Slashdot Mirror
MS AntiSpyware vs Ad-Aware vs. SpyBot
An anonymous reader writes "Flexbeta.net compares Microsoft's new spyware fighting tool, Windows AntiSpyware, to Ad-Aware and SpyBot S&D; the two leading spyware tools on the market today. The review sets up an infected PC using VMWare Workstation and scans the machine using all three tools to see which tool detects the most spyware. Though still in beta, Microsoft AntiSpyware does an amazing job at detecting spyware by finding twice as many infected files as Ad-Aware and nearly three times as SpyBot."
So wait a sec Microsoft's product is actual good?
Signatures are so 90s
To be fair, "infected files" is a rather ambiguous notation (perhaps "malicious packages" would be a better way to count things).
I would also feel better if the submitter hadn't been anonymous. Though it's probably not astroturfing.
RD
Wait.. aren't we supposed to hate Microsoft? I'm confused.
Does anyone else think it funny that the advert at the bottom of this review is for Smiley Central, a well known piece of computer-invading crap?
A latent existence
Microsoft knows what holes they have in the OS better than anyone else. They just don't bother to fix them in a timely fashion because it's not profitable The anti spyware isn't really a change in direction for them if you think about it. They are still applying a band-aid to the problems rather than a real fix.
-"...bad old ideas look confusingly fresh when they are packaged as technology" - Jaron Lanier (Digital Maoism on Edge.o
The Real-Time Protection agent is awesome. It automatically informs you of any changes being made to your current settings; such as if your IE homepage is trying to be changed. It also warns the user if any spyware is trying to be installed.
So it has to be running first. Just what i want my computer to do, run more stuff.
Also, I kinda know when our homepage is hijacked, and this is why i switched to firefox.
Runnin' On Empty
I only took a curory glance at the article before it was /.ed, but I did not see any attempt at analyzing how many of the additional items found by MSAS were false positives. This seems like pretty vital information.
It's kind of like the Mob offering protection services to merchants. They're the problem in the first place!
This kind of protection should already be in Windows, or least, make the OS completely separate from the apps and the data.
You should be able to click on any process running and see complete details as to what it is, why it is running and access it's startup options.
An Ad-Aware/FireFox combination has served my parent's computer well for quite sometime. My father's business exclusively uses the above combination with great results.
Ok, enough of the "MS should do better, they make the holes" comments. If you remember correctly, MS bought this code only a short while ago from Giant Company. About the only thing Redmond has done is repackage and rebranded it.
Entrepreneur : (noun), French for "unemployed"
and apparently their detection of license keys has greatly improved... my key is invalid.
Anyone else have this problem using their obscure key of choice? SP2 installed fine a few months ago.
I don't read or respond to AC posts
They just bought a company and rebranded..
Wait a few generations, then it will be a 'true' Microsoft Product..
---- Booth was a patriot ----
Adaware and Spybot report a lot of cookies. MS's program didn't. On the other hand, the AntiSpyware program found stuff the other two didn't. Total "hits" weren't 2-3x, but I've decided to keep AntiSpyware in addition to the other two programs.
This sig seemed like a good idea at the time....
MS just bought giant AS and rebranded their product as Microsoft. As far as I can tell there's very little change to the program itself beyond the branding.
Giant has always been among the top antispyware products, as evidenced by Failing Grades for most anti-spyware tools so this "MS should know their own security holes better than anyone" stuff isn't strictly relevant. I think MS should foucus more on fixing the secuity problems in IE that are responsible for 90%+ of spyware infections rather than sticking plaster over the holes by buying up anti-spyware solutions. Is this even going to be free when it's released?
Personally I prefer webroot spysweeper anyway, Giant has always generated too many false positives for me.
Wait wait wait! Microsoft is going to charge for their program?
Maybe I haven't been following the story very closely, but that seems like a stupid move. "Our operating system and browser allow this stuff in the first place, now pay us to remove it."
Keeping that in mind, I'll stick with the FREE AA and SB.
step MS has taken in order to help the common user avert infection by malicious developers
:) Medicine has evolved pretty much in the last couple of hundred years you know, so you can easily get pills for your delusions :)
conspiracy to degrade MS software
Good heavens
Well, the ignorance part is harder to cure, 'cause it's more up to you then doctors.
I am putting myself to the fullest possible use, which is all I can think that any conscious entity can ever hope to do.
So this is how they are going to promote their new search engine.
