How to tell whether my microsoft antispyware is working properly?

[Nicole]

Can someone tell me how will I know if it is working
properly? I have adaware se personal also. When I do a
scan with the adaware personl i find one or two things
when I do scan with microsoft antispyware I get nothing,
whi is that?

 

[Andre Da Costa]

Well, there isn't a direct way of telling if MSAS is working perfectly,
since its beta and is likely to contain unknown flaws. Right now, the most
effective way of ensuring that MSAS catches spyware doing thorough scans in
safe mode. On the Scan Page choose scan options > full system scan.

Also ensure you have the latest build - .509:
http://download.microsoft.com/downl...-fca2f2c6f0cc/MicrosoftAntiSpywareInstall.exe

Also ensure you have the latest definitions:
http://support.microsoft.com/default.aspx?scid=kb;en-us;892519

Identify possibly spyware threats:
http://support.microsoft.com/default.aspx?scid=kb;en-us;892340

How to restart in safe mode:
www.microsoft.com/resources/documentation/
windows/xp/all/proddocs/en-us/boot_failsafe.mspx

 

[MAP]

-----Original Message-----
Can someone tell me how will I know if it is working
properly? I have adaware se personal also. When I do a
scan with the adaware personl i find one or two things
when I do scan with microsoft antispyware I get nothing,
whi is that?
.

What is Ad-Aware finding that MS is not? Cookies maybe?

 

[Bill Sanderson]

I think your other replies have good information--the other products you are
looking at are detecting cookies that Microsoft Antispyware presently
ignores.

However--I do like your idea.

For an antivirus, there is the EICAR test string which enables a user to see
whether the protection is in place and what an alert looks like.

For the moment (I hope they'll fix this eventually!)--here's something you
can do as a test:

Right click an empty area of the desktop.

Choose New, text document.

Right-click the name of the new document, choose rename.

Rename it to test.bat. Say yes to the warning message about changing the
extension on the name.

Double click on the icon you have created.

You should get a clear alert--in this case about Trojan--Poebot.

Be assured that you haven't just created a trojan--this is a misleading
identification of an innocent empty .bat file. However, it will enable you
(until they fix this!) to see what an alert would look like.

I think the idea of providing some facility like the EICAR test string to
see that real-time protection is functioning is a great idea.