There has been talked much already about the Microsoft AntiSpyware Beta1 software on this forum. ..

Microsoft's Anti-spyware Software...
Microsoft® Windows AntiSpyware (Beta)
MS Antispyware says Messenger Plus is adware

Most topics say that Microsoft's new beta gives a false detection of Messenger Plus!, i decided to try it myself today.

Click on the images in this post to see a bigger version


I did a "full system scan" on all my harddisks and had all these options turned on...

• Scan memory locations and runnign processes
  
• Scan selected drives/folders (All 4 partitions on my system were selected)
  
• Deep scan folders (recommended but will increase scan time)

• Detected 2 files on harddisk and a lot of registry settings.
  
• This is a threat according to Symantec and listed as spyware too.
  
• Not something you would wish on your system either, since it can run in hidden mode .
  
• Not sure how this ended up on my system, probally when i tested this software on my own system a long time ago.
  
• Note that this spyware was not running at the moment of scan, but it was indeed sitting on my harddisk.
  
• Microsoft AntiSpyware is right to detect this spyware as a severe threat .
  
• The default action "remove"" is very appropriate .

• Detected (almost) all Messenger Plus! files and registry settings
  
• The sponsor is not installed on my system, it actually never was.
  
• It's listed a "adware bundler" even while (in my case) the sponsor doesn't exist anywhere on my system. And it isn't possible to get the Plus! sponsor either from the files it detected. The only way is by downloading the Plus! installer from some site, run it and choose to have the sponsor installed. Even whe using the auto update feature you will always need to choose if you want to have the sponsor installed or not with this update.
  
• Microsoft AntiSpyware does detect Plus! as spyware, even without the sponsor. But it does not detect the Messenger Plus! setup file as spyware. Strange, the setup file has much more risk of being 'spyware' (50% depending on if you choose to install the sponsor or not) then a Plus! installation without the sponsor (0%, totally harmless).
  
• Microsoft AntiSpyware is not right in any way to detect Messenger Plus! as spyware, it could be right to detect the sponsor itself or the Messenger Plus! installer, but never the Plus! software itself .
  
• Using "ignore" as default action is the least they can do, shouldn't even be detected .
  
• Can go on about this much longer, but just browse the other topics about this.

• Detected start menu shortcuts to RealVNC.
  
• I use RealVNC to connect to my PC over the internet when i'm away from home. It's simulair to Microsoft's Remote Desktop which isn't detected BTW . I installed RealVNC myself and you need to login with a password before you can do anything with it. Also, it only seems to detect the start menu shortcuts and not the files itself, wierd.
  
• Altough it's strange to detect VNC, they have a point. The people who install this will know it's harmless for them and ignore it. People who don't know VNC and have it on their system probally won't want it.
  
• But, this program is used by a lot of admins to configure systems remotely. In over 90% of the cases it will be harmless.

• Detected a lot of registry settings from KaZaA Lite.
  
• Would make sense to detect KazaA, but not the original KaZaA Lite K++ (v2.4.5.4) since this version has of ad/spyware removed.
  
• Stupid to detect this, causing stupid rumours and confused users

• Detected various eMule registry settings.
  
• Doesn't make sense at all, it detects eMule as eDonkey, WTF!?!?
  
• eMule doesn't contain any spy/adware. I don't know if eDonkey does, but that isn't on my system anyway.

• That isn't Grokster, but part of KazaA Lite (see what i said about KazaA Lite).
  
• Makes no sense to detect this as Grokster

• Had this installed once, but it is already un-installed these are just some left behinds.
  
• Good to detect this tough

• Emule Morphxt (low threat) - Harmless add-on for eMule.
  
• Several online banking programs - How does that have anything todo with spyware? Pleople just want to do their banking stuff online.
  
• WebHancer SpOrder.dll - This is a file which can be related to spyware, but in many cases is part of normal software too. Removing this file could very well be more dangerous then leaving it on your harddisk.
  
