Spy Fighters: Poor man's antispyware solution

This SearchWindowsSecurity.com reader users free antispyware tools to catch spyware in the Windows registry. Find out what he thinks are the pros and cons to this technique.

When asked which antispyware solutions work best and when to use them, SearchWindowsSecurity.com readers had a lot to say. The following commentary is one of 10 letters to the editor describing readers' preferred antispyware solutions, their biggest spyware concerns and, in some cases, their own tips for preventing spyware infections. Click for the complete series.

Letter #4: Poor man's antispyware solution

Reader: Carlos Zottmann
Head of Network Security
Superior Tribunal de Justiça

Environment: We have 2,500 workstations running Windows 2000 and Windows 98, which are being upgraded to Windows 2000.

Spyware dilemma: We have about 3,000 users and educating them on antispyware practices is difficult. We run our antispyware tools centrally through set up and run via logon scripts. That way we can gain some level of protection on all of our workstations regardless of the user's knowledge.

Antispyware solution: Spybot-S&D, Javacool Software's SpywareBlaster, Spyad, Symantec's AntiVirus

We have a poor man's spyware solution. We chose these three antispyware tools because they are free (to avoid licensing problems) and they complement each other. We don't use them in any particular order. We catch the modifications that these products make in the Windows registry, and replicate them to all of our corporate desktops through logon script.

We also use Symantec's AntiVirus solution, which has the ability to scan the desktops for spyware, adware, dialers, etc. We encourage our users to run this software if they want to scan their computers.

These tools don't eliminate our spyware problems (no solution does), but it helps to deal with it. Every workstation in our network now has some basic features offered by the three tools, including the ability to:

  • Block the CLSIDs associated with a lot of spyware, preventing them from running.
  • Block the setting of cookies by a number of sites known (by these tools) to install spyware.
  • Block any download from a number of sites known (by these tools) to install spyware.

Carlos' reasoning for catching antispyware definitions in the registry:


  • It minimizes the lack of a central management console for antispyware products when deployed over a corporate network.
  • It ensures that every desktop has some level of protection against spyware, regardless of any user action.


  • It doesn't offer a way to automatically discover the new spyware detected by each product, so we must catch the registry modifications every week (or during each specified period).
  • We miss the online defenses that each one of these tools offers.

For more letters to the editor, click for the complete series.

Dig Deeper on Network intrusion detection and prevention and malware removal

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.