Both Ad-aware and Spybot are popular and estabilished, which means that newer spyware/adware knows them, knows how to hide, avoid them or even completely disable them, even if they're frequently updated. So it isn't surprising that MS AntiSpyware performs better now, but that doesn't tell anything about how it will perform in few months from now.
People who like this sort of sig will find this the sort of sig they like.
The MS utility fonud some Dutch porn dialer that was on my system since 2003. AdAware never found it.
But what wowed me were the useful utilities in the "advanced tools". I was finally able to disable a few annoying system tray icons(totally forgetting how to do it in Win2k). I still can't get the Nvidia driver utilities off, but MS is not to blame in that case.
The tracks eraser functionality goes way beyond a simple "url cleaner". You can clear the document history, etc for TONS of apps. I'm wondering when the anti-MS zealots will be yelling that it will be a useful tool for child pornographers(heh).
The GUI is a bit shoddy. I wish I could keep the heiarchial list of stuff when I'm inspecing the startup apps, etc, and there's no + to collapse/expand. Either way, I love the advanced utilities alone, and could probably clean out TONS of spyware, etc if I run this on my dad's PC.
It really depends on where you work. AdAware and Spybot S&D are two applications that work well and have a proven track record of being legitimate tools to combat spyware/adware/malware. Unfortunately, there are many more applications out there that are either (A) blatant rip-offs of these two legit programs, (B) Spyware disguised as anti-spyware or (C) BOTH.
This is not to say that there are not other legitimate programs out there, but sadly, if it's not on the short list of proven applications it should be scrutinized before it is endorsed.
Among the things MS Anti-Spyware found on my system (which is actually well-maintained, so perhaps not the best test-bed) none was a real hit, they were all false positives.
It even managed to warn against registry settings put in place by SpyBot to ensure a malicious site runs in internet explorer's restricted zone!
Also, it reported with glee that TightVNC is a dangerous hacking tool. I happen to use it to help out people, exactly the kind of people who are likely to remove it if AntiSpyware complains about it (e.g. my mom).
Then a load of DLLs that are actually dummy DLLs shipped with the "lite" version of a (once upon a time) popular ad/spyware ridden app - again, it's detecting its competition!
And then there are the residual files/empty directories/registry settings that adaware/spybot didn't remove some months ago when I tried an app that came with ad/spyware. No active components at all.
Another thing I don't like about it is that it's user interface doesn't scale properly when you've adjusted your DPI settings.
Also, its on-access scanner (for want of a better word) comes with an enormous performance hit, and is mostly concerned with Internet Explorer hacks. Those are a minor concern for me since I use firefox, and besides, Microsoft should fix IE, not ship cycle/ramhungy monitoring applications for it (though that's hardly GIANT's fault).
In other words, I'm underwhelmed.
SCO employee? Check out the bounty
I just attempted to install Microsoft AntiSpyware on a machine from which Internet Exploder had been mostly removed via the utility Win98 Lite. It refused to install, insisting upon the presence of Internet Exploder 6. The machine in question uses Mozilla, with which we're quite happy. It appears that Microsoft is tying yet another product to the use of Internet Exploder 6, probably in violation of the recent DoJ Consent Decree. Will the Bush Justice Department do anything?
Linux will succeed becuase you have many groups contributing to computing some free some not so free but it creates a economy around it of sorts.
Microsoft however cant stand for some reason to be the OS that great things are built on like Linux can and is being today. They try to take their OS and adapt and squeeze out what they consider competition. Then they take the products that other companies make to run on Windows such a Ad-Aware, Norton Antivirus, Lotus Notes and a myriad of other programs out there and try to build them into Windows. Netscape employeed people who designed, maintained, and supported their browser. Microsoft rolled out IE and tied it into their OS sparking a controversy that eventually landed it in court. Yes the consumer has suffered but what about those Netscape employees? Did Microsoft give them jobs making IE better and supporting it? Hardly those guys were muscled out of the marketplace. Now I'm sure they got jobs elsewhere but what and where are they doing things.
This can go for any number of companies that are threatened becuase Microsoft refuses to make windows as good and secure as it can be they only want to add the next cool feature into their OS.
Symantec, Mcaffee, Real, and many other companies employ many good people with ideas and not just the engineers and software hackers, there are secretaries, janitors, and guards that also are employeed and probably buy Windows. Once they lose their jobs becuase Microsoft muscled their company out of business then they probably wont be buying as many computer products anymore.
