Slashdot Mirror
Anti-Spyware Products Don't Live Up to Promises
John Wells writes "In the December, 2004 issue of PC World, the author of an article titled Poor Defenders concludes that most commercial anti-spyware software is ineffective. In tests using a fresh install of XP and 6 typical spyware infections the commercial software failed to stack up against freeware competitor Spybot Search and Destroy. Four out of seven commercial products failed to remove any of the infections. One product even installed 57 spyware files itself! Conclusion: Use freeware products like Spybot and Lavasoft's Ad-Aware SE Personal."
So where does this guy get his "paid" spyware removal applications? Clicking on popups? Oh... wait...
many of these utilities use aggressive marketing tactics in pop-up ads, spam, and keyword ads appearing alongside Google search results
Though I suppose this is how they sucker a lot of people and some people expect results if they pay for a utility, I would probably do at least a LITTLE research before paying for any app like that. The thing is, I would hardly consider this "most commercial anti-spyware software." So as far as this "test," he might as well do an article about Virtual Bouncer and how it removed his parasites for him.
Why didn't he test something like Spy Sweeper or Giant AntiSpyware? Those are paid ones that I would probably recommend if someone did want to pay for a program. At least that way, people would see that not ALL commerical products are crap - it does almost sound like that.
But really, Spybot isn't even cutting it anymore, IMO. AdAware is still doing well, but I've actually been more impressed with the other two I mentioned above - worth a look if you haven't checked them out - both have free trials that you would have no problems doing a removal with.
Nathan Shafer, answering our e-mail message to Spyware Stormer, challenged our test methodology. Shafer wrote that Spyware Stormer detects "over 20,000 variants of spyware and adware," and that its performance with the six applications we chose was therefore "hardly representative in any way."
They are absolutely correct here although there are only four programs you should ever install for combating spyware: Adaware, SpyBot S&D, SpywareBlaster, and a good software firewall package (preferably one that tells you when something is trying to connect out to the Internet like ZoneAlarm). You need to keep these programs updated on a regular basis and you need to make sure that they run regularly. Unfortunately only SpyBot S&D runs w/o user intervention if you set it up to do so.
SpyBot, while being a great program, isn't updated nearly as often as AdAware and doesn't find all those pesky cookies that AdAware does. SpywareBlaster is good for keeping those pesky cookies from getting onto your machine in the first place.
We were unable to reach NoAdware, but the Better Business Bureau of Upstate New York reported that it had received 22 complaints about the company, which is not a member of the BBB, by early October. Network Dynamics has a clean record as a member of Southern California's BBB. The BBB's complaint database contained no record of complaints for the remainder of the companies whose products we tested.
The BBB has fallen into worthlessness in recent years (I don't know about years passed). They have little to no pull and sometimes they even go so far as to ignore complaints against their companies. I would ignore any comments in regards to BBB related businesses.
Basically you need to research what you are installing on your machine. That means using google, word of mouth, and your own deep digging before you put any "cleaning" program on your machine. You also need to do some research into making sure that you are using what you can to combat Spyware.
Sadly, most people out there don't know, care, or care to know. That's why they end up w/it in the first place. If people DID care about what they were installing on their computer AND took the time to do a quick google search they would find out exactly what they need to know.
It has gotten to the point where I seriously believe that MSFT is doing this on purpose in order to show the public why they NEED to use "protected computing".
hijackThis seems to find all the stuff that others leave behind, and it's free (as in beer). Almost everybody I know uses it too.
"Teleporting Rodents with D-Cell Battery Displacement" theory -- IgnoramusMaximus (692000)
install firefox
???
profit
really if you are still using IE you are bringing it on yourself, i loved IE, but it has become garbage
That convinces your little sister she doesn't need a barbie IE brower theme or a cursor that looks like a puppy dog. Hold that, I want a program that turns the cursor into a weapon of some fashion that I may use to smite that damend purple monkey on my computer. That's worth my website traffic being shipped of to who knows where in itself.
