In Terms General, How would be the Top 3 spyware applications ? Or the best options ?

Thank you,

You might want to ask about a particular one . The question you pose will confuse you as too many in here will only tell you what they like as opposed to what actually works best .
Good luck

Sorry, I like to know How would be the Top Three softawre to prevent or remove Spyware, I am talking at programs like:

Spy Doctor
Counter Spy
Adware
Pest Patrol,
etc, etc,

Sorry

The top 2 'should' be

SpywareSweeper and Counterspy.

MSAS won't be too far behind Counterspy (basically the same engine, less signatures).

Not sure where Ewido stands, but it does have a good detection rate, and from everything I hear it has a very good removal engine.

The problem is there hasn't been any thorough test since 2004 (that I know of), and a number of things have changed since then.

If you are interested in the relative merits of anti-spyware, have a look at these results:-

http://spywarewarrior.com/viewtopic.php?t=19755&postdays=0&postorder=asc&start=0&sid=6ccd8bee78d3977d590a9f10c788ef39

You can't read too much into the tests 'cos they were only looking for uninstalled files in a special folder; but it does give some indication.

Of the ASs CounterSpy does best, SpyBot hardly finds anything, but ewido and KAV are the best of those progs tested.

Of the ones mentioned , Spyware Doctor is very good at both . Some claim it registers too many false positives . I have used it for over a year and it found 1 . I like it and I know it is good at what it does . I do not understand why many have claimed they have gotten false positives . On my machine and in my tests , not a problem . Go figure .
I would recommend Spy Sweeper and ZeroSpyware as well . ZeroSpyware is a nice application and very nice to look at . It has done very well for me thus far . I believe that those 3 offer the best in overall detection AND removal . Ewido is nice as a backup .

-{ Quote: "I would recommend Spy Sweeper and ZeroSpyware as well . ZeroSpyware is a nice application and very nice to look at . It has done very well for me thus far . I believe that those 3 offer the best in overall detection AND removal . Ewido is nice as a backup ." }-And what exactly are you're personal tests you base this on. I find it strange that you discovered this AS app (http://www.wilderssecurity.com/showthread.php?t=122993) all of a sudden and then within hours you claim the author trustworthy .... Would please care to elaborate and substantiate any of your claims?

I gave a recommendation . That is all . As per your question , Nope . No need . You need justification , go find it elsewhere . I do not need to answer to questions like that . Remember ? I am no expert

-{ Quote: "I gave a recommendation . That is all . As per your question , Nope . No need . You need justification , go find it elsewhere . I do not need to answer to questions like that . Remember ? I am no expert" }-No need to be an expert, but one would expect you to substantiate your claims and recommendations.

I find it more than odd that you "discovered" Zerospyware on/at March 6th, 2006, 08:08 PM and 8 minutes later you proclaim the author trustworthy (http://www.wilderssecurity.com/showpost.php?p=699191&postcount=3) ... and now it's become one of you're recommendations. Are you saying we should plainly discount any claim you make?

Anyone would think it is against the law to try an application and instantly like it. I never realised that you need to use an app for a period of say 12 months before you can share your positive thoughts about it. I really wish people would share these unknown and uncommon secret laws that us 'newbies' have to abide by. We also seem to have to substantiate our comments. Whatever happened to 'Freedom of speech'. Oh well, suppose some people have to increase their post count...

muf

Spysweeper
Spyware Doctor
Pestpatrol

Hi Muf .
Never feel you need to explain anything . If you are NOT considered an expert , you may say what you think with OR without explanation . There are people here that trust my judgement and I rest on that . For those that question , just let it go . There are people that will ask because they really care and those that ask because they do not believe you to start with . Oh well . ZS has been around awhile . I have known that . I just never tested it but , always meant to ( for the last year anyway ) . Now that I have , I , like you , enjoy it and like it . As for a trust issue , that is idiotic . They have done nothing wrong . The rogue listing was for FP but , that has certainly changed . No spam , no spyware , no threats , no death to America chants so , they are cool with me . As I stated many times , too many here are paranoid . I need not explain it to you though as you already know . Feel free to write me and let me know what your reactions are to this program as time goes by . I would be interested in comparing notes .;) 8)

I'm also curious about why anyone would question HollywoodPC's opinion on this topic. People in these forums often give unsubstantiated endorsments to anti-spyware products that consistently score badly in lab test and reviews. I agree that both Spysweeper and Spyware doctor should be considered top 3. But I think that there is substantial backing that Zerospyware should also be in the top 3 category. Note the following reviews. PC Magazine and PC World are the 2 top US publications in terms of PC utility coverage. In recent reviews in both magazines Zerospyware was top 3. In PC Magazine in France, it was #1 outperforming both Spysweeper and Spyware Doctor.

The tests performed by PC Magazine US and france in particular were exhaustive and based on sound testing methodology. (note that I point this out even though Zerospyware ranked 3'rd in the US lab test). Based on this I would say that HollyWoodPC's opinion is completely in line with several experts on this topic.


-{ Quote: "Spy Sweeper's local information, such as it is, appears in a too-small window at the bottom of the screen, although more information is available online at least. In this area, both are shamed by Microsoft AntiSpyware and by ZeroSpyware, the latter of which also offers live chat. Still, actually removing and blocking spyware have to count for more than educating users about what was removed." }-
http://www.pcmag.com/article2/0,1895,1829280,00.asp

http://www.pcmag.com/article2/0,1759,1829256,00.asp
http://www.pcworld.com/reviews/article/0,aid,121411,pg,1,00.asp
http://www.neatnettricks.com/SoftwareReviews/review_ZeroSpyware.htm

-{ Quote: "ZeroSpyware vient notamment d'obtenir le label "Choix du Labo" de PC Magazine France, dans son numéro de Février 2006" }-
http://www.nordtech.fr/antivirus-antispyware.htm


-D

I have yet to see a noticable difference between SS and ZS on detection AND removal . Zero . Sad thing is that , as someone stated , once a thief always a thief . Not only is that sad but , ZS was not on the rogue list because of of thievery . Anyone that considers me not so knowledgable can just ignore my posts . The people that give me the credit are the ones that benefit . I like ZS based on what I have seen it do . Period !! And , the support is outstanding . And support is a big part of the equation ! Mags often give biased reviews . However , most of these mags you mention do not say something is good when it is pathetic as a rule . I disagree with many of their reviews but , they give a good measure of what is worth looking at . Especially when more than one of the big mags mention the same products . After a couple of days of working with spyware , and comparing , HEAD TO HEAD , SS and ZS , I can indeed recommend ZS . For the paranoid that need to ask why trust them , use something else and be happy . I too , do question software makers . But , the folks behind ZS are good people . They have a very nice product I use too . Zero Net History . But , that is off topic . Sorry . When I find something worth reporting , I will post it . Take it for what you think it is worth . I am only trying to help . Period !
And , for the record , I have no ties with fbmsoftware . NONE . Even if I did , I judge soley on how good an application does it's job ( s ) . I wish ZS good luck . Nice app that I really do like

I would say in brief

Ewido

Ad-Aware SE

SpySweeper

Hello EASTER 2010 .
Do you really find Ad Aware that good ? I have found it to be a bit lacking myself . Nice as a freebie but , not in the same league with Ewido or SS . Not disagreeing with you at all . I think you are probably the first to put that in the top 3 of anything .
Just an interesting take is all . 8)

-{ Quote: "You might want to ask about a particular one . The question you pose will confuse you as too many in here will only tell you what they like as opposed to what actually works best .
Good luck" }-

Hello,
Is there a difference?
What's an app with 100% detection worth if it runs on 75% cpu and gives you a bsod every 7 hours? Best is = most compatible, best suited to the user / user's needs.
Mrk

@ muf, zerospyware and hollywood.

