My sister sent me a link to this article.

Windows Defender Beta 2 vs. spyware | Spyware Confidential | ZDNet.com “As promised a few days ago, I finally got a virtual machine upgraded to Service Pack 2 for testing Windows Defender Beta 2. For the sake of convenience, I’ll refer to it as WD for most of this post. When I wrote about WD previously, I mentioned the review at PCMag.com where WD was tested against 6 keyloggers, which is not a particularly valuable test in my opinion.” […]

Have to admit that I stopped reading computer magazines with the demise of Byte. Did not realise they had sunk so far. To be fair, the early years of Byte had quite a few clueless articles written by various authors who did not really understand what they were trying to cover. In the later years the Byte crew included some reasonably sharp folks.

In this instance the writer identified by ZNet as a “spyware researcher and consultant” is clearly not very good. She starts her review by running a scan with each spyware tool, and reporting the counts from each - and then uses the numbers as an absolute measure. This would only make sense if each application counted things exactly the same - and they don’t.

The end result is what you are interested in with a spyware scanner. The methodology is simple - cleanup with tool A, and scan with tools A, B, C (etc.) for all combinations (you can eliminate some combinations if some tools always return a subset of what another tool returns). The tool(s) that remove everything harmful are all winners - if any do a complete job. The counts reported by each tool are mostly meaningless - either it’s clean or it’s not (though you do want to look for false positives).

Using a VM as a base for the test was the right idea, but reconnecting to the network in the middle of the test pollutes the results. Better to connect a disk/folder to the VM - if you know how to use the tools.

So this is what ZNet is offering as an expert? Ouch.