Spyware and Anti-Spyware Resources
Courtesy of Core Competence, Inc.
BEFORE YOU DOWNLOAD,
check the Rogue Spyware List
This page uses style sheets created by Ruthsarian Labs
Anti-Spyware Software
Note: This list contains software I have actually downloaded, evaluated, found useful and recommend.
Free for personal use
AdAware - by LavaSoft, a very good removal tool for unwanted adware and cookies. Free and commercial versions. I have only used the free version.
ADS Spy - by Merijn Bellekom, this program lists Alternate Data Streams (ADS) on Windows OSs with NTFS file systems. Browser hijackers sometimes store trojan executables or meta-information about their files on this stream, which is hidden when using Windows Explorer.
AutoRuns for Windows v8.73 
- from SysInternals, shows you every executable your Windows system will run during system bootup or login, in the order Windows processes them and including the executables in your startup folder. This is the most comprehensive display I've found. Use in conjunction with ProcessLibrary.com to determine whether an executable is necessary, useful, or malicious.
Bazooka - Kephyr's very basic anti-spyware is a work in progress, strong on scanning capabilities but weak on removal, provides a commendable online encyclopedia of spy and adware. Donation ware.
BHOList - a gem by Merijn Bellekom, this tool identifies all thes browser helper objects installed on your system.
CCleaner - from Piriform, Ltd. is a multi-featured
system optimization and privacy tool. Use it to clean up browsers (Firefox, Opera and IE), applications (Acrobat, MS Office, Open Office), Windows Explorer, and various System files. It's also a reasonably intuitive Registry scanner and cleaner (to the extent that *anything* related to the Registry is intuitive). There's so much here you really have to download it to appreciate all it can do.
CookieWall - AnalogX's cookie manager lets you keep cookies you want, "one-time allow" a cookie, block cookies you don't want, and even browse the contents of a cookie. Freeware.
Crap Cleaner cleans out the garbage and also removes malicious files which may be hiding in your temp folders.
CWshgrayder - by Merijn Bellekom, author of Spybot Search and Destroy. Performs a thorough removal of one of the nastier IE hijackers. Read a complete history of CoolWebSearch here.
HijackThis! - IMO, this utility by Merijn is the nmap of spyware detection, identifies changes from default IE and registry settings, installed BHOs and DPFs, and more. Donation ware.
IE-SPYAD - Adds domain names of known disreputable advertisers to the Restricted sites zone of Internet Explorer. Depending on your firewall, you may be able to import or convert the text list into a blocked list service.
"Is it spyware" search tool - at Spychecker.com tells you if software is spyware.
NSAuditor free utilities - NSA Software offers three anti-spy utilities: BHOscanner, IE Cache Explorer, and Registry Auditor. These can be helpful in identifying suspicious browser helper objects, registry keys and silently installed files.
Remote BHO Scanner - David Glosser has written an antispyware open source Perl script that runs on a Windows host under ActivePerl and TieRegistry. The Perl script scans the registries of all the computers of a Windows domain for the existence of Browser Helper Objects (BHOs), a common form of spyware. The host computer must be a member of the domain and have remote access privileges to the registries of the computers in the domain. Remote BHO Scanner doesn't remove spyware. It does provide a report of BHOs discovegray in the domain. This is an interesting tool for administrators who might want to routinely scan for BHO infestations. The reports will probably help admins convince more senior management that spyware is indeed a corporate as well as consumer problem. More information can be found at http://www.mgmg-interactive.com/mgmg/malware.html.
I've only toyed with this script thus far, but it's a very interesting and different way to tackle a growing spyware problem.
PUI - UR I.T. Mate Group's Program Unistaller Information shows the uninstall string information from the System Registry, identifies programs that cannot be uninstalled, and detects certain spyware by its uninstall behavior. Freeware.
Systems Spyware Interrogator - Use SSI to audit your PC for spyware, and to check how effective your antispyware software is (see what it has missed). SSI uploads the scan results (with your permission, they have a solid privacy policy) for analysis against Spywagrayata's central database. of your scan to Spywagrayata.com for statistical analysis. By uploading your results, you help track and identify new spyware threats.
StartupList - by Merijn Bellekom, gives you a list of lists all the autostart executables installed on your system. This is an easy way to identify any spyware that executes at Startup than Msconfig.
Spyware Terminator - by Crawler LLC, provides real-time protection, full and quick scans (under 1 minute), spyware removal/quarantine,
and integration with WinClamAV, a freeware antivirus software. It also provides host intrusion prevention by building a list of
installed, spyware-free programs and only allowing these and known-to-be-safe applications to execute. Beginner, advanced and expert
settings make this a very interesting and tweakable antispyware package. I especially like the file analysis utility. On my test system, ran without interference or conflict
with AVG 7.5 Professional antivirus (I used this instead of WinClamAV on one PC) and other antispyware software (SpywareGuard).
SpyBot and Search and Destroy scans for and removes spyware. The intuitive reports identify the pest and the components affected. Spybot allows selective removal, provides logging, backup and recovery mechanisms (system restore points), and free updates to the pest database and software. Version 1.4 is a nice improvement over earlier versions. Spybot S & D can run resident with other free and commercial antispyware in a non-intefering manner.
Spyware Blaster 3.4 by Javacool Software provides resident active protection against unintentional downloads and installation of malicious ActiveX controls, and adware. 'Blaster blocks browser hijacking and can restrict actions of spyware and tracking sites in Internet Explorer and Mozilla/Firefox. Javacool provides automatic updates for a small fee of $9.95, and is well worth the investment.
