4 of a series of Articles titled "How
Safe is Your Success?"
By Bill Hely
Adware and Spyware
In Part 3 of this series I stressed the importance of having
an anti-virus package installed on your PC, and the extreme
importance of keeping it current with updates from the
publisher of the package. Unfortunately, many people who do
appreciate the need for such precautions fail to make an
important distinction - one which leaves them exposed to
threats they mistakenly believe they are protected against.
You see, while a good anti-virus program can detect and deal
with many variations on the virus/trojan/worm theme, it can't
handle all variations. An anti-virus program is a good start,
but you can't stop there. Into your defensive line-up you must
add a few more specialized scanner-type programs to catch some
of the threats the anti-virus program can't handle.
It is beyond the scope of this short article to delve into the
differences between virus, trojan, worm, adware and spyware -
nor is an understanding of the characteristics of each
necessary in order to effectively combat them. For the more
curious reader, my book "The Hacker's Nightmare" deals with
all threat types in some detail. It is however important to
(a) All variations are extremely prevalent;
(b) There are differences between each type of threat;
(c) There can be further (sometimes significant) variations within
(d) There is no single antidote that will protect you against all
You may recall from Part 3 of this series that, for the
average home and small business computer, I generally
recommend against the all-in-one security suites that purport
to protect you from a multiplicity of threats, so in that
context point (d) above is a valid observation. My reasons for
that recommendation were presented in the previous part in
Don't worry! The fact that we need several somewhat similar
programs in our arsenal isn't going to impact the bank balance
to any significant degree. As I pointed out in the previous
article, many of the very best solutions in this threat
category are quite free, and even those that aren't are
usually very inexpensive. That's even more fortunate than it
at first seems. While the programs I use and recommend are
extremely effective, they aren't perfect. Sometimes you need
to install two competing programs of the same type, because
often one will catch intrusions that the other won't, and vice
versa. These programs are invariably quite small and don't
place any significant load on the computer, so the extra
protection is very worthwhile. A good example of this
multi-application recommendation is adware/spyware detection.
Until very recently the usual recommendation from "those in
the know", myself included, was to install two anti-adware
LavaSoft AdAware. Why two? Well, it
has been observed over time that no single anti-adware
application would ever detect all the infestations of this
class that could be lurking on a PC. Those two programs were
widely considered to be the best of their type, and together
would detect the vast majority of adware problems.
I have no doubt that those were once well founded assumptions
--- but things have changed. Adware has become more
sophisticated, new detection software has appeared, and
some of the "old faithful" developers have failed to keep
It wasn't until quite recently that a qualified independent
undertook to conduct thorough head-to-head testing of all the
major anti-adware scanners. Eric Howes of the University of
Illinois compared and tested more than 20 of the most popular
and best respected anti-adware applications, against hundreds
of adware threats, and the results took a lot of us by
AdAware SE came in 3rd and
Spybot-S&D was equal 7th. Not too
bad, you might think, for a couple of free programs, but the
disturbing thing was the actual detection figures.
detected a mere 33% of the hundreds of adware components
tested for, and
AdAware didn't fare much better at 47%. Those
two combined, a combination that is usually recommended, could
only come up with 54% of the total infections.
This is not the place to discuss the findings in depth, but
I do need to give you new recommendations based on Howes'
had a detection score of
Webroot Spy Sweeper
was next best with 48%.
Combined they had a rate of 70%, by far the best of any
possible combination of two packages.
was acquired by Microsoft in December 2004 and their version
of the software that was tested by Howes is now called
At this time it is a free download.
is a commercial product,
but very inexpensive.
Webroot Spy Sweeper
[ Some of the detection percentages quoted above were compiled
from Eric Howes' raw data by Brian Livingston, Editor of "Windows
Secrets" newsletter, one
of the subscriptions I have long recommended in "The Hacker's
Nightmare". You can subscribe at: http://www.WindowsSecrets.com
All such software provides a number of configuration options
and, as you may remember from the anti-virus article, if
configuration options are offered you should take that as a
strong indication that you won't get the most out of the
application until you set those options.
Like your anti-virus program, it is extremely important that
Webroot Spy Sweeper
are updated regularly
with new database information from their respective websites.
The strength of applications like those just discussed is that
they are very good at finding, identifying and eliminating
certain types of nasties that have found their way into your
computer - threats that your anti-virus program is probably
not designed to detect.
There is another very important tool in this category that I
always have installed on my PC's. Called
from Javacool Software, this utility does not scan for and
clean out spyware - rather, it's job is to prevent such
threats from ever getting installed in the first place.
is available in a free version for non-commercial use, but I
do not recommend the free edition even if you do qualify. Like
the other applications we have discussed,
must be regularly updated. While the free version can be
*manually* updated at any time, it has no provision for
auto-updating. For a paltry US$9.95 per annum license fee, you
can have the very significant advantage of scheduled
auto-updating. Remember, such applications are only as good as
their last update, and you certainly don't want to be relying
on old data for your protection.
By the way, do you have a friend or three who would benefit
from this series? Why not eMail them right now and recommend
they go straight to http://HackersNightmare.com and subscribe
to the series themselves.
In the next part we'll look at a threat that is becoming very
commonplace and which can cost you dearly - the so-called
If this newsletter has been passed on to you by a friend,
please subscribe to it yourself so you can be sure of
receiving the next part in this series, when I'll show you how
to keep your sensitive electronic correspondence completely
confidential, even if someone does manage to intercept your
.... Bill Hely
Bill Hely is a technologist,
consultant and author living in Brisbane, Australia. For most
of the last two decades his professional focus has been on
advising and supporting small business operators in
Information Technology and Office Productivity issues and
rescuing them when they didn't heed his advice the first time
around. He is the author of several books on technology for
the business operator, including the Bible of Internet and
computer security "The Hacker's Nightmare". For more
information on this must-read tutorial and reference visit:
Subscribers to our
Alerts News Reporter
will be alerted when other parts
of Bill Hely's series of articles are posted to the Articles
and Reports section of the Firewalls-and-Virus-Protection