I tried the new Microsoft reincarnation of the Giant software program they purchased, and I have to say I'm impressed.

The interface is great and very polished for a beta release. and the thing really works! I tried it both at home and here at work and it found significant threats that Ad Aware, Spybot, and a Squared all missed.

It also demonstrated that with any program of this type, it is good for the user to be informed. On both of the systems I tried it on, it found instances of BackWeb, which I ignored because versions of this program are used by many legitimate software vendors to provide automatic updating of their programs. Fortunately, the MS program gives you a lot of information about the malware it finds so you can make wise decisions.

It found Xferpro, a Trojan, and PowerReg Scheduler on both machines, and BroadcastURBAN, and Search Squire on my work machine.

All of this was just with the Quick Scan option which took about 3 minutes, instead of the Deep Scan option which checks every file and takes much longer. You have the option to remove, quarantine, or ignore anything found. It will set a restore point, if you wish, prior to scanning.

The program also installs an active monitor (with your permission) to block future infections. If you opt in, it also makes you a part of a world wide network (SpyNet) that automatically updates all members for newly discovered threats. If you are hit with a new threat it is automatically added to the protection of all the other members.

Another feature can record your home page and restore it if it is ever hijacked. There are many other good features for removing cookies and BHA's you can use or not. Your choice.

The beta expires on July 31, 2005, and MS has not decided if it will be offered free after that time or sold. The program only works with W2K ans XP. I have already decided that it will remain in my arsenal free or not.

I feel the same..also find it very smooth for a beta

Thank you for posting this review Shelly . :-)

I too have added it to my munitions. I have read that "Search Squire" is a false positive.

Tom

>I too have added it to my munitions. I have read that
>"Search Squire" is a false positive.
>
>Tom
-----------------------------------------------------------------
False is right,I installed it on 2 units and it reported it found it.
On the next two I did a search for it before I installed it and it was nowhere to be found.After installation it reported that it was found.
So what do you believe.:-(

>I too have added it to my munitions. I have read that
>"Search Squire" is a false positive.

If you're referring to Darren't post, I believe that, because he uses Spyware Blaster, he had a CLSID loaded in his registry which matched a "Search Squire" signature in the Microsoft A.S. database. Normally, if one does not use SpywareBlaster, the presence of that CLSID could indicate possible installed malware.

SpywareBlaster works by loading CLSIDs of known spyware into your registry, and setting the "kill bit" for them so they can't execute {or rather, so the ActiveX cannot install}. In this instance, the Microsoft A.S. tool only found a signature match and did not know it was due to SpywareBlaster and not the actual spyware.

Spybot's immunize feature puts SearchSquire into the registry. Not Spyware Blaster.
I'm running MS Antispyware on my test machine. Its resource usage is the only thing I'm bitching about now. That, and not being able to totally unload the program. Even if you disable the real time protection, autoupdate, and scheduler, it still runs in the background. I only want to use the scanner part.
BTW. Microsoft removed the cookie scanning feature for now. They also removed some other things.

---

>>I too have added it to my munitions. I have read that
>>"Search Squire" is a false positive.
>
>If you're referring to Darren't post, I believe that, because
>he uses Spyware Blaster, he had a CLSID loaded in his registry
>which matched a "Search Squire" signature in the Microsoft
>A.S. database. Normally, if one does not use SpywareBlaster,
>the presence of that CLSID could indicate possible installed
>malware.
>
>SpywareBlaster works by loading CLSIDs of known spyware into
>your registry, and setting the "kill bit" for them so they
>can't execute {or rather, so the ActiveX cannot install}. In
>this instance, the Microsoft A.S. tool only found a signature
>match and did not know it was due to SpywareBlaster and not
>the actual spyware.

---

OOPs I guess I goofed, it was SpyBot S&D immunize, but the same principle I suppose, a "signature match" but the match is being improperly interpreted by GIANT A.S. since it is not due to actual installed spyware.

