Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
×
Software Operating Systems Security Windows IT

Anti-Spyware Products Don't Live Up to Promises 400

John Wells writes "In the December, 2004 issue of PC World, the author of an article titled Poor Defenders concludes that most commercial anti-spyware software is ineffective. In tests using a fresh install of XP and 6 typical spyware infections the commercial software failed to stack up against freeware competitor Spybot Search and Destroy. Four out of seven commercial products failed to remove any of the infections. One product even installed 57 spyware files itself! Conclusion: Use freeware products like Spybot and Lavasoft's Ad-Aware SE Personal."
This discussion has been archived. No new comments can be posted.

Anti-Spyware Products Don't Live Up to Promises

Comments Filter:
  • by ack154 ( 591432 ) * on Thursday December 02, 2004 @01:31PM (#10976406)
    So where does this guy get his "paid" spyware removal applications? Clicking on popups? Oh... wait...

    many of these utilities use aggressive marketing tactics in pop-up ads, spam, and keyword ads appearing alongside Google search results

    Though I suppose this is how they sucker a lot of people and some people expect results if they pay for a utility, I would probably do at least a LITTLE research before paying for any app like that. The thing is, I would hardly consider this "most commercial anti-spyware software." So as far as this "test," he might as well do an article about Virtual Bouncer and how it removed his parasites for him.

    Why didn't he test something like Spy Sweeper [webroot.com] or Giant AntiSpyware [giantcompany.com]? Those are paid ones that I would probably recommend if someone did want to pay for a program. At least that way, people would see that not ALL commerical products are crap - it does almost sound like that.

    But really, Spybot isn't even cutting it anymore, IMO. AdAware is still doing well, but I've actually been more impressed with the other two I mentioned above - worth a look if you haven't checked them out - both have free trials that you would have no problems doing a removal with.
    • by Cat_Byte ( 621676 ) on Thursday December 02, 2004 @01:36PM (#10976466) Journal
      But really, Spybot isn't even cutting it anymore, IMO. AdAware is still doing well

      I find running both of these and using the yahoo spyware blocker is pretty effective. The yahoo thing doesn't catch all of them but I notice the # found by spybot and ad-aware went down quite a bit after installing it. FYI, if anyone hasn't upgraded to 1.05 of ad-aware I recommend doing so. I found about 30 more spyware programs on my Mom's computer after the upgrade after scanning with the most up to date definitions on 1.03.

      • by pbranes ( 565105 ) on Thursday December 02, 2004 @02:36PM (#10977213)
        Everyone is forgetting one of the most important methods of combating spyware - install windows critical updates. Many many many spyware installs get on systems by browser holes. If people would just update their systems, they would be protected against a huge infection vector. Obviously, that doesn't keep spyware off of your system if you have installed kazaa or some other stupid app like that, but it does protect you against drive-by installs.

        The other great, untapped tool is BartPE [nu2.nu]. This is a bootable windows xp cd. You can have ad-aware, clamwin, mcafee, and f-prot all load up from a bootable cd where they can download internet updates, and scan a hard drive. You don't know how many times I have "cleaned" people's computers with ad-aware & spybot while booted into their windows os, but some spyware has built in functions to hide itself, so spyware keeps reappearing. Using bartpe solves that problem, you boot off of it first, get the really nasty spyware, trojans, and viruses out of the way, then you boot into windows and run ad-aware and spybot again to get whatever was left behind (usually registry entries).

      • You're right about running multiple software levels in your defence against adware, spyware, malware and viruses.

        At the same time, these programs don't always coexist well together. I had to laugh (wince) when my Panda anti-virus program decided that Spybot was a potential threat and quarantined it. (I was using Panda mostly for the firewall, because I don't trust the built in XP firewall capabilities). Sometimes these apps just are unknowing about one another, and seeing something out of place, they want
    • by Elwood P Dowd ( 16933 ) <judgmentalist@gmail.com> on Thursday December 02, 2004 @01:39PM (#10976510) Journal
      I'm curious about Symantec AntiVirus 9. Supposedly it finds spyware & adware too.
      • I would hope it is better the Trendmicro. Trend finds the spyware but only after it is installed and running and can do nothing to get rid of it. It works as nothing more then a flag that says, yes, this person has spyware and it installed and is running great on that computer. I recieve tons of these everyday from our users:

        Virus alert.
        TROJ_ONECLICK.A is detected on DESK032963(MJones) in XXXXX domain.
        Infected file: C:\Documents and Settings\mjones\Local Settings\Temporary Internet Files\Content.IE5\GLE
      • Very sporadic detection. I ran it along side Ad-Aware, which picked up far more than Symantec ever did.

