Hi rags9,
No. is the same.
But here is, read Bill's test:
Subject: Does MSAS detect anything?
From: "Steve" <
[email protected]> Sent: 9/19/2005
11:23:59 AM
General forum
I have had MSAS installed for about 4 months and it has not detected
anything at all since installation. My system stays pretty clean of spyware,
but I am a bit concerned that MSAS has detected nothing in 4 months.
Is there anyway to test MSAS with a "dummy" malware module?
..
Subject: RE: Does MSAS detect anything?
From: "Alan" <
[email protected]> Sent: 9/19/2005 11:52:00 AM
It doesn't scan for cookies/dataminers.
Many other products do. However, cookies/dataminers are NOT spyware, they
are data files that CAN NOT harm your system.
WD has said they will re-evaluate cookie/dataminer scanning based upon the
feedback they recieve during the beta test.
Alan
..
Subject: Re: Does MSAS detect anything?
From: "Bill Sanderson" <
[email protected]> Sent: 9/19/2005
1:56:06 PM
Here's a test for you. There's been some discussion of providing the
equivalent of an EICAR test for Windows Defender, and I have hopes that
something like that will be provided for the beta2 prºduct.
In the meantime--here's a harmless test which still works at this writing
and 5757 definition levels:
Go to a command prompt in the Windows or WINNT folder, depending on your
Windows versiºn.
md winlogon.exe <enter>
i.e. create a subdirectory called "winlogon.exe" (this is a real-life
example--an antivirus product uses this technique to "innoculate" against a
particular bug.)
Watch what happens. You can choose allow or remove, neither has any useful
effect. Don't choose always ignore unless you want to go looking for the UI
to reverse that which is an an oddball locatiºn.
Simply RD winlogon.exe to get rid of the ªlert(s.)
This doesn't really answer your question, except to show you what a genuine
alert about a known threat looks like.
Windows Defender continues to score at or near the top of the list in
comparative reviews against comparable products. There's been a lot of
change in this market of late, and it'll be interesting to see a good
comparative review in say January of next year, mªybe.
There are posts daily here which lament the fact that Windows Defender
hasn't found anything on a given system, while xyz antispyware finds
something new daily.
There's a problem with false positives in antispyware programs. Every
program has this problem, but some of them exploit it to make themselves look
better. Generally, these end up on Eric Howes list of rogue antispyware
apps, and we can discount their results. Since this is a hotly competitive
field, with no long-term industry information sharing (unlike the antivirus
field)--there are no accepted definitions for a given threat--vendors differ,
both in what they detect, and how a given threat is defined.
Yes--it does detect things--they collect the results via Spynet for about
(half??) the installations? It'd be nice to have somebody quote some of
those results for this beta--I think we'd all be impressed at what's been
accomplished in terms of cleaning systems.
Like you, I almost never see anything "real"--but I'm pretty much a nose to
the grindstone sort of guy--don't venture out of the beaten path much, and
the offices I work with seem to be similar. Lots of folks in these groups do
see useful cleaning and write in about it daily, thºugh.