Hmmm .. do you mean, if you rightclick and exit the Microsoft A.S entry in the tray, that is leaves a process running? It loads these two processes at startup {assuming set at startup defaults}:

1. gcasServ.exe -- MS AntiSpyware Service
2. gcasDtServ.exe -- MS AntiSpyware Data Service

Are you saying it leaves one of those running? I suppose if it did you could "kill" the service using Task Manager if you wished. ;)

No. It shuts down properly when I exit from the tray. But if I remove gcasServ.exe from the startup entry, it returns when I open MS Antispyware again. And something about the tray icon isn't working right. If I remove the icon from the programs settings, it returns as well. Oh, well it's a beta.
BTW, here is some official MS links.


Microsoft Antispyware News Group

Known issues with Windows AntiSpyware

---

>Hmmm .. do you mean, if you rightclick and exit the Microsoft
>A.S entry in the tray, that is leaves a process running? It
>loads these two processes at startup {assuming set at startup
>defaults}:
>
>1. gcasServ.exe -- MS AntiSpyware Service
>2. gcasDtServ.ex -- MS AntiSpyware Data Service
>
>Are you saying it leaves one of those running? I suppose if
>it did you could "kill" the service using Task Manager if you
>wished. ;)

---

Yeh - I didn't like the fact that even though you chose not to run any real-time mechanisms it still ran at start-up. Like you I noticed that the component gcasServ.exe was loaded at start-up anyway. gcasDtServ.exe seems to only be active when you open the main program.

I removed the start-up entry from the Run branch in the registry and that stopped MSAS loading at start-up - I can start it and shut it down via the tray icon and use it as a scanner with no problem and nothing remaining running to my knowledge.

Nothing I have tried has reinstated the start-up entry and MSAS continues to be missing until I decide so I'm not sure why it get's reinstated on your system. I actually wanted it back so I could test it and had to reinstall the prog to get the start-up entry back. I tried opening the prog and setting the real-time on, auto-update components back on and to start with Windows and even with those settings MSAS didn't reinstate the start-up entry.

I finally got the startup entry to stay gone. I don't know what I did.

Since this is a beta, I decided to test the uninstall routine. It doesn't clean up after itself at all. It leaves the Microsoft Antispyware directory in C:\Program files\, the installer in C:\Windows\Downloaded Installations\, and 496 invalid registry entries. I was going to post a list of entries left behind, but it was almost 800 KB in size. I can't believe it left 800 KB of bloat in the registry and around 7,000 KB of files on the hard drive.

Is this the same as the Microsoft Windows Malicious Software Removal Tool that shows up for Windows XP critical updates?

>Is this the same as the Microsoft Windows Malicious Software
>Removal Tool that shows up for Windows XP critical updates?

NO! That is a completely different animal.

Acadia

>I have already decided that it will remain in my arsenal free or not.

Agreed. Actually, I have heard, but I must admit only thru the rumor mill, that MS is going to keep it free, but even if MS starts to charge, it is yet another excellent layer of protection against the scumbags and the first on my machine that runs in real-time.

Acadia

>The beta expires on July 31, 2005, and MS has not decided if
>it will be offered free after that time or sold. The program
>only works with W2K ans XP. I have already decided that it
>will remain in my arsenal free or not.

Same here .. I already had a licensed copy of the GIANT A.S. product {from which the Microsoft Beta comes} on my son's PC, and was already impressed by how thorough and good it is ... a very well-done anti-spyware package. When MS came out with their free beta product based on {or, cloned from} the same technology, I installed the MS A.S. Beta on this my main computer.

I had been running Spy Sweeper {by WebRoot} on this PC as my resident A.S. tool, but it was giving me problems with crashes or errors in IE and various other programs. {The latest version 3.5 of Spy Sweeper was the one giving me problems}. So I decided to install and run the Microsoft Beta product as *resident*, because I had noticed how on my son's Win98SE PC that it used close to zero resources running resident {i.e. with realtime protection enabled} and seemed very unobtrusive. {** See Edit Below **}

Besides, the realtime "agents" that GIANT {or MS Beta} uses provide more extensive realtime coverage {monitoring more "entry points" for spyware} than the Spy Sweeper resident protection offers.

All in all, I have to wholeheartedly agree with you Shelly, this is a real deal, especially considering it is free for Windows users. And a "keeper" for sure.

