Letter #3: The problem with most antispyware tools
Reader: Bruce Hevner
Environment: We have four small business server networks and two peer-to-peer networks including about 50 machines. The SBS networks all use Windows 2000 or XP. The P2P networks still use a few Windows 98 machines.
Spyware dilemma: Some Windows machines are so riddled with spyware junk that it's easier to just wipe them clean and start over. They need protection from the beginning -- not after the fact.
Antispyware solution: Webroot's Spy Sweeper, Spybot-Search & Destroy, Microsoft AntiSpyware, Javacool Software's SpywareBlaster, Sunbelt Software's CounterSpy
After trying most antispyware programs I've found Spy Sweeper to be the best. I also use Spybot (mostly because it's free), but I really don't think it's all that great. I have seen quite a few spys go right by it, which prompted my search for another program.
I tested the new CounterSpy, but had too many problems with it. It kept telling me programs were there that it had removed. It also didn't play well with several machines, slowing them to a crawl. I think Sunbelt needs some more development time with that one.
I also downloaded the Microsoft AntiSpyware beta and installed it on about six machines. I'll let it run for a month or so before installing it on any more machines. So far I think it's doing a good job -- at least as well as SpySweeper if not better. But it remains to be seen if they will charge for an enterprise version and how much.
Overall, the problem with Spybot (and many other antispyware applications) is user input. These programs require the user to manually do the updates. Most users won't do it. No matter how easy it is and how many times you show them, it just doesn't get done.
Read about a spyware infection that required Bruce to use six antispyware tools to clean. Click for details.
For more letters to the editor, click for the complete series.