta1 scan again, and it was found again. I allowed Beta1 to remove it again. This time I did not reimmunize with Spybot, and the Beta1 scan came up clean.)
WinPCap ("Enabler") is legitimately installed, as is RealVNC ("Commercial Remote Control"). Both were detected as spyware threats, although the recommended action was Ignore, as it should have been.
Beta1 called a "Host [sic] file redirection of 0.0.0.0 ads.auctions.yahoo.com" a "Possible Hosts File Hijack (Spyware)". It's not a hijack, although I've seen Spybot do similar things with ad-disabling hosts files. This Hosts entry was installed by myself on purpose as part of the ad-blocking hosts list from http://someonewhocares.org/hosts/zero/ . The recommended action was Remove, which simply would have allowed ads from that site (not a big deal).
Finally, and this one is definitely grounds for a debate, Beta1 detected "Kontiki (Browser Plug-in)" as a threat and recommended to Quarantine it. This is backwards from what the information in the right pane suggested; it said it was not spyware, but strongly recommended that I read the EULA for the software. There was no EULA in the Kontiki folder (c:\program files\kontiki\) so I did a Web search for it. I found something interesting. According to this page...
http://help.kontiki.com/enduser/group.jsp?node=1 90 6
"Note: If your anti-spyware program continues to list any Kontiki programs as spyware, even though you have the latest updates installed, please Notify Kontiki Support at support@kontiki.com, and include the Name, version, and release of the anti-spyware program. We will attempt to find out why they have listed Kontiki programs as 'spyware'."
Also from the Kontiki page:
"The Delivery Manager does not do an
Dude, not even WinME supports WinME.
You can say that about anything Microsoft. So we must conclude, dude, that not even M$ supports M$. Good money after bad, I say.
Friends don't help friends install M$ junk.
> The lesson: Being a karma troll is bad business.
I'd like to see how you come to that conclusion.
You fallaciously (inadequate sample) "disprove" an argument with your points, and then draw a conclusion that has nothing whatsoever to do with your arguments. (non sequitor)
Maybe you should run for president.
You fallaciously (inadequate sample) "disprove" an argument with your points, and then draw a conclusion that has nothing whatsoever to do with your arguments. (non sequitor)
Is this your way of saying you were unable to understand very watered down grammar?
Do they have a case against Microsoft if they make changes to their dominant OS that intentionally break spyware?
Lots of people say yes, I would say no. That's like saying that the government shouldn't prosecute conmen because they make their living by cheating other people out of their money.
investors can live with little or no growth in revenues in a mature company that dominates it's market, earns $40 billion a year and remains debt-free with $50-$60 billion in liquid reserves.
Not when it has 11 billion shares oustanding and a P/E over 30.
When all you have is a hammer, every problem starts to look like a thumb.
Then they'll have to release spyware-removal software for their spyware-removal software for their spyware-removal software for their spyware-removal software for their spyware-removal software for their etc...
--- Yx3 = Delilah ---
you are teh b3st sp3llar evar! maybe you should try masturbating to your own coolness from now on
The Farewell Tour II
However, if Microsoft doesn't release anti-spyware technology at all, they're reliant on others to do so, and they get hit by the accusation that that have crappy security.
This is the sort of reason why some have argued that MS should be broken up into a company that makes the OS and is prohibited from making any other software, and a company that makes all the other software. I used to think that it was a very extreme move, but given the conflicts of interest within the company, the idea isn't looking as bad as it once did.
This does not play well with Cygwin. I had to turn it off.
Win9x and WinME *ARE* based on DOS.
Just because you don't have to type WIN at the C:\> prompt doesn't make it not DOS based.
What underlying OS do you think Win9x/ME is based on?
...yup...
I downloaded and installed the program. It ran well and removed some spyware that Ad Aware and Spy Bot had missed. HOWEVER it ate my Firewall ... I could not re enable the firewall . So I uninstalled the Anti Spyware Program did a System Restore and got my Firewall back.
Hope they fix this little bug in the next release..
I've updated my screen shot to include a better view of when the MSAntiSpyware feels it might want to remove itself.
And IIRC the most blatant was in the Windows 2003 SBS that had an expiry date built in (for the beta) that they did not remove in the Gold version.
From the included help file:
"A valid Microsoft AntiSpyware subscription is required for you to continue to receive spyware definitions. Keeping your subscription current helps keep your spyware definitions up-to-date. New spyware definitions are released as new spyware is discovered."