I have, on my three PCs at home, the following products installed {not all products on every PC}:

1. Spy Sweeper {by WebRoot}
2. SpySubtract {by the makers of AdSubtract}
3. Spyware Doctor {by PCTools}
4. Bazooka AntiSpyware {free}
5. Adaware SE {free, by LavaSoft}
6. SpyBot S&D {free}
7. GIANT AntiSpyware

and of course now the Microsoft Beta A.S. which is based on #7, the GIANT A.S. product. I have to say that IMHO the GIANT product is the best. ;)


** Edit: ** was speaking of system {GDI, USER} and CPU usage being very small. I'm not too concerned about RAM usage.

MS AS is using 16,808K of memory on my system.

Sounds like something to try,is it FREE?and where can you download it
thanks

Download it here:

http://www.microsoft.com/athome/security/spyware/software/default.mspx

major geeks too.

18,768 KB on mine. More (19,920 KB if I open then close the interface.

>MS AS is using 16,808K of memory on my system.

I meant the CPU usage and {GDI, USER} system resources on son's 98SE are negligible. ;) Those are much more important than RAM usage on a 9x system. On this XP box I have a Gig of RAM so am not concerned about RAM usage. Opera sometimes uses 100 to 150 Megs of RAM if you have several pages {tabs} open!!

GDI and User resources are of no significance in XP or W2K. They only matter in W9X which can't use the MS version anyway.

>GDI and User resources are of no significance in XP or W2K.
>They only matter in W9X which can't use the MS version
>anyway.

Hehe .. oh well .. the original GIANT {licensed} does run in 98SE. CPU usage even on an old PC like my son's was negligible {not noticeable} with GIANT running resident. I believe the resident part of MS Beta is pretty much the same as the resident part of the former GIANT A.S. ;)

I saw it flag a bunch of F.P's inside someone's scan. It was flagging a bunch of her Restricted Sites as spyware. She had about 15 entries all pointing to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Internet Settings\ZoneMap\Domains\ which said it was spyware, when in fact they were sites added to her Restricted Zone.
Oh yes, everyone and their neighbour had the SearchSquire F.P. too. :(

>I saw it flag a bunch of F.P's inside someone's scan. It was
>flagging a bunch of her Restricted Sites as spyware. She had
>about 15 entries all pointing to
>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr
>entVersion\Internet Settings\ZoneMap\Domains\ which said it
>was spyware, when in fact they were sites added to her
>Restricted Zone.
>Oh yes, everyone and their neighbour had the SearchSquire
>F.P. too. :(

Big Deal, the user can tell it to ignore those entries {put in Ignore List} and it won't "find" them again. There is no AV-AT-AS Scanner that has never had false positive {f.p}, do you throw out your AV just because it might have f.p. ?? -- So I wouldn't throw out the baby with the bathwater. And any Malware Scanner or similar Security Tool requires some intelligence to use it properly.

What you are describing is what can happen when people try to use too many security measures at once -- placing a lot of things in IE or NIS restricted sites {which enter into the registry}, a la IE-SPYAD or AGNIS -- also putting a lot of spyware sites in a huge Hosts file; placing a lot of malware CLSIDs in the registry to set kill bit; etc. These "other" measures are fine but they may produce f.p. with the AntiSpyware Scanners {with any one of 'em, not just GIANT}. So again one must be aware of potential conflicts if using multiple security measures like that.

Hey, it's FREE {at least, the MS Beta is} -- so don't use it if you don't like it. Fact is that GIANT has had one of the best spyware detection ratings on the Net, just Google and you can find that out for yourself. Each to his own, take care my friend .. ;)

Relax....I never said it wasn't a great program or that I didn't like it, Randy. :7
I said it had false positives,yes, as did all other spyware applications I tried. Average computer users won't know these are false positives though and that's why I posted what I posted.

Thanks to Shelly and all other inputs re this program. I have never used a beta program until today. Based on everybody's thoughts on this program, I decided to use it since it's been around as a Giant program for a while. Another cr*p prevention tool never hurts in today's wild, wild WWW. :lol:

H

Thank you for the review Shelly. I think I will go ahead and try it out now :D as hearing a lot positive comments from valued moderator/members here inspires me :clap: :clap: :clap:

I have already decided that it will remain in my arsenal free or not.