No there's no problem with voicing your opinion, but one would expect that when someone makes technical claims .... such as those mentioned by hollywood ... regarding "detection AND removal' -{ Quote: "I believe that those 3 offer the best in overall detection AND removal ." }-, that they tested these functions and can qualify the statement. It doesn't need to be rocket science and there isn't any need to be an expert - a simple ... I tested "app X' against "malware1", the technical descriptions by company(s) A & B / and maybe C details this malware writes the following files/reg entries etc. I ran "app X" against "malware1" it flagged all the entries detailed in the writeups, and successfully removed them - which I confirmed through a search of my system - as well as including a few screenshots as documentation. And if that isn't done, at least have references to articles by independant sources that have done as much. I'm sorry but in regards to test done by PC magazines, well that just doesn't cut it really ... any test can be scewd, and it's pretty much excepted that articles in these mags are influenced by ad revenue, so they are taken with more than a grain salt.

muf there's no issue with "instantly" liking something ... and you can comment on the GUI, the overall look and feel, resource usage etc ... but when you make claims like the above about a relatively untested app, well you need to include some kind of evidence. For apps that have stood the test of time and are widely accepted are another matter ... there isn't a need to justify comments on apps like Ad-aware, Spybot ... Ewido or a few others - You don't need to look further than the cleaning instructions given to victims by HJT/Spyware experts for evidence.

As for your "freedom of speech" comment muf ... How exactly do you see that? ::) That arises because I challenged hollywoods claims? What justice is served to members/guests if there not? What would be the point of discussing anything ... isn't the objective to find what's good or not, the truth etc. etc. How else do we arrive at this point?

Being new here, I am glad someone is trying to hold posters accountable. I noticed ZEROSPYWARE (six posts) pops into the thread. Interesting, that's all.
GP

Hello,
To answer the original question:
I would recommend Ewido, Spybot and Spy Sweeper.
Mrk

-{ Quote: "I have yet to see a noticable difference between SS and ZS on detection AND removal . Zero . " }-

Me too. Whenever I try any scanner type product, I don't really see any noticable difference, since my machine is assumed to be clean. At best scanner tests just tell me how many FPs it generates , just joking.

I'm not a particularly big fan of hollywood myself, and i wouldn't trust him anymore than I would trust say a poster calling himself Devil's Advocate, but to be fair all he said was

-{ Quote: "ZeroSpyware is a nice application and very nice to look at . It has done very well for me thus far ." }-

It's an okay endorsement, not a particularly strong one in fact by standards of Wilders.

Mrkvonic .
I am a bit confused as to what it is you are saying . Your post has nothing to do with mine . Not that I can see . I totally agree with you on your last post . Makes perfect sense to me

Hello,
To clarify - a program is as good as its user and the platform it runs. Let's say it gives you a bsod every 5 hours, but it has 100% detection. Is this good for you? So 'the best' is a loose term.
Mrk

Ok . And again , I agree completely . This is why recommendations are made . So people can get an idea of what people seem to think is good . Then THEY can try for themselves . I have ALWAYS advocated that people need to try something to make sure THEY like and their computer likes it !

Dog, Genady,


-{ Quote: "there isn't a need to justify comments on apps like Ad-aware, Spybot ... Ewido or a few others - You don't need to look further than the cleaning instructions given to victims by HJT/Spyware experts for evidence." }-

There seems to be strange dual standard here, and at the heart question. It seems that the reason that you jumped on HollywoodPC is that he is suggesting security software that is not on the current forum bandwagon, without providing detailed primary research or links to independant reputable third party research. However it is ok to suggest applications like ad-aware and spybot (who in several actual qualified tests score very low in detection and removal.) Because its been mentioned by lots of others in forums. This isn't at all scientific. Adaware and spybot are free and have been for a long time. Their early entry to the market as free apps made them popular in forums long ago, and spyware removal experts on forums are usually more likely to suggest free software over paid software. This is in no way an indicator of their performance. And would suggest that their performance doesn't require any further analysis, which is also odd since good anti-spyware applications are heavily updated every 3-4 months.

I also question the concern towards review sites. Reviews can be skewed by a number of factors. But when you are discussing top rated reputable magazines such as PC Magazine and PC World. Its unfounded. These publications rely on a relatively unbiased reputation to maintain their top position, and have in many cases downgraded software that generates high ad revenue. however there are many publications with less visibility that are more susceptible to influence. Note that I also posted reviews from a review site (neat net tricks) which is not advertising based. The other thing that I find strange about this perspective is that the reviews that I cited each rank the same software (spysweeper, spyware doctor, etc..) in roughly the same order as they are ranked by most users here. If these reviews are all suspect then why the similarity? As an FYI we didn't advertise at all in either of these magazines. (maybe that's why we didn't rank #1 :) )

Note that the author of the PC magazine article is a very well respected author, and programmer, who actually wrote some of the tools used by anti-spyware researchers to track the effects of spyware on a target system.
http://www.pcmag.com/author_bio/0,1908,a=184,00.asp


While the methadology you suggest is admirable, its very difficult for users to perform detailed comparison of multiple anti-spyware applicaitons. Generally requiring access to a wide variety of malware varients (which are extremely difficult to harvest, and mutate frequently) The trivial analysis suggested won't actually yield usefull results.
I have a post on this forum regarding this topic
http://www.wilderssecurity.com/showthread.php?t=122626

As far as why I suddently popped into this forum. I use google alerts that auto send me email on keywords that I assign and trackback from wilders for threads that I am watching. I monitor several security forums, including wilders, pcpitstop, castle cops etc.. Its important to us to understand what the anti-spyware community is looking for in a product, and the difficulties they are having with current spyware. Security forums such as wilders offer a different perspective than that of our existing customer base.

In summary I like that forums such as wilders open discussions on topics like this one. I think its important that a well informed community help shape the products that are needed to serve the community. But bandwaggoning and unfounded skeptisicm are counter to this goal. So far I've seen almost no discussion on features and performance, and actual testing methadology.

I would be happy if there were more people performing detailed tests on these applications because generally we beat the pants off our competitors.

I suggest shifting the discussion to the features that matter in anti-spyware applications, and what makes them top 3?
- Performance (scan speed, cpu usage)
- Interface
- Information provided (some antispyware are vague)
-Greyware inclusion and descriptions
- detection and removal
- real time monitoring
- Intrusion detection and prevention
- Startup registry management/repair
- Vulnerability scanning
- support
- logging and troubleshooting
- Automatic suspension of spyware processes
- Highlighting of of unknown processes
- Removal of chronic spyware

I'm also curious about the testing environments used by the local forum members? Do most people here run multiple anti-spyware for comparison? Does anyone run vmware workstations as testbeds? Does anyone use an online repository of spyware and malware for testing anti-spyware?