        Similar findings with McAfee VirusScan 8.0 as well.
      • We're running the corporate edition here. It does find spyware and adware. Doesn't do anything about it, but it does tell you it's there. The biggest drawback is that it also scans the system restore folder, and reports a machine as infected if it finds spyware there. (It does the same annoying thing with viruses.. if a virus is in quarantine, SAV detects it and reports the machine as infected.)
    • by over_exposed ( 623791 ) on Thursday December 02, 2004 @01:40PM (#10976521) Homepage
      So where does this guy get his "paid" spyware removal applications? Clicking on popups? Oh... wait...

      And when I click on the link to his story, I get "Firefox prevented this site from opening a popup window. Click here for options..."

      Coincidence? I think not...
    • by Alien54 ( 180860 ) on Thursday December 02, 2004 @02:14PM (#10976952) Journal
      As seen on this page, which lists hundreds of bogus products [spywarewarrior.com]

      "Rogue/Suspect" means that these products are of unknown, questionable, or dubious value as anti-spyware protection.

      Some of the products listed on this page simply do not provide proven, reliable anti-spyware protection. Others may use unfair, deceptive, high pressure sales tactics and false positives to scare up sales from gullible, confused users. A very few of these products are either associated with known distributors of spyware/adware or have been known to install spyware/adware themselves. Users are advised to rely on anti-spyware applications with deserved reputations for trustworthy performance.

      useful link to bookmark

  • by garcia ( 6573 ) * on Thursday December 02, 2004 @01:32PM (#10976419)
    Nathan Shafer, answering our e-mail message to Spyware Stormer, challenged our test methodology. Shafer wrote that Spyware Stormer detects "over 20,000 variants of spyware and adware," and that its performance with the six applications we chose was therefore "hardly representative in any way."

    They are absolutely correct here although there are only four programs you should ever install for combating spyware: Adaware, SpyBot S&D, SpywareBlaster, and a good software firewall package (preferably one that tells you when something is trying to connect out to the Internet like ZoneAlarm). You need to keep these programs updated on a regular basis and you need to make sure that they run regularly. Unfortunately only SpyBot S&D runs w/o user intervention if you set it up to do so.

    SpyBot, while being a great program, isn't updated nearly as often as AdAware and doesn't find all those pesky cookies that AdAware does. SpywareBlaster is good for keeping those pesky cookies from getting onto your machine in the first place.

    We were unable to reach NoAdware, but the Better Business Bureau of Upstate New York reported that it had received 22 complaints about the company, which is not a member of the BBB, by early October. Network Dynamics has a clean record as a member of Southern California's BBB. The BBB's complaint database contained no record of complaints for the remainder of the companies whose products we tested.

    The BBB has fallen into worthlessness in recent years (I don't know about years passed). They have little to no pull and sometimes they even go so far as to ignore complaints against their companies. I would ignore any comments in regards to BBB related businesses.

    Basically you need to research what you are installing on your machine. That means using google, word of mouth, and your own deep digging before you put any "cleaning" program on your machine. You also need to do some research into making sure that you are using what you can to combat Spyware.

    Sadly, most people out there don't know, care, or care to know. That's why they end up w/it in the first place. If people DID care about what they were installing on their computer AND took the time to do a quick google search they would find out exactly what they need to know.

    It has gotten to the point where I seriously believe that MSFT is doing this on purpose in order to show the public why they NEED to use "protected computing".
    • by which way is up ( 835908 ) on Thursday December 02, 2004 @01:38PM (#10976502)
      This is a dangerous trend. Given the majority of these ad/spyware companies don't care what their products do to the "users" computer, they can leave security holes unnoticed and allow exploits without the user even knowing there is a flaw in their computer. Windows updates can only do so much, and with companies releasing software that intends to help the user, but instead can hurt them. All the while the user is unaware. This makes me sick. Let's support the companies that work off of donations and have open source programs. This is the only way to prevent this from spreading to all of the favorite anit-ad/spyware programs.
    • No offense intended but... cookies? It's 2004 and you're worried about cookies?

      I like the idea of SpyBot's "immunize" functionality, although I've yet to actually test it out since I almost never use IE.
      • Ditto on the cookies. I know people that are just paranoid about them and I'd like to beat them with a large stick.

        As far as immunize. I can attest that it does, in fact, work. I usually keep my machine immunized for every day use (even though I use Firefox). A few times, wanting to test some spyware-removal apps, I'll try to infect my machine.

