Slashdot Mirror

← Back to Stories (view on slashdot.org)

Review of Microsoft's Anti-Spyware Tools

Posted by michael on from the better-than-nothing dept.

happyslayer writes "Matthew Fordahl has written a review of Microsoft's anti-spyware tool and has declared it, in a word, 'ineffective.' Though the methodology isn't carried out completely (he uses another anti-virus program after trying MS's tool, but doesn't do the same with the anti-spyware tool), it's a fairly good anecdote on the MS product's usefulness."

5 of 385 comments (clear)

  1. Actual conclusion by wmspringer · · Score: 5, Interesting

    From the end of the article:

    Overall, I was more impressed with the antispyware program's protective measures and simple interface than with its ability to cleanse existing infections. Still, Microsoft seems to be on the right path to fixing the mess caused by the careless users, malicious programmers, unethical companies and vulnerable software.

    --
    Twenties Retirement
  2. Wow. Anecdotal Evidence! by Frennzy · · Score: 5, Interesting

    This is great news!

    Is someone at /. intentionally trolling?

    I can tell you that I had to clean a machine today that had 56,000 instances of 'Claria' (GAIM aka Gator)

    Ad-aware missed them on the first pass...so I used MSAS, and it caught them all. And removed them. Successfully. (whereas Ad-aware would have just quarantined them).

    I know I'll get roasted for this obvious 'fanboi' ism, but remember, MSAS is actually still GIANT, who they brought it from. (check your process names while running it...you'll see)

  3. Operator Error by SamMichaels · · Score: 4, Interesting

    The author is ineffective at system recovery.

    I tested the programs on a Windows XP computer I borrowed from my wife's cousin. The 3-year-old PC, a Gateway running Windows XP Home Edition, was basically unusable.

    Me too, except this was a customer.

    Error messages appeared when I tried to open the Task Manager, a Windows utility that shows running programs and processes. It refused to load Windows Update, Microsoft's site for downloading security patches and other fixes.

    Those plus the TCP stack was corrupt on this machine...wouldn't renew the DHCP lease. Had to manually rebuild that as well.

    To load Microsoft's Malicious Software Removal Tool, I had to get it using another machine, load it on a USB drive and install it manually. (It's usually available through Windows Update.)

    Or you could have just put the executable on a CD with SP2's executable and MS Anti-Spyware's executable. But that would make sense for someone in the system recovery business and we can't have that!

    The tool looks for a limited number of pests, such as "Sasser" and "MSBlaster," so it didn't find the worm, "Netsky.P," that had infected this PC.

    The program was designed to search for a few insanely critical bugs. It COMPLIMENTS your set of tools...not replaces them.

    But bizarre behaviors -- including multiple pop ups, unwanted toolbars and generally sluggish behavior -- continued.

    That's because you're not in safe mode and you haven't stopped the programs from regenerating.

    So I rebooted the PC in safe mode...

    Now we're going in the right direction!

    After rebooting again, the PC continued to show signs of infection, though it did seem less bogged down. Having spent two days disinfecting the system, I broke down and reformatted the hard drive. I then reinstalled Windows XP and all its patches.

    Pfffft. Ineffective computer technician.

    I don't have the option to just backup whatever I feel is important on a customer's PC...they're paying me to recover their system, not pick which files have to disappear forever and cause them to lose all their settings and programs.

    Once again for clarity: INEFFECTIVE COMPUTER TECHNICIAN.

    MS Anti-Spyware has done an EXCELLENT job on every single customer PC. The Malware tools from MS make a quick and easy check during the in-home visit for those REALLY nasty bugs.

    Who is this guy, anyway? Oh wait...

    MATTHEW FORDAHL, AP Technology Writer

    Technology WRITER. Leave the tech stuff up to the tech people and have fun with your little Word.

  4. Re:Found things the others didn't... by norminator · · Score: 4, Interesting

    From everybody's stories about which one ran first, second, then third, and there are always things left over after each one, I'd say that's the nature of spyware removal tools.

    It's been my experience that with the few tools I've tried, there's always stuff left over. Like someone else said, it may be Microsoft's now, but it was a different brand before. I've never had any real problem with malware on my PC's (home and work), but for my coworkers' and family members' computers, I've never really seen any of the removal tools that were 100% effective.

  5. Re:Spyware on Linux/Unix by damiam · · Score: 5, Interesting
    Several straight answers:

    1. Unix users are self-selecting; they tend to be technically competent and less likely to be infected than the general populace.

    2. Unix systems use a wide range of email applications and web browsers, almost all of which have fewer holes than IE/OE. No Unix mail client will execute an attachment for you; you have to save it, enable the execution flag, and then run it yourself.

    3. Unix desktops are not nearly as common as Windows desktops, so there're fewer incentives to hack them. They're also quite diverse; a binary for PPC MacOS isn't going to work under x86 OpenBSD, Sparc Solaris, or ARM Linux, which reduces the pool of target machines for a given virus.

    --
    It's hard to be religious when certain people are never incinerated by bolts of lightning.