IE 11 is not supported. For an optimal experience visit our site on another browser.

Microsoft malware tools no cure-all

Review: New software tools to keep malicious software off your computer work better in protection mode than they do once your computer is already infected.
/ Source: The Associated Press

Microsoft Corp. created the world's most popular operating system -- one that's also heartily embraced by hackers and virus writers. And it begat the world's top Web browser, which makes it all too easy to mistakenly download and install spyware, adware and other garbage.

You'd think the world's largest software company, which presumably knows its own Windows and Internet Explorer code, would have long ago come up with something to repair PCs possessed by malicious programs.

Think again.

Though Microsoft regularly releases bug fixes, security patches and even the occasional virus-removal tool, it has only recently made programs available to help people wrangle back control of their computers after they've clicked the wrong pop-up ad, opened a rogue attachment or installed adware-packed freebies.

(MSNBC is a Microsoft - NBC joint venture.)

The company now has two free programs to help rid PCs of unwanted pests. Though Microsoft Windows Malicious Software Removal Tool and Microsoft AntiSpyware show some promise, they aren't close to being magic bullets.

I tested the programs on a Windows XP computer I borrowed from my wife's cousin. The 3-year-old PC, a Gateway running Windows XP Home Edition, was basically unusable.

Annoying pop-up windows, a sign of adware, were the least of its problems. The modem dialed phone numbers even though the PC was hooked up to a broadband connection. It took more than a minute to load a single Web page and often crashed minutes later.

Error messages appeared when I tried to open the Task Manager, a Windows utility that shows running programs and processes. It refused to load Windows Update, Microsoft's site for downloading security patches and other fixes.

Needless to say, the machine had not received any security updates from Microsoft in a while. To load Microsoft's Malicious Software Removal Tool, I had to get it using another machine, load it on a USB drive and install it manually. (It's usually available through Windows Update.)

Big problems missed
Once installed, the tool scanned the machine and reported no problems, even though there were big problems.

The tool looks for a limited number of pests, such as "Sasser" and "MSBlaster," so it didn't find the worm, "Netsky.P," that had infected this PC. The program, though, will be updated each month and will presumably become more effective.

By building its tool into Windows Update, Microsoft shows it's aggressive about snuffing out pests. But it's got to stay up to date with the threats -- and send out updates as close to real time as possible. Who wants to wait until the second Tuesday of each month to fix a sick PC?

Existing computer security firms have nothing to worry about -- at least for now.

Computer Associates' ezAntivirus took three hours to scan the entire system and found 19,000 infected files. After the worm was knocked out, the machine became slightly more stable and I could tackle the spyware problem.

Installation of the prerelease version of Microsoft's antispyware program, which can be downloaded free from Microsoft's Web site, was easy. The final version's price, if any, has yet to be announced.

The interface was clear and simple. I ran a thorough scan, which discovered 77 spyware and adware programs. I followed the software's advice and removed them all.

But bizarre behaviors -- including multiple pop ups, unwanted toolbars and generally sluggish behavior -- continued.

So I rebooted the PC in safe mode, which limits the number of programs that load at startup. The theory is that if it's not running, spyware can be more easily deleted. This time, the program found about two dozen spyware programs. I deleted those, too.

After rebooting again, the PC continued to show signs of infection, though it did seem less bogged down. Having spent two days disinfecting the system, I broke down and reformatted the hard drive. I then reinstalled Windows XP and all its patches.

It took just 90 minutes.

Protection better than cleanup
The clean start gave me a chance to try Microsoft AntiSpyware in its other role -- as protector of a clean system. Compared with competing products, it did a good job and was easy to use. (There are modes for novice and advanced users.)

It continuously monitors 59 checkpoints and alerts users whenever a program attempts to make a change, though some of the messages could do a better job of explaining troubles in plain English.

I tried downloading and installing a well-known adware program, PurityScan. The security features in Windows XP Service Pack 2 tried to get me to stop, but I ignored it. When the spyware installer was running, two windows popped up giving me the chance to block some files from installing.

This time, I agreed, but the program still showed up in a subsequent scan. With a few clicks, I successfully deleted it.

In theory, Microsoft AntiSpyware should get better over time. It's programmed to send reports back to Microsoft to improve and update spyware definitions.

The antispyware program also has useful tools for easily accessing Windows and Internet Explorer settings that were previously hidden deep within the operating system and browser. In fact, any hijacked settings can be restored with one click.

Overall, I was more impressed with the antispyware program's protective measures and simple interface than with its ability to cleanse existing infections. Still, Microsoft seems to be on the right path to fixing the mess caused by the careless users, malicious programmers, unethical companies and vulnerable software.

If only it hadn't taken so long.