If it isn't blocking anything or finding anything, you are doing everything
right. Most people, in fact--perhaps the vast majority of the 18,000,000
installs, probably fall into that category.
I take care of perhaps 4 dozen machines in various small offices, and of
those, there are just 3 in one particular office, where I've seen serious
spyware problems--significant--to the tune of hours of work cleaning the
machines, by hand generally, when nothing automated that I used spotted
everthing or was able to remove it.
Microsoft Antispyware's real-time protection is very real, and should stop
lots of drive-by installs, which are becoming less common by the minute, I
think, although there are spikes when new IE vulns are found and exploited
as is, in fact, now happening in a small way.
If you'd like to see a quick detection example on your own machine, here's a
safe way to wake it up:
Drop to a command prompt.
CD to your windows or winnt directory, depending on the windows version
md winlogon.exe <enter>
sit back for 10 or 15 seconds and see what happens.
When you get the red popup, do rd winlogon.exe <enter>
Then choose either choice on the popup--it doesn't matter--neither will do
anything useful or bad. Don't choose always ignore--there is a genuine
threat by this name, but creating a folder doesn't create it!
Microsoft Antispyware doesn't scan for cookies. This has been hashed out
forever in various groups, so I won't try to talk about it further. I'm not
convinced this is the best choice, and it could still change--but that's the
situation at this time.
Yes--there are no common definitions of spyware--it is every vendor for
themselves. Every product out there has some degree of false positives.
Some have this issue to the extent that they really constitute false
advertising, and they make Eric Howes' Rogue list. Microsoft Antispyware
has relatively few of these and they get fixed pretty promptly.
So--I'm not surprised that product xyz finds lots more items than Microsoft
Antispyware. And I'm even not surprised that sometimes xyz will find
something genuinely real and bad that Microsoft Antispyware didn't. I still
believe that at the end of the day, in a well thought out review procedure
against the real, nasty threats out there, Microsoft Antispyware will come
out among the top contenders. It has often been the highest rated, but
recently there are some newer products out there that are doing better. I
expect beta2 will improve on this showing, though.
--