Thus Microsoft sits there and kills their own bottom lines.
Of course were all eventually damned in that robots and smart computers will replace our jobs. Just look at those poor bastards that are being replaced in the Toyota autoplants here soon. This will spread to all auto makers across the world and it will not stop there. Productivity increases due to these robots will put strain initally on supply lines becusae those humans cant keep up and then one company will pick up the slack by having robots do that portion of the work and other companies will have to do so to keep up.
From there it's basically a self feeding reaction that eventually will nullify every job we have or can move to in the next 50-100 years.
Oh and governments would step up to help you?
How about attaching your claria.exe text file to all your outgoing emails, sending your emails out with a subject of "I'm not selling Viagra , Cialis, or Rolex Watches!!!!" and see what kind of false positives you get from anti-spam and anti-virus filters. It's not a precise science, so I'd expect false positives when you make a concious attempt to fool the program.
That's not to say they can't make it more accurate, but they may be trading off accuracy for speed (filename match rather than file signature). If I was designing it I wouldn't be real concerned with trying to correctly deal with bored users trying to fool our program by renaming their important documents to "claria.exe".
"We make our world significant by the courage of our questions and by the depth of our answers." Carl Sagan
Some of what it detects are definitely false positives. On my machine, it claimed to find registry traces of eDonkey and Grokster, which it says contain adware. But the keys it found were put there by Shareaza, a non-spyware open-source client.
It's hard to be religious when certain people are never incinerated by bolts of lightning.
I second that.
Serv-U FTP Server is appearantly a "Trojan FTP", default action is to "quarantine" in MS's view.
I think we can keep recursing like this until someone returns 1
In any case, I uncheked the "install real time protection agents" option during installation, but after running the scan I ran through the options to see what other features it had. Surprise, RTP was enabled. Oh the irony of MS AntiSpyware behaving in the same shady fashion as Spyware apps. ;)
So if you do install it but don't want the RTP agents, make sure you hit up the options before quitting.
Freedom to fear. Freedom from thought. Freedom to kill.
I guess the War on Terror really is about freedom!
Some of what it detects are definitely false positives. On my machine, it claimed to find registry traces of eDonkey and Grokster, which it says contain adware. But the keys it found were put there by Shareaza, a non-spyware open-source client.
Yeah, it wanted to kill off pieces of eMule, Shareaza and Unreal Tournament 2004 on my box.
Portable versions of Firefox, GIMP, LibreOffice, etc
Yeah works great, I ran it on a client's PC and it uninstalled Windows. :)
Whether you think the anti-trust case was a good idea or a bad one, you have to concede that Microsoft might well have been broken up by now if Al Gore had won the election. Pointing out that fact doesn't make me a partisan.
Again, your memory needs refreshing. MS's dominance of the OS market is pretty much an accident. That actually got into the business against their own will. They wanted to sell development tools for the new IBM PC, but that meant that IBM had to adopt an OS those tools would run on. Which is why they steered IBM to CP/M. When that fell through, they hurriedly licensed a CP/M clone from Seattle Computer Products, which became the basis for MS-DOS.MS-DOS is one of the biggest abortions since the rise of modern technologies (find me a single OS expert who will give it high marks). Yet its very flaws created such a high level of lockin with the PC platform itself -- which was also pretty flawed. Since compatibility soon became the name of the game, clone computers had to reproduce all of IBMs mistakes. And since their biggest mistake was choosing MS-DOS, computer makers ended up paying a tithe to Bill for every box they sold.
But even if you were correct, and Bill achieved his success by technical brilliance and plain good business -- so what? He got his reward when he became the richest dude on the planet. He did not earn the right to destroy the very marketplace that made him rich. Microsoft's role in the current marketplace is bad for all of us -- including Microsoft. Calling me ideological names isn't going to change that.
It also felt the need to alter my hosts file for me. It didn't like the fact that I had "ads.msn.com" pointing to 127.0.0.1 (as well as over 100 other ad domains; the only one it cared about was MSN!)
A preposition is a terrible thing to end a sentence with.
I stopped using SpyBot & Adaware a long time ago.
They're most admirable projects, however, neither are comprehensive.
Often times, you have to run both to try to remove something, and there is still spyware installed.
Neither offers a preemptive system either (filtering web, watching the registry etc)
The *most* comprehensive program I have found is webroot SpySweeper.
It is incredibly thorough, has staff dedicated to finding new spyware strains, the ability to report suspicious files, the works.