 Number 263 - April 2005 |
|
| Microsoft's Free Anti-Spyware Beta | |
|
by Vinny La Bash, vlabash@home.com, Sarasota Personal Computer Users Group, Inc. | |
|
Late last year Microsoft bought a software company called Giant for its anti-spyware program. Microsoft then re-worked it and released it as its own Microsoft AntiSpyware product. It's a beta, meaning it isn't quite finished yet, and you can download it for free. You need to have Windows XP, Windows 2000 or Server 2003 to run the program. It won't work on older versions of Windows. After using it for several weeks, it looks like a worthwhile addition to your arsenal of tools to combat and defeat the bad guys on the Internet. I go to great lengths to keep my system free of "malware" and assorted nasties. I run Ad-Aware, Spybot , and Spy Sweeper, so I was surprised when the Microsoft product found two bugs that everything else missed. Investigation showed one was a "false positive" and the other was very likely a new infestation. The false positive was not spyware or adware itself, but could have been used as a way to install such products. I'm impressed. Once you know that a program Microsoft AntiSpyware is flagging isn't really a problem, there is an option that will tell the utility to ignore anything you think is OK. Perhaps Microsoft should fine tune the program to reduce this, but better safe than sorry. Automatic full-system scans work similarly to anti-virus programs and provide real-time protection against spyware. Other tools will rescue your settings if another application attempts to hijack your internet browser. There's an entire suite of System Explorers that allow you to examine, disable, or remove all kinds of things such as downloaded ActiveX plug-ins that shouldn't be on your system. A helpful feature is the insertion of icons indicating whether the download is safe, unknown, or hostile. It does seem a little strange that the program didn't recognize the Windows Update Control application. (See illustration). 
|
Running Processes with descriptions of what each known process does are helpful. Startup Programs, IE Browser Helper Objects installed, IE Settings and Toolbars, Window's Host File and Layered Service Providers, and Window's Shell Execute Hooks round out the suite. It's much less complicated than it appears. There is no need to be a PC expert to use the program effectively. The sheer quantity of information in the System Explorer utilities is notable and should make it easy to distinguish suspicious objects from safe ones. Take your time, pay attention to what the utility is telling you, and you should do well. For those of you who view porn sites at work or are doing other things you shouldn't, there is a "cover your tracks" tool called Tracks Eraser. This tool seems to be designed for those whose paranoia level exceeds that of a submarine commander. It's very extensive with over thirty history lists and caches that you can choose to keep or clear. There are the expected items like IE's cookies, history, intelligent forms, and temporary files. You can also clean out the RegEdit Search History, Microsoft Direct Draw history, and some third-party applications like Google Toolbar History, Visual Studio, and Adobe Acrobat Reader 6.0's history. Your system could show a different history depending on what applications you have installed. There is an optional feature that let's you send information to SpyNet's central server. Do this when you override a false positive or feel that the tool has made a mistake in identifying a piece of software as harmful. If enough people feel that the AntiSpyware program is bearing false witness against a benign program, the AntiSpyware development team can take corrective action. The free beta version is available through July. After that no one knows if Microsoft will charge for the program. There are a few clues that say Microsoft will probably continue to offer it free of charge. During installation, the setup program checks to see if your Windows installation is legitimate. If the answer is yes, installation proceeds. If not, Antispyware balks and refuses to install. This could be a nice way of rewarding customers who pay for the product, and an incentive for others to renounce their evil ways and convert to a legal copy. The program automatically updates and runs in the background, watching for intruders. It blocks unauthorized Registry changes, runs automatic scans, and won't allow a program to mess with your Trusted Zone or other security options. I like the program enough to leave it installed. It's found a few potential problems that other programs missed. Other antispyware utilities found a few things that the MS tool missed. Sadly, there isn't one tool that will do it all. Sadder still is the fact that any of these tools are necessary at all. Copyright 2005. This article is from the March 2005 issue of the Sarasota PC Monitor, the official monthly publication of the Sarasota Personal Computer Users Group, Inc., P.O. Box 15889, Sarasota, FL 34277-1889. Permission to reprint is granted only to other non-profit computer user groups, provided proper credit is given to the author and our publication. |
|
Number 263 - April 2005
|
|