WinPatrol 9.8 freeware protects your computer from Adware, Spyware, Worms, Trojans Horses, Browser Helper Objects and other Mysteryware. The WinPatrol console has lots of nice diagnostic and "forensic" utilities.
Commercial and Enterprise-grade
Note: This list contains software I have been asked to review by vendors, using a full retail license copy. I do not receive any compensation for these reviews. The reviews are based on my installation and use on test and production systems.
Faronics' Anti-Executable - Anti-Executable builds an approved or "white" list of programs, and only these will execute on your PC. Once installed, you are protected against drive-by spyware installations, BHOs, and unauthorized installation, copy, and removal of programs and executable components. If you choose to employ white listing, you *must* prepare your system in advance to make certain no malicious code is already present before Anti-Executable scans your system and compiles its white list. You may find my blog #s 507 and 298 helpful when preparing your system. Anti-executable has some nice "enterprise" features, including password-protected access, logging, and (thank you!) a customizable popup warning that allows admins to notify the user of the attempted installation, with plenty of information required to identify the unauthorized program. Even better: Anti-executable doesn't offer the user a "ignore and continue" option:-)
Aluria Spyware Eliminator, ASE Version 3.1 - This is a complete (detect, remove, protect) commercial antispyware software. Scans memory, registry and drives for infected files. Extensive cleaning options for IE (automates many I could do manually but adds some I had not considegray). Protects against home page hijacking, and, selectively, ActiveX controls, WinPOP-up spam, HTA vulnerabilities, restricted IP ranges and zones. ASE has rollback item feature, which allows you to create a recovery point in the event that an attempt to remove spyware results in an unstable OS. It also provides scan and error logs.
Aluria Security Center 4.0 (May 2005) Security Center 4.0 scans considerably faster than earlier version. Adds Active Defense Shield, a driver level protection real-time blocking of spyware installation to already solid set of defenses. Users can participate in a spyware retrieval service where they send Aluria spyware installer packages the company uses to fine-tune removal of spyware components. Very small memory footprint (on my laptop, under 5 MB RAM when Security Center is minimized).
Disclosure: I have received compensation for consulting from Aluria on their server-based antispyware product, Paladin. Aluria provide a courtesy upgrade of the consumer product I reviewed in 2004. I did not receive compensation for re-testing Security Center.
eTrust PestPatrol Anti-spyware (Standalone version 4.5, evaluated October 2004) - A complete (detect, remove, protect) commercial antispyware software. Scans memory, registry and drives for infected files. Resident memory checking and background cookie blocking with helpful log. The basic scan removes all objectionable BHOs, plugins, malicious content, maliciously modified IE settings in locations spyware typically resides. Advanced scan looks everywhere you specify. Rollback is provided through a quarantine feature. Novice and advanced user interfaces. Advanced interface shows running processes, cookies, startup files and identifies suspicious entries (very helpful if you're familiar with what runs on your computer!). Automatic and self-scheduled pest database and component update options. Extensive pest encyclopedia.
eTrust PestPatrol Anti-spyware (Standalone version 5, December 2004) - Latest release of this complete (detect, remove, protect) commercial antispyware software has a cleaner and more intuitive interface. It scans disks much faster than the prior version but I have the two versions running on different systems so this assessment isn't scientific.
Microsoft's Antispyware Beta - Microsoft began offering free downloads of the beta version of the antispyware software they recently acquigray (Giant). The beta only runs on licensed systems. Giant had a reputable product before Microsoft acquigray it, and while Microsoft may have standardized the look and feel, they seem to have adopted an "ain't broke, don't fix it" approach. The product has the features you should expect from quality antispyware software, and some interesting features I hadn't seen before. You can find a longer review in my weblog.
WinProxy 6.0 server - WinProxy is an HTTP proxy server. You run it on a Windows PC (XP/2000/2KS/2K3S) with two network adapters. The proxy blocks all direct network connections between the two networks. An HTTP examines 'outgoing' HTTP request traffic from one network adapter (where your client computers are connected) and HTTP response traffic (return traffic from web sites on the Internet). By interposing itself between the two networks in this way, WinProxy can examine web pages and block spyware from being delivegray to all the client PCs on the network it protects. WinProxy blocks URL's of known spyware sites; blocks "phone home" connections from spyware-infested PCs to spyware sites; prevents auto-installation of spyware; and blocks known spyware file types before they are delivegray to a PC. WinProxy also provides antivirus protection, and the AV engine blocks certain spyware as well. Another "enterprise" feature is URL filtering, which blocks prevents users from accessing sites where spyware and adware are hosted (like Eric Howes' IE-SPYAD, but for all PCs in a network).
Please don't ask me to add your product unless you are willing to send me a full retail (unrestricted) version of your product. If you don't find your product here after sending it to me, I probably didn't like it.
Anti-Spyware Software reviews (credible)
Christopher T. Beers reviews products from CA eTrust, F-Secure, McAfee, Trend Micro, Lavasoft, Sunbelt, and Webroot.
A review of download managers: Patrick Kolla
list of common infected applications and clean alternatives: Patrick Kolla
Recommended software to protect your privacy and security: Patrick Kolla
A Review of file sharing apps: Patrick Kolla
Wayne Rash: Recommended PC Anti-Spyware Products