• Timbukto Pro (Commercial Remote Control) - This turned out to be part of the Symantec VPN Client, which is harmless. Probally detected because of the same reason as RealVNC, but i really don't get that reason.

is it posible for me to get this program

quote:

---

Originally posted by Saint
is it posible for me to get this program

---

ok thanks

Yes, it's a public beta (not a final version).
Menthix posted the direct download URL above, but check Microsoft Windows AntiSpyware (Beta) Home first.

It recommended me to quarantine my anti-virus programs auto-updater.

What antivirus?

Well, it's still a beta, so I just hope they'll improve it for the final version...

quote:

---

Originally posted by Vilkku
It recommended me to quarantine my anti-virus programs auto-updater.

---

I dont think any of them are false... keylogger is in fact a threat for your privacy msn sniffer also msgplus they explain clrearly that msgplus installs an OPTIONAL adware so nothing wrong to me u people are also trying to look for a motive to blame microsoft and u get  ur objectivity damaged...

I dont like microsoft(strategies and some other things) also but im objective in my opinions.

i dont hate MS, but im not going to provide them FREE beta testing. They have enough money to test their own products somewhere other than my comp, unless of course they want to pay me

Found the official way to contact Microsoft about issues with Microsoft AntiSpyware Beta.

Please everyone, report any bugs, false positives and problems to the newsgroups Microsoft has for this, here:
http://communities.microsoft.com/newsgroups/default.asp?ICP=spyware

Like already said, this is still beta software. The more people report problems to Microsoft, the better the final version will be .

Is only a Beta Version, it still will be so until it get released at no-beta.

i tried it and you guys/gals are rite, this programs detects false spywares-plus, etc... it even detected one of my spyware scanners as a spyware! (which is not in anyway)
this program works really well in many ways except the scanning function, however, this is only a beta and it expires after certain amount of time

quote:

---

Originally posted by paperless
keylogger is in fact a threat for your privacy msn sniffer also

---

quote:

---

Originally posted by paperless
I dont think any of them are false

---

• eDonkey is detected on my system. However, i don't have eDonkey on my system and never had. The files that are detected belong to eMule. The only connection between both is that they connect to the same P2P network. eMule does not contain any ad/spyware, in fact eMule is an open source project. So if you don't believe it, check the source code. How would you explain this as a valid detection?
  
• Grokster is detected on my system. But i didn't installed this software and never had. In fact the file detected is part of KazaA Lite. This "lite" version of kazaa i installed doesn't contain any wpyware, which is also proven by all other anitspyware tools i know of.

I didnt read the whole thread but i read the most of replies and saw all pics ...

i downloaded it some minutes ago and it detected grokster, kazaa and msgplus... i havent grookster neither the original kazaa i have kazaa lite resurrection.. lol btw im gonna unninstall it coz i dont need it anymore

i dont see the point you are trying to make it is detecting these programs because they do in some way or another pose a threat to your system or install something that you might not want you to do.
the problem i have is it is only pointing out that this program (in the example of plus) has the possibilty of doing something you dont want it to. It does not do anything to these programs or their files unless you change the default option which im sure most people would not do. What is the problem with it informing users with possibly useful.
Obviously, most of you won't actually consider my opinion because i like Microsoft. i think they have done a lot more good for the world than bad.

It found two programs that dont exist on his computer.
And it finds pluses program files, with or without the sponsor. Yet not the installer, where the option to install to sponsor.
So you can imagine is some joe random is scaning there system, which has plus on it but not the sponsor, and it brings up plus' files and he think "Oh no messenger plus is spyware, i better tell everyone i know"
Which is completely incorrect.

quote:

---

Originally posted by mad_onion
i dont see the point you are trying to make it is detecting these programs because they do in some way or another pose a threat to your system or install something that you might not want you to do.

---

quote:

---

Originally posted by mad_onion
It does not do anything to these programs or their files unless you change the default option which im sure most people would not do.

---

quote:

---

Originally posted by madman66
some joe random is scaning there system, which has plus on it but not the sponsor, and it brings up plus' files and he think "Oh no messenger plus is spyware, i better tell everyone i know"

---

quote:

---

Originally posted by mad_onion
Obviously, most of you won't actually consider my opinion because i like Microsoft.

---

lets just remember that the ONLY change microsoft did so far to the giant antispyware was put their name on it, not really more than that

quote:

---

Originally posted by MenthiX
Also, it only seems to detect the start menu shortcuts and not the files itself, wierd.

---

btw it detected what pulse has a key logger ?

I don't agree with RealVNC: "you need to login with a password before you can do anything with it", because hacker can put RealVNC in your computer and set a password for his use... So an antispyware software shouldn't treat "RealVNC with password" never a trojan.

quote:

---

Originally posted by ChrisTorng
I don't agree with RealVNC: "you need to login with a password before you can do anything with it", because hacker can put RealVNC in your computer and set a password for his use... So an antispyware software shouldn't treat "RealVNC with password" never a trojan.

---

MS AntiSpyware vs Ad-Aware vs SpyBot
http://www.flexbeta.net/main/printarticle.php?id=84

quote:

---

Conclusion
Though still in beta, Microsoft AntiSpyware was able to detect more infected files than the current leading anti-spyware applications in the market today, Ad-Aware and SpyBot S&D. AntiSpyware's user interface is better looking than both SpyBot and Ad-Aware, not to mention much easier to use than SpyBot.

---

quote:

---

Originally posted by Guido
Meanwhile I suggest all that think Plus is erroneously catalogued at Spyware post their opinion in the newsgroups, "signatures" subforum:

http://communities.microsoft.com/newsgroups/defau...ures&iPageNumber=1

---

i have seen a strange behaviour from MSAS:
an antispyware program called "personal antispyware" was detected as a keylogger (which it isnt), thats not all to it, it is only detected when a program called "perfect keylogger" is installed. the relation between those two programs is that they are made by the same company.

first i installed personal antispyware, then perfect keylogger, MSAS detected both as keyloggers, then i uninstalled perfec keylogger, and only the remains of perfect keylogger where detected !!!

an interesing thing to notice was that neither MSAS nor ad-aware detected perfect keylogger as a process (they detected files and registery keys)

this screenshot with both softwares installed:


this screenshot is taken after perfect keylogger was uninstalled (using add\remove) and personal antispyware STILL installed. (the remains of perfect keylogger were detected)

second screenshot

i had this problem too...and in no way does it make me anti-microsoft...if i was, i'd be stuck using linux, but the reality is that people are'nt here to bash microsoft or the anti-spyware beta, but to address security concerns with msgPlus.  The purpose of all this was to show that the beta isn't perfect, and that new users, like myself, can trust msgPlus despite what the scan told me.  Thank all of you for your help.

List of all the Msg Plus! regkeys MS antispyware detected on somebody elses comp.

Clear enough i had to reassure this person she can safely ignore these warnings:
Messenger plus! is an add-on for msn messenger. During installation users may install an adware program called C2media, which is also known as lop.com.
This is a low risk application and will not cause direct harm to you computer, removing it is not required. However, its is strongly recommended that you review this application's End User License Agreement (EULA) as well as review the application's privacy policies.
Since this application gives you the option to not install adware that comes bundled, we recommend ingnoring it.

And yep, that warning doesn't only come up when installing Plus! but also afterwards with every scan. This person also did not install the sponsor. I can imagine this beeing very frustrating and confusing. At first i thought it was the installationfile it detected or that it detects it because "allow Plus! to send anonymous.." was on. She turned that off and still that warning, you can imagine my surprise when i saw the huge list of regkeys it detected (she e-mailed them to me).

quote:

---

Originally posted by zaidgs
i got a question, although this probably comes really late: considering that microsoft bought giant's software, and that software was not beta (am i wrong here?) so software should be more or less complete, so if sm1 knows, were most problems there when microsoft bought it, i am not talking about plus!'s false detection here, cuz thats already answered, but other bugs in the software.... the changes i heard of so far are that they changed logo, and disabled searching for cookies for some reason......
this question comes to my mind because as i read on the net, the giant antispyware had a really good reputation in the antispyware field, while people do have some objections over microsoft's antispy (which i find to be ironic)

---