        Once or twice in doing that, I forgot to de-immunize and was totally unable to install some of the spyware apps I was trying to get. Then I did an "undo immunizatio
    • by Lumpy ( 12016 ) on Thursday December 02, 2004 @01:57PM (#10976760) Homepage
      you really need to go further.

      looking for free AV or firewall software I encounterd that MOST has spyware bundled with it. the ONLY apps I feel safe installing are Open Source where I can look to see if there is spyware included.

      Freeware software has become the biggest carrier of spyware. many "media players" and other apps have a crapload of spyware in them and I am running into people with claria installed that dont even use the internet but recieved a nice CD with a copy of PC magazine that had some nice free apps on it.

      personally, I am making a killing at $50.00 a pop to relatives and friends. i tell them to let others know that I'll do the same to their computer for $100.00 and I'll give them $20.00 for each person they send me.

      I now clean about 20 computers a week, all set up in a row in the basement with a 2 day turnaround for them and they have to sign a waiver/disclaimer and pay in cash.

      christmas is going to be a great one this year.

      so in a way, I really have the spyware makers and microsoft's IE team to thank for the plentiful bounty I have this year.
      • by pbranes ( 565105 ) on Thursday December 02, 2004 @02:56PM (#10977519)
        At the support center that I work at, we do pretty much the exact same thing - 90% of our calls are related to spyware. One thing you didn't mention above that you may want to consider is Bart PE. It is a bootable windows xp cd that can run ad-aware, clamwin, mcafee, and f-prot. It can also connect to the internet and download updates for each of these apps. You can then tell these apps to scan & disinfect the person's hard drive. We have found that if we run bartpe right away on any computer we get in, we can save ourselves tons of time because it knocks out all the nasty spyware, trojans, and viruses right from the start.
    • They are absolutely correct here although there are only four programs you should ever install for combating spyware: Adaware, SpyBot S&D, SpywareBlaster, and a good software firewall package (preferably one that tells you when something is trying to connect out to the Internet like ZoneAlarm).

      Thanks for the tip. If I ever get spyware or adware on my Mac, Linux, or Slowaris boxen I'll install these and see if it helps.

      Sadly, most people out there don't know, care, or care to know.

      And why should t
  • I Prefer hijackThis (Score:4, Informative)

    by Bimo_Dude ( 178966 ) <`gro.sseneht' `ta' `hsalsomib'> on Thursday December 02, 2004 @01:33PM (#10976426) Homepage Journal
    hijackThis [spychecker.com] seems to find all the stuff that others leave behind, and it's free (as in beer). Almost everybody I know uses it too.
    • by garcia ( 6573 ) * on Thursday December 02, 2004 @01:37PM (#10976476)
      Yeah, it's free, and it's great for people that have a "Clue". It's not so good for people that don't have any idea of what they are doing with a computer.

      Most people don't have a Clue and they don't want to. That's why they are infected with Spyware in the first place. I would NEVER recommend hijackThis to anyone except someone I was KNEW was very good with computers and what they should and should not see running.

      While it is difficult to get Spyware when you can't start your computer correctly it is also annoying ;)
    • by UWC ( 664779 )
      My main problem with HijackThis is that it finds all potential instances of browser hijacking, benign or not. I've run it before, and a majority of what it found were things that did not need to be removed. It's good that it's so thorough, but it's definitely not friendly for those that need it most. However, I've seen forums in which you can post your results and other members will advise you on which entries are harmful and should be removed.
    • Couldn't be more right on the money.. Hijackthis along with Lavasoft's AdAware, will uncover 99.999% of the crap out there.

      I mention AdAware because Hijackthis lacks any sort of a file checksum/scanning utility. If it did, It would be the best catch-all solution.
    • by Davak ( 526912 ) on Thursday December 02, 2004 @02:04PM (#10976828) Homepage
      Please don't recommend this so broadly. Experts should use hijack this to fix systems that can't be fixed any other way. Hijack This alone will miss files that are currently not being executed. Using Hijack This alone without other antispyware software is silly.

      Just because it's not running, I am sure you don't want some coolwebsearch files just sitting silently on your system.

      Here's my recent techrx post regarding this same subject: http://www.tech-recipes.com/windows_spyware_tips75 8.html [tech-recipes.com]

  • by hsmith ( 818216 ) on Thursday December 02, 2004 @01:33PM (#10976434)
    install firefox
    ???
    profit

    really if you are still using IE you are bringing it on yourself, i loved IE, but it has become garbage
    • Most of the time, installing Firefox won't actually remove the problem.
      Sure, it will prevent further mistakes (or at least limit them) but it won't get rid of half of the crap that gets onto a machine.