Shelly, that was my conclusion when I was running it. However, before I pulled out the plastic, I gave Giant's "brother" or "cousin", CounterSpy, a trial. Then MS bought Giant, so I ended up paying $19.95 for CounterSpy, which comes from the same source code.

What won me over was how well the Giant A/S product finished a cleanup on a severely infected system that I detailed here. Also, though Giant A/S had some fairly memory intensive processes, there does not appear to be any perceptible problems. The Giant progeny seems to run great on Windows XP systems of 256 megabytes and greater.

I agree that CounterSpy or the MS AntiSpyware products are definitely worth having. One more shotgun shell for malware.

In the time that I have had it installed there has been several updates that come in on auto.
Actually the only change that I can find between Giant and MS program is the Name at the top.

The Giant program also works on W9X, the MS version does not.

I have to say I'm happy with it also, it has found 8 items that got passed Firefox, SpywareBlaster, Spybot S&D, Spy Sweeper and Ad-aware, and each item was legit. I hope M$ keeps the Giant team on.

After running Spybot S&D, Spywareblaster, & Ad-Aware S&D, here's what MS AS found:

I like it too! works, easily and found things adaware had not! Impressed! HAve sent it to all my friends.

Upon running it on both my machines, it found: Back Web, BroadcastURBAN and SearchSquire (Adware) on mine, but only SearchSquire on my girlfriend's.

I removed all of them, rescanned and everything was negative. After reboots however, SearchSquire had returned to both machines after the automatic overnight check.

Do you have Spybot running in the background? Or, did you use the Spybot immunize feature?

---

>Upon running it on both my machines, it found: Back Web,
>BroadcastURBAN and SearchSquire (Adware) on mine, but only
>SearchSquire on my girlfriend's.
>
>I removed all of them, rescanned and everything was negative.
>After reboots however, SearchSquire had returned to both
>machines after the automatic overnight check.
>

---

Indeed I do.

SearchSquire a false positive, put in your restricted sites by Spybot. Ignore it.

Did everyone else have this happen? After choosing to remove Search Squire and PowerRegScheduler, I rebooted as advised and my home page reverted back to MSN.com instead of pcqanda. Changing the home page now requires approval via a small dialog box. Slick.

The only other problem I had was having to get on the floor with a magnifying glass to read my product code on my case. :-) :-)

Like many, I am running multiple anti-spyware programs (Spybot, Spywareblaster, Trojanhunter, AdAware and now this one). At what point do we start dumping some of them?

>Like many, I am running multiple anti-spyware programs
>(Spybot, Spywareblaster, Trojanhunter, AdAware and now this
>one). At what point do we start dumping some of them?

They are still pretty complimentary and one tool doesn't do all jobs so for the forseeable future I think you'll still be running all of them.

"read my product code on my case"

Is that needed to do the install?

Gee, I didn't have to read the the produce code.
Really, a very slick tool but it doesn't do the tracks erasure (under Advanced Tools) on Internet Explorer address bar.

I have 2 computers both with XP. The 1 computer I built myself didn't ask for the product key. The other is an E-Machines that came with the operating system installed. I was asked for the product key for that machine.

Just my experience.

G

Must have something to do with version installed by Company and user installed OSs. I didn't have to on either of two that I had installed the OS.

The product code was required for me on the link Shelly provided above. It "recommends" that you go through the genuine Windows validation pathway (which then goes to the download), but frankly I didn't even see that there was any other option.

Thank Shelly for your infos about Microsoft antivirus I downloaded it
and as you said it work pretty fine and easy to use.
Now a question should I keep my other antivirus like AVG, AdAware,
spyblaster and a squared.
Thank
I am running window XP
Pierre

Yes keep them,what you downloaded is not an anti-virus program,but an anti-spyware program.:-)

Thank to all of you
Pierre

OK Guys, no flames please, but what you need to check in Windows Task Manager is the Virtual Memory {VM} size, *not* the entry for "Mem Usage". {I think it is also sometimes called virtual machine size}.