-or so you'd think
Folks, I'm telling you, I've used Yahoo's new Spyware program that sits in the Yahoo toolbar and the thing works BETTER than AdAware. I'm serious. I had to fix my parents' and my inlaws' PCs, both with XP2. I've used AdAware and a few other freebies on both, but they still ran slow. So, for the hell of it, I used the new Yahoo thingy and it found TONS of stuff the others did not, including a trojan spam application. I have yet to see anyone talk about this app (even Ars Technica's latest Spyware article neglected to talk about it).
NoAdware "removed some stuff, but it also deleted something on the hard drive so the computer couldn't reboot," Smith says. After reinstalling Windows, Smith sent multiple messages to NoAdware requesting a refund, which she received four months after her initial request.
They actually gave her money back. That's good right? Sure they took four months, but they did it. She should shut up and stop complaining. They could have just blamed her for it since she really couldn't have proven anything.
manda
I use Adaware SE and SpyBot which I run manually once a week, each. I have Webroot's Spy Sweepter which stays in memory and provides a good level of "live" detection. Between the three programs it has been a long time since I've had a adware/spyware program on my desktop. However, it has only been through the use of all three that I have gotten to this point. I haven't found a program that will accomplish this by itself, either free or for fee. PC Magazine ran a comparison of spyware removal programs recently and came to about the same conclusion. They did rate AdAware SE as the best program, though.
I'm curious if there are comparable-quality Freeware/Shareware anti-virus products available? I don't mind paying for a product, but don't like having the product cease to function unless more money is extorted out of me in perpetuity. I'm sick and tired of Symantec shaking me down for subscription updates, and subsequent versions of their products becoming more bloated and inefficient.
I still can't fathom WHY Microsoft doesn't have something like this builtin to XP. My mom bought a Dell and a neighbor has had to clean the thing 3 times in the past 6 months! I'm embarassed now that I didn't push her towards a Apple now, but I only run Mac and Linux at home, and had no idea how bad the spyware issue is for Windows.
Really, this is an OS problem, and MS should provide a solution, you shouldn't have to reply on 3rd party providers to fix a shortcoming of the OS!
BCB
free ipod and free gmail!
Anti-virus tools are designed to take out older viruses. When a new virus comes out to market, the Anti-virus tools could take years or never defeat it.
The fact that its called ANTI-VIRUS makes gullible people think its a cure all, when its unlikely worth the time to install, let alone the money spent on it
God spoke to me.
A couple tips for removing spyware from windows. Run both ad-aware and spybot - search and destroy. after you run them you might still have some spyware. If this happens turn off system restore (at your own risk)and then reboot into safe-mode and run the checkers again. This can remove some of the hangers on. Also a great utility is www.doxdesk.com. It shows you how to manually unregister DLL files and also does a web based check for some common spyware.
It was either this or more "What I Did With My iPod" stories.
sulli
RTFJ.
You must be using Internet Explorer with your security settings set to allow ActiveX controls to use the Pest Scan
Doesn't look like I'm going to be able to scan my system without using IE with ActiveX enabled. I think I'll pass.
The fundamental difference between freeware and proprietry anti-malware software is that the freeware are doing it for the love of the game, or in this case their hatred for spyware in all its daemonic forms.
Commerical anti-spyware vendors on the other hand are in in for the $$$ and that means they are susseptable to temptation, i.e allow malwarez who give them money to get through, use malwarez tactics to get money and do things other than what it says on the tin while users aren't looking.(read, kazaa)
I suppose commerical vendors are just more idealogically close to the spammers, who are also in it for the money.
In any case, if you need an 'infrastructural' type software program, your nearly always better off going FOSS anyway. That's my 2c.
May the Maths Be with you!
Don't buy any services or products advertised in popups, or other "annoying" media.
Duh!
Damn you. One can lose their sanity in that song. for the love of slashdot never post that song again.
For all others who have not clicked on the link, I recommend to not click it, unless of course you enjoy Banana Phone.
- Qua
is not a company you want to do business with regardless. I note that they responded to the article. So how about this question, Spyware Stormer? I challenge you to answer me here in this public forum and will once again email this to every address I can find for your company.
Why is your company using Windows Messenger Service to effectively spam/invade user's privacy with unwanted popups advertising your product?
