Caveats with new Microsoft AntiSpyware

I’ve been using the new free Microsoft AntiSpyware tool released in beta last week.

What impressed me in particular is it’s real-time preventative approach. Not only does it do what products like Ad-Aware do – searching, finding and killing nasty stuff on your PC – it also sits there in your system tray monitoring what’s going on on your PC. It pops up alerts and other messages in response to activity, either when there is something to be concerned about or just to let you know that an activity has happened that the program thinks is ok.

It’s definitely a product worth trying. But, there are some downsides to it.

A review in PC World magazine highlights some major negatives which, while aren’t to do with the actual antispyware functionality, might nevertheless concern some people:

[…] Microsoft skeptics will likely find plenty to criticize. For example, a browser-settings lockdown feature can only restore Internet Explorer browser settings to point back to MSN as your home page, IE as your default browser, and MSN Search as your default search engine. Another feature that erases your history files works primarily with Microsoft programs – skipping Firefox, Opera, and AOL software.

Walt Mossberg in the Wall Street Journal has similar criticism:

[…] Even worse is the way the program handles another spyware problem, the hijacking of Web-browser home pages and search pages. This is a spyware technique in which the home and search pages in a Web browser are replaced by pages selected by a spyware company, and it’s nearly impossible for a user to restore his or her own selections.

The usual way of handling this, with programs like Spy Sweeper, is to detect the page changes and to restore the user’s original choices. But the Microsoft program tries to replace the spyware pages with home and search pages from MSN, Microsoft’s own online service. This smacks of the same kind of coercion the spyware authors are using.

On browser hijacking, I don’t think this is a major issue at all – as long as you don’t use Internet Explorer. Use Firefox and that’s all history, in my experience.

But Mossberg also raises concerns about some of the product’s capability:

[…] the scans missed some spyware found by Spy Sweeper. In particular, Microsoft missed “tracking cookies,” small files deposited by Web companies, often without your knowledge or permission, that track your online activities. The Microsoft program deliberately doesn’t look for these. Microsoft officials say they are concerned that some legitimate cookies, such as those that store Web-site login information, could be unfairly labeled as spyware. They promise to add tracking-cookie detection in the future.

Concerns such as these reviewers express mean I wouldn’t yet ditch programs like Ad-Aware and Spybot Search and Destroy – seasoned products that do a thorough and reliable job.

There are still plenty of choices.

2 thoughts on “Caveats with new Microsoft AntiSpyware

  1. On my office PC, I have a spyware program courtesy of one of our business partners. The version of the software they gave me to test was the wrong one and it had their “Search Assistant” in it. I can’t get rid of it and the Microsoft AntiSypware program says there is no spyware on my PC.
    My IE6 browser runs like a dog with 2 legs and every time I google search, the search assistant gives me their search page.
    They must have taken over a DLL because I can’t get rid of it – and even they can’t help me get rid of it.
    I’ve manually deleted everything I can find that could possibly be a part of their software and the MS AntiSpyware program did help find most of the program components and registry entries. Now all that has gone, MSAS says there is no sypware, but it is there.
    There doesn’t seem to be a way to tell Microsoft that I have this junk on my PC and that their AntiSpyware program needs more work.
    Do you have any suggestions?
    (Firefox is not a permanent option, although I am using it – Visitors to my sites are 90% IE – so I need to see what they see – and IE is still the better browser for now)

  2. Interesting situation, Alan.
    So if I understand your situation correctly, when you use Google, you get this program’s search function instead. So if you type ‘’, say, in IE6’s address bar, you don’t get Google but instead this search program’s website?
    I’m no expert in this case, but if Microsoft AntiSpyware doesn’t work for you, what I would do is run Spybot Search and Destroy ( and then Ad-Aware ( Spybot S&D also has a neat add-in that will scour your registry looking for browser hijacks and other changes to your settings, and fix them. Also check the feature called Tea Timer which monitors your system in real time – similar to the real-time preventative measures in the new Microsoft product.
    You could also try Hijack This! (, a tool that lists all installed browser add-ons, buttons and startup items and allows you to inspect and remove selected items.
    Hope this helps!

Comments are closed.