Microsoft AntiSpyware (Beta): a first look
A major plank of Microsoft's corporate strategy has always been to buy products from its competitors, rather than pour resources into home-grown developments. Famously, back in 1980, when IBM was seeking an operating system for its PCs, Microsoft bought q-DOS (a.k.a 'Quick and Dirty Operating System') from developer Tim Paterson for $50,000 and called it MS-DOS. As we all know, MS-DOS licenses subsequently earned Microsoft billions.
With the purchase of anti-spyware specialist Giant in December 2004, Microsoft obtained the basis for its AntiSpyware product, which has now appeared in beta form. There are plenty of other anti-spyware programs available: the most popular, Ad-Aware, is available in a free version, although others are paid-for products. Life could become more difficult for the latter if the final version of Microsoft's tool becomes available for free.
Download & installation
At the moment, you can download and install the AntiSpyware program without registering it. However, with later versions, registration could become obligatory, so that users without a valid licence will not be able to use the program.
The 6.4MB program runs under Windows 2000, XP and Server 2003, according to Microsoft. We installed AntiSpyware on three test systems without problems. The program even runs under current Release Candidate 1 (Build 1289) of Windows XP Professional x64 Edition. If you already have the Giant version of AntiSpyware, however, Microsoft's beta version will not install: you'll have to uninstall the Giant program before replacing it with Microsoft's version.
During installation, you must agree to the licence conditions. Since most users do not read the license conditions, it is clearly pointed out that you can only use the current beta version until 31 July 2005. If Microsoft should offer a commercial product before this date, the license for this beta version will expire.
After installation, the program occupies about 14MB of hard disk space. Microsoft AntiSpyware comprises three components: two modules (gcasDtServ.exe and gcasServ.exe) operate in the background, while the main program is GIANTAntiSpywareMain.exe. Together these components use about 27MB of RAM.
Performance
So-called 'tracking cookies', which identify a PC and are used by some Web sites to track user behaviour, are not currently recognised as spyware by Microsoft AntiSpyware.
Both Ad-Aware and Spy Sweeper discover tracking cookies and classify these programs as critical. After scanning, both of these utilities suggest that you delete the tracking cookies. With other spyware, the beta version of Microsoft's product performed better than its rivals. For example, AntiSpyware finds NewDotNet (nduninstall6_28.exe) and QuickSearch Toolbar. NewDotNet is given the second-highest threat level ('High'), since the IE plug-in adds subdomains of 'new.net' to your name resolution system. QuickSearch Toolbar, which gets an 'Elevated' threat rating, hijacks Internet Explorer's search URLs to direct traffic to quicksearch.com. Neither Ad-Aware nor Spy Sweeper recognises these programs.
However, the classification of the file sharing utility eMule as Adware Bundler shows that Microsoft still has some work to do on spyware recognition. The original version of eMule has nothing to do with spyware, but is simply an efficient file sharing client. However, there are modified versions of eMule that do install spyware on your PC. The Microsoft program also equates eMule with eDonkey2000.
As far as scanning performance is concerned, Microsoft AntiSpyware is faster than Spy Sweeper but slower than Ad-Aware. The Microsoft program examined over 21,000 files on the hard disk and nearly 9,000 Registry entries for spyware in just over six minutes. Ad-Aware took two minutes less, while Spy Sweeper needed 14.5 minutes for a full scan. The quick-scan test placed Ad-Aware first again, followed by Spy Sweeper and finally Microsoft's AntiSpyware.
Tests were carried out on a PC equipped with a 3GHz Pentium 4 processor and 1GB of RAM.
| Anti-spyware scan performance | ||
| Anti-spyware program | Complete scan | Quick scan |
| Microsoft AntiSpyware (Beta) | 06:12 min | 01:04 min |
| Ad-Aware SE Professional | 04:13 min | 00:18 min |
| Spy Sweeper | 14:35 min | 00:48 min |
Conclusion
The beta version of AntiSpyware underlines Microsoft's recently outlined enterprise strategy concerning spyware and spam. Although there have been few objective investigations into the productivity impact of these two 'hostages of the Internet', market researcher IDC estimates that spam email alone costs larger enterprises several million dollars a year.
Spyware also affects enterprises. A recent investigation by Webroot (maker of Spy Sweeper) found that, on average, 20 spyware programs were installed on Internet-connected business PCs in the USA. Besides adware, trojans and system monitoring programs were found on the computers. Anti-virus software and firewalls do not offer effective protection against these programs.
Microsoft needs to respond to the growth of spam and spyware because these programs eat away at the premise that IT brings productivity benefits. The beta version of Microsoft AntiSpyware is a first step in the right direction -- but others, such as server-based solutions, must follow.
Obviously there is a danger that Microsoft will exploit its position in the IT sector to dominate the anti-spyware market. Therefore the competition guardians should keep a close eye on Microsoft's future moves in this area. You can download Microsoft AntiSpyware (Beta) here.