This guy is way out there
In tests using a fresh install of XP and 6 typical spyware infections
So, a fresh install of XP then
The open source community really needs to rally behind this, I think.
I'd love to see a project that uses community involvment to flag projects and websites as "phishing" or "spyware" related.
It could be integrated into open source projects such as Firefox and Thunderbird so you could be assured that after a few people in the community confirmed that a particular URL or even IP was "phishing" or "spyware" related, it would be disabled in the browser or email client without a blood sample and double confirmation.
I, for one, am sick of helping other people clean their computers of spyware. Many of them become so bogged down they are unusable.
Lose Weight and Feel Great with Isagenix
Too bad Spybot: Search and Destroy has one of the worst UIs I've seen in a Windows program in a LONG time. It frequently will do tasks without giving you any status report. It will often get dialog boxes stuck behind the main window where you can't see them to even know a dialog box is open. The custom controls are about the ugliest thing I've seen in software, and the entire program gives a "made by a junior high student in Visual Basic" vibe.
How about a little bit of professionalism in software development! I know it's freeware and you're not making money, but how about at least taking enough pride in your work to make it usable and not hideously ugly? I hate to say it, but I can't talk management into using Spybot: Search and Destroy as a standard because it looks so unprofessional.
Comment of the year
There are some systemic problems with Windows, particularly the Windows/IE combination, that allow spyware to flourish -- the lack of a way for a common user to get a good idea what's running on their system besides MS-installed OS files, for example, or the multitude of places that auto-starting spyware can hide its startup away from the user's notice. But in the end the people who have spyware problems are almost universally the people who clicked on a link from an unknown source that promised them something cool (or more often than not, something astonishingly lame by more educated users' standards..) If your momand other users like her could be trained not to click on "Click here to install our FREE animated weather-forecasting dancing baby!" when she doesn't know anything about the source of the offer, 90% of the problem would go away overnight.
I didn't post this. A friend thinks it's funny to destroy my karma, when I leave my account logged into /.
The advantage of paying for AdAware is to get AdWatch, a live detection program which blocks registry modification, browser hijacks, etc. as they happen. It is very customisable and can react autonomously or can prompt for action. No burning desire, just a good product. (No affiliation)
As to this douche installing programs advertised by popups, what does he expect? If your advertising strategy is popups, you're selling crap. If your purchasing strategy is popups, you're buying it.
*blinking cursor*
If I am not mistaken (I use a Mac, so my contact with sypware is largely in removing it from other folks' computers) even the good free programs (adaware, spybot, etc) are closed source. As soon as the makers stop updating them, they become useless, as they can't remove newer spyware.
I've often wondered if it'd be feasible to start an open source spyware zapper project - the scanner wouldn't be too tough to write I don't think, and you could get the community to keep submitting updated definitions for newly found spyware via some sort of wiki-esq mechanism.
Could this work? And if so, could we also make our own anti-virus program while we're at it?
Ad-Aware runs on a BartPE Boot CD. I've heard Spybot also runs on BartPE, but I don't think there are handy instructions for adding it to the image.
I also recommend SpyBot...but I would like to point out that if you use and really like the product you should donate in order to keep the product free. Even if it's $1 or $5. Yes it's true that at that point the product is no longer free, but just think of the great product you got for only $1 or $5.
"Rogue/Suspect" means that these products are of unknown, questionable, or dubious value as anti-spyware protection.
Some of the products listed on this page simply do not provide proven, reliable anti-spyware protection. Others may use unfair, deceptive, high pressure sales tactics and false positives to scare up sales from gullible, confused users. A very few of these products are either associated with known distributors of spyware/adware or have been known to install spyware/adware themselves. Users are advised to rely on anti-spyware applications with deserved reputations for trustworthy performance.
useful link to bookmark
"It is a greater offense to steal men's labor, than their clothes"
I run a small computer company in my town of about 50,000. Constantly I am getting people in here who are complaining about their computer slowing down, displaying popups, or not working at all. Then they'll go on about how they bought some program from Staples thats supposed to remove spyware. But, you'll never guess what the problem ALWAYS is: Spyware! As a technician, the first thing that I ALWAYS do is uninstall commercial Anti-Spyware. This article summs it up: install Spybot S&D and Ad-Aware (as well as Hijackthis). They remove 99% of the products I deal with. There are always a few out there that NO anti-spyware programs can remove, and I'll have to do some manual digging through the registry, but thats to be expected. Speaking of freeware, just for kicks, uninstall your expensive Norton Antivirus and go get AVG Antivirus.
