Slashdot Mirror
Anti-Spyware Products Don't Live Up to Promises
John Wells writes "In the December, 2004 issue of PC World, the author of an article titled Poor Defenders concludes that most commercial anti-spyware software is ineffective. In tests using a fresh install of XP and 6 typical spyware infections the commercial software failed to stack up against freeware competitor Spybot Search and Destroy. Four out of seven commercial products failed to remove any of the infections. One product even installed 57 spyware files itself! Conclusion: Use freeware products like Spybot and Lavasoft's Ad-Aware SE Personal."
Spyware stories do we need?
Did everyone decide to review Spyware solutions at once? Is it like in Hollywood when you'll have one movie on a subject followed by a couple copycats?
So where does this guy get his "paid" spyware removal applications? Clicking on popups? Oh... wait...
many of these utilities use aggressive marketing tactics in pop-up ads, spam, and keyword ads appearing alongside Google search results
Though I suppose this is how they sucker a lot of people and some people expect results if they pay for a utility, I would probably do at least a LITTLE research before paying for any app like that. The thing is, I would hardly consider this "most commercial anti-spyware software." So as far as this "test," he might as well do an article about Virtual Bouncer and how it removed his parasites for him.
Why didn't he test something like Spy Sweeper or Giant AntiSpyware? Those are paid ones that I would probably recommend if someone did want to pay for a program. At least that way, people would see that not ALL commerical products are crap - it does almost sound like that.
But really, Spybot isn't even cutting it anymore, IMO. AdAware is still doing well, but I've actually been more impressed with the other two I mentioned above - worth a look if you haven't checked them out - both have free trials that you would have no problems doing a removal with.
free is better
Nathan Shafer, answering our e-mail message to Spyware Stormer, challenged our test methodology. Shafer wrote that Spyware Stormer detects "over 20,000 variants of spyware and adware," and that its performance with the six applications we chose was therefore "hardly representative in any way."
They are absolutely correct here although there are only four programs you should ever install for combating spyware: Adaware, SpyBot S&D, SpywareBlaster, and a good software firewall package (preferably one that tells you when something is trying to connect out to the Internet like ZoneAlarm). You need to keep these programs updated on a regular basis and you need to make sure that they run regularly. Unfortunately only SpyBot S&D runs w/o user intervention if you set it up to do so.
SpyBot, while being a great program, isn't updated nearly as often as AdAware and doesn't find all those pesky cookies that AdAware does. SpywareBlaster is good for keeping those pesky cookies from getting onto your machine in the first place.
We were unable to reach NoAdware, but the Better Business Bureau of Upstate New York reported that it had received 22 complaints about the company, which is not a member of the BBB, by early October. Network Dynamics has a clean record as a member of Southern California's BBB. The BBB's complaint database contained no record of complaints for the remainder of the companies whose products we tested.
The BBB has fallen into worthlessness in recent years (I don't know about years passed). They have little to no pull and sometimes they even go so far as to ignore complaints against their companies. I would ignore any comments in regards to BBB related businesses.
Basically you need to research what you are installing on your machine. That means using google, word of mouth, and your own deep digging before you put any "cleaning" program on your machine. You also need to do some research into making sure that you are using what you can to combat Spyware.
Sadly, most people out there don't know, care, or care to know. That's why they end up w/it in the first place. If people DID care about what they were installing on their computer AND took the time to do a quick google search they would find out exactly what they need to know.
It has gotten to the point where I seriously believe that MSFT is doing this on purpose in order to show the public why they NEED to use "protected computing".
Here is another example of where free is better than the commercial products...
hijackThis seems to find all the stuff that others leave behind, and it's free (as in beer). Almost everybody I know uses it too.
"Teleporting Rodents with D-Cell Battery Displacement" theory -- IgnoramusMaximus (692000)
install firefox
???
profit
really if you are still using IE you are bringing it on yourself, i loved IE, but it has become garbage
As a tech for an ISP I get a lot of email and calls about spyware. Some customers report problems and such with the commercial software being ineffective, so we reccomend using Spybot and Ad-Aware together to keep their systems clean. I use this personally and I never have problems, they are a definite must have when installing a new system.
Home of the midwest loser - www.say-10.net
That convinces your little sister she doesn't need a barbie IE brower theme or a cursor that looks like a puppy dog. Hold that, I want a program that turns the cursor into a weapon of some fashion that I may use to smite that damend purple monkey on my computer. That's worth my website traffic being shipped of to who knows where in itself.
-or so you'd think
Folks, I'm telling you, I've used Yahoo's new Spyware program that sits in the Yahoo toolbar and the thing works BETTER than AdAware. I'm serious. I had to fix my parents' and my inlaws' PCs, both with XP2. I've used AdAware and a few other freebies on both, but they still ran slow. So, for the hell of it, I used the new Yahoo thingy and it found TONS of stuff the others did not, including a trojan spam application. I have yet to see anyone talk about this app (even Ars Technica's latest Spyware article neglected to talk about it).
NoAdware "removed some stuff, but it also deleted something on the hard drive so the computer couldn't reboot," Smith says. After reinstalling Windows, Smith sent multiple messages to NoAdware requesting a refund, which she received four months after her initial request.
They actually gave her money back. That's good right? Sure they took four months, but they did it. She should shut up and stop complaining. They could have just blamed her for it since she really couldn't have proven anything.
manda
I use Adaware SE and SpyBot which I run manually once a week, each. I have Webroot's Spy Sweepter which stays in memory and provides a good level of "live" detection. Between the three programs it has been a long time since I've had a adware/spyware program on my desktop. However, it has only been through the use of all three that I have gotten to this point. I haven't found a program that will accomplish this by itself, either free or for fee. PC Magazine ran a comparison of spyware removal programs recently and came to about the same conclusion. They did rate AdAware SE as the best program, though.
I'm curious if there are comparable-quality Freeware/Shareware anti-virus products available? I don't mind paying for a product, but don't like having the product cease to function unless more money is extorted out of me in perpetuity. I'm sick and tired of Symantec shaking me down for subscription updates, and subsequent versions of their products becoming more bloated and inefficient.