As has been explained to me, the VM Size is the actual memory use of the process, not the "Mem Usage" entry. The "Mem Usage" entry reflects the address space currently allocated to the process which can be used without causing a page fault. Some of that address space can be reassigned to other processes if needed, but the VM Size is private to the process and cannot be reassigned.

My PC {WinXP-SP2, Pentium-4 2.4GHz CPU, 1-Gig RAM} has been running over a day now without reboot, with the Microsoft A.S. Beta running resident, so the following numbers for VM Size should reflect an "equilibrium" or "steady-state" typical RAM usage.

As I mentioned in previous post, the resident processes loaded by this program {identical to the processes loaded by its predecessor GIANT A.S.} are:

1. gcasServ.exe {Microsoft AntiSpyware Service} VM Size: 2372K
1. gcasDtServ.exe {Microsoft AntiSpyware Data Service} VM Size: 5908K

To get the VM Size to display in your Windows XP Task Manager: View, Select Columns -- check VM Size.

As you see, my box is showing a Grand Total VM Size of 2372K + 5908K = 8280K, or about 8 Megs. For anyone with enough RAM to run Windows XP, that isn't much. The GIANT A.S. on my son's 98SE PC, a box which has only 128 Megs total RAM, does not make much a dent there either. And the CPU overhead due to GIANT running resident on his PC, measured by Norton System Doctor, is almost a flat-ZERO. I'm talking about a very slow Cyrix 176MHz CPU, too.

I think the resource usage is a "red herring" or moot issue here. If you don't have spare resources to run this program, you don't have resources to run much of anything else either, IMHO.

Have a nice rest of the Saturday, everybody! ;)

>What you need to check in Windows Task Manager is the Virtual >Memory {VM} size, *not* the entry for "Mem Usage".


But surely, unless Microsoft are really making their terminology confusing, if VM stands for 'Virtual Memory' it's refering to data in hard drive space rather than physical RAM?

EDIT - Just noticed the edit, must have had refresh weirdness ;)

EDIT 2 - Just looked in Task Manager and TM uses the term Virtual Memory Size so I suppose my initial question stands.

That's what I would think, too.

I'm running CounterSpy and showing the following:

Process: sunasDtServ.exe
Mem Usage: 49,664K
VM Size: 44,644K

The above gradually grows the longer the computer runs without shutdown or restart. I have not tracked it to see if there is a limit or an automatic event that resets it.

Process: sunasServ.exe
Mem Usage: 6,724K
VM Size: 1,996K

The above process generally stays steady as I recall.

Process: CounterSpy.exe
MemUsage: 25,376K
VM Size: 16,324K

The above is the CounterSpy main interface running a scan.

CounterSpy runs fine on my system and has just alerted me to a keylogger and some other crap trying to getting established. Pardon me while I go find out just what the hell is going on.

Well, here is what happened. While typing the above response, I received three alerts from CounterSpy implying a change in certain SHELL parameters. This occurred about the same time I happened to run a scan to check memory usage. ZoneAlarm was quiet.

CS reported Dark Omen and Acknowledge registry entries among others. Further investigation suggested that WinSock settings apparently were attempting to be changed.

I first manually backed up the registry, ran TrojanHunter 4.1 (nothing found), also ran Mwav.exe (nothing), then allowed CS to quarantine or remove the affected files and entries. My desktop flickered, then all was normal. I ran LSP fix and found no problems. Internet access is speedy and everything appears to be fine.

I believe a remote access trojan (RAT) was attempting to get established here. CounterSpy appears to have blocked it.

Earlier, I had visited some websites while doing research on a Windows SP2 problem and also had viewed some material suggested by the Off-Topic lounge.

By the way, I have no idea what the attachment is doing on my previous post. I uploaded nothing to my knowledge.

I thought VM was page/swap file usage.

>I thought VM was page/swap file usage.

As it has been explained to me, the VM Size more accurately reflects the amount of RAM being used by any application. "Mem Usage" is the allocated pages of memory, not all of which is in use. "VM Size" is the total bytes that are private to the process and cannot be shared with other processes. Edit: I Googled and found a more detailed explanation {posted below}.

