By Mohammad Yousef | January 2005
It's finally here. Today, Microsoft released its first public beta of the greatly anticipated Microsoft AntiSpyware. I rushed to get it as quickly as possible because, naturally, I wanted to be the first one on the block to have it.
Getting Started
The installation process is quite swift and simple, but you must have administrator rights to install AntiSpyware.
Then, the first time AntiSpyware is launched, the Setup Assistant pops up (screenshot). It is supposed to guide the user through four steps to get started.
Firstly, you are given the choice to enable/disable Automatic Updates and Real-time protection. I strongly recommend all users to enable Automatic Updates to keep your system updated about the latest spyware and adware. As for Real-time protection, it is a very useful feature because spyware would be detected before infecting your system and the feature isn’t memory-hungry either. However, it can be a real pain at times, bombarding the user with alerts (most of which are trivial), so in this case, you might consider turning it off.
Next, you are asked whether you’d like to join the SpyNet anti-spyware community. In my opinion, by creating SpyNet, Microsoft has taken a great step forward in the continuing battle against spyware. If it works as it is supposed to, Microsoft AntiSpyware users will create a huge network. Whenever a new form of spyware is detected on one of this network’s computers, all the systems on the network will be automatically protected. So, I advice users to participate in this great program.
After selecting your settings, you are asked to perform a scan. This can be skipped if you’re in a hurry, but make sure to run a scan later on if you choose to skip it.
Scanning and removal
For scanning, there are two modes to choose from: Intelligent Quick Scan or Full System scan. The Full System Scan can be configured to meet your needs by selecting the location and depth of the scan (screenshot).
For my first scan, I chose Full System Scan. The time it took was typical – not too quick nor too slow. I wasn’t expecting it to detect anything though because I’m using Spybot- S&D and Ad-Aware SE (both updated to the latest definitions). Surprisingly, it detected the SearchSquire adware and rated its threat level as elevated (screenshot). Being the finicky person that I am, I couldn't have simply told it to remove the threat. Instead, I investigated it a bit and found it’s just a false alert! The location of the so-called “threat” was:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\ Internet Settings\ZoneMap\Domains
and this is where my list of restricted sites exists. I realized that one of my other PC cops (either Spybot-S&D or SpywareBlaster) had added the SearchSquire domain name to my list of restricted sites and Microsoft AntiSpyware misidentified it as an elevated threat. Anyway, such flaws are to be expected as the program is still in its development stage.
[continued...]
|