      Its the same thinking when people say "install service pack 2 to clean it up". Those machines are the ones which have the most problems, and for once, MS isn't really to blame for it.

      They will only do well if starting from a clean slate, so before upgrading someone to Firefox, or any other secure upgrades,
    • Sometimes it's not that simple. How do you get your damn brother to stop using IE to visit porn sites? That's why I have to run Ad-aware and Spybot S&D regularly.
    • > install firefox
      > ???
      > profit

      Well, no, actually. If you're in business for tech-support, firefox means a loss of profit. Uninstalling x-ware is usually pretty straight forward and it's all labor. At $75 / hour for on-site tech-support I will happily spend hours fighting off x-ware.

      While I insist my family, wife, and anybody else within the free tech-support blanket have NAV, NPF, and firefox, I'll gladly let the trolls continue to pay.

    • I work in a computer support center where people drop off their computers for us to fix. The biggest problem we have isn't spyware installed via IE, it is spyware installed via kazaa, morpheus, etc. It's these companies bundling spyware with their apps that is the major problem - not just people installing spyware via activex. So, unfortunately, installing firefox is a good idea, but it still leaves a large attack vector for spyware to get in.
  • by four2five ( 645777 ) on Thursday December 02, 2004 @01:34PM (#10976443) Homepage
    That convinces your little sister she doesn't need a barbie IE brower theme or a cursor that looks like a puppy dog. Hold that, I want a program that turns the cursor into a weapon of some fashion that I may use to smite that damend purple monkey on my computer. That's worth my website traffic being shipped of to who knows where in itself.
  • by Electric Eye ( 5518 ) on Thursday December 02, 2004 @01:34PM (#10976444)
    Folks, I'm telling you, I've used Yahoo's new Spyware program that sits in the Yahoo toolbar and the thing works BETTER than AdAware. I'm serious. I had to fix my parents' and my inlaws' PCs, both with XP2. I've used AdAware and a few other freebies on both, but they still ran slow. So, for the hell of it, I used the new Yahoo thingy and it found TONS of stuff the others did not, including a trojan spam application. I have yet to see anyone talk about this app (even Ars Technica's latest Spyware article neglected to talk about it).
    • I wouldn't recommend anything Yahoo to anyone - especially their toolbar. As someone else above me said, it has been known to not remove certain spyware apps that Yahoo is associated with. Don't use that crap - get a real program to remove it, not a toolbar.
  • she got a refund? (Score:3, Informative)

    by underpar ( 792569 ) on Thursday December 02, 2004 @01:34PM (#10976448) Homepage
    NoAdware "removed some stuff, but it also deleted something on the hard drive so the computer couldn't reboot," Smith says. After reinstalling Windows, Smith sent multiple messages to NoAdware requesting a refund, which she received four months after her initial request.

    They actually gave her money back. That's good right? Sure they took four months, but they did it. She should shut up and stop complaining. They could have just blamed her for it since she really couldn't have proven anything.

    manda
  • Hmm... (Score:2, Informative)

    I use Adaware SE and SpyBot which I run manually once a week, each. I have Webroot's Spy Sweepter which stays in memory and provides a good level of "live" detection. Between the three programs it has been a long time since I've had a adware/spyware program on my desktop. However, it has only been through the use of all three that I have gotten to this point. I haven't found a program that will accomplish this by itself, either free or for fee. PC Magazine ran a comparison of spyware removal programs recent
    • I just use Firefox. No problems at all.

      You can either:

      1)bang a whore with three doctors supervisong you (three adware removal progs),
      2)bang a whore and wear a rubber (Spy Sweeper), or
      3)bag a nice girl and not need a rubber or three doctors.

      I take option 3.
  • by mabu ( 178417 ) on Thursday December 02, 2004 @01:35PM (#10976455)
    I'm curious if there are comparable-quality Freeware/Shareware anti-virus products available? I don't mind paying for a product, but don't like having the product cease to function unless more money is extorted out of me in perpetuity. I'm sick and tired of Symantec shaking me down for subscription updates, and subsequent versions of their products becoming more bloated and inefficient.
  • Microsoft should be making spyware removal software. After all, they've got the budget to stay on top of it, and the knowledge to cut crafty spyware off at the pass.

    You'd think they'd have a pretty good reason to make sure that (at least the latest version) of Windows is performing well for people. Sheesh.
  • why? (Score:2, Insightful)

    I still can't fathom WHY Microsoft doesn't have something like this builtin to XP. My mom bought a Dell and a neighbor has had to clean the thing 3 times in the past 6 months! I'm embarassed now that I didn't push her towards a Apple now, but I only run Mac and Linux at home, and had no idea how bad the spyware issue is for Windows.