:-) :evilgrin: :lol: :)

Randy, I would expect Mem usage to be far less with lower memory systems.

>Randy, I would expect Mem usage to be far less with lower
>memory systems.

The screenshot I posted was from MY system which has 1024 Megs RAM. ;)

Same here. :)

OK Guys, since there seems to be some confusion about the terms, I Googled to see if I could find a good explanation and came across this one:

----------------------------------------------------------------------
Private Bytes -(Corresponds to the "VM Size" from Task Manager) - Private Bytes is the current number of bytes this process has allocated that cannot be shared with other processes.

Virtual Bytes - (Not shown in Task Manager) Virtual Bytes is the current size in bytes of the virtual address space the process is using. Use of virtual address space does not necessarily imply corresponding use of either disk or main memory pages. Virtual space is finite, and by using too much, the process can limit its ability to load libraries.

Working Set - (Corresponds to the "Mem Usage" from Task Manager) - Working Set is the current number of bytes in the Working Set of this process. The Working Set is the set of memory pages touched recently by the threads in the process. If free memory in the computer is above a threshold, pages are left in the Working Set of a process even if they are not in use. When free memory falls below a threshold, pages are trimmed from Working Sets. If they are needed they will then be soft-faulted back into the Working Set before they leave main memory.
----------------------------------------------------------------------

That was my understanding also, as someone from another forum once explained to me: -- The amount of RAM in the "Mem Usage" figure is the currently allocated pages, not all of which are in use, and some of which can be reallocated if necessary. Whereas the "VM Size" is, as stated above, "the current number of bytes the process has allocated that cannot be shared with other processes."

Thus "VM Size" is memory that is dedicated to that process and cannot be reallocated or shared with any other process. "VM Size" therefore more accurately reflects the amount of memory taken up exclusively by that process.

Hope that helps; y'all can Google for info yourselves if still curious.

:-) :clap: :evilgrin: :lol: :)

This may be known information to others but I thought it was relevant given the topic
http://blogs.zdnet.com/Spyware/index.php?p=13

Of interest is the following quote:

"I recently wrote about CounterSpy, a fairly new antispyware utility from Sunbelt Software. I wasn't aware Sunbelt licensed the code base and definition file from Giant Company Software under a co-ownership deal. The story gets more interesting because Microsoft just acquired Giant Company Software. Sunbelt insists its licensing rights are still legitimate, while Microsoft wants to end the relationship by July 2007."

Any chance of a link to that info?

It certainly is slightly confusing - take the post by Moose at UD referenced in this post.

"After running the new rosetta task in beta for a week I've moved it into production. You should see the new application the next time you connect to the UD servers.

This update reduces the memory foot print of Rosetta to ~26M Real Memory and ~200M Virtual Memory."

This is what the Rosetta unit is showing in my task manager -


So that would correspond to what Moose stated about the Rosetta units. It does look from that that the VM size is the amount of Virtual Memory that the program reserves out of hard drive space but obviously conflicts with the quoted definitions in your post.

I'm not saying you are wrong - just that the situation is very confusing ;)

I'm quite sure that "VM Size" is the private pages allocated to the process that are not shared with any other process. I will hunt down some links and edit this post a little later. What the Task Manager calls "VM Size" is the more accurate measure of memory being exclusively used by the process and not shared with other processes.

OH Heck I'll just put the links in a separate post, less confusing:

Google on "VM Size":
http://www.google.com/search?q=VM+Size&sourceid=opera&num=0&ie=utf-8&oe=utf-8

----------------------------------------------------------------------
First Hit: "What does Mem Usage and VM Size mean on Task Manager's Processes tab?"
http://www.jsiinc.com/SUBB/tip0700/rh0722.htm

Mem Usage - is the working set size. It is the amount of physical memory which is directly (currently) allocated to the process. It can be accessed without causing a page fault. This includes pages shared with other processes.

VM Size - is the total private virtual memory allocated to the process. This is the number you see when you use the Process Private Bytes counter in Performance Monitor.
----------------------------------------------------------------------


{Underlining above is mine}. "VM Size" more accurately measures the amount of memory the process requires to run, which is private and not shared by any other process. I'm not clear now whether "VM Size" ever involves paged memory, your screenshot may indicate a process that is using a lot of paged memory in order to run.