-D

Hello,

Zerospyware:

To answer some of your questions, how I see things.
Good anti-spyware application (or any for that matter):

User Interface - how quickly do I get accustomed to the functions within 5-10 minutes of using the app, without referring to help files.

Few false positives - unless I'm a beta tester, I do not wish to spend my time heightening paranoia and doing online researches for registry keys and values, trying to figure out what they mean.

Compatibility - How smoothly everything fits.

Patience - I do not want an application that takes 20 seconds to start - in this respect, both Spyware Doctor and Spy Sweeper are annoying.

Detection rate - Not so important to me, more important the ability to remove threats it claims it can - if an x application claims it can remove something, then it should not sprout upon restart.

How did I test the applications?
I use a variety of machines, which are pure scapegoats, and VMware, too.

Other aspects:

Again, MY opinion only:

- Performance (scan speed, cpu usage)
Scan speed, not so important, it can be done overnight, unless it's a fast scan, which should be immediate. CPU is important, because if scan runs in the background, you want to be able to do other things as well.

- Interface
One of the most important things, must be as simple as possible.

- Information provided (some antispyware are vague)
A switch mode, for beginners and experts, because beginners need to know little and experts need to know everything.

-Greyware inclusion and descriptions
Important; this builds people's confidence. I do not want to use a product that makes deals with the marketing, ads and such companies. I my opinion, anything, anything at all that can be used to reduce privacy / security, should be flagged. Even if only for awareness and not removal.

- detection and removal
Answered that already.

- real time monitoring
Could be nice, but it should not popup too often, informing about ambiguous threats.

- Intrusion detection and prevention
Same as above.

- Startup registry management/repair
Part of overall detection management.

- Vulnerability scanning
Could be nice. But without bloating. Marking already disabled Messenger as threat is a no-go. Only serious things - incomplete updates, missing drivers etc.

- support
Live person is always good. Support should be simple. A big link saying Click here for support. As little fuss as possible.

- logging and troubleshooting
Logs should be as informative as possible. Trobleshooting - much as support. Easy and efficient.

- Automatic suspension of spyware processes
I do not like this.

- Highlighting of of unknown processes
Could be nice, as long as not too many popups.

- Removal of chronic spyware
What's chronic spyware?

How can you make your application better?
Activity on security forums is vital. And balls to stand up to your product, even if it's found wanting. So, your participance here, or one of your members can be a valuable addition to your assets. People will trust the application more if they have a living person answering their questions. That should be a vital part of your marketing - dedicating manpower to continuous live work with forums, community etc. And time. You have to wait. You cannot make a breakthrough in a week or two.

So finally, why do I find my selection of 3 as they are. Spybot and Ewido are intuitive, light, friendly. Spy Sweeper is simply the better than other applications I tried - it's just relative. It's not a love of my heart, but given a pool of choices, that's how things rate up.

I have not tried zerospyware yet, but I might be tempted ...

Cheers,
Mrk

Hi ZS,

No there's no dual/double standard ... The concern is ... How does Hollywood all of a sudden ;) discover this *new* app ... with in minutes claim the author/app isn't any concern in regards to it's past status on Eric's list; other than making a judgment based on it's delisting (I guess - he hasn't presented anything else - doing so now would be meaningless) ... then with in hours/days (long before the trial would have ended - or even a personal experience with the product could've begun) ... this poster now makes this a recommended app, also stating that the programs he recommends are the best at “detection and removal”. In the context of the time frame of his trial of your product, "How would this be possible?" The issue is that this is totally irresponsible; it's an unfounded claim and recommendation. I can't imagine him doing anymore than likely just running a scan, he certainly did not test in regards to his claim, nor did he search for anyone else's research - if he had; he would have posted such. That's the problem in a nutshell.

While I would agree with what you point out in pg. 4 in principle, it isn't the intent of that such exercise - it would merely be a way for him to justify his claim to a small degree. Your right that "users" don't have the knowledge, experience, expertise, or resources to conduct a qualified test (generally even a personal test) ... Users do tend to make recommendation on their long term personal experiences and they are taken for what they are. This isn't the way that this member presents his recommendation, his wording actually gives the impression that he has the knowledge to make this claim. If he hadn't spilled out of the other thread, where it is plain to see the course of events; and where any reader could see the actual net worth of his comments - I would've have taken issue.

We could argue the validity of Magazine results 'til we're blue in the face ... but in all reality they generally don't disclose their testing environments or methodologies - their results are suspect at best.

It is nice to see you spend the 48 hours between my post and your rebuttal well. You've nicely twisted the intent of what I said. It's also noteworthy that that isn't the exact truth about your arrival here ... you initiated the mention of your product ... your first post was removed as spam, if I need to remind you. ;) It's also likely where hollywood “discovered” your program and I suspect his true motive for bring it up stems from another incident here that happen a little while ago.

As to the other products mention ... no where did I mention that they where the best. My intent with that statement is they are time tested and trusted and that does carry *some* merit – although the statement made wouldn't be acceptable in the context it was in regards to those either. General statements made from the context of someones experience are of course acceptable when presented as such.

Your product has not gotten to that point yet, it will take time to emerge from the initial blacklisting (which I am aware has been a while now), gain popularity ... and prove it's merit over the long haul. While you claim this is unfounded skeptisicm, it's the way it works in my world, you have to earn trust and respect, in this field or any other ... unfortunately you are dis-advantaged because of the past – there isn't any way to quickly correct that.

In my personal opinion I actually don't see much merit for anti-spyware apps in the future. Now that most AVs have been covering this ground in earnest for six months to a year, and spyware/adware has become the predominant malware - I think those companies that position themselves as AS utilities are numbered. The free utilities will survive, and my best guess is that they'd begin to specialize in the few extremely difficult infections to remove (likely with small specialize removal tools) and those that are common/widespread from their main application ... while retaining there old DBs - for the benefits they may still provide. I think the market is sufficiently covered for anti-spyware, even anti-trojans have morphed into anti-malware products to afford future survival, and I think in the end they'll remain the only major players outside of Avs in regards to this type of security scanning.

As to your suggestion ... It does happen; But it has it's place in the proper official support forums, which I assume you do have ... Our vendor support forums do have such threads, usually titled something along the lines of future feature request / suggestions / wishlist . The purpose of the general forums here, is for member help with troubleshooting etc. ... and as such they generally proceed the way they do.

Regards;

Steve

Hi Dog,

I now understand the point of your initial posts, and your concerns, but I think it might be easy to attribute Hollywoods enthusiasm about the product to that of a knowledgable application user who gets excited about a new program. With over 15 years of application experience it doesn't usually take me more than an hour of working with a new program to get a guage of its quality. This is especially so when highly familiar with the rest of the programs in that space.