Microsoft should be making spyware removal software. After all, they've got the budget to stay on top of it, and the knowledge to cut crafty spyware off at the pass.
You'd think they'd have a pretty good reason to make sure that (at least the latest version) of Windows is performing well for people. Sheesh.
http://it.slashdot.org/article.pl?sid=04/11/23/033 1228
.500 when it came to eradicating the broad range of spyware in the test. Freeware star Spybot Search & Destroy came in a distant 7th with an average of only .376. The top three? Giant Anti-Spyware, Spy Sweeper, and Ad-Aware. These test results are well worth your time."
Failing Grades For Most Anti-Spyware
Posted by timothy on Tuesday November 23, @04:59AM
from the or-choose-a-safer-operating-system dept.
serbach writes "Steve Gibson posted this link to a superb test of about two dozen top Anti-Spyware programs: Eric L. Howes conducted the test over a two-week period in October. The results surprised me: only 3 ASW programs had a 'batting average' of better than
Duh.
sulli
RTFJ.
I still can't fathom WHY Microsoft doesn't have something like this builtin to XP. My mom bought a Dell and a neighbor has had to clean the thing 3 times in the past 6 months! I'm embarassed now that I didn't push her towards a Apple now, but I only run Mac and Linux at home, and had no idea how bad the spyware issue is for Windows.
Really, this is an OS problem, and MS should provide a solution, you shouldn't have to reply on 3rd party providers to fix a shortcoming of the OS!
BCB
free ipod and free gmail!
Anti-virus tools are designed to take out older viruses. When a new virus comes out to market, the Anti-virus tools could take years or never defeat it.
The fact that its called ANTI-VIRUS makes gullible people think its a cure all, when its unlikely worth the time to install, let alone the money spent on it
God spoke to me.
A couple tips for removing spyware from windows. Run both ad-aware and spybot - search and destroy. after you run them you might still have some spyware. If this happens turn off system restore (at your own risk)and then reboot into safe-mode and run the checkers again. This can remove some of the hangers on. Also a great utility is www.doxdesk.com. It shows you how to manually unregister DLL files and also does a web based check for some common spyware.
So, Spyware removal is a big business that does not live up to its promise? Sounds like spyware removal is in the same category as late-night informercials to solve household chores, sexual dysfuction, or embarrassing body insufficiencies.
It was either this or more "What I Did With My iPod" stories.
sulli
RTFJ.
I use Webroot Spy Sweeper, and I haven't got bit...yet. I have recommended it to all my family, friends, and cohorts. Since I do security consulting the above list always hits me with "my computer is slow" "my email takes forever" "Honey, there is porn on the computer" (must be spy ware dear I don't look at that *cough*). Since everyone has followed my advice to install it, I haven't had any questions to answer.
Girl:Mommy, you are fat! Mom:Yes, Mommy has a baby growing in her tummy. Girl:I know, but what's growing in your butt?
You must be using Internet Explorer with your security settings set to allow ActiveX controls to use the Pest Scan
Doesn't look like I'm going to be able to scan my system without using IE with ActiveX enabled. I think I'll pass.
The fundamental difference between freeware and proprietry anti-malware software is that the freeware are doing it for the love of the game, or in this case their hatred for spyware in all its daemonic forms.
Commerical anti-spyware vendors on the other hand are in in for the $$$ and that means they are susseptable to temptation, i.e allow malwarez who give them money to get through, use malwarez tactics to get money and do things other than what it says on the tin while users aren't looking.(read, kazaa)
I suppose commerical vendors are just more idealogically close to the spammers, who are also in it for the money.
In any case, if you need an 'infrastructural' type software program, your nearly always better off going FOSS anyway. That's my 2c.
May the Maths Be with you!
Did we perhaps post in the wrong topics? Hmms, yess my preciousssss...
Don't buy any services or products advertised in popups, or other "annoying" media.
Duh!
Commercial software never lives up to it's hype, did you really expect anything better?
Drug companies don't want to cure you; they want you ill; so you can continue swallowing their crap, commercial software sucks to ensure your displeasure with what you've got; and to encourage you to purchase the deluxe suit or next release.
This is hardly news.
HiJack This, Spybot, and AdAware, along with msconfig screening, and registry repair, mass deletions of practically "toolbar" and "search" package in the "Program Files" directory, Google Search of ANY suspect process, and hours of my time, and I can usually clean off most of the crap that people unwittingly install on their PC's.
Then I install Firefox and set as default, install Google Toolbar in IE, block every pop-up in sight, and recommend that they buy a router. That usually does the trick.
Some spyware is really vicious. A huge problem is protecting the Enterprise from this. I work for a small company, so the licensing of Adaware and Spybot prevent me from installing this on our systems without violating their EULA. We have an alleged spyware protector in our antivirus program, but it is useless.
I own a copy of Pest Patrol, but if you can't clean it with Adaware&Spybot, you're hosed. Pest Patrol's web site, however, rocks. They have a ton of information on how to clean up these bots.
I've had great success with CWSShredder, and it is beneficial to use HijackThis! as well.
I would prefer it if I didn't get hijacked in the first place...IE has overstayed its welcome, IMO.
man rtfm
Lavasoft's Adaware is free for personal use. They also have a pay version, which may be used in a corporate or educational environment, or by those who have a burning desire to give Lavasoft money to support their efforts in the war against spyware.
//Information does not want to be free; it wants to breed.
When Gartner takes my IT operations job within the next two decades i can get into spyware cleaning instead!
bah... 800 must include tracking cookies which all browsers allow if cookies are accepted...the real buggars are the processes and registry items.
I have great faith in fools; My friends call it self-confidence. Edgar Allan Poe 1809-1845
is not a company you want to do business with regardless. I note that they responded to the article. So how about this question, Spyware Stormer? I challenge you to answer me here in this public forum and will once again email this to every address I can find for your company.
Why is your company using Windows Messenger Service to effectively spam/invade user's privacy with unwanted popups advertising your product?