My screenshot for the Microsoft A.S. Beta processes is more typical. Usually the "VM Size" will be smaller than the "Mem Usage". I have 1024 Megs of RAM on this box and rarely does it need or use any paged memory from disk.

This all suggests to me that a program reserves pages in both physical RAM (by physically having to be loaded and some space for expansion as you say perhaps) and Virtual Memory on the hard drive. Presumably the VM may not be used if there is sufficient physical RAM but should it need it it has an area of VM reserved rather than calling it when the need arises.

Assuming this is the correct explanation, the "VM Size" would still be the more accurate metric for the amount of memory a process actually NEEDS in order to run .. IMHO. I first learned about this from a knowledgable fellow at DSLReports who pointed out to us that "VM Size" is the more accurate measure of the amount of memory required to run an application.

I know that I surely would *Not* want to run any *Resident* AntiVirus, AntiTrojan, AntiSpy or other app that required a lot of paging to disk !! Because such a resident application by definition would be constantly running in the background, that would be H*ll on your system !! {Constantly hammering your disk for paged memory}. In fact, a Realtime Monitor like that probably could not work if it was relying on paged memory from disk, because it is supposed to react very quickly in "realtime", and cannot wait around for memory to be paged in and out of the disk.

So, we may be comparing apples and oranges; normally the "VM Size" will be smaller than "Mem Usage"; that is what I'm seeing on my Task Manager display.

:-) :clap: :evilgrin: :lol: :)

It doesn't really matter from which column you read your data, Microsoft Antispyware still uses alot of resources. ;)

>It doesn't really matter from which column you read your
>data, Microsoft Antispyware still uses alot of resources. ;)

Respectfully "Agree to Disagree" .. Even the users on CNET were commenting how lite on resources the GIANT AntiSpyware product was. That is one reason I purchased it {before MS acquired the Company}. My Norton AntiVirus uses a heck of a lot more resources than the MS AntiSpyware does !!

Obviously no one is forced to use the product if they see no need for it, I mean, after all, it is completely FREE to Windows {2K/XP} users .. hehe .. I have posted evidence to the contrary: For anyone with enough resources to run XP {the operating systm} to begin with, this neat little tool will hardly tax their system.

SpywareBlaster and common sense work well for you, that's fine. But why invest so much time trying to debunk and cast doubt on this excellent product? If you see no need for it, fine .. but let others draw their own conclusions based on the evidence.

I agree with Shelly's initial assessment, this is an excellent tool being offered by MS for free.

:-) :clap: :evilgrin: :lol: :)

I'm not trying to "debunk and cast doubt" on it at all. I'm also not investing any time praising it as the application of the century...ahem. I'm simply stating my observations. Not everyone has the same opinion about it as you do. Go to the newsgroup link I posted and see for yourself. Have you tested it on a severly infested computer? Many are not able to boot at all after running the program, because it didn't properly remove the spyware. Everyone isn't as computer literate as most of us are in this forum and can't recover from the damage. The general computer population's machines aren't as clean to start with as ours are, and they are having issues. Have you truly tested it? Do you have a test machine to load up with every piece of malware out there, and really test the product? You would know what to do when your computer restarts with errors or didn't start at all, but most don't.
It sounds as if you're saying let others draw their own conclusion based only on your evidence. Face it...not everyone will have the same positive experience with it as you have. No matter how much praise you or anyone else lavish upon it, I have my own opinion about it, and it's the exact opposite of yours. Some of us don't need our hand held while we surf the web. My simple tools, security restrictions, etc. have kept me spyware free for years. Until they no longer work, I see no need to use anything else.

That being said, I do have the program installed on my test machine. I will agree it does have some nifty features. The program does have potential, and I may even use it one day. But for now I will use the tools provided by the spyware pioneers.

---

If SpywareBlaster and common sense work well for you, that's fine. But why invest so much time trying to debunk and cast doubt on this excellent product? If you see no need for it, fine .. but let others draw their own conclusions based on the evidence.

