Security optimize

Which spyware removal tool do you use? Take the poll.

Virus protection and a good spyware removal product are both vital tools for user support professionals. But which one to use? Take the poll and participate in the discussion.

Virus protection and a good spyware removal product are both vital tools for user support professionals. But which should you use? Take the poll and participate in the discussion.

-------------------------------------------------------------------------------------------------------------------

In a recent blog, I asked the TechRepublic members about their preference for virus protection software.

I will admit that I was somewhat surprised that the option receiving the most votes was other -- that is, a product that I didn't even list as an option in my selections. AVG seems to have received more votes than any other product. Although I didn't use that product myself, I did download the free version and installed it on my home system for some firsthand experience with it, although I kept my Norton Office Edition for our business use. After reviewing the differences between the free version and the Pro Edition, I'd probably recommend that someone spend the few dollars for the extra protection. I should say, however, that the free version sure did get some good reviews in the discussion that followed the poll.

Nonetheless, virus protection is only part of the battle in protecting our users against unwanted malware. Spyware detection and removal is another. With a good firewall in place and adequate security software running, spyware shouldn't find its way into a system in the first place. But, for a variety of reasons, we all know that such things do get in from time to time. And even if it's not immediately apparent, it is a good idea to occasionally scan our systems for spyware.

Since many people take vacation around the Christmas holiday, I try to make it a point to run malware scans on their computers, optimize their system, etc., while they're away and won't need their computers.

There are literally dozens of spyware removal tools available, but users have to be careful of what they choose. Some of them are actually spyware themselves. Ideally, we'd all prefer a product that offers a free download, but perhaps that's not always the best option.

Cast your vote for the spyware removal tool of your choice and participate in the ensuing discussion.

158 comments
silly.little.goth
silly.little.goth

I use Malwarebytes at work on client's personal computers, it is the only program that gets rid of Vundo, none of the supposed tools work. For very bad infections where Malwarebytes won't install, I use the Avira Rescue System Disc, which runs off the disc, without the OS loaded, so that you can remove some of the junk before running a full Malwarebytes scan to get the rest. And of course, I delete files manually based on what the scan log files find.

ronald44181000
ronald44181000

I've used the majority of the ones listed so far and for my 2 cents worth. I'd have to go with AVG 8.5 Free Edition in conjuction with File Assassin 1.06.

dwiloch03
dwiloch03

Malwarebytes can find and remove many infections that others do not find. I had a friend that contacted Norton because of a pesky infection. You would not believe what they told him. Yep, download and run Malwarebytes. To really be sure of all eradication of infections a plan that involves more than one application is always a smart route to take. I always start with Malwarebytes.

arthurkeller
arthurkeller

super antispyware and PC tools threatfire

terflip
terflip

a-squared, It might be a little paranoid to some folks, but it works great for me!!

zoranandrejic
zoranandrejic

Spybot was my favorite.But I've had much better success in removing that with MalwareBytes Antimalware.It's free, fast and reliable. best regards

TheOlderEd
TheOlderEd

After getting "hit" over and over when I first started using the computer--and being a total beginner--I decided that it wasn't going to happen any longer. So I use Spyware Blaster, Spyware Guard, Ad-Aware, and SpyBot. In other words, I use everything I can that's free. (V-e-r-y limited budget, you see.) I've used some of the paid stuff, and never found anything that works better than the conglomeration of programs I use.

tdtbilly
tdtbilly

I have used SpyBot Search & Destroy for several years and have always had good luck with it. I recently tired Malwarebytes and am quite pleased with it too. Currently, I'm installing both on user's machines, as I found that SpyBot finds items that Malwarebytes overlooks. There is no one best product, but I feel these programs are two of the best. For an anti-virus, if a person does not already have a paid A/V solution, I install the free version of AVG. It works well, and I won't let a machine leave my place without some kind of protecton installed.

Neon Samurai
Neon Samurai

I've a couple of machines that picked up ZLob but reimaging is not an option. Has anyone a malware scanner that can kill it? Everything so far has removed reg entries and files but fails to kill off the process; it just respawns after every psk. MalwareBytes detects it but can't cleanly remove it.