    Really, this is an OS problem, and MS should provide a solution, you shouldn't have to reply on 3rd party providers to fix a shortcoming of the OS!

    BCB
    • Re:why? (Score:3, Interesting)

      by jd142 ( 129673 )
      Because MS wants people to be able to install software easily and quickly. It enhances the Windows usability experience to be able to quickly and easily install any piece of software.

      Plus, Microsoft likes to sell ads on its sites. I doubt you'll ever see anything like the Firefox ad blocker or the AdBlocker extension for IE.

      I was very surprised they blocked pop ups. Probably got to the point where pop ups from spyware infected computers were making people think twice about windows as an os.
      • Re:why? (Score:4, Insightful)

        by Swamii ( 594522 ) on Thursday December 02, 2004 @01:59PM (#10976784) Homepage
        Probably got to the point where pop ups from spyware infected computers were making people think twice about windows as an os

        Haha. As if people actually knew was an OS was...

        The real reason MS hasn't created a spyware blocker? Because peanut galleries like Slashdot would go up in arms about how MS is trying to "take over another market", cry about unfair competition, whine about too much bloat, etc. I mean, just look at how Slashdotters whined and cried like a bunch of 4 year olds this morning when Microsoft announced they were entering the blog publishing realm. When you're Microsoft, it's damned if you do, damned if you don't.
    • Re:why? (Score:4, Insightful)

      by 0racle ( 667029 ) on Thursday December 02, 2004 @01:53PM (#10976704)
      I think that it might have something to do with the phrase 'anti-competitive lawsuit.'

      No spyware is not an OS problem, I have Windows machines, I use IE, I do not have a spyware problem. My girlfriend runs Windows, she uses IE, she does not have a spyware problem, and while I may be catagorized as more cluefull then the average user, she is the average user excepting for one thing, she actually learned how to use her computer. Do you consider a person refusing to clean their duct work, or take their car in for a tune up a problem with the house or the car? No its the users fault, and its the same with spyware. How long have people been told, don't click on everything you see? Don't open that mail? Hell its even on the news now. This is a problem with people activly refusing to learn. Spyware writers do not target Windows, they target IDIOTS. There are spyware apps that target Mozilla that do things they shouldn't, so why are there not more? The target is idiots, thats why, you will see more and more targeting Mozilla as more and more of the target audience are convinced to use it.
    • I still can't fathom WHY Microsoft doesn't have something like this builtin to XP. My mom bought a Dell and a neighbor has had to clean the thing 3 times in the past 6 months! I'm embarassed now that I didn't push her towards a Apple now, but I only run Mac and Linux at home, and had no idea how bad the spyware issue is for Windows.


      Really, this is an OS problem, and MS should provide a solution, you shouldn't have to rely on 3rd party providers to fix a shortcoming of the OS!
      No disrespect intended towards your mother, but it's at least as much a user education issue as it is an operating system issue (and actually I feel I'm understating the user responsibility considerably with that statement.)

      There are some systemic problems with Windows, particularly the Windows/IE combination, that allow spyware to flourish -- the lack of a way for a common user to get a good idea what's running on their system besides MS-installed OS files, for example, or the multitude of places that auto-starting spyware can hide its startup away from the user's notice. But in the end the people who have spyware problems are almost universally the people who clicked on a link from an unknown source that promised them something cool (or more often than not, something astonishingly lame by more educated users' standards..) If your momand other users like her could be trained not to click on "Click here to install our FREE animated weather-forecasting dancing baby!" when she doesn't know anything about the source of the offer, 90% of the problem would go away overnight.
    • Re:why? (Score:3, Insightful)

      Then it'll be Microsoft that determines what software is "Spyware" and what is not?!?

      This is NOT an OS problem at all. Spyware is (as far as the OS is concerned) a legitimately installed and running program.

      There is nothing in Linux or OSX that will prevent spyware on those OSes either. It's an ignorant user that installs Gator and the syware it comes with (or any of dozens of other spyware carrying programs)

      That being said, XP SP2 does help in this regard. There is an additional warning when you try to
      • Re:why? (Score:3, Interesting)

        by RatBastard ( 949 )
        It's an ignorant user that installs Gator and the syware it comes with

        While true, it is hardly their fault when so many programs out there come bundled with spyware. I've run across many free utilities and applications that are filled to the rim with spyware and I'm very careful about what gets put on my Windows box. I can't see how the average "it's just a tool" users out there can keep on top of all this.