Actually my first post was not removed as spam. I was interested in offering a challenge to local forum members to test our app against any of their favorites and point out any ways in which other apps outperformed ours, in exchange I was going to offer free 1 year subscriptions to all those who provided us this feedback. I was warned by one of the administrators not to post any further mesages of this type, and edited the message on my own. (I'm posting this here for full disclosure). I understand you point about it taking time to gain reputation in the forums, which is why I may have been over-enthusiastic in offering this challenge. See, the thing is we know we have one of the best products in this market, and that all we need is for knowledgable users to reach the same conclusion by trying it. I also wanted to do this becuase I'm interested in direct feedback from knowledgable users such as the members here. It was not my intent to use this as a marketing tactic and since it was taken as such I retracted the offer.

Our app is more popular and credible than might be expected from reading the forums. We have been selling in over 2000 retail outlets in the US for some time now, including all the top chains. We are one of the top selling anti-spyware applications in France where we just launched in December. Most of our customers have several other anti-spyware applications in addition to ours and prefer our application because of its performance and support. We are not new players here. We have been in the anti-spyware business for over 4 years. We are new however to the forums, and are starting to make some efforts to gather feedback from this community.

Now for a bit of history:
The blacklist you refer to is actually the badly termed Rogue list, where any application that had a suspicion of using false positives to encourage purchases of the application was listed. This was NEVER the case with our application, but was listed here because Eric did find some false positives in his initial test, our application was not free, and we had a free-scan only campaign at the time. That's all. I've never been happy with this list or its implications (not only because we were once on it). But the list is overly inclusive. There are several applications on this list which are blatently bad anti-spyware applications, and intentionally misidentify applications as spyware to induce sales. We have several legal notices from some of these companies threatening to sue us out of existence because we list them as rogue, and remove them (consider the irony). There are also applications on this list which are there based on the barest of suspicion for having too many false positives. There has been talk for some time on the forums that the list should be split for this reason. However this list (valuable as it is) was the work of a hobbyist in his spare time and was never meant to be comprehensive or difinitive.

Now consider this. Adaware has had several notable false positives for some time now. At one point Adaware detected spybot as spyware! This was well publicized. For a long time Adaware detected Zerospyware as a potential browser hijacker, even though Zerospyware has no relation to browser hijackers. What is even worse is that the registry entries adaware detected and removed were standard installshiled registry keys. When our users tried to uninstall the application with registry keys corrupted by adaware, they lost data. If you follow the thread on spyware warrior about this there was a lot of anger at adaware for such irresponsible detection and removal. I took issue with another factor. -The term "potential browser hijacker" I found to be completely irresponisble for an anti-spyware application. Who know's what that means? Adaware never defined this term. If it weren't for the fact that adaware se was free it would have been obvious to classify them as a rogue anti-sypware based on Eric's definition since the language seemed intentionally misleading and broad. In fact we currently list some anti-spyware as rogue for similar language. We tried contacting Lavasoft for 7 months about this issue and received no response of any kind. Not what you would expect of a highly regarded anti-spyware application.
Note the following thread on spyware warrior on this topic:
http://spywarewarrior.com/viewtopic.php?p=59895&sid=cb88fd5d1a466a2e161075a0da183c92

Now to the point of the double standard (not referring to you, but security forums as a whole). Adaware and Spybot may be forum favorites. But they simply aren't that good. Their detection and removal rates average between 40-55% compared to the 82-90% bracket that Spysweeper, Zerospyware, and Spyware doctor are in. We usually don't bother to test their applications in our competitive analysis because its not worth the effort. We have over 2000 spyware and malware infection vectors to use for our test, as well as several thousands trusted applications. So our tests end up being pretty comprehensive.

So if the point of security forums such as wilders is to get together to figure out what the best applications in this space are, then why are the recommendations in these forums generally so far off. People refer to magazines as being skewed, but from what I've seen the security forums are more often skewed towards recommendations for free software. Don't get me wrong I love free software as much as the next person and am a huge fan of open source. But...for security software.. performance should be the biggest consideration. Most consumers would rather pay for something that will solve their problem than have something free that has a 50% shot of doing the trick. Certainly there is no harm in running one of the free apps along with one of the paid apps. Which is often the better recommendation (unless the free app is actually removing good files :) )

I found your comments about the future of anti-spyware interesting. You are correct that the spaces are starting to merge. But there is no evidence so far that the Anti-virus vendors will have this space covered. As many people on this forum know many of the current suite products are bits and pieces of other products. Zone Alarm now uses CA pest patrol as their anti-spyware engine, etc.. You may end up using an anti-virus suite that uses our engine :).

I'm not sure that I agree that the anti-virus guys hold the cards. Here is why. Spyware is different from virus in several important ways. But overall its more complicated and requires more customer contact. From my perspective its easier for a good anti-spyware application to incorporate anti-virus engines than the other way around (I'm sure some from the other camp will disagree). But I think the real shift is toward the service model. I believe that microsoft is on the right track with onecare. The average customer needs full service comprehensive security solutions. The user interface needs to be dead simple, live support should always be available, and problems should be instantly remediated. Compare this with the model of Symantec where you buy a product to remove malware, then have to pay $35-$75 to get suppot for the product if you can't remove the malware. For the average user if your computer isn't working correctly and you run a scan and nothing is detected, but your computer still isn't working.. what do you do? I do agree that the markets are merging rapidly and the line between spyware and virus are blurring. We currently detect hundreds of virus and trojans, but don't advertise the fact..yet..and won't until we have a full solution.


I appologize for taking up so much space in this forum to digress on these issues. And it was not my intent to twist your words or win an argument. I'm really only interested in one thing here, and that is determining what it takes to deliver the best anti-spyware application on the market. An aim which i think should be inline with several of the members of this forum. We decided to enter the anti-spyware market nearly 5 years ago when users of our product Zeroads (an LSP based adblocker and internet accelerator) were reporitng that our application was interfering with their net connection or causing them to lose internet connection all together. Turns out most of them had new.net or webhancer spyware ruining their LSP and didn't know it. We entered this space because we hate spyware, and wanted to protect our customers. I hope that you don't take my comments as combatitive, they aren't meant to be, as I found much of your post to be well written and insightfull.

-D

Hi Mrkvonic,

Thanks for your detailed response. Regarding start time. This is a difficult issue, since spyware databases can be quite large. There are 2 reasons for this. 1 is that removal of spyware usually entails removing hundreds or thousands of registry keys and files, as opposed to viruses which are generally self contained in one file signature. 2 - often lengthy descriptions are required to describe spyware and grayware, usually not the case for virus. However this comment has come up from several users. We need to find ways to make the application load as quickly as possible, even if only to block against real time threats.

Performance. - I agree 100%. Actual scan time shouldn't matter so much if you can continue to user your computer. This is the number one reason why i often turn virus scanning off. We are plannign to implement cpu throttling as an advanced feature in our next version to allow users to set the maximum cpu utilization by the application (ie.. use no more than 20%). We already have this feature in our enterprise version and it works quite well.

Greyware - we agree. Everything and anything that could affect your privacty, security, or pc performance is and should be listed.

Vulnerability scanning - we include any application vulnerability listed on the net. ie.. realaudio or winamp security holes etc.. These are detected with their CVE number and a link is provided for download. We consider this an essential element in keeping your PC free from spyware.