Electrons are free; it is moving them that becomes expensive.
besides the usual .. use firefox..
/pid [proccess1] /pid [proccess2] /f
.dll and can't delete it because some proccess is using it.. or want to know which process is using it.. try "tasklist /m [dll_filename]"
... so every now and then i get cmd.exe windows.. until adaware releases a fix for what i have :)
the other night my laptop got a spyware infestation and this was the most serious one i had come across..
adaware and spybot couldn't detect anything.. yet i kept getting IE popups.. I booted to safe mode but guess what.. an IE popup while adaware is running (network was not available) in safe mode!
so i back to windows normal mode, pull up sysinternal's processEx to see which process starts the IE process.. and i was surprised to find that the IE popups were from winlogon.exe! later i found out that the sypware had also modified my winsock files..
anyway.. to the tips.. sometimes you have two processes that monitor each other, so when you kill one, the other process respawns the proccess you just killed. unless you are lightining fast with taskmgr... you can kill both at the same with taskkill
if you find a
the "[" "]" don't mean optional parameters.. i couldn't use the less/greater signs
the sypware that i got installed was hosted at rackspace.. so i called up rackspace (@3am CST).. bitched about it and they contacted their spyware client.. you would expect then to stop hosting the spyware.. instead rackspace sent me a link for a utility to download (utility provided by the spyware client).. which removed whatever i had but installed more spyware!!
In the end, i renamed iexplore.exe and put a copy of cmd.exe as iexplore.exe
God is real unless declared as int
Could we please all help our 'friend' in promoting his selling of spyware dll usage?
The domain name is:
LOCALNRD.COM
The address is this:
Thinking Media LP
275 Madison Avenue
New York, NY 10016
Or please give a call to show your support for spyware and your desire to do business with them.
1(866)839-6164
Thanks for helping the cause!!!!
You're right about running multiple software levels in your defence against adware, spyware, malware and viruses.
At the same time, these programs don't always coexist well together. I had to laugh (wince) when my Panda anti-virus program decided that Spybot was a potential threat and quarantined it. (I was using Panda mostly for the firewall, because I don't trust the built in XP firewall capabilities). Sometimes these apps just are unknowing about one another, and seeing something out of place, they want to do something about it. Now, of course, the experienced computer user can make some intelligent decisions. But a newbie or your elderly mother might well be challenged to make such decisions and would likely just run things in automatic quarantine mode.
Now, I can still use Spybot, I'm just not sure all of its parts behave as they once did. It still seems to do the job, I just don't know if it is doing as good of job as before.
-- Mal: "Well they tell you: never hit a man with a closed fist. But it is, on occasion, hilarious."
'Sophos' has some good blog postings over at ITToolbox on the emerging market of "Digital Snake Oil" in the antivirus/antispyware product sector...
h ives/001997.asp
h ives/002284.asp
http://blogs.ittoolbox.com/eai/implementation/arc
http://blogs.ittoolbox.com/eai/implementation/arc
The1Genius - Littera Scripta Manet
Not always - I had the real pleasure of cleaning my inlaws computer a monthy ago. They have a 16 yr old in the house + broadband and un-updated windows box - The machine was pretty much dead - I had to pull the ethernet connection to even get it running. I had a copy of ad-aware with me - first pass netted 642 critical items. Cleaned those - was able to get online - then updated ad-aware defs and cleaned another 152 critical items (in addition they had their browser cache set at 40 gigs and it was about half-full).
" Securely Protect Yourself Against Cyber Trespass (SPY ACT) (H.R. 2929): ... Among other things, it also outlaws taking over a PC for the purpose of sending unsolicited information to others (setting up a zombie PC); changing a browser's home page or otherwise loading pages other than those the user intended to request;"
Seems to me that would outlaw pop-up advertisements completely. There is no way this is going to become law.
Insert Generic Sig Here: