Flexbeta compares Microsoft’s new anti-spyware utility with the two leading spyware stoppers, Ad-Aware and SpyBot. They find that Microsoft’s is actually more effective than the other choices, though with the monthly fee for the MS solution, it’s not a clear winner.
It desperately wanted my Oracle Server removed – it claimed it was a serious spyware threat called iMesh. I could have sworn iMesh was a peer-to-peer application, although it came bundled with some ad-ware. Anyway, I feel much safer with this software uninstalled from my PC.
i wonder if the European Union will ask microsoft to remove its own anti-spyware from its operating system, in the same way it did the media player.
some might argue that microsoft have access to parts of their operating system that competing software vendors don’t – and this gives them an advantage in this area. well of course they know the ins and outs of their own os.
small fishy to me. but i’m waiting for the outbreak of worms and viruses and dialer and adware that manage to bypass even this.
we need some competition to microsoft. i’m not saying that linux or bsd or beos is the answer for everyone… but when we have a monopoly this is whathappens. we need a second proprietary consumer OS vendor which works well with x86 and 3rd party vendors.
What has the EU got against MS Antispyware??? The EU was against MS actions to bundle the Media Player with the OS, and AFAIK MS Antispyware doesn’t come bundled with Windows!
PLS check the facts before posting uninformed comments.
Wait…. so Microsoft makes an OS that invites less-than-reputable companies to exploit users through lack of {time, energy, intelligence} to read {EULAs, ActiveX popup information, Dialogs} before clicking “install” on {WebX dialer, kazaa, evidently iMesh}… that’s horrible. So to help these lusers out, they make (buy?) a great tool to remove such unwanted “spyware”… Hooray! …but wait! It’s not distributed through their update service as an addition to their inheritly weak paradigm of an OS, but is had only by charging them money every month for such a service?
For shame.
I still use windows to play games, but I have ad-aware. All the companies MS buys why don’t they buy a security software company & add that to widows?
yep it wanted to remove instsvr which is a ms professon tool kit
some might argue that microsoft have access to parts of their operating system that competing software vendors don’t
Well they can’t really claim that in this case, because the application was written by Giant Software and purchased by MS.
So MS decudes to buy a non-free application and give it away for free to its OS users, I say good.
At least this is better than Apple just writing its own version of watson and dashboard without giving any money or credit to the original company.
It seems like no matter what MS does, people will complain about it.
Either way, the greater progress Linux makes, the more breathing roon MS gets to spend its money how it wants and not be stamped monopoly for it.
dear ms billing dept.,
here’s my bank account: #########.
seriously though.
one annoying thing about windows is the fact that in the end, you’re only using a fraction of the machines capacity since much of it’s being used to scan for viruses, spyware, etc… i have a couple production machines that require antivirus software and it’s unbelievable how much this slows the machine down. even though the machine is built for one job (convert documents to html), it’s company policy because well, it’s a windows shop (and i don’t disagree).
also, it’s really pitiful to see how quickly non-techie people get into trouble with windows these days. my cousin called me a couple weeks ago asking how to get rid of all the popup windows. his machine ended up being almost completely crippled from spyware and trojans that he couldn’t use it anymore. i had him install vnc so i could perform a cleanup but it was getting hit so hard with inbound/outbound traffic i couldn’t do anything. unbelievable. in the end, i had him install zonealarm and use firefox/thunderbird for all online activity. he’s able to use the machine but it’ll require a complete re-install for which i can’t help … he’s halfway across the country
this is happening more and more with family and friends and i’m becoming their ‘goto’ guy. i’ve always wanted to install linux on everyones machine but know if i did, i’d spend more time training than i had time for (also, so-and-so’s daughter wants to run sims, ugh, not in linux, sorry). it’s now becoming desperate to the point of seriously thinking about taking the linux route. a couple glaring features are a) i can remotely fix things via ssh and 2) much more acceptable desktop abilities than a couple years ago.
we’ll see
It would be nice if they tested what MS AntiSpyware found after running BOTH AdAware and SpyBot S&D.
Since quite many users use both tools.
The part that got me thinking was the list that shows the programs that they used. It states “Panicware Pop-up Stopper – A pop-up blocker bundled with adware.” Did anyone else find this funny? I use that program and I think it is awesome…it is lightweight at around 400kb or so. I don’t know what they were thinking…hopefully it was just a spelling mistake.
i thought this was going to be a free tool for all windows users???
They never said that. Some weeks ago, A representative from Microsoft said they were still investigating the pricing options… which basically means that they were investigating if they were going to offer a free version or if they are going to charge a weekly/monthly/annually/one-time fee.
what a joke….they owe their users something for giving them an unsecure system and now they want to charge more for their mistakes…this is the kind of stuff that creates more and more MS haters.
The part that got me thinking was the list that shows the programs that they used. It states “Panicware Pop-up Stopper – A pop-up blocker bundled with adware.” Did anyone else find this funny? I use that program and I think it is awesome…
Did you install it with adware? Or did you by it? Most probably its free version comes bundled with some kind of adware (I was using it’s free version years ago, I do not remember exactly).
This is somewhat good that MS AntiSpyware notes users of applications, often bundled with spy/adware – maybe someone will learn something from this.
But reading various reviews and opinions seems that MS doesn’t always correctly differentiate suspectible applications and harmless (or even useful) ones, detects some false positives etc.
I hope this won’t cause such anomalies like we’ve seen in DOS times – one anitvirus software happily renamed infected .com files to .vom – including command.com
All the companies MS buys why don’t they buy a security software company & add that to widows?
There’s a line between security and compatibility.
Actually I think this is a bad move for Windows, becuase now Microsoft has even more excuses to not ‘fix’ their OS. I sure hope Longhorn doesn’t suffer from this as they wouldn’t be interested into patching it for spyware, adware,.. they’ll just say you our free tool to remove it.
I think I read somwhere Microsoft is making a free anti vir software. While many blaimed MS for not making virus/adware remove software earlier, those same are now saying how Microsoft is threatening the buissenes of antivir/adware software.
You gonna make me pay for security that you can’t write (Or maybe don’t want to write) into the OS! Crazy!
It recognized some eMule registry keys as “Spyware” .. it was only the ed2k protocol registration.
*sigh*
I hoped this thing would be decent, but apparently it sucks.
does it remove MS-Media Player? -> that’s spyware!
to all those poor windows users out there i’d still recommend something not-MS to remove spyware..even better don’t use the biggest spyware of all, windows (or is that the biggest virus? probably both)
So, you installed the adware because you weren’t paying attention to what you were installing, and you blame Microsoft for this?
I wish I could say unbelievable… but that seems to be the norm.
How is WMP spyware? Because it has a function to indivudually identify your player… yet it is turned off by default?
How is Windows spyware?
How about you go think instead of just troll around.
Tyrone: Microsoft cannot prevent idiotic users (sorry if you fall into this category) from installing spyware on their computer. It’s just an application. You can just as easily write spyware for any other operating system.
I believe this is a good move, as long as it remains freeware. It clearly was better than the other products. It gives you much more information about the different files that might be spyware, it runs constantly to prevent adware from being installed, and it will most likely ship default with windows.
I’m not big on Microsoft installing products by default with their OS, IE and WMP, but it’s done for a reason. To give the user a better out of the box experience. Now unfortunately, that has created a monopoly, and they became retards saying that they can’t remove a Web browser from their OS. But having built in Adware removal/prevention, a firewall, and maybe soon an antivirus program are huge benefits to the consumer.
Again this will probably create a monopoly in these areas also, but for the regular user who would never go out and download an alternative their computers are much more secure out of the box. And for us advanced users, we can go out and install a more advanced product, and disable microsoft’s bundled apps.
Microsoft has made terrible mistakes, but at least they are trying to help out some. Let’s just hope that they don’t bloat the Antispyware app, and start charging for it.
“So, you installed the adware because you weren’t paying attention to what you were installing, and you blame Microsoft for this? ”
Actually you could blame Microsoft for being unable to stop spyware from getting in as easily as Lavasoft does, especially since Lavasoft probably has a minute fraction of the manpower to throw at the problem that MS does. Are you such a drooling Microsoft fanatic that you can’t even admit when they’re not getting the job done, even they admit it themselves?
wmp sends back the list of music and videos you watch thats how it is spyware
spyware also gets added just from visitng sites not just from installing adware
how about you stop trolling around too ?
“You can just as easily write spyware for any other operating system.”