Automatic suspension of chronic spyware - We include this feature (as an option) to block spyware that has been detected from continuing to run this aids in preventing further activity or infection, and defending against some of the keep alive techniques. Is the concern possible lock up side effects?

The unknown process detection is a panel, not a popup and serves to warn about any process that is not recognized by our trusted list or blacklist. I consider it an indespensible feature, because it helps identify zeroday threats and provides peace of mind when the the computer is acting strangely. This is actually one of the main reasons I usually only run 1 anti-spyware application on my system. With unknown process and reporting I know that there isn't any other active spyware running on my system.

-D

-{ Quote: "Hi ZS,

No there's no dual/double standard ... The concern is ... How does Hollywood all of a sudden ;) discover this *new* app ... with in minutes claim the author/app isn't any concern in regards to it's past status on Eric's list; other than making a judgment based on it's delisting (I guess - he hasn't presented anything else - doing so now would be meaningless) ... then with in hours/days (long before the trial would have ended - or even a personal experience with the product could've begun) ... this poster now makes this a recommended app, also stating that the programs he recommends are the best at “detection and removal”. In the context of the time frame of his trial of your product, "How would this be possible?" The issue is that this is totally irresponsible; it's an unfounded claim and recommendation. I can't imagine him doing anymore than likely just running a scan, he certainly did not test in regards to his claim, nor did he search for anyone else's research - if he had; he would have posted such. That's the problem in a nutshell.

Steve" }-

I couldn't agree more with Dog's arguments as I felt the whole situation incongruous even before his intervention. There's a definite trend from some Wilders posters to lobby for products in a not so dispassionate way, and freedom of speech also means to challenge uncorroborated statements.

ZeroSpyware:

I'm sorry, but I cannot let your several misstatements about the Rogue/Suspect Anti-Spyware list stand uncorrected. You wrote:

-{ Quote: "The blacklist you refer to is actually the badly termed Rogue list, where any application that had a suspicion of using false positives to encourage purchases of the application was listed. " }-

This is first of several misleading and erroneous statements. Suzi and I don't judge intent, because we have no definitive way to do so. Thus, we have never listed any anti-spyware application on "suspicion of using false positives to encourage purchases of the application." We list applications that have egregious false positives and note that, in the case of for-pay applications, these can "work as a goad to purchase." But we never claim to have divined any purpose or motive behind these false positives.

-{ Quote: "This was NEVER the case with our application, but was listed here because Eric did find some false positives in his initial test, " }-

The problems that we discovered in the early versions of ZeroSpyware went well beyond a few false positives. For a full discussion of the problems that we discovered, see this thread at Spyware Warrior:

http://spywarewarrior.com/viewtopic.php?t=3871

Readers might also be interested in this contemporaneous discussion at PC Pitstop:

http://pcpitstop.ibforums.com/index.php?showtopic=57257&st=0

-{ Quote: "our application was not free, " }-

This claim is simply false. We have never listed an anti-spyware application because it was not free; nor have we ever exempted an anti-spyware application from the list simply because it was free. The free/pay status of an application plays absolutely NO role in our evaluation. For the criteria we use to evaluate anti-spyware applications, see here:

http://www.spywarewarrior.com/rogue_anti-spyware.htm#criteria

-{ Quote: "and we had a free-scan only campaign at the time. " }-

Again, this is just plain false. We have never listed an anti-spyware application simply because it offered only a "scan-only" trial version or "free-scan" version.

-{ Quote: "That's all. " }-

No, that's not all, and I would encourage users to review the Spyware Warrior thread listed above for a better picture of why ZeroSpyware was at one time listed on the Rogue/Suspect Anti-Spyware list.

-{ Quote: "I've never been happy with this list or its implications (not only because we were once on it). But the list is overly inclusive. There are several applications on this list which are blatently bad anti-spyware applications, and intentionally misidentify applications as spyware to induce sales." }-

Again, we never attempt to divine intent.

-{ Quote: "There are also applications on this list which are there based on the barest of suspicion for having too many false positives." }-

We never list an application on the "barest suspicion" of anything. The listing criteria, once again:

http://www.spywarewarrior.com/rogue_anti-spyware.htm#criteria

-{ Quote: "There has been talk for some time on the forums that the list should be split for this reason. However this list (valuable as it is) was the work of a hobbyist in his spare time and was never meant to be comprehensive or difinitive." }-

It's quite understandable that you'd want to minimize the reputation of the Rogue/Suspect Anti-Spyware list (which has been used by regulatory authorities for investigative purposes and has been cited in testimony before the U.S. Senate), but you're going to have to do better than this.

-{ Quote: "If it weren't for the fact that adaware se was free it would have been obvious to classify them as a rogue anti-sypware based on Eric's definition since the language seemed intentionally misleading and broad" }-

Once, again we have never given an application a "pass" simply because it was free, and this claim that we did is nothing short of flat-out fabrication on your part.

For the record, I do think that ZeroSpyware 200x has made tremendous progress since early versions were on the Rogue/Suspect list in the summer of 2004. That's why the application is no longer on the list.

That said, I will not stand idly by while a vendor misleads, misrepresents, and even lies about the Rogue/Suspect list and the criteria used for including anti-malware applications on that list. And if I catch you doing this again in other forums, ZeroSpyware, I am going to call you on these misrepresentations then and there.

Eric L. Howes

Note: presently I am Director of Malware Research at Sunbelt Software. At the time ZeroSpyware was listed on the Rogue/Suspect page, I had no relationship whatsoever with Sunbelt Software.

Further to Eric's warning...
-{ Quote: "That said, I will not stand idly by while a vendor misleads, misrepresents, and even lies about the Rogue/Suspect list and the criteria used for including anti-malware applications on that list. And if I catch you doing this again in other forums, ZeroSpyware, I am going to call you on these misrepresentations then and there." }-zerospyware, if you wish to continue posting at this forum, then I suggest you re-read our TOS (http://www.wilderssecurity.com/TOS-Privacy.html). If we see further false, incorrect and/or misleading information in your posts, they will be removed along with your account here.

snap

Eric,

My intent was certainly not to misrepresent the Rogue list or the criteria behind it. Nor was my intent to denegrate the list or the value of the list. WE use the Rogue list as a reference in our spyware classifications and have tested and list most of the applications on this list either as Greyware or Spyware (however we do independently test each item on the list). But my concern that the criteria used for this list is overly broad still stands.

I have always understood the Rogue list to be characterized by the following statement from you.


-{ Quote: "
Originally From your spyware warrior post:
It does not mean that every product listed is a "scam" or that every product listed there is "dangerous" and installs malware itself. It simply means that in light of the established, proven alternatives that exist (many of them free), I cannot recommend that users rely on the apps listed on the page. " }-

However, it is common practice on forums to refer to this list as a blacklist. Meaning: do not use. While this may not have been your intent it is often perceived this way. You may want to scan some of the forums and see the conclusions drawn about our application as a result of being on this list. One consequence that I find particularly disturbing is that False positives from Adaware detecting our application as a possible browser hijacker caused many of our customers to return our application because its inclusion on the Rogue list seemed to validate this false positive as an accurate detection.