This guy is way out there
- Trusted Sites has Java, Scripting and ActiveX enabled
- Internet has Java, Scripting and ActiveX DISABLED
- Restricted Sites has EVERYTHING DISABLED
Any site you do not explicitly trust will be rendered in strict-HTML only. No java, no jscript, no flash, no embedded crap."The look on their faces was hilarious.."
Let me guess, they are STILL steadfastly resistant to having anything to do with a Mac, right?
In terms of spyware that runs on your system as a program, it's a good idea to write a list of the notorious Run directory in the windows registry, that way you can check your list to see if new spyware(and sometimes viruses) have been added. What you need to really do though is ensure that you don't end up deleting legitimate additions to this list, such as those added after installing applications.
In tests using a fresh install of XP and 6 typical spyware infections
So, a fresh install of XP then
The open source community really needs to rally behind this, I think.
I'd love to see a project that uses community involvment to flag projects and websites as "phishing" or "spyware" related.
It could be integrated into open source projects such as Firefox and Thunderbird so you could be assured that after a few people in the community confirmed that a particular URL or even IP was "phishing" or "spyware" related, it would be disabled in the browser or email client without a blood sample and double confirmation.
I, for one, am sick of helping other people clean their computers of spyware. Many of them become so bogged down they are unusable.
Lose Weight and Feel Great with Isagenix
Too bad Spybot: Search and Destroy has one of the worst UIs I've seen in a Windows program in a LONG time. It frequently will do tasks without giving you any status report. It will often get dialog boxes stuck behind the main window where you can't see them to even know a dialog box is open. The custom controls are about the ugliest thing I've seen in software, and the entire program gives a "made by a junior high student in Visual Basic" vibe.
How about a little bit of professionalism in software development! I know it's freeware and you're not making money, but how about at least taking enough pride in your work to make it usable and not hideously ugly? I hate to say it, but I can't talk management into using Spybot: Search and Destroy as a standard because it looks so unprofessional.
Comment of the year
Microsoft should make spyware removal software...they've got the knowledge to cut it off at the pass.
"Cut them off at the pass?! I detest that cliché!"
Tech, life, family, faith: Give me a visit
Hardly a comprehensive test, there are products out there that are good, none (short of switching to oh-crud-I've-got-to-KNOW-how-to-USE-a-computer) Linux is perfect. Perhaps someone who cares could actually do some *real* (read "objective, controlled conditions, black-box") testing. Of course, it's probably more fun to sit back and be smug, taking potshots at those who have to balance earning a living with helping people... YOU know, those people/companies who actually make honest effort to keep up with the exponential growth of crapwarez and viruses out there and help people make the best of a windows experience...
If you don't want people getting shot in your house, do you put the gun and the bullets in different rooms, or do you just not have the gun in your house?
Just 5 stories away. It wouldn't be big if freeware totally rules.
If the Spyware programmers were smart they would make there spyware scan for other spyware remove them and keep track on what is going on your system and remove any spyware before it installes on your systems. That way your spyware program will be the only one running giving adds of your customers and not your competitors as popups with the victem barly noticing there is a problem. Because you are not killing them like when you have 100 Spyware programs installed. So your program will be on the host system longer showing only your adds to the host. avoiding competiors adds on the sytems. It seems to make more sience then just adding your stuff to the fray of thousands of others slowing the computer to a hault foring it to be removed.
If something is so important that you feel the need to post it on the internet... It probably isn't that important.
1. remove windoze...
2. keep the money you were to spend on expensive windoze based software...
3. install GNU/Linux & mozilla and/or firefox, OpenOffice and/or Abiword, gaim, & other misc. GNU/OSS freeware...
4. watch monkeyboy ballmer jump around like a monkey because nobody buys their crap anymore...
5.lol...
6. enjoy freedom...
There are some systemic problems with Windows, particularly the Windows/IE combination, that allow spyware to flourish -- the lack of a way for a common user to get a good idea what's running on their system besides MS-installed OS files, for example, or the multitude of places that auto-starting spyware can hide its startup away from the user's notice. But in the end the people who have spyware problems are almost universally the people who clicked on a link from an unknown source that promised them something cool (or more often than not, something astonishingly lame by more educated users' standards..) If your momand other users like her could be trained not to click on "Click here to install our FREE animated weather-forecasting dancing baby!" when she doesn't know anything about the source of the offer, 90% of the problem would go away overnight.
Recent versions of Ad-Aware always hang my computer. They cannot run a complete scan at all. I've seen other reports on this, and I've tried most of the work-around suggested, but all to no effect. Or at most I'll get past one hang only to get hung up on another one just a few moments later.
Generally the hangs are in attempting a deep scan of the registry, or while scanning somewhere in my Windows directory.
I haven't been able to successfully run it since upgrading almost a year ago. I've upgraded since then to keep the latest version, but there has been no change in my ability to run it.
I'm running WinXP SP2 on a 2Ghz Pentium 4 processor with 512Meg of RAM and an 80Gig hard drive.
Anyone else having these problems or know of any sure-fire work-arounds? Or even what the real root cause of the problem is?
- Spryguy
There are three kinds of people in this world: those that can count and those that can't
If you had spyware then
1. Reinstall the OS
2. apply SP2
3. install firefox and zonealarm
4. block everything except firefox (especially IE and explorer)
There is nothing called a clean state once you have a spyware on your machine.
If you are dumb enough to run windows again, then plan on doing this every 6 months. Why - long story but just plan on it.
There's a huge market for a "Consumer Reports" Net database of software product reviews. A Windows Installer component could point at a user's subscription, and check the install package's keys against the DB, showing ratings and linking to reviews. The same could be made (even more comprehensive and integrated) for apt-get, yast, or other OSS package managers. They could include filters for preferred security alert DBs, and notify the installing user of upgrades and alerts. Who wants to be a millionaire?
--
make install -not war
Couldn't be more right on the money.. Hijackthis along with Lavasoft's AdAware, will uncover 99.999% of the crap out there.
I mention AdAware because Hijackthis lacks any sort of a file checksum/scanning utility. If it did, It would be the best catch-all solution.
"Would it kill you to put down the toilet seat?" -- Maya Angelou
A Knoppix CD and this book are all you need. There's a hack on there for virus spyware removal from Windows. Trust me, it's easier to treat an un-concious patient than one that's awake and trying to stop you from helping.