        But there are also programs that auto-install themselves without the user's knowledge, just by la

    • Re:why? (Score:4, Interesting)

      by jafac ( 1449 ) on Thursday December 02, 2004 @02:03PM (#10976815) Homepage
      Spyware exists for Mac OS X.
      So why don't any Spyware removers exist?
    • Re:why? (Score:3, Interesting)

      by Natchswing ( 588534 )
      > Really, this is an OS problem, and MS should provide a solution, you shouldn't have to reply on 3rd party providers to fix a shortcoming of the OS!

      Alright, I'll bite. What short-comings would the Linux OS have without third party applications? You could almost argue that everything in your distro, besides the kernel, is a third party application.

      Now, saying that the OS shouldn't rely on third party applications to patch holes - that I'd agree with.

    • Re:why? (Score:3, Insightful)

      On top of things already mentioned in some good replies to this post...

      You have to remember that the spyware climate looked pretty different back when WinXP was first being designed/written. It's reasonable that the designers wouldn't have anticipated it becoming as much of an issue as it has and wouldn't have prioritized it very highly.

      That said, I have a Windows machine at work and another at home, and outside of cookies that AdAware cleans up, neither has ever had spyware or a virus. You'll nev
    • Re:why? (Score:3, Interesting)

      by starm_ ( 573321 )
      I think there is a bigger issue behind all of this. People really are starting to trust free and open source software more than commercial software. It is no surprise as private companies act as your enemy as soon as you buy something from them. They try to extort money from you by pushing upgrades because of vulnerabilities and compatibility. They make you subject to small print, EULAs with mysterious and suspicious content, advertisement that is manipulative, misleading and dishonest while giving you poor
    • Re:why? (Score:3, Insightful)

      by omicronish ( 750174 )

      I still can't fathom WHY Microsoft doesn't have something like this builtin to XP.

      Really, this is an OS problem, and MS should provide a solution, you shouldn't have to reply on 3rd party providers to fix a shortcoming of the OS!

      The ultimate solution would be to make Windows more secure by default. Yes, you can make it difficult for spyware to enter, but only if you make modifications (run as regular user, keep patched regularly, use Firefox, if using IE modify a crapload of settings to make it as sec

  • Anti-virus tools are designed to take out older viruses. When a new virus comes out to market, the Anti-virus tools could take years or never defeat it.

    The fact that its called ANTI-VIRUS makes gullible people think its a cure all, when its unlikely worth the time to install, let alone the money spent on it
  • by category_five ( 814174 ) on Thursday December 02, 2004 @01:38PM (#10976492)
    A couple tips for removing spyware from windows. Run both ad-aware and spybot - search and destroy. after you run them you might still have some spyware. If this happens turn off system restore (at your own risk)and then reboot into safe-mode and run the checkers again. This can remove some of the hangers on. Also a great utility is www.doxdesk.com. It shows you how to manually unregister DLL files and also does a web based check for some common spyware.
  • So, Spyware removal is a big business [slashdot.org] that does not live up to its promise? Sounds like spyware removal is in the same category as late-night informercials to solve household chores, sexual dysfuction, or embarrassing body insufficiencies.
  • Hmm... (Score:2, Insightful)

    by conebrid ( 324421 )
    You must be using Internet Explorer with your security settings set to allow ActiveX controls to use the Pest Scan

    Doesn't look like I'm going to be able to scan my system without using IE with ActiveX enabled. I think I'll pass.
  • The fundamental difference between freeware and proprietry anti-malware software is that the freeware are doing it for the love of the game, or in this case their hatred for spyware in all its daemonic forms.

    Commerical anti-spyware vendors on the other hand are in in for the $$$ and that means they are susseptable to temptation, i.e allow malwarez who give them money to get through, use malwarez tactics to get money and do things other than what it says on the tin while users aren't looking.(read, kazaa)

    I suppose commerical vendors are just more idealogically close to the spammers, who are also in it for the money.
    In any case, if you need an 'infrastructural' type software program, your nearly always better off going FOSS anyway. That's my 2c.
    • That can be true, but what is to say that a freeware spyware removal tool developer wouldn't take payments from spyware producers? Indeed it would seem even greater incentive to do so seeing how all their development efforts add up to nada in terms of income otherwise.
  • Conclusion: Use freeware products like Spybot and Lavasoft's Ad-Aware SE Personal.

    Lavasoft's Adaware is free for personal use. They also have a pay version, which may be used in a corporate or educational environment, or by those who have a burning desire to give Lavasoft money to support their efforts in the war against spyware.