LarryD4
LarryD4

Been using Ad-Aware and I'm happy. I just setup two laptops and I'm using Avast for Virus and their Spyware thingy for the first time. Not sure how good the SPyware thingy is but I will let ya know.

parridox
parridox

This is the best i found YET: ( SUPERAntiSpyware Free Edition 4.23.1006

Raven2
Raven2

I use a combination of Avira Antivir; ThreatFire; and Windows Defender. This is for XP or Vista. The three programs work together well - no crashes - and have kept some of my less cognitive clients out of malware / virus infections for a significant period of time - 1year plus.

terflip
terflip

All I have to say is Asquared, anyone that has used this product there is no more explanation needed.

Terril_Harris
Terril_Harris

Malware Bytes Anti Malware = MBAM! I put it up there with SpyBot because it has done the job in less time and fewer resources and without a system restart intervening.

neelam.yadav
neelam.yadav

I use kaspersky internet security with antispyware

ferrymanpk
ferrymanpk

'Threatfire' by PC Tools is a full, free version spyware, malware & Adware cum anti-virus software.

IT Guy with many hats
IT Guy with many hats

I use 2 products to be honest. I use AVG's product and SpyBot S&D. Can't be to careful. Also periodically use Trend's HouseCall on line to do some scanning. I find that you catch more with using multiple products.

spywarebiz
spywarebiz

I use Spybot and Ad-Aware along with CCleaner and Hijack This on both my XP and Vista machines.

fpmike
fpmike

I must recommend Malwarebytes for its ability to dig down, find and remove stubborn, tenacious and well cloaked spyware such as Vundo, where it is missed by the other products I have used. I still use AVG Free and Ad-Aware (read: cheap stingy bastard) which find some lesser problematic infestations. Combofix can also help with very troublesome malware, such as rootkits. I have used, with less success: Spyware Doctor, Defender, CounterSpy and Spy sweeper. I have gotten similar feedback from friends and coworkers who use Malwarebytes after having had other products on their machines. Often, one answer alone will not git'r'done.

justin.bryan.nix.prana
justin.bryan.nix.prana

i use a combination of AVG (paid full version) and Zone Alarm (paid full version). scans are at alternate times. AVG picks up most of the adware and tracking cookies, and Zone Alarm picks up the few that AVG misses.

derek
derek

ESET Smart Security and SuperAntispyware... better than the rest... affordable, and light clients...

plantman54
plantman54

I use AVG Free, SpyBot, AdAware, Spyware Blaster, Microsoft Windows Defender but mostly AVG.

bergson126
bergson126

I use AVG for many years without problem.

PeterPac
PeterPac

I use a-squared along with spybot S&D. a-squared has flagged more malware than all the others combined. It is always up to date. The only thing since it employs background guard it does use resources but in todays computing most people have at least 1G of RAM anyway. Background guard keeps malware away from your computer when you are using the computer.

Joe_R
Joe_R

Those who've indicated that more than one choice is the right choice, I think you're right-on.

Joe_R
Joe_R

So many have selected MalwareBytes as a choice. And so many others have indicated that they'd have to give it a try. Again, it looks like [i]other[/i] is a strong contender in one of my polls.

scottlaw99
scottlaw99

I am wondering if you've tried trendMicro's new Housecall 7.0? It's amazingly fast, and I mean amazingly fast. It will scan a PC in under 3 minutes that takes Spybot almost an hour. And, it caught malware that my AVG Network edition and Spybot didn't! Does Malwarehytes work in safemode? Scott Law slaw@hydrocision.com

MikeDelph
MikeDelph

Malwarebytes has worked well for me several times

kuneho69
kuneho69

for me, superantispyware & malware bytes anti malware are the best!

OnTheRopes
OnTheRopes

I have no data to back that up, just personal experience. I run AVG without the Link Advisor (I think it's called) and periodically do a scan with Malwarebytes. AVG's Link Advisor really slows things down. I don't need it as I use McAfee's free SiteAdvisor.

J T CUNNINGHAM
J T CUNNINGHAM

COMODO everything, but will try MALWAREBYTES in series with it now.

ferrymanpk
ferrymanpk

ThreatFire by PCTools is a full-version for free with online latest updates available to all. It is more than just anti-spy, it's anti-malware, ad-ware & anti-virus application, all in one and integrates with you existing Anti-visur software & the Firewall. I use all from PCTools.

Jacky Howe
Jacky Howe

has been around for awhile Joe but it hasn't reached maturity until recently. They have done an excellent job on it and at the moment it does a really good job of getting rid of the nasties. The only improvement that I would like to see is to be able to make it portable like you can with Spybot. http://www.malwarebytes