Microsoft Enters the War on Spyware

If I was asked what software I've recommended most during the past year, I'd probably have to say that it's a dead heat between Lavasoft Ad-Aware ( and Spybot Search & Destroy ( Although I don't think these are the greatest software products in existence, the problem associated with spyware and adware has become pandemic.

There has been a constant stream of comments from Windows users and the press wondering when Microsoft would do something about the problem that these threats represent to its OS. Unusually quiet about the topic for quite a while, Microsoft acquired antispyware/antispam vendor GIANT Company Software ( last month, and less than 4 weeks after the acquisition, has released a new version of GIANT's antispyware tool as Microsoft Windows AntiSpyware (Beta 1).

AntiSpyware installation is simple, and the scanning functionality appears to be fairly fast. I didn't have a severely infected system to try it on, but the tool did find some sample spyware-infected files that I keep around for testing, correctly identified the spyware, and reported what I should do about it. The software also switched my homepage to from the blank page it was set at, which is an annoyance common to spyware tools; they report a blank page as a hijack attempt, although the other spyware tools I use don't reset the page to something else. Fortunately, I was able to reconfigure the software, using the Advanced Tools settings, to tell it that about:blank was my preferred home page and to keep it set to that address.

The software also can install (at the users discretion) several real-time agents that monitor the status of system settings that spyware often uses. Broken down into the categories Internet, System, and Application, the 59 checkpoints that the agents monitor should be able to defeat most known spyware threats. I encountered the actions of these agents when I attempted to run a few scripts that I load at boot. The agent alerted me to the scripts attempting to execute and gave me the option to allow or prevent their execution. I told the program to allow the execution and to remember the setting, so after the first notification I no longer receive an alert when my system executes the startup scripts. By checking the Agent Events information, I can see which user allowed the scripts to execute, so if I was trying to determine spyware problems on a user's computer, I could check an audit log of actions that precipitated a possible infection.

Unlike many common spyware tools, the Microsoft tool does a good job of explaining what it can do, has done, or wants to do with spyware infections. The information is clearly presented, with useful levels of drilldown in many situations. Although this is the beta of the first Microsoft iteration of the software, it's obvious that the underlying technology that Microsoft purchased to build this product is a sound foundation to build on. AntiSpyware is worth checking out, even if you currently use another spyware solution; if you aren't using one, this is a good place to start.

TAGS: Security
Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.