Anti-Spyware Products Don't Live Up to Promises

John Wells writes "In the December, 2004 issue of PC World, the author of an article titled Poor Defenders concludes that most commercial anti-spyware software is ineffective. In tests using a fresh install of XP and 6 typical spyware infections the commercial software failed to stack up against freeware competitor Spybot Search and Destroy. Four out of seven commercial products failed to remove any of the infections. One product even installed 57 spyware files itself! Conclusion: Use freeware products like Spybot and Lavasoft's Ad-Aware SE Personal."

not too comprehensive

[ack154]

So where does this guy get his "paid" spyware removal applications? Clicking on popups? Oh... wait...

many of these utilities use aggressive marketing tactics in pop-up ads, spam, and keyword ads appearing alongside Google search results

Though I suppose this is how they sucker a lot of people and some people expect results if they pay for a utility, I would probably do at least a LITTLE research before paying for any app like that. The thing is, I would hardly consider this "most commercial anti-spyware software." So as far as this "test," he might as well do an article about Virtual Bouncer and how it removed his parasites for him.

Why didn't he test something like Spy Sweeper or Giant AntiSpyware? Those are paid ones that I would probably recommend if someone did want to pay for a program. At least that way, people would see that not ALL commerical products are crap - it does almost sound like that.

But really, Spybot isn't even cutting it anymore, IMO. AdAware is still doing well, but I've actually been more impressed with the other two I mentioned above - worth a look if you haven't checked them out - both have free trials that you would have no problems doing a removal with.

Re:not too comprehensive

[Cat_Byte]

But really, Spybot isn't even cutting it anymore, IMO. AdAware is still doing well

I find running both of these and using the yahoo spyware blocker is pretty effective. The yahoo thing doesn't catch all of them but I notice the # found by spybot and ad-aware went down quite a bit after installing it. FYI, if anyone hasn't upgraded to 1.05 of ad-aware I recommend doing so. I found about 30 more spyware programs on my Mom's computer after the upgrade after scanning with the most up to date definitions on 1.03.

It's up to the users to do the research.

[garcia]

Nathan Shafer, answering our e-mail message to Spyware Stormer, challenged our test methodology. Shafer wrote that Spyware Stormer detects "over 20,000 variants of spyware and adware," and that its performance with the six applications we chose was therefore "hardly representative in any way."

They are absolutely correct here although there are only four programs you should ever install for combating spyware: Adaware, SpyBot S&D, SpywareBlaster, and a good software firewall package (preferably one that tells you when something is trying to connect out to the Internet like ZoneAlarm). You need to keep these programs updated on a regular basis and you need to make sure that they run regularly. Unfortunately only SpyBot S&D runs w/o user intervention if you set it up to do so.

SpyBot, while being a great program, isn't updated nearly as often as AdAware and doesn't find all those pesky cookies that AdAware does. SpywareBlaster is good for keeping those pesky cookies from getting onto your machine in the first place.

We were unable to reach NoAdware, but the Better Business Bureau of Upstate New York reported that it had received 22 complaints about the company, which is not a member of the BBB, by early October. Network Dynamics has a clean record as a member of Southern California's BBB. The BBB's complaint database contained no record of complaints for the remainder of the companies whose products we tested.

The BBB has fallen into worthlessness in recent years (I don't know about years passed). They have little to no pull and sometimes they even go so far as to ignore complaints against their companies. I would ignore any comments in regards to BBB related businesses.

Basically you need to research what you are installing on your machine. That means using google, word of mouth, and your own deep digging before you put any "cleaning" program on your machine. You also need to do some research into making sure that you are using what you can to combat Spyware.

Sadly, most people out there don't know, care, or care to know. That's why they end up w/it in the first place. If people DID care about what they were installing on their computer AND took the time to do a quick google search they would find out exactly what they need to know.

It has gotten to the point where I seriously believe that MSFT is doing this on purpose in order to show the public why they NEED to use "protected computing".

Re:It's up to the users to do the research.

[which+way+is+up]

This is a dangerous trend. Given the majority of these ad/spyware companies don't care what their products do to the "users" computer, they can leave security holes unnoticed and allow exploits without the user even knowing there is a flaw in their computer. Windows updates can only do so much, and with companies releasing software that intends to help the user, but instead can hurt them. All the while the user is unaware. This makes me sick. Let's support the companies that work off of donations and have open source programs. This is the only way to prevent this from spreading to all of the favorite anit-ad/spyware programs.

Re:It's up to the users to do the research.

[Lumpy]

you really need to go further.

looking for free AV or firewall software I encounterd that MOST has spyware bundled with it. the ONLY apps I feel safe installing are Open Source where I can look to see if there is spyware included.

Freeware software has become the biggest carrier of spyware. many "media players" and other apps have a crapload of spyware in them and I am running into people with claria installed that dont even use the internet but recieved a nice CD with a copy of PC magazine that had some nice free apps on it.

personally, I am making a killing at $50.00 a pop to relatives and friends. i tell them to let others know that I'll do the same to their computer for $100.00 and I'll give them $20.00 for each person they send me.