But that book, BTW - it rocks!
Soko
"Depression is merely anger without enthusiasm." - Anonymous
"I work as a tech (because they fired me from my Fry-o-lator job), and all my "users" are stupid, but I am not a sheep, I have FireFox!"
One product even installed 57 spyware files itself!
Obviously, the developers of that anti-spyware program had a different idea of what a "spyware file" was than the developers of the unnamed anti-spyware tool they used to detect that the first tool had installed 57 "spyware files."
So what is a "spyware file"? Is it any file flagged by whatever anti-spyware tool you happen to be running at the moment? That's a rather self-serving (for the anti-spyware vendor) definition, don't you think?
Edith Keeler Must Die
They just did there day to day computer stuff on an account without Administrator access. Sure somebody might trick them into changing their homepage with javascript. Or they get a few cookies for add tracking. But the reason people buy these apps are the popup applications that they don't know how to remove. These they wouldn't get.
Weren't they recently found to have been bought off by certain spyware makers and now that spyware is left on systems?
If I am not mistaken (I use a Mac, so my contact with sypware is largely in removing it from other folks' computers) even the good free programs (adaware, spybot, etc) are closed source. As soon as the makers stop updating them, they become useless, as they can't remove newer spyware.
I've often wondered if it'd be feasible to start an open source spyware zapper project - the scanner wouldn't be too tough to write I don't think, and you could get the community to keep submitting updated definitions for newly found spyware via some sort of wiki-esq mechanism.
Could this work? And if so, could we also make our own anti-virus program while we're at it?
What is the point of this? If you're going to spend all this time and effort on choosing, installing and using anti-spyware tools, maybe it's time to question why spyware exists in the first place? A computer that does things like access data without informing the user isn't performing correctly. Wouldn't it make more sense for users to just upgrade their browser to Firefox, or even better upgrade all the way to Linux, rather than spend so much time messing around with anti-spyware tools that don't work?
Most anti-spyware programs are spyware. Of course they don't remove it. They are scams.
What sort of sites do these people surf on that they get infected with 4000+ spyware modules?
Whenever I run my spyware removal software AdAware, S&D, I typically only get about 40, and those are mostly cookies.
Could some of you enlighten me as to what the 3960 other spyware could be?
Live forever, or die trying.
I just got finished installing a Logitech cordless "Laser" mouse for someone and this is what it tried to do:
Install MusicMatch software
Install some AOL launchpad kind of software
Both of which the user would have no idea that he *DID NOT NEED THEM* and that they have *NOTHING* to do with a mouse.
Why is logitech bundling in this crap with a mouse????
Oh, and did I mention that the mouse just "worked" without installing the software that was descibed to install in the installation manaual.
When this problem get's resolved *THEN* we'll see spyware lessening, not until.
I always thought spyware was things like keyloggers that spouses/places of work/strange government entities might put in place to spy on you.
But they seem to be talking about ad-ware mostly, which would be searching for a different type of maleware entirely.
Quack, quack.
I don't think any of the product vendors actually make *promises*, or even *guarantees*. For that matter, I'm quite certain that any representations at all are nullified in whatever license agreement the user never reads.
Now, if they don't promise or guarantee anything, they certainly do create certain expectations.
And, the only anti-spyware software that matters,
Spybot S&D and AdAware, both exceed *my* expectations, even though neither has actually *promised* anything.
If a software company actually *promised* you something (which means, you do have a statement in writing, of course!), and they have not delivered what they promised, you can be assured of a summary judgement in your favor... Which is why nobody is going to *promise*, or *guarantee* anything, unless there is substantial consideration in advance.
Neither here nor there, though. You should be using Spybot S&D and AdAware. If you're in a commercial setting, you should do the right thing and contribute to Spybot S&D, and you "must" do the *legal* thing and buy the pro version of AdAware.
But don't expect to be taken seriously if you claim that any software vendor has ever literally made a promise to you regarding the serviceability of their product. On the contrary, I'm sure you will find that the bare minimum of representations has been made, as little as possible to be legal to license the product to you in your state.
-fb Everything not expressly forbidden is now mandatory.
I've used both SpyBoy S&D and AdAware with great results, but sometimes you gotta break your way into the system first.
For this I always keep renamed copies of Regedit and Task Manager handy. Very often you'll need these to kill process and clean the registry BEFORE you can run anti-spyware and anti-virus.
Always good for a free beer from the neighbors and atta-boys from the boss...
Goofy, Geeky Gifts and More!
I also recommend SpyBot...but I would like to point out that if you use and really like the product you should donate in order to keep the product free. Even if it's $1 or $5. Yes it's true that at that point the product is no longer free, but just think of the great product you got for only $1 or $5.
Seriously, I have not had any spyware problems on my iBook in the 3 years I have had it. But on my Windows PC I only have troubles when I run Windows Media Player or Internet Explorer which allow remove content to quitely install junk onto my computer. I put the blame 100% on Microsoft for that. So I tend to use Firefox for most everything and only open video files from trusted sources now. And if I cannot trust it I try the media player which came with my Nvidia card. I am baffled by the fact that MS chose to allow the media player to launch web pages from video or to auto-install new codecs. With Quicktime I never have a problem like that.
On my Mac I can use Firefox as well, but I prefer Safari.
But if Apple suddenly started to take a good portion of the market would there suddenly be virus and spyware problems for it? I would say no due to the fact that the primary problems with virus and spyware issues is MSIE, WMP and Outlook. And then there is the poor firewall protection built into Windows. On the Mac there is a good firewall and the same holes in Windows do not exist. The same simple exploits are just not possible. Sure there are some possible attacks, but they are rare and difficult to implement. And typically any feature which could be potentially exploited is disabled by default and only a small percentage of users other to enabled them. In contrast Windows typically has everything on by default. One such feature is running Apache, which I would gladly run in place of IIS any day.
Brennan Stehling - http://brennan.offwhite.net/blog/
"Rogue/Suspect" means that these products are of unknown, questionable, or dubious value as anti-spyware protection.