Ok then, lets see it then…
lets see you write spyware for linux that installs covertly and runs with the same privilages that it would on a windows machine….
whats wrong? you can’t ?
Stop spreading FUD until you know what you are talking about.
That MS is even thnking about charging for this software, I mean it seems ok as far as cleaning up spyware but have they forgotten just why most users even need it? (their weak security policies in the OS)
Shame on ’em
whats wrong? you can’t ?
Stop spreading FUD until you know what you are talking about.
I guess you haven’t heard of the recently discovered holes in Mozilla/Firebird and the local root exploit in 2.4 and 2.6 kernels.
Using those two ‘features’, you could…
It end user stupidity.
Show me a windows user that can resist random email messages that say “click me I’m porn”, installing “free” internet download clients to get pirated software, and opening any random zipped crack file they come across, and I’ll show you a windows machine that passes scans from any spyware tool with 0 threats.
Microsoft can’t protect users from doing what they want – even when its completely retarded. The only reason so far that linux can get away untouched is due to the fact that for the most part only people who know what they are doing end up using linux. Combine that with the fact that linux has a small desktop population that spyware writers don’t feel is worth their time to write spyware for it and that about covers why linux isn’t swimming in pop-ups yet.
There isn’t some magical security exploit spyware uses to get on your machine. Its actually a pretty general flaw in computing – the moron behind the keyboard.
why am I even replying to this username ? hahahaha
you said it yourself,
a “local” root exploit, once you read up on what that means, and what effect it will have on you, then come back here with your semi-smart arsed remarks
and what muppet runs their linux box without running regular updates anyway?
the firefox exploit is across all platforms, not just linux. and has it not already been fixed ?
Windows, what can one say. By the time your finished running all the crap needed to keep it clean you have f-all resources left to run the software you want. Spose it make the CPU and hardware makers happy.
As for Linux, at least when an exploit is found it is fixed fairly promptly. How many XP exploits are still floating around that have been known for quite some time but MS has failed to rectify.
What we need is diversity in computing like in nature, diversity helps everyone where-as a mono culture breeds stagnation and extinction. Happened on Easter Island and with software it’s just the same.
Wait for the next viruses capable of disable MS AntiSpyware like many recent viruses that disable Windows XP SP2 firewall.
Imagine a spyware company affected by this bundle of anti-spyware with windows: it would feel angry and maybe would create a worm or virus o disable MS antispyware…
before spyware writters figure out how to disable the scanner or spoof themselves as part of it?
Just so you know at leats SOME of the spyware, etc is indeed Microsoft’s fault.
I guess I’m talking moe about viruses, but the point is the same.
Recently i upgraded a friend of mine’s computer to Windows XP. This computer was connected to the internet. It took me several hours to get XP patched up to be secure because it was hit so hard with viruses et. all. Once I got the system installed and patched, I (naturally) installed adaware and virus detection software.
Think that XP machine came up clean? Think again.
Whose fault is this then? Before you tell me it’s the user’s fault for not having a router hooked up, just remember that XP doesn’t say it requires a router, and also plenty of other OS’s seem to do just fine on the net without one.
HAHA…. One word… BullS–t. Spyware IS MS fault. I’m as power user as they come and very diligent in keeping my OS clean and safe. I have fully upgraded virus scanners, patched OS, and run Firefox not IE. When I ran MS Antispyware I still had 1 high risk backdoor trojan with smtp engine. A trojan not even picked up by the vscanner. My other machine had to lower risks spywares as well. I’ve had it with this crap.
@zele
Quote” By zele (IP: —.vilmat.com) – Posted on 2005-01-10 18:05:21
It would be nice if they tested what MS AntiSpyware found after running BOTH AdAware and SpyBot S&D.
Since quite many users use both tools. ”
er…. they did – see page 3
@zele
quote>”BOTH AdAware and SpyBot”
sorry, I misread your post…
Many people wonder what this app and the anit-virus tools MS is making are going to effect the way they code longhorn, if they are going to leave holes just to make you use these new apps and maybe even buy them.