Looking at the criteria listed this is not surprising. Because the list includes applications that actually install spyware or hijack your computer:
-{ Quote: "
From spyware warrior criteria list:
The following practices are guaranteed to get a program listed as "rogue/suspect":

1. Installing adware, spyware, or malware
2. Hijacking users' browsers & desktops
3. Being installed by adware, spyware, or malware
4. Being regularly or frequently advertised through adware or spyware
5. Being aggressively or stealthily installed without users' full, knowing consent
6. Being pushed through aggressive, deceptive, or misleading advertising
7. Being offered by a known adware/spyware vendor or being strongly associated
with a site known to install malware
8. Using false, deceptive, misleading, or confusing scan reports or other GUI elements
to badger, coerce, or trick users into purchasing the product

We also evaluate such things as:

1. Sophistication and comprehensiveness of the scan (including the design and execution of the scan detection scheme)
2. Accuracy and reliability of the scan (including the nature and quantity of false positives)
3. Nature and accuracy of the scan reporting
4. Information about company and program available online
5. User reports of experiences with program
6. Currency of definitions " }-

My understanding from reading the criteria is honestly not clear. I made some of my statements you objected to regarding the freescan of our application because I believed your criteria only extended to the first 8 items. I've read some statements about redicioulous or excessive false positives. This is obviously a judgement call.

-{ Quote: "
Originally Posted by eburger68
-{ Quote: "
Originally Posted by zerospyware
We never list an application on the "barest suspicion" of anything. The listing criteria, once again:" }-

http://www.spywarewarrior.com/rogue_...e.htm#criteria" }-

But note this from Suzie:

-{ Quote: ""Rogue/Suspect" means that these products are of unknown, questionable, or dubious value as anti-spyware protection. " }-
http://blogs.zdnet.com/Spyware/?p=727

and this from your post:
-{ Quote: "
From your spyware warrior post:
It does not mean that every product listed is a "scam" or that every product listed there is "dangerous" and installs malware itself. It simply means that in light of the established, proven alternatives that exist (many of them free), I cannot recommend that users rely on the apps listed on the page. " }-

While these statements are not listed in the criteria, they do refer to the list and provide context for the rogue list. This is the basis for my interpretation of the criteria (the mention of barest of suspicion) that you took objection to. Again not an intentional misrepresentation but an honest interpretation based on the text itself. To put it another way. If a new anti-spyware application enters the market, and exhibits false positives (rediculous, excessive or other wise) then it may very well be suspect according to these standards specifically because it is an unknown quantity until further proof is obtained.
I think this might be ok if the category for these applications was suspect, or unproven. But it seems undeserved for such applications to be lumped together with notorious rip offs and scams.


-{ Quote: "
Quote:
Originally Posted by zerospyware
If it weren't for the fact that adaware se was free it would have been obvious to classify them as a rogue anti-sypware based on Eric's definition since the language seemed intentionally misleading and broad
" }-

-{ Quote: "
Originally Posted by eburger68
Once, again we have never given an application a "pass" simply because it was free, and this claim that we did is nothing short of flat-out fabrication on your part." }-

Please let me rephrase.
Adaware has a category they detect called "possible browser hijacker" users generally read this as "remove these components". This term is never defined in the application or on their site. Many false positives (including our own application have been discovered under this category). This sort of broad and undefined terminology from an unknown anti-sypware vendor will always get at least a greyware application in our database. We do not list Adaware for this nor would we expect you to either. The defining characteristic here is reputation. Adaware despite these issues has a solid reputation as one of the good guys. A reputation that was built at least partially on their offering a usefull free utility to the masses. If WE were to encounter a new anti-spyware today with a paid subscription that used this terminology and detected false positives this way. We would classify this as a Grayware/Suspect anti-spyware application period. If the application was free, then WE would have a tough time classifying this as Greyware and would have to look closely at the severity and frequency of the items detected. This was what I meant. My statement wasn't meant to divine your intent nor was it meant to refer to your classification. The point was made in the abstract. That given the criteria ,independently applied, it would be a consideration.


-{ Quote: "The problems that we discovered in the early versions of ZeroSpyware went well beyond a few false positives. For a full discussion of the problems that we discovered, see this thread at Spyware Warrior:" }-

Eric, we have nothing to hide here, and no reason to misrepresent the past. As you point out in the links provided our free-scan application (from 3 years ago) encountered some significant false positives and some unintentional misreporting. You were also able to deduce some of the reasons why in your investigation. And these reasons were either programming or algorithmic errors. The freescan that you tested was grossly out of date with our paid application, and many of the issues you discovered were significant but unintentional.

But I think its also important to note that we contacted you about testing our software and were actively involved in soliciting feedback, and correcting the issues discovered. We also actively solicited the participation of several forum members both in Spyware warrior and PC pitstop to provide feedback on false positives. This is obviously incongruous with most of the other members of this list.

Now Let's consider the context and background of my post:
-{ Quote: "
Originally Posted by Dog
Your product has not gotten to that point yet, it will take time to emerge from the initial blacklisting (which I am aware has been a while now), gain popularity ... and prove it's merit over the long haul. While you claim this is unfounded skeptisicm, it's the way it works in my world, you have to earn trust and respect, in this field or any other ... unfortunately you are dis-advantaged because of the past – there isn't any way to quickly correct that." }-

Over the last 2 years, not only have we significantly improved our product, but we consistently outperform many of the top rated anti-spyware in several well publicized tests. We solicit information from forums, and provide our customers with live 24/7 support and instant remediation of their spyware problems. We treat every false positive with the utmost severity. While we have been removed from your list for some time, the original inclusion serves as a perpetual black mark, that results in people referring to our product in an undeserved negative light.

The Rogue list that we are referring to includes super rogues such as SpyFalcon and its derivitives. These are some of the nasties spyware affecting users today. Surely its obvious that any member of this list is going to be judged by the others on the same list.

Now lets look at how the rogue list is interpreted on the net:

-{ Quote: "
Anti-Spyware tools that do not function as advertised or that actually include Spyware, Adware or other malicious code are often referred to as “rogue” anti-spyware tools, thanks to Eric L. Howes and SpywareWarrior.com." }-
http://paretologic.com/resources/spyware_behavior.aspx

-{ Quote: "Complicating the field are rogue antispyware products, which practice deceptive advertising and report false positives to influence buyers into thinking the product is superior to the competition. Some rogue antispyware actually incorporate adware features in their free and trial versions." }-
http://www.securitypipeline.com/howto/57700315
-{ Quote: "

Unfortunately, some unscrupulous vendors use very dubious tactics to gain a competitive edge for their anti-spyware products." }-
http://www.hoax-slayer.com/rogue-anti-spyware.html

-{ Quote: "Out of the vast array of available products some stand out as being so incredibly bad that no one would choose voluntarily to use them. These are the Rogue Anti-Spyware applications.
To be classified as rogue an application will conform to one or more of the following characteristics:

