After much speculation, Microsoft has finally released a program designed to prevent your system from being buried under the deluge of spyware that lurks on many websites. At the time of writing, the application was in beta, although freely advertised at www.microsoft.com
We put it through its paces to see how it would fare alongside established, free anti-spyware programs. To leave our test system as vulnerable as possible, we used a fresh installation of Windows XP Professional (pre-SP 1) with the minimum of updates and no anti-virus software, before embarking on a visit to some disreputable websites.
The good news is that AntiSpyware immediately detected that these sites were trying to foist unwanted nasties on us. It displayed alerts in the bottom right of the screen, asking if we wanted to install the software or if it should be blocked. A handy summary of the spyware, highlighting what it will do, helps make this decision. During just five minutes online, it prevented the installation of 15 spyware programs.
To simulate a less savvy user, we stayed on the same website and clicked OK a couple of times when the browser asked if we wanted to download the ‘helper’ software being pushed by the site. AntiSpyware was asked to allow the installation. During a manual scan, it offered to create a System Restore point and then proceeded to pick up a lot of nasty files spread across the hard disk. It seems like a good idea to use System Restore, but, as with virus scanning, it can cause frustrations. If a virus or spyware file ends up saved in this system-protected area, anti-virus and anti-spyware programs will detect it but they won’t be able to delete it. It’s therefore best to disable System Restore when cleaning a PC.
After allowing AntiSpyware to clean the PC, we rebooted and ran it again. It detected more files, although not as many as before. On consecutive scans, it gave the all clear. To judge its effectiveness, we ran Ad-Aware and Spybot Search & Destroy, as well as a trial version of Kaspersky Anti-Virus Personal. The results confirmed that you really do need in-depth defence where spyware is concerned: Ad-Aware found nearly 70 serious threats that Microsoft AntiSpyware had missed, including the insidious Bargain Buddy adware and browser hijacker. Spybot found a few more, and Kaspersky Anti-Virus Personal discovered a downloader trojan. Microsoft AntiSpyware had missed a lot, although it did decide that the remote admin tool VNC was a potential problem.
Given the seriousness of the spyware threat, we’re glad to see such a big name getting involved. But the reason this beta is being distributed so freely is likely to be less than magnanimous. Whenever AntiSpyware detects a dubious file, it will ask if you want to send it to SpyNet. This is a so-called community run by Microsoft, whereby customers fill its database with potential threats. This is a neat way to get your customers to do the bulk of your research for free and to fill a spyware database as quickly as possible. It’s a similar concept to Cloudmark’s SafetyBar (nee SpamNet), which uses customers to submit spam they’ve received and so keep the updates current. That’s great if they’re free in return, but not when you start getting charged for it. That doesn’t stop Cloudmark, and we doubt it will stop Microsoft (see The future of Microsoft AntiSpyware, above).
So Microsoft still has some way to go before its first anti-spyware product is ready to protect customers for real. It recommends that you run this software in conjunction with an Internet firewall and anti-virus software, and with good reason: on its own, it’s currently not very effective. As always, updating the operating system, web browser and running anti-virus software is essential practice. We’ll bring you more on AntiSpyware as it develops.
Disclaimer: Some pages on this site may include an affiliate link. This does not effect our editorial in any way.