I have to think that this won’t be the case, I could be totally optimistic, but having read a few blogs from people working at MS who are geeks like most of us who visit this site, they are making many basic changes to Windows that will help stop what otherwise happens automatic right now on XP/2k when you visit a website with IE or download something with spyware. That is the changes in security policies, user accounts (i.e. a lower level normal user account insted of an admin account) A protected admin account that cuts down the permissions while using it so viruses and spyware can’t do damage or as much damage as they can on todays XP systems.
The changes in how apps will interact with the OS, so that they can’t run crazy and mess with other things, which means that people writing these programs are going to have to program better or else they won’t work, like how some programs broke due to the small changes MS made with SP2.
Plus the added DEP and NX/EDB ? that AMD and Intel cpu’s support now which also help cut back what viruses can do on a longhorn system etc.
There is now even talk of a brand new re-writen version of IE for longhorn, I think with what happend back in the IIS 5.x days when worms and holes gave major bad press to MS’s webserver, they got tired of it finally, plus it’s just not good for business, they finally re-wrote IIS for version 6. I personally can’t remember the last time IIS6 had a major or even minor security hole in it. But maybe it’s just me. either way they pretty much fixed that, I think the same will happen with IE this time around.
Again you still have the user to deal with, and as long as people pick “yes” and install free chunks of code they’ll probably get spyware or some sort of virus, so you’ll still have a need for these types of removal tools, but if they do what i’ve writen above and some more things in longhorn then the risk will be around the same as one would get on say an older linux system that hasen’t been patched up yet. Until you patch it you’d need some sort of stop-gap to protect you until the patch is out. and these antispyware and virus tools do that job.
Again, I can only hope that this is for the best and not something that turns out to be a waste.
For Windows versions prior to Windows 2000 or XP, this tool is worthless. I have some friends that just came to me with a Win98 box that is completely hosed. It’s usable now, though still not right – and this msft program might have helped but that it does not work for that OS.
As far as I’m concerned, this is another poke with the stick to get you to stay on their upgrade bandwagon. Most all of my friends/family are now using Mozilla Firefox/Thunderbird – very happily I might add. As a poster above stated, I’ve for some started seriously considering a Linux desktop depending on thier use (some friends are serious gamers, obviously not there yet).
Let’s see, Microsoft has a problem on their hands with spyware infection on their OS. They want to solve it, so they buy a spyware company and build it on to release under their name. Now here’s their problem: If they release it for free, you’ll got the trolls crying yet happy at the same time they have another reason to complain:
“WHAT?! Microsoft is releasing it for free?! That is unacceptable, they will have a monopolistic advantage over Ad-aware and all the other spyware removal programs. If they release it for free, they will undercut all their competitors! It’s IE vs. Netscape all over again! AAARGGH!! DIE M$$$S!111!!”
Or if they sell it:
“WHAT IN THE WORLD?! Microsoft is selling it! Hah, what a joke – it’s another one of Microsoft nasty tactics. They made their unsecure operating system on purpose only so they can sell the tools to fix it! This is unacceptable. DIE MSS$$$S!11111!!!!!”
See, so they are damned either way.
“Recently i upgraded a friend of mine’s computer to Windows XP. This computer was connected to the internet. It took me several hours to get XP patched up to be secure because it was hit so hard with viruses et. all. Once I got the system installed and patched, I (naturally) installed adaware and virus detection software.”
Ok, think about this – that Windows XP disk you installed off of obviously didn’t have SP2 included in it. So you hooked up a basically “unpatched” system to the internet and then updated it. Why would you expect not to get infected by anything in doing this? For all intents and purposes you plugged a virgin machine with “known” and even “patch avaliable” exploits up to the internet for the taking.
In setting up a new system next time you might want to download all the patches as standalone installers so you don’t need to hook a vulnerable system into the internet to get it up to speed. You can do this. Just search google for the SPs and Updates there are plenty of sites that host them as .msi files and provide SHA-1 hashes. Admitedly, finding a way to update a system you install yourself is an issue microsoft has created since they no longer host stand-alone installers themselves.
“HAHA…. One word… BullS–t. Spyware IS MS fault. I’m as power user as they come and very diligent in keeping my OS clean and safe. I have fully upgraded virus scanners, patched OS, and run Firefox not IE. When I ran MS Antispyware I still had 1 high risk backdoor trojan with smtp engine. A trojan not even picked up by the vscanner. My other machine had to lower risks spywares as well. I’ve had it with this crap.”
You do realize if you make an arguement that because you’re a “power user” and obviously power users shouldn’t get infected with spyware, then the fact that you’re infected with spyware might mean something other than “spyware is MS fault”?
Furthermore what was the trojan? How do you think it got there “Mr. PowerUser”? Are you sure that you didn’t install it as a piggy back to another program you were installing? How do you know its not from a Firefox exploit since you use Firefox and not IE? You’ve given no basis that to even suspect that it is indeed Microsoft’s fault that there was spyware on your computer. All you’ve stated is that you run windows, firefox and not IE, and that you are a self-proclaimed “power user” so therefore it can’t be because of you and it must be Microsoft and not any other software developer who’s applications you might be using because its cool to hate microsoft right?
It desperately wanted my Oracle Server removed
Thats a serious spyware threat according to MS
The article says that the Microsoft product is easier to use than Spybot. I disagree : if anybody has trouble using Spybot, then maybe they should see a doctor, because it’s damn simple.
Pretty good app considering its a beta. I like the information breakdown.
I’ll likely add it to my stable of tools. Don’t think I’ll pay for it but while its in beta I’ll enjoy the benfits.
For the guy who installed XP on a box sitting nakid to the net all I gotta say is maybe you shouldn’t help your friends man – you sound like the kind of guy who creates more problems for people than you solve!
I agree that there are steps that i could have taken in order to avoid the XP box getting hosed.
yes, it was an older cd, but still. I can hook up MANY other OS’s using older disks and not have this problem.
My only point was that some of this virus/trojan/adware/spyware problem is indeed microsoft’s fault.
The disk I had for this install was a commercial disk BTW, and it got hosed before I could prevent it using normal means. Had I known it was going to get hosed so fast, I probably would have done as you say, and downloaded all the patches first. I must say this REALLY complicates the supposedly easy XP install though
Local root exploit
Nuff said.
Seriously, you compare spyware to a local root exploit.
Let me make it very clear to you. To exploit a local root exploit, you have to be sitting in front of the machine you want to exploit physically, or probably at least have direct access to the machine, like an account there. A remote exploit, now that is worrying. But we are talking spyware here, and Linux seems relatively immune to that. Maybe if it gets popular, people will start getting people install spyware, but right now it is still a safe choice.
I can agree to disagree about who’s fault it ultimately is… almost forgot, its a small tip I learned back on NT4.
You can use the TCP/IP filtering selection menu from the Networking Setup as a kind of firewall if you want to hook the machine up to the internet and download by Windows Update. Of course once again you have to refrain from hooking the maching up the internet until you’ve set these options.
Windows Update basically uses only port80, so if one restricts the ports to allow only 80 for UDP/TCP and then places the address for windows update as the only allowed host, in effect this blocks all incomming traffic at the packet level except for the update service.
That should be an easier way for you accomplish what you want.
Are you telling me that if there were a Linux version of Kazaa, that the spyware that is piggybacked with it won’t install?
Spyware is just a program that generally gets installed by being included with other programs that YOU install (company was most likely paid to include it).
There is no exploit in particular that spyware takes advantage of (except stupid users and greedy companies).
Err, So in other words you mean in effect the only way to install windows is to have an image of a completely service pack updated/hot patched, with installed virus etc etc checkers a ‘power user’ only has him/herself to blame if they get infected or otherwise buggered!!!!!!!!
Fine, I wonder how many ‘real’ power users there are ?
I assume you’d have grater sympathy for the rest of humanity
.
This is supposed to be some argument against it ‘being cool to hate MS’?
Bizarre
yes, that is what we are saying..if there was a linux version of kazaa it would not be able to install spyware piggyback.
in fact there is a linux version of limewire, I have that installed and it is just a p2p app, nothing else came with it.
PLUS, the source code should be available for almost all linux apps, so do you think a commercial company would risk exposing itself as a spyware spreader ?
vincent … Your ‘almost forgotten’ tip would seem to be a good one and perhaps MS should somehow incorporate it, or similar, into a normal install. After all, it even took you a while to remember that and perhaps we might all forget that when we need it.
I do rather wonder how many hours it will take to install Windows, or days for those on dial up, before one is safe to go on the net or in effect be able to use the OS at all.
I have an old win98 partition on my laptop to run some old programs plus emachine_shop. Because I download using BeOS and then transfer to the Windows from BeOS I don’t get much problems but testing with SpyBot and Adware I still get 2 warnings. I downloaded the MicrosoftAntiSpywareInstall.exe file from BeOS (only 6.39MB) and then tried to install it. It refuses, saying I need IE 6.0 or greater. ?????? What does IE have to do with installing scanning software? And why is the IE 5.5 download 10MB but the IE 6.0 download is 75MB – Yes, I am using a modem and I don’t want to leave a Window machine connected to the internet for the time needed to download such a large file. So why IE 6.0?
MS won’t need to bundle MS Antispyware.
They will do a deal with mobo manufacturers like Norton and it will be installed by any computer store tech who builds a system for the regular joe.
Adding yet another layer of cruft is not a good idea. Anti-virus, anti-spyware, and a dozen other tools to keep the system from being killed or killing itself doesn’t help. You’ll just end up adding yet another layer later for some other problem.
Less is more.
Turn off and remove what you don’t need. Replace less secure with more secure. Simplify. Find out how to lock down what you “Can not do without”. Limit your own account. Backups backups backups. I could go on and on…though if it’s not installed, you don’t have to tend it…removing the need to get add-on products in the first place.
Sorry. Just spent a week using Windows and I’m frustrated; almost anything else is better. (Alpha — not beta — tested Windows 3.x, 9x. Beta NT 3.x and W2K. Admined them all plus XP.)
Have to admit I’m just a little amused at having Spybot S&D block ‘DoubleClick’ from being dropped on my machine from the E-Week site hosting the article 😉
The network stack TPC/IP filtering isn’t something I’ve used in a while since I just find it easier to store all the updates locally – my fileserver has more space than I know what to do with at the moment so its always there in case I need to reformat my desktop. Like mentioned however, the over-dial-up arguement is also why I think its better to locally cache the updated somewhere.
Supposedly for Longhorn the entire installation process is supposed to change – its quite possible that the way in which the OS is updated (even at initial install) will be changed to be more secure as well. I’d imagine they’d lock the network stack down to a SSL connection with Windows Update during initial install to update things on the fly. Since from what I read the installation is part directly coppying a configured/core system and installing user chose modules on top.
As for my other comment about the poweruser… you’re right I have no sympathy for people who “think” they are powerusers, and hence supposedly they know what they are doing. My unsypmathetic side is usually harsher when these “powerusers” proceed to pass blame off onto someone else because its easier than to figuring out if they should have done something better. For the “rest of humanity” however, I have have plenty of small tips, and suggestions if they want to hear them.
This is simply not true. The spyware application is included with the installer. It DOES NOT matter what OS it is on, it is just an application installed with another application.
Also, just because the application runs on linux does not mean that it is open source… quite possibly one of the dumbest comments I’ve seen on here in awhile.
With Win2k3 SP1 all incoming traffic is blocked until you configure your server.
agreed… it was a dumb statement I said there about the software being open sourced on linux
but your follow up statement is also pretty dumb and show you do not have a clue about linux.
“The spyware application is included with the installer. It DOES NOT matter what OS it is on, it is just an application installed with another application”
it does not work, simple as that.
< [Spyware in linux] does not work, simple as that.
It does, man, because if the developers of the application took time to convert/rewrite it to a Linux version, it’s likely they also rewrote the spyware. So it will work.
Now, if they bundle the windows binary with the Linux version, then yes, it won’t work.
NO. It will not work.
In fact try this for an experiment….
Install Linux, Install Crossover Office, install IE6. Run IE6 and visit astawhatever or your favourite supplier of spyware, (f1 pages on itv are other good ones !)
At this stage the Windows machine would be hosed, but the Linux machine works on… even IE is more or less untouched by it all.
So the fact of the matter is this…
IE might have vunerabilities, but it is those vunerabilities AND the fact that it is run on top of Windows, a basically insecure system.
The whole point of spyware is that it will install COVERTLY onto a PC, WITHOUT user intervention, and it is at this stage it will fail on the Linux machine.
Noobs to Linux are also helped up here by programs like Gkrellm which along with running processes, also show the number of USERS running programs on your PC. Normally for a home pc, this should be ONE, anything else and they will need to run a rootkit checker. Simple.