"Harmless text files", not so much.
MS Anti-spyware's lack of cookie detection makes this product incomplete.
Cookies are indeed harmless text files, but they count as spyware, because the combination of the web browser you use and the websites you visit form a powerful tool for gathering information about what you do as you cruise the web. They are quite appropriately called "trackers" by other spyware detection products. Most web advertisers use cookies to collect statistics on visitors.
Not all websites use cookies, but every cookie is associated with a particular website, and there may be several cookies for a site or family of sites. Cookies are created and edited by the sites you visit, each time you visit. Cookies are stored in the browser's cache in your user profile area, under your login name. They can be set to persist for decades (gmail).
So an existing cookie is evidence that a site was visited by someone using that browser under your account, on that computer, at that time on that day.
Cookies can maintain persistent information about what you look at at a particular website.
Some cookies can pose privacy risks, as they may contain the username and password you used for a particular website, if you elected to "remember me?" on the site's login page. This certainly uniquely identifies you.
It would be great if we could just turn off cookies completely, but some sites refuse to work if you do this. The best you can do is to adjust your browser's settings to treat all cookies as "session" cookies - automatically deleted when the browser is closed. Some browsers let you decide the fate of cookies on a site-by-site basis, and warn you when cookies are created.
Current wisdom seems to be to use multiple spyware detection programs simultaneously. This means don't stop at MSAS, use Spybot Search & Destroy, as well as Lavasoft AdAware, for the best coverage.
For novice users, false positives are a hassle, but nobody believes anymore that using (and maintaining) a computer is easy.