    • Re:A minor quibble (Score:2, Informative)

      by merdaccia ( 695940 )

      The advantage of paying for AdAware is to get AdWatch, a live detection program which blocks registry modification, browser hijacks, etc. as they happen. It is very customisable and can react autonomously or can prompt for action. No burning desire, just a good product. (No affiliation)

      As to this douche installing programs advertised by popups, what does he expect? If your advertising strategy is popups, you're selling crap. If your purchasing strategy is popups, you're buying it.

  • Spyware Stormer (Score:3, Insightful)

    by LittleLebowskiUrbanA ( 619114 ) on Thursday December 02, 2004 @01:46PM (#10976605) Homepage Journal
    is not a company you want to do business with regardless. I note that they responded to the article. So how about this question, Spyware Stormer? I challenge you to answer me here in this public forum and will once again email this to every address I can find for your company.

    Why is your company using Windows Messenger Service to effectively spam/invade user's privacy with unwanted popups advertising your product?
  • Reconfigure IE in whitelist mode:
    • Trusted Sites has Java, Scripting and ActiveX enabled
    • Internet has Java, Scripting and ActiveX DISABLED
    • Restricted Sites has EVERYTHING DISABLED
    Any site you do not explicitly trust will be rendered in strict-HTML only. No java, no jscript, no flash, no embedded crap.
  • by isorox ( 205688 ) on Thursday December 02, 2004 @01:49PM (#10976647) Homepage Journal
    In tests using a fresh install of XP and 6 typical spyware infections

    So, a fresh install of XP then

  • by DigitalRaptor ( 815681 ) on Thursday December 02, 2004 @01:50PM (#10976653)
    The open source community really needs to rally behind this, I think.

    I'd love to see a project that uses community involvment to flag projects and websites as "phishing" or "spyware" related.

    It could be integrated into open source projects such as Firefox and Thunderbird so you could be assured that after a few people in the community confirmed that a particular URL or even IP was "phishing" or "spyware" related, it would be disabled in the browser or email client without a blood sample and double confirmation.

    I, for one, am sick of helping other people clean their computers of spyware. Many of them become so bogged down they are unusable.

  • by Blakey Rat ( 99501 ) on Thursday December 02, 2004 @01:52PM (#10976675)
    Too bad Spybot: Search and Destroy has one of the worst UIs I've seen in a Windows program in a LONG time. It frequently will do tasks without giving you any status report. It will often get dialog boxes stuck behind the main window where you can't see them to even know a dialog box is open. The custom controls are about the ugliest thing I've seen in software, and the entire program gives a "made by a junior high student in Visual Basic" vibe.

    How about a little bit of professionalism in software development! I know it's freeware and you're not making money, but how about at least taking enough pride in your work to make it usable and not hideously ugly? I hate to say it, but I can't talk management into using Spybot: Search and Destroy as a standard because it looks so unprofessional.
  • If the Spyware programmers were smart they would make there spyware scan for other spyware remove them and keep track on what is going on your system and remove any spyware before it installes on your systems. That way your spyware program will be the only one running giving adds of your customers and not your competitors as popups with the victem barly noticing there is a problem. Because you are not killing them like when you have 100 Spyware programs installed. So your program will be on the host system
  • Recent versions of Ad-Aware always hang my computer. They cannot run a complete scan at all. I've seen other reports on this, and I've tried most of the work-around suggested, but all to no effect. Or at most I'll get past one hang only to get hung up on another one just a few moments later.

    Generally the hangs are in attempting a deep scan of the registry, or while scanning somewhere in my Windows directory.

    I haven't been able to successfully run it since upgrading almost a year ago. I've upgraded since t
  • There's a huge market for a "Consumer Reports" Net database of software product reviews. A Windows Installer component could point at a user's subscription, and check the install package's keys against the DB, showing ratings and linking to reviews. The same could be made (even more comprehensive and integrated) for apt-get, yast, or other OSS package managers. They could include filters for preferred security alert DBs, and notify the installing user of upgrades and alerts. Who wants to be a millionaire?
  • Christ! I don't use IE, and for kicks, a techie installed spybot and found nothing, nada, zilch, whereas most of our users use IE and are chock-full of spycrap. Good God! Stop using IE already!!!!


    • It's not always that easy. A lot of sites out there for programs like McAfee Antivius don't allow you to update your profiles without ActiveX enabled so they can check that you're not using pirated software.

      Best bet is to configure security settings so only sites you trust are allowed to use ActiveX. Then use FireFox for everything but those few sites.

  • by Soko ( 17987 )
    A Knoppix CD and this book [oreilly.com] are all you need. There's a hack on there for virus spyware removal from Windows. Trust me, it's easier to treat an un-concious patient than one that's awake and trying to stop you from helping.