---

Have you tested it on a severely infested computer?

As you may recall, I have done so, Darren. Under the Giant banner, it did remarkably well for a final cleanup.

An associate reported over 1900 pieces of malware onboard a computer. I'll have to post back soon and let you all know how CounterSpy did on a local machine.

Great for you, Allyn. I remember your post. Some aren't as fortunate, though.

---

>[i]Have you tested it on a severely infested computer?[/i]
>
>As you may recall, I have done so, Darren. Under the Giant
>banner, it did remarkably well for a final cleanup.
>
>An associate reported over 1900 pieces of malware onboard a
>computer. I'll have to post back soon and let you all know
>how CounterSpy did on a local machine.
>
>

---

>An associate reported over 1900 pieces of malware onboard a
>computer. I'll have to post back soon and let you all know
>how CounterSpy did on a local machine.
>
>


I would say that is a lot of spyware, and a pretty damn good test.

The other thing to note here is that Giant does not list ALL the entries it findes as separate. There may be numerous entries for each found file. Rather, Giant lists a file under it's spyware name, then places registry key's for example, under the same heading. Other products boost the found spyware numbers by counting all the entries found, as well as non-critical objects such as most recently used files.

Regardless of personal oppinion for or against the software, it is a darn good product for finding, removing and preventing spyware from getting on your system.

Neil

"just alerted me to a keylogger and some other crap trying to getting established."

Allyn, my question is, what is it that you were doing, or what vulnerability exists on your system that such a thing would occur to begin with?

On my system, I have a router with NAT, ZoneAlarm firewall, & F-Prot antivirus. I have never used, on my system, Spybot, or Ad-Aware, or anything else. I go anywhere I want, I do whatever I wish. I have never had any malware get any kind of hold on my system. (Some may say I am saying that blindly, but I don't think so.)

Forgot to mention that I run Mozilla & Eudora, no Java, no ActiveX.

Good read, rube! You know, no one else has asked me that!

I did not think I was doing anything "wrong." Shortly before, I had been to several websites, including TV Guide (of which I'm very suspicious) and one in a post at the OT Lounge. The only thing odd was a pop-up with content that made me suspect I had somehow received a new cookie not blocked by SpywareBlaster.

While opening CounterSpy to check on memory usage, I received multiple alerts from CS regarding a change in the shell. I blocked the change. Shortly afterward, a full scan revealed tracking cookies not covered by Ad-Aware or SpywareBlaster and a remote access trojan that did not show up on a second scan. Also onboard were what CS called Dark Omen, a keylogger. Frankly, I wasn't sure if this was real or a false positive. But it identified a load of registry keys as part of the keylogger. I chose to quarantine them in case they had to be restored.

As for security, I would say things worked. For one thing, ZA reported nothing calling home. And my computer is running fine.

Speaking of my computer, though its graphics processing capabilities are getting a bit dated, my Asus A7N8X Deluxe with an XP 2800+ and 1 GB RAM still flies. Visitors are amazed at its perceived speed and responsiveness.

M.S. Anti Spyware is running sweet on my P.C. Just one minor gripe. Seems that "AdAware" still picks up tracking cookies like "HitBox" etc. Otherwise this program is a gem. Not experiencing any of the issues mentioned on the Microsoft Newsgroup. Thanks for the review. :-) :-) :-)

>M.S. Anti Spyware is running sweet on my P.C. Just one minor
>gripe. Seems that "AdAware" still picks up tracking cookies
>like "HitBox" etc. Otherwise this program is a gem. Not
>experiencing any of the issues mentioned on the Microsoft
>Newsgroup. Thanks for the review. :-) :-) :-)

If I'm not mistaken, I believe that is one modification Microsoft made to the original GIANT AntiSpyware product that the MS-Beta is based on: -- they removed the security agent that monitors tracking cookies. I guess they felt this would be too intrusive a feature to include for Windows users. But tracking cookies are easy to remove.

Nice to hear it is running smoothly for you, I hope you continue to have a positive experience with this Beta.

Warmly, Ran

:-) :clap: :evilgrin: :lol: :)