Some of the products listed on this page simply do not provide proven, reliable anti-spyware protection. Others may use unfair, deceptive, high pressure sales tactics and false positives to scare up sales from gullible, confused users. A very few of these products are either associated with known distributors of spyware/adware or have been known to install spyware/adware themselves. Users are advised to rely on anti-spyware applications with deserved reputations for trustworthy performance.
useful link to bookmark
"It is a greater offense to steal men's labor, than their clothes"
1. Download anti-spyware program from popups 2. Install anti-spyware program 3. Remove spyware found 4. Profit!
Free Photo iPods.
Norton:
And I thought someone was going to finally put in print how ineffective Norton Antivirus 2004 is at removing spy-ware. Spyware protection was a new toy in 2k4. The detection engine gets a B- and the removal tool gets a F.
Does anyone have any experience with Norton Internet Security 2K5?
Free (as in beer) Advice:
Install SpyBot and AdAware SE along side of your antivirus. Also, check http://housecall.trendmicro.com for a periodic antivirus sweep to make sure your installed antivirus is doing its job (works with firefox).
Install HijackThis. At the first sign of trouble run AdAware, then SpyBot, then Housecall. Reboot, close all open apps, then run Hijack this and post the output file in your favorite "Help, My computer is possessed" message board and follow online advice.
Or you could just install Linux (Mandrake 10 = very yes) and FireFox and be done with it.
-KS
Well, of course! Very seldom will you find a proprietary/paid application out there for which there is not a superior freeware tool. AdAware and SpyBot, I thought, were the defacto adware/spyware removal tools? One shouldn't need anything more...
JoloK
I run a small computer company in my town of about 50,000. Constantly I am getting people in here who are complaining about their computer slowing down, displaying popups, or not working at all. Then they'll go on about how they bought some program from Staples thats supposed to remove spyware. But, you'll never guess what the problem ALWAYS is: Spyware! As a technician, the first thing that I ALWAYS do is uninstall commercial Anti-Spyware. This article summs it up: install Spybot S&D and Ad-Aware (as well as Hijackthis). They remove 99% of the products I deal with. There are always a few out there that NO anti-spyware programs can remove, and I'll have to do some manual digging through the registry, but thats to be expected. Speaking of freeware, just for kicks, uninstall your expensive Norton Antivirus and go get AVG Antivirus.
Electrons are free; it is moving them that becomes expensive.
Honestly, this is what passes for 'customer service' now. Listen, if a program that YOU pay for disables your computer, and you don't get a refund until four months after the fact, you should be out there setting fire to the company's headquaters. Hell, I'd be charging them damages for lost time and data.
if there was a program that just checks the "run" key in the registry and comapre it to what is normal after a fresh install. The same could apply to the task manager(looking for "strange" processes). It's what I do when looking for programs that shouldn't be running. I get suspicious when I see rundll32.exe in the task manager, among other things. I wouldn't mind having a one click button do that for me. For reasons already mentioned, I just don't care for these spyware removal programs. There are times that "I'd rather do it myself."
What?
You purposely installed WeatherBug?
I tried spybot and adaware and they were not able to remove some really nasty ones like "webrebates0.exe". So then I went to www.iamnotageek.com which seems to list removal instructions for a large number of spyware and adware stuff. I had to remove a lot of them manually. I think that seems the only way to really clean them out. Oh yeah.. I did try hijackthis as well but that reports a lot of false positives. You still have to go to some site like iamnotageek to check if the program/registry entries reported are malicious or not.
r rentversion\run\" section so they dont get spawned during startup, be sure to unregister the dlls and finally remove the install directories/files completely. Of course after everything is done, install SP2 and preferrably switch to firefox/mozilla.
Interesting thing about some of the programs running was that they had 2 copies of the executables running - eg. webrebates0.exe and webrebates1.exe. If you kill one and not the other, then the other seems to spawn the killed application again. Killing both of them in a short span of time seemed to take care of the problem.. (Oh yeah some of them may have more than 2 executables running.. Be sure to kill all of them. iamnotageek lists all programs and program names that are associated with a particular spyware. So use that as a guide when killing processes.)
Points to remember for manual cleanup: be sure to clean the registry entries from the "HKEY_LOCAL_MACHINE\software\microsoft\windows\cu
You forgot step 7: throw your PC out because you cant play your favorite video games, hook up a digital camera to your pc, or find drivers for half of your hardware. Keep dreaming though buddy :)
At least, that's what Slashdot thought at 6:29am today. Maybe the collective wisdom has changed its mind? :-)
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
From the article: "Some companies use pop-ups that mimic the appearance of Windows dialog boxes..."
:-)
I'm looking forward to the day when some companies use pop-ups that mimic the appearance of KDE 3.4 (fourth story below this one) dialog boxes.
I don't have any on this box... mind you, I'm not running ms-windows either... I can't understand all this anti-spyware fuss when all you're doing is discussing the merits of which company to call out to rid your house of the cockroaches that are coming in through all the cracks... do what I've done... shift to a platform that's designed properly from the outset.. Doesn't need to be Linux either... I note the Mac gang don't suffer either.
Donald 'Duck' Dunn: We had a band powerful enough to turn goat piss into gasoline.
In other news...water is wet, and ice is cold.
Seriously, anyone who deals with spyware on a regular basis knows this already.
-Jay
Any idiot can just reinstall the OS! Microsoft makes that SO simple. It's a REAL CHALLENGE to take it upon yourself to LEARN all the places where spyware can be installed to, LEARN all the ways you can protect yourself from spyware and exploits. In doing so, you become A BETTER COMPUTER USER.
Just reinstalling the OS only does one thing: It gives you experience in reinstalling the OS, which is already painfully simple.
It never ceases to amaze me that people will knowingly and willingly install an operating system on their computer that is so obviously broken; to the point that after the install, anti spyware and adware software must be installed for it to remain functional; not to mention then having to install hundereds of megabytes more of patches and fixes at the additional cost to the user. But hey, people get what they wnat I guess. Personally, I think that this is the result of a victim mentality imposed on the masses largely by our government who so desperately needs to be seen as our savior. Hence, the farsical government lawsuits against MSFT and the joke of a anti spam law that increased spam almost exponentially. Now they will save us all from the spammers by making us all pay for email (another tax). bla bla bla, I have to go puke now
$ whatis msft msft: nothing appropriate
besides the usual .. use firefox..
/pid [proccess1] /pid [proccess2] /f
.dll and can't delete it because some proccess is using it.. or want to know which process is using it.. try "tasklist /m [dll_filename]"
... so every now and then i get cmd.exe windows.. until adaware releases a fix for what i have :)
the other night my laptop got a spyware infestation and this was the most serious one i had come across..
adaware and spybot couldn't detect anything.. yet i kept getting IE popups.. I booted to safe mode but guess what.. an IE popup while adaware is running (network was not available) in safe mode!
so i back to windows normal mode, pull up sysinternal's processEx to see which process starts the IE process.. and i was surprised to find that the IE popups were from winlogon.exe! later i found out that the sypware had also modified my winsock files..
anyway.. to the tips.. sometimes you have two processes that monitor each other, so when you kill one, the other process respawns the proccess you just killed. unless you are lightining fast with taskmgr... you can kill both at the same with taskkill
if you find a
the "[" "]" don't mean optional parameters.. i couldn't use the less/greater signs
the sypware that i got installed was hosted at rackspace.. so i called up rackspace (@3am CST).. bitched about it and they contacted their spyware client.. you would expect then to stop hosting the spyware.. instead rackspace sent me a link for a utility to download (utility provided by the spyware client).. which removed whatever i had but installed more spyware!!
In the end, i renamed iexplore.exe and put a copy of cmd.exe as iexplore.exe
God is real unless declared as int
Could we please all help our 'friend' in promoting his selling of spyware dll usage?
The domain name is:
LOCALNRD.COM
The address is this:
Thinking Media LP
275 Madison Avenue
New York, NY 10016
Or please give a call to show your support for spyware and your desire to do business with them.
1(866)839-6164
Thanks for helping the cause!!!!
I've noticed that the latest version of Symantec AntiVirus has anti spyware features. Seeing spyware as simply another form of non-worm virus makes sense, and so does combining the products (both scan processes, memory, disk, etc). However, I have no idea if Symantec's is effective or not. Given their size, not including their product in this article was a large oversight.
If anyone has comparative info on Symantec vs. the freeware anti-spyware products...please post as a reply to this post.
You're right about running multiple software levels in your defence against adware, spyware, malware and viruses.
At the same time, these programs don't always coexist well together. I had to laugh (wince) when my Panda anti-virus program decided that Spybot was a potential threat and quarantined it. (I was using Panda mostly for the firewall, because I don't trust the built in XP firewall capabilities). Sometimes these apps just are unknowing about one another, and seeing something out of place, they want to do something about it. Now, of course, the experienced computer user can make some intelligent decisions. But a newbie or your elderly mother might well be challenged to make such decisions and would likely just run things in automatic quarantine mode.
Now, I can still use Spybot, I'm just not sure all of its parts behave as they once did. It still seems to do the job, I just don't know if it is doing as good of job as before.
-- Mal: "Well they tell you: never hit a man with a closed fist. But it is, on occasion, hilarious."
You need both of those plus CWShredder plus Bugoff plus Regcleaner.
And remember to run Adaware with the 'Deep Scan' option once in a while because it will find things that 'Smart Scan' does not.
Linux pulls jpeg files off my digital camera perfectly...
and my printer and flatbed scanner work perfectly too...
games? what games, both KDE & Gnome have better games and more than windoze does???
video games? that what PS2 and Nintendo game consoles are for anyways...
See here for a more scientific test (last week's frontpage news). That one used some scientific principles and a MUCH larger set of software. It also presented tables showing what gets missed, and we find that Ad-Aware and spybot DO miss some items, and that some of the other contenders pick them up. Good to know if you're cleaning someone's computer and the usual tricks don't fix everything.
/. users already know to never buy software from people using unscrupulous advertising techniques (like the ones the parent article used to select the commercial software).
I hope
UGH! Noone go to badpuppy.com as referenced in the previous post.
Both of these two products were recommended to me from the TDS-3 forum. I believe the topic was something like "How did I get infected in the first place" Anyway I installed the resident program Spyware Guard and I update and run Spyware Blaster once a month or so. I have not had one piece of Spyware since. This PC is used by several internet savvy teenagers so I think it's put to a pretty good test. (We also only use Opera browser)
games? what games, both KDE & Gnome have better games and more than windoze does???
Better and more games?! HAHAHAHA Man thats a good one.
Thanks, I had my laugh for the day.
If people don't want to have a Clue, then they should seriously consider getting a Mac with OS X. I don't mean to sound like a troll, but with a Mac you don't hae to learn it's innards to even use, much less learn good practices to prevent spyware from happening. Hell you don't even have to install Firefox.
Macs are more expensive but after all the trips to the shop for spyware removal it will be cheaper in the long run.
'Sophos' has some good blog postings over at ITToolbox on the emerging market of "Digital Snake Oil" in the antivirus/antispyware product sector...
h ives/001997.asp
h ives/002284.asp
http://blogs.ittoolbox.com/eai/implementation/arc
http://blogs.ittoolbox.com/eai/implementation/arc
The1Genius - Littera Scripta Manet
I rad AdAware for the first time in at least 3 months today, and didnt even come up with suspect cookies. I'm not sure why I bother with an antivirus because it's come up with one hit in a couple of years (and it's not like I use my PC for anything important).
Keep your OS updated, run Firefox (ok or opera or whatever) instead of IE, get a decent hosts file... A couple of painless steps and easy, basic maintenance like pointing your browser to windowsupdate occasionally and you'll be sitting wondering what all the fuss is about.
But above all, just use your head: if in any doubt, just delete that email or refuse that unrequested file download. Free software? Sounds pretty suspect to me, aint putting THAT near my PC without a quick spot of forum/google research - where i'm liable to be pointed to better software anyway. Plain, simple, common sense. I'm absolutely confident the vast majority of spyware infections could be prevented if the user was just a little savvy - or even just sceptical.
- update your winbox as often as needed
- keep the hell from the Internet away (firewall)
- antivirus wont hurt
- don't use IE
- stop downloading and installing every single freeware crap you run accross.
- do your best to read the EULAs
- while you're at it, might as well install linux
You need people like me so you can point your fuckin fingers and say, "That's the bad guy." So what that make you? Good?
I used Spybot S&D and Adaware (I even paid for Adaware), and I finally came to the conclusion that neither was particularly effective against machines that were already infected.
On a recommendation from PC Magazine, I tried Webroot Spy Sweeper, and guess what...it really just works.
Yes, you should have firewall (two firewalls: a hardware and software firewall), yes, you should have antivirus. But Spybot S&D and Adaware aren't particularly good things to use these days. Sometimes its worth paying $30 to eliminate the problem.
You were mistaken. Which is odd, since memory shouldn't be a problem for you
I use Bazooka Spyware and Adware Scanner. It's quick, simple, and free.
All it does is identify what crap is on your box and then link you to the encyclopedia on the bazooka website, where there are instructions on how to remove it, mainly using regedit. I've had to disinfect the computers of neighbors, family friends, etc. Most of the time, somebody told them to install Ad-Aware already, and 100% of the time it wasn't doing shit, except increasing boot time.
With the DIY approach, you know it's gone because you removed it. Usually took under 10 minutes to clean even the dirtiest of boxes (that I've come across.)
WARNING: DO NOT LET DR. MARIO TOUCH YOUR GENITALS. HE IS NOT A REAL DOCTOR.
is like that old commercial where the guy puts his unprotected arm in a tank full of mosquitos.
Typical Linux distros do have more bundled games (i.e. chess, checker, cardgames, etc....)
The answer is clear, don't use Windows to surf the web. If you have to then use mozilla/firefox/netscape.
-- main(s){printf(s="main(s){printf(s=%c%s%c,34,s,34
Webroot's Spysweeper. www.webroot.com has been the best spyware remover i've ever used. Never had any problems with it and it seems to remove any spyware installed.
AcmeShells.com The cheapest Eggdrop
Not always - I had the real pleasure of cleaning my inlaws computer a monthy ago. They have a 16 yr old in the house + broadband and un-updated windows box - The machine was pretty much dead - I had to pull the ethernet connection to even get it running. I had a copy of ad-aware with me - first pass netted 642 critical items. Cleaned those - was able to get online - then updated ad-aware defs and cleaned another 152 critical items (in addition they had their browser cache set at 40 gigs and it was about half-full).
Host Intrusion Detector Systems may be a smarter option, as they actively detect attempts to place software on the machine without authorization, regardless of whether the file is recognized or not.
A more primitive option that is popular is to use a file verification system, such as "tripwire". This detects if files have been added where they shouldn't be, or if files that are supposed to be fixed have been changed.
Tripwire takes a bit of setting up, but if you were to go into the spyware cleaning market, it would be a great tool for scanning for likely hostile files that other tools have missed.
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
Seriously, software companies have a fondness for not clainig responsibility. Even FOSS coders do. I know of no software that is sold/given as anything other than AS-IS, which means that they've zero responsibility for anything.
I would like software to have lemon laws and for consumers to be protected, but that just ain't gonna happen.
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
" Securely Protect Yourself Against Cyber Trespass (SPY ACT) (H.R. 2929): ... Among other things, it also outlaws taking over a PC for the purpose of sending unsolicited information to others (setting up a zombie PC); changing a browser's home page or otherwise loading pages other than those the user intended to request;"
Seems to me that would outlaw pop-up advertisements completely. There is no way this is going to become law.
Insert Generic Sig Here:
I would hardly call those games and so what if YOUR scanner or camera works fine in *NIX. The point is the overwhelming majority of cameras and scanners (including mine) out there are not supported under *NIX. GET IT? Same goes for tons of other hardware so quit blowing smoke up people's asses. Not to mention the complete lack of quality audio, video, and picture editing software for *NIX. But keep dreaming my friend :P
Stick to servers...*NIX is not a good desktop OS unless all you do is check email and troll /. on your 433 celeron.
Try Giant Antispyware. It's the best product currently out on the market. It found stuff that Adaware and Spybot combined could not. The products reviewed in the article are a joke.
Oh please. Who the hell plays that shit? You missed the point completely or you are just another zealot.
Firefox.
On the serious side I notice the crap still shows up. Run a p2p app and bam it comes in and once its in they'll use the embeded IE to get more. Solution? Set IE to maximum security with all features disabled. Throw in AdAdware running every few days and the system is clean.
can't sleep slashdot will eat me
Don't you realize that attitude is the cause of rants #1 and #3. The games and drivers will come once lot of people are on linux. As for #2, all digital camera software sucks wise up and just get a flash card reader for $5. Even on my windows box I prefer the flash reader.
We were looking at trialing Spybot for our workplace. We're talking about a large number of workstations too (10,000+).
I was asked to contact them with questions we had regarding their product, technical and licensing questions.
Over the span of five weeks, we'd sent at LEAST five emails (that I can remember) to them trying to get a response out of them. Two were ignored, two replies we received were copied and pasted off their website (gee, like we hadn't read it before) and when my manager had jack of it and asked for a fax number (since no contact details were available on their website) we were told to email them our questions.
*Sigh*
I find it funny the article talks about how great Spybot is. Screw Spybot. The product is fine for individual home users and have no intention of ever asking another person anything about it -- but I would not try deploying something like that over a large enterprise environment. God forbid you should need to call someone for technical support....
You missed the twisted idea. :p) .
you can have an ultra antique unix system working with a little maintenance like finding 2nd hand spare parts from brookers for your 15 years old system hardware.
Your system should still be able to go on the road (internet ?
I like Tux Racer!
--the Government of the US of America is not in any sense founded on the Christian religion... --US Senate, June 1797--
: /nitpick and info
Actually, it's
"The Government of the United States is not, in any sense, founded on the Christian Religon."
-George Washington --Treaty of Tripoli, 1796
A.A
Your mind is like a parachute. It works best when it's been opened.