Fail to provide proven reliable anti-spyware protection
Produce excessive or ridiculous false positive detections
Use deceptive or high-pressure sales tactics to generate sales to the unwary
Make use of threat detections from other applications without benefit of license (copyright infringement)
Install adware/spyware itself when installed
None of us would deliberately choose an application with any of the above features but how is one to know? A spyware researcher named Eric Howes has evaluated a staggering number of applications (most through actual test) and has compiled a list of over 200 of these complete with the rationale used for adding each to the list. The list is hosted and maintained by Spyware Warrior.
" }-
http://castlecops.com/t125562-What_is_Rogue_Anti_Spyware.html

The only reference I found so far that captures the true spirit of the Rogue/suspect list is from Suzi herself:
-{ Quote: ""Rogue/Suspect" means that these products are of unknown, questionable, or dubious value as anti-spyware protection. " }-
http://blogs.zdnet.com/Spyware/?p=727

And now we have Super Rogues (which are actually spyware):
http://blogs.zdnet.com/Spyware/?p=752

I find this definition from Wikipedia particularly disturbing (incidentally, it links to spyware warrior):

-{ Quote: "Recently, spyware has come to include "rogue anti-spyware" programs, which masquerade as security software while actually doing damage." }-
http://en.wikipedia.org/wiki/Spyware

Given the interpretation of the nature of the list I think it would make much more sense to break down the list into 3 seperate lists: Super rogues, Rogue, and suspect/unproven. I am not in any way interested in minimizing the reputation of the Rogue list. But don't you think that the list as it stands is overly broad? Why lump Rogue and Suspect under one category? Is it really usefull to place unknown applications with excessive false positives next to applications that hijack your computer? Should a new anti-spyware application be placed on this list side by side with spyfalcon because its and unknown quantity and suffers from some false positives?

My concern is that the broad categorization of the Rogue/Suspect list has two negative consequences. One applications that are Rogues or Super Rogues, might not get the proper negative attention they deserve by being compared to suspect applications. Second suspect applications which are either minimally dangerous or simply not as effective as they should be will be lumped in with applications that are actively under prosecution. I'm sorry but this just doesn't make any sense to me.

-{ Quote: "
Originally Posted by eburger68
That said, I will not stand idly by while a vendor misleads, misrepresents, and even lies about the Rogue/Suspect list and the criteria used for including anti-malware applications on that list. And if I catch you doing this again in other forums, ZeroSpyware, I am going to call you on these misrepresentations then and there." }-

Pardon me for the apparent misrepresentation of your list, again I want to make it clear now that I was referring to the general conception about your list and not YOUR criteria. This was a reaction to Dog's previous post that I listed here. I'm afraid I was not clear enough on this distinction.

But I do share a similar concern. We have a solid reputable anti-spyware application. Our application has been tested by reputable media (I'm assuming you agree with me here) head to head against other top applications (including the company you currently work for) and done well.

As a result of appearing on your list we have been referred to as theives, scumbags, spyware and variety of other things. This is certainly undeserved now and always has been. I also don't want to stand by idle while we suffer this unecessary damage to our reputation and business. I do not blame you for this or imply that this is in any way your intention. In fact its my understanding and assumption that you wouldn't agree with those characterizations of our company or our product. It is clear to me that there is a significant disconnect between the intent behind the criteria and the public perception of the intent behind the criteria. How do we fix this? I think that the public perception of the Rogue list is worthy of consideration and discussion. Condsider the example I provided from Wikipedia. If the Rogue list is broadly misinterpreted then perhaps it should be redefined. If not then I would appreciate your guidance on how we should go about defending ourselves properly.

-David

-{ Quote: "Hi Dog,

I now understand the point of your initial posts, and your concerns, but I think it might be easy to attribute Hollywoods enthusiasm about the product to that of a knowledgable application user who gets excited about a new program. With over 15 years of application experience it doesn't usually take me more than an hour of working with a new program to get a guage of its quality. This is especially so when highly familiar with the rest of the programs in that space.

Actually my first post was not removed as spam. I was interested in offering a challenge to local forum members to test our app against any of their favorites and point out any ways in which other apps outperformed ours, in exchange I was going to offer free 1 year subscriptions to all those who provided us this feedback. I was warned by one of the administrators not to post any further mesages of this type, and edited the message on my own. (I'm posting this here for full disclosure). I understand you point about it taking time to gain reputation in the forums, which is why I may have been over-enthusiastic in offering this challenge. See, the thing is we know we have one of the best products in this market, and that all we need is for knowledgable users to reach the same conclusion by trying it. I also wanted to do this becuase I'm interested in direct feedback from knowledgable users such as the members here. It was not my intent to use this as a marketing tactic and since it was taken as such I retracted the offer.

-D" }-


I have lics for Spyware doctor, pest patrol. Both have issues for me high cpu util and FPs so ...

This post has succeeded in making me consider zerospyware as a viable product - first impressions are good although I prefer to have the complete install downloaded

This thread reminds me a lot of the Gator people saying "you have to call us Claria now!"

ZeroSpyware (David):

You've pulled together a number of quotes -- some short summaries of the list from Suzi and me; some longer characterizations from third parties. Not a single one of these quotes justifies or supports the erroneous statements you made about what Suzi and I actually use for criteria when making decisions to list or not to list applications. At the end of the day, the Rogue/Suspect page contains:

* a list of the criteria that we do use;
* pointers to discussions that elaborate on our use of those criteria
* specific claims about the problems observed with each application
* screenshots of the applications, including scan results
* links to other pages and reports to support the most serious charges

Regarding false positives: we have never listed an application simply for turning up a few false positives in a scan. I've got a directory on my drive with a number of applications that did not make the Rogue/Suspect list even though they generated a false positive or two during testing. As noted on the page...

-{ Quote: "False positives, in particular, are tricky to evaluate, since all anti-malware scanners will produce false positives as some point. For discussions of how we evaluate false positives, see these forum threads:

http://www.dslreports.com/forum/remark,13633093
http://spywarewarrior.com/viewtopic.php?t=11780
http://spywarewarrior.com/viewtopic.php?t=8084 " }-

As for your assertion that the list is overly broad, I'm still not clear on why you think the list is overly broad. Your own company lists the vast majority of the same apps that we do on your own "rogue anti-spyware" page...

http://www.fbmsoftware.com/spyware-net/blacklist_antispy.aspx

...including many of the apps that are on the low end of the scale (i.e., egregious false positives, flawed scan engine, etc.). Here, for example, is your listing of TrueWatch:

-{ Quote: "TrueWatch
TrueWatch is a rogue anti-spyware utility that scans your system for possible unwanted programs but most frequently showing results of harmless components flagged as spyware components. The trial version does not offer removal of the reported dangerous components without the purchase and registration of the full product." }-

Note how similar (though not identical) this listing is to our original complaint regarding ZeroSpyware 2004.

Still further, your own company's list is clearly labeled as a "black list" -- a characterization that we never use for our own. Moreover, we clearly boldface and redline the apps with the worst behavior (the ones you label "super rogues") and provide links to evidence to support our claims. Your company's list does neither, grouping every app into one flat list and providing no supporting evidence whatsoever for the most serious of charges.