I now clean about 20 computers a week, all set up in a row in the basement with a 2 day turnaround for them and they have to sign a waiver/disclaimer and pay in cash.

christmas is going to be a great one this year.

so in a way, I really have the spyware makers and microsoft's IE team to thank for the plentiful bounty I have this year.

I Prefer hijackThis

[Bimo_Dude]

hijackThis seems to find all the stuff that others leave behind, and it's free (as in beer). Almost everybody I know uses it too.

Re:I Prefer hijackThis

[Davak]

Please don't recommend this so broadly. Experts should use hijack this to fix systems that can't be fixed any other way. Hijack This alone will miss files that are currently not being executed. Using Hijack This alone without other antispyware software is silly.

Just because it's not running, I am sure you don't want some coolwebsearch files just sitting silently on your system.

Here's my recent techrx post regarding this same subject: http://www.tech-recipes.com/windows_spyware_tips75 8.html

or the easiest solution

[hsmith]

install firefox
???
profit

really if you are still using IE you are bringing it on yourself, i loved IE, but it has become garbage

Where's the program

[four2five]

That convinces your little sister she doesn't need a barbie IE brower theme or a cursor that looks like a puppy dog. Hold that, I want a program that turns the cursor into a weapon of some fashion that I may use to smite that damend purple monkey on my computer. That's worth my website traffic being shipped of to who knows where in itself.

Free anti-virus alternatives?

[mabu]

I'm curious if there are comparable-quality Freeware/Shareware anti-virus products available? I don't mind paying for a product, but don't like having the product cease to function unless more money is extorted out of me in perpetuity. I'm sick and tired of Symantec shaking me down for subscription updates, and subsequent versions of their products becoming more bloated and inefficient.

Re:Free anti-virus alternatives?

[AndroidCat]

Grisoft's AVG Anti-Virus. Make sure you get AVG 7.0 because support for 6 will end with 2004. No complaints, but I only run it now-and-then because the idea is to stop them before they get installed.

Re:Free anti-virus alternatives?

[Wordsmith]

try clam a/v, or if you're on windows, clamwin a/v. the interface isn't great, but it does the job.

Fundamental Difference

[ObsessiveMathsFreak]

The fundamental difference between freeware and proprietry anti-malware software is that the freeware are doing it for the love of the game, or in this case their hatred for spyware in all its daemonic forms.

Commerical anti-spyware vendors on the other hand are in in for the $$$ and that means they are susseptable to temptation, i.e allow malwarez who give them money to get through, use malwarez tactics to get money and do things other than what it says on the tin while users aren't looking.(read, kazaa)

I suppose commerical vendors are just more idealogically close to the spammers, who are also in it for the money.
In any case, if you need an 'infrastructural' type software program, your nearly always better off going FOSS anyway. That's my 2c.

Open Source Solution Needed

[DigitalRaptor]

The open source community really needs to rally behind this, I think.

I'd love to see a project that uses community involvment to flag projects and websites as "phishing" or "spyware" related.

It could be integrated into open source projects such as Firefox and Thunderbird so you could be assured that after a few people in the community confirmed that a particular URL or even IP was "phishing" or "spyware" related, it would be disabled in the browser or email client without a blood sample and double confirmation.

I, for one, am sick of helping other people clean their computers of spyware. Many of them become so bogged down they are unusable.

Don't blast MS for Mom's self-inflicted wounds.

[McNally]

I still can't fathom WHY Microsoft doesn't have something like this builtin to XP. My mom bought a Dell and a neighbor has had to clean the thing 3 times in the past 6 months! I'm embarassed now that I didn't push her towards a Apple now, but I only run Mac and Linux at home, and had no idea how bad the spyware issue is for Windows.

Really, this is an OS problem, and MS should provide a solution, you shouldn't have to rely on 3rd party providers to fix a shortcoming of the OS!

No disrespect intended towards your mother, but it's at least as much a user education issue as it is an operating system issue (and actually I feel I'm understating the user responsibility considerably with that statement.)

There are some systemic problems with Windows, particularly the Windows/IE combination, that allow spyware to flourish -- the lack of a way for a common user to get a good idea what's running on their system besides MS-installed OS files, for example, or the multitude of places that auto-starting spyware can hide its startup away from the user's notice. But in the end the people who have spyware problems are almost universally the people who clicked on a link from an unknown source that promised them something cool (or more often than not, something astonishingly lame by more educated users' standards..) If your momand other users like her could be trained not to click on "Click here to install our FREE animated weather-forecasting dancing baby!" when she doesn't know anything about the source of the offer, 90% of the problem would go away overnight.

Contact info for spyware author...

[teknickle]

Could we please all help our 'friend' in promoting his selling of spyware dll usage?

The domain name is:
LOCALNRD.COM

The address is this:
Thinking Media LP
275 Madison Avenue
New York, NY 10016

Or please give a call to show your support for spyware and your desire to do business with them.
1(866)839-6164

Thanks for helping the cause!!!!