"SpoofStick makes it easier to spot a spoofed website by prominently displaying only the most relevant domain information. It's not a comprehensive solution, but it's a good start."
For more informayion on this Firfox extension,
visit http://www.corestreet.com/spoofstick
"Browse freely but carry a SpoofStick"
I'd wager any sum that the most commonly played game on Windows is Solitaire. By far.
Not all computer users are 17-year-olds drooling for the next FPS. In fact, they're the minority.
As far as I can tell from the website's description of SpoofStick, it only strips out everything but the basic domain or ip address of a page from the address bar. So login.ebay.ca@127.0.0.1 is shown as 127.0.0.1 by SpoofStick.
This will not reveal spoofing sites that use some crazy javascript or other exploits to change the address bar. In the case of a phishing site that shows only login.ebay.ca in the address bar, but is really at 127.0.0.1 (or whatever address), SpoofStick will show login.ebay.ca.
Christ, suggest donations. If the freeware is beating the fraudulent, at least suggest you donate to the developers in addition to using it. I can't imagine the ridiculous crap these authors need to reverse hack. I bet they could write very amusing tomes on the subject of Windoze architecture and security.
Hey, I'm just your average shit and piss factory.
Used to frequent badpuppy.com **untill** I discovered the MSN/Yahoo! groups...
Michael Howard published a great little utility a few weeks ago that makes it trivial to run specific applications with lower privileges than the account you have logged on with. Check out DropMyRights.exe here: http://msdn.microsoft.com/security/securecode/colu mns/default.aspx?pull=/library/en-us/dncode/html/s ecure11152004.asp
As for people complaining that Microsoft is doing nothing about spyware, or that Microsoft is even somehow promoting the creation of malware, have you seen this link? http://www.microsoft.com/athome/security/spyware/d efault.mspx
Granted, Microsoft needs to do more, a whole lot more, but Spyware is a relatively new phenomenon and as this thread and the links to related articles make clear, no organization has published a fool proof tool for either cleaning up or preventing spyware. And those of us who brag about being on a platform immune to malware, that's a foolhardy claim. Just because your platform hasn't been hit doesn't mean its immune, it simply means that nobody has shown enough interest in developing effective malware for it. Yet.
Try PestPatrol...it kills and prevents everything: http://www.pestpatrol.com Dave
I'm not a troll, but I play one on Slashdot.
That going to that PCWorld link makes my Spybot resident shield pop up 8 times with 'Spybot has blocked ''DoubleClick''!'...
Spybot isnt all that great either, I always have like 2 or 3 spywares that never go away and I am always getting pop ups from them
Not good at detecting unknowns better to buy one than use Clam.
Clam is the best cleanup antivirus on the market. Ie a harddrive infected and you need to get all the viruses together in the shortest time Clam wins hands down if it knows the virus. Ie another antivirus is still used to clean the files.
It is just not the best defence Anti Virus on the market for clients. Also Clam makes a good email/fileserver virus scanner were fake trips are a problem.
It has its place but it is not a general Antivirus ie servers and clean up is Clams home all software has it place using the wrong one in the wrong place does not work well.
IMHO, absolutely NO spyware 'removal' tools are effective. Try removing BargainBuddy or Home Search browser hijack with any of them, and see exactly how much luck you have. When trying to remove those 2 from my parents computer, I tried absolutely EVERYTHING. Spybot, Giant Antispyware, XoftSpy, Hijackthis, Ad-Aware etc etc etc. They all found the infection and claimed to clean it, but you'd reboot and it would still be there. Manual removal is still the only effective way to remove this garbage.
:)
Another effective measure may a DDoS directed at eXact advertising.
You're the one who got me into bananaphone!
Ring ring ring ring ring ring ring bananaphone!
sulli
RTFJ.
Firefox 1.0...
Who would have guessed that the non-commercial software would do better than certain proprietary packages? For many people outside the Slashdot site, commercial proprietary software represents virtually all software.
One difference between shareware/freeware/FOSS software and commercial proprietary software is that commercial software sometimes has excessive features. Ads for commercial software can compare packages based on their features, so having more features looks better. Of course, not everyone uses every feature. Worse yet, more features can mean more complexity and more things to go wrong. Software that is electronically distributed by an individual or a group does not usually rely on ads, so this is not an issue for them.
I sure wish we could go back to the days when we could scan with Ad-aware, Spybot S&D, and Hijackthis! and sucessfully remove 99% of all the spyware out there. I'm finding I have to use a wider variety of tools in conjunction to end with a clean system. One that I've been quite impressed with is Giant AntiSpyware. Only comes with a 15day trial but it really does a nice job cleaning up in the end. I've even had to resort to using some of the more dubious antispyware tools to get rid of really stubborn spyware these days. When will it end!?
they seem a lot more geared toward big companies
Want a *really* good one?
Pull the drive out, put it in another Windows XP box as the E drive or whatever, then scan it.
The secondary drive won't have any "system" files anymore because its not running anything.
- Michael T. Babcock (Yes, I blog)
The fact that this was moderated troll has finally convinced me that posting to Slashdot is a ridiculous waste of time.
The idea of Microsoft doing something to help Windows users is not a troll you ignorant groupthinkers. It would benefit all parties, period.
Bah, I should have stopped participating in this exercise in idealogical circlejerking hubris a long time ago. What a waste of time.
We have gotten really proactive with this because customers with spyware-ridden computers were beginning to blame us this summer for their problems - so we sent out a proposal to everyone, whether they wanted it or not, and then followed up to see if they wanted to go for it. Some did, some put us off til next year, most didn't. Several were already using Adaware & Spybot so we told them if they ever stopped doing the trick to let us know. But I recorded everyone's answers in the database so they couldn't come back later and claim we never warned them about spyware.
AFAIK it's the only corporate edition version of an anti-spyware product so far, and we hope that it performs as well as advertised (after a month, so far so good anyway!) We figure the ones that haven't taken us up on the offer will buy it sooner or later - maybe not from us, but they will buy it, because they will have no choice, just like you really don't have a choice anymore regarding whether to run antivirus software or not. Do you want to surf the Net without having to clean out your system every two days or so? Then you will run anti-spyware software.