    But that book, BTW - it rocks!

    Soko
    • That's great and all, but we're talking about spyware, not viruses. Is there a Linux utility that searches for Windows spyware?
  • One product even installed 57 spyware files itself!

    Obviously, the developers of that anti-spyware program had a different idea of what a "spyware file" was than the developers of the unnamed anti-spyware tool they used to detect that the first tool had installed 57 "spyware files."

    So what is a "spyware file"? Is it any file flagged by whatever anti-spyware tool you happen to be running at the moment? That's a rather self-serving (for the anti-spyware vendor) definition, don't you think?
  • Open Source? (Score:3, Interesting)

    by Anonymous Coward on Thursday December 02, 2004 @02:01PM (#10976805)
    If I am not mistaken (I use a Mac, so my contact with sypware is largely in removing it from other folks' computers) even the good free programs (adaware, spybot, etc) are closed source. As soon as the makers stop updating them, they become useless, as they can't remove newer spyware.

    I've often wondered if it'd be feasible to start an open source spyware zapper project - the scanner wouldn't be too tough to write I don't think, and you could get the community to keep submitting updated definitions for newly found spyware via some sort of wiki-esq mechanism.

    Could this work? And if so, could we also make our own anti-virus program while we're at it?
  • I always thought spyware was things like keyloggers that spouses/places of work/strange government entities might put in place to spy on you.

    But they seem to be talking about ad-ware mostly, which would be searching for a different type of maleware entirely.
  • I've used both SpyBoy S&D and AdAware with great results, but sometimes you gotta break your way into the system first.

    For this I always keep renamed copies of Regedit and Task Manager handy. Very often you'll need these to kill process and clean the registry BEFORE you can run anti-spyware and anti-virus.

    Always good for a free beer from the neighbors and atta-boys from the boss...
  • I also recommend SpyBot...but I would like to point out that if you use and really like the product you should donate in order to keep the product free. Even if it's $1 or $5. Yes it's true that at that point the product is no longer free, but just think of the great product you got for only $1 or $5.
  • Seriously, I have not had any spyware problems on my iBook in the 3 years I have had it. But on my Windows PC I only have troubles when I run Windows Media Player or Internet Explorer which allow remove content to quitely install junk onto my computer. I put the blame 100% on Microsoft for that. So I tend to use Firefox for most everything and only open video files from trusted sources now. And if I cannot trust it I try the media player which came with my Nvidia card. I am baffled by the fact that MS
  • spyware tips (Score:3, Informative)

    by J3r3miah ( 753239 ) on Thursday December 02, 2004 @02:43PM (#10977309)
    besides the usual .. use firefox..

    the other night my laptop got a spyware infestation and this was the most serious one i had come across..
    adaware and spybot couldn't detect anything.. yet i kept getting IE popups.. I booted to safe mode but guess what.. an IE popup while adaware is running (network was not available) in safe mode!
    so i back to windows normal mode, pull up sysinternal's processEx to see which process starts the IE process.. and i was surprised to find that the IE popups were from winlogon.exe! later i found out that the sypware had also modified my winsock files..

    anyway.. to the tips.. sometimes you have two processes that monitor each other, so when you kill one, the other process respawns the proccess you just killed. unless you are lightining fast with taskmgr... you can kill both at the same with taskkill /pid [proccess1] /pid [proccess2] /f
    if you find a .dll and can't delete it because some proccess is using it.. or want to know which process is using it.. try "tasklist /m [dll_filename]"
    the "[" "]" don't mean optional parameters.. i couldn't use the less/greater signs

    the sypware that i got installed was hosted at rackspace.. so i called up rackspace (@3am CST).. bitched about it and they contacted their spyware client.. you would expect then to stop hosting the spyware.. instead rackspace sent me a link for a utility to download (utility provided by the spyware client).. which removed whatever i had but installed more spyware!!
    In the end, i renamed iexplore.exe and put a copy of cmd.exe as iexplore.exe ... so every now and then i get cmd.exe windows.. until adaware releases a fix for what i have :)
  • by teknickle ( 812501 ) on Thursday December 02, 2004 @02:44PM (#10977344) Homepage
    Could we please all help our 'friend' in promoting his selling of spyware dll usage?

    The domain name is:
    LOCALNRD.COM

    The address is this:
    Thinking Media LP
    275 Madison Avenue
    New York, NY 10016

    Or please give a call to show your support for spyware and your desire to do business with them.
    1(866)839-6164

    Thanks for helping the cause!!!!

Put your Nose to the Grindstone! -- Amalgamated Plastic Surgeons and Toolmakers, Ltd.

Working...