David, there will always be folks out there who are to hasty or lazy to take the time to understand the Rogue/Suspect list, what it means, how it operates, and why applications might be on the list. Suzi and I have gone out of our way to illuminate every aspect of the list and our listing criteria. The Rogue/Suspect page is currently awash in information about the list itself and the apps on the list -- far more information than appears on your company's list, I might add.

There's no way for us to guarantee that absolutely no one out there misinterprets or misunderstands the list. The best we can do is make the list as transparent as possible and correct mischaracterizations and misstatements when we see them. If your concern was that the list is being misinterpreted, then your earlier post was precisely the wrong way to go about combating those misinterpretations. You don't combat misunderstanding by making misstatements of your own and further exacerbating mistaken assumptions about the list.

Regards,

Eric L. Howes

-{ Quote: "we consistently outperform many of the top rated anti-spyware in several well publicized tests." }-Hey David,

I read your whole post so Please do not misconstrue this one question I have in regards to the above quote as the only thing I found of interest.

Having said that....would you Please provide a link to some of these "well publicized tests" given the fact on all the many Security Forums I visit there have only been a few test links folks have shared with the community.

Bubba

Yes David please provide a few links. I`m now very interested in your product.

For bubba and beetlejuice69

Here are a few links:

This is from an August 2005 PC Wolrd review comparing Spysweeper, Counterspy, and Zerospyware
-{ Quote: "
ZeroSpyware 2005 performed impressively, too: It removed 86 percent of the target components and distinguished itself further by removing 96 percent of all nasty in-memory processes in our tests. By comparison, Spy Sweeper removed 85 percent of the target in-memory processes, and CounterSpy also removed 96 percent.
....
In addition to scanning for spyware that's already on a computer, each of the three products I tested provides real-time monitors designed to prevent spyware and adware from gaining a foothold in the first place. ZeroSpyware set itself apart here, successfully blocking all but one attempt to penetrate my system.
" }-
http://www.pcworld.com/reviews/article/0,aid,121411,pg,1,00.asp


From a June 19, 2006 PC Magazine review
-{ Quote: "
PrOS
24/7 access to help via live chat; real-time blocking of spyware processes; removed most spyware in testing; detected and removed many attempted spyware installations.

CONS
Didn't remove all spyware threats; warnings can stack up dozens deep during a serious attack." }-

This review is actually very detailed if you follow the links, includes comparison charts and discussions on testing methodology.
http://www.pcmag.com/article2/0,1759,1829256,00.asp

This one is a qualitative review of Zerospyware not comparative or quantitative in terms of detection and removal.
http://www.neatnettricks.com/SoftwareReviews/review_ZeroSpyware.htm

There are some more that I'll try to dig up later.

-David

Thanks David,

I do appreciate you taking the time to share those links. We do however have a difference of opinion of what constitutes "well publicized tests". IMHO those links are nothing more than reviews. I sure will not attempt to speak for the many folks that visit the same Security Forums I frequent but I'll bet you a free copy of Zerospyware that most of those individuals would construe Anti-Spyware Testing (http://spywarewarrior.com/asw-test-guide.htm) as a benchmark for a well publicized test :-\

Perhaps these other test links you are going to dig up will actually be what most of us construe as Anti-Spyware Testing ???

Regards,
Bubba

Thanks David. Very good and it`s worth a try anyway.

Bubba,

I'd like to get Eric's opinion on this as my guess is he knows both of the reviewers I mentioned here. I for one was generally impressed by their test methodology, systems, and ethics. The first two links I placed here are lab tests and not simple reviews. The problem with reviews is that they often don't include enough applications to test against, and have to complete their reviews on a short time schedule. But the laboratories and test beds set up by the publications I listed here are significant and their test methodolgy is sound.

You'll get your free copy though, because I'm sure you'd win :). I think that the forum guys tend to lump the reviewers together and give them a bad rap. I think its worth noting that the lab tests and reviews of the better publications are not so far off from the general forum opinions (with the exception of the forum vs review perception of the adaware and spybot). I would like to point out for the record though that the PC Wolrd review I referenced listed us third out of the 3 tested even though our detection rate should have ranked us higher.

-{ Quote: "
From PC World review:
Though ZeroSpyware performed the best at preventing infections with its real-time monitor, I found that the positioning of the alerts within the application's interface actually thwarted my efforts to update and run a scan." }-

Apparently we really got nailed for the positioning of the alerts. ???
I'll leave it at that.

However, I don't think that they are far off from from the Anti-spyware test. Unfortunately there is virtually no (non-industry) test that compares to Eric's original tests out there at the moment. We perform these tests internally regularly. But ofcourse you would think we are biased if we post our results.

So I've got a suggestion. How about we make our own? We can start the ball rolling by putting together a target virtual machine, and a list of spyware, as well as a list of trusted applications, that we agree on for the test bed, write up the criteria, then let a select group of experienced members from this forum download the VM's (warning they won't be small) and the test infection vectors (from a password protected FTP site), then compare notes accross the top applications. We can collaborate on the criteria and the results, then share them with everyone else. To make it completely fair we would need to allow each of the members involved in the test to install some of their own spyware and trusted applications, then share this list with the others at the conclusion of the test. I for one would like to see a current exhaustive comparison of the top anti-spyware applications that specifically indicates impact on cpu perfomance, effectiveness of real time detection, removal of chronic spyware, interface, descriptions, features, etc, and analyzes the value and actual impact of each feature of the tested applications.

What do you think?

-David

-{ Quote: "In Terms General, How would be the Top 3 spyware applications ? Or the best options ?" }-
I would say

Spyware Doctor
SpySweeper
RegRun

Thanks,

Chris

FWIW based on recent testing
The best 3 anti-spyware appointments being

Definition based>>>

Ewido
KAV with extended bases
Anti -Virus

They blocked more spyware in realtime from installing on my test pc than any of the Botkillers :(

:o KAV & Ewido seperatlely out performed the so called best 3 SS/SD/CS combined efforts at stopping sample malwares installing and going *live

FWIW

BoClean was'nt tested but if reports of its effectiveness are true then it would be there and there abouts in the top 3

Subsequent
FWIW

ProcessGuard and SSM blocked all test specimens before they went *live
by simply offering me the option to create/grant a rule.

Before anyone points out that these are process control programmes/AV's/AT's then according to my research they still are better Anti spyware appointments.

Afterall its far better to stop malware installing in the first place then it is to have to deal with a compromised/infected Pc subsequently.

* I have yet to test "cleaning" effectiveness of the test softwares against established infections but this will follow at a later date.The Botkillers should hopefully improve on their effectiveness at that point....

-{ Quote: "Being new here, I am glad someone is trying to hold posters accountable. I noticed ZEROSPYWARE (six posts) pops into the thread. Interesting, that's all.
GP" }-

No mystery he is here to depend the honor of his product, and to raise sales.
After all , this forum is one of the critical forums where 'opinion makers' are born. The 'experts' who others turn to for computer help are 'trained' and 'influenced' here. They are taught what to like and what not to like.

Why else do you think so many security vendors hang out here? Out of the goodness of their heart? :)

As you can see from this thread it is working.

PS I'm not against ZS, just stating a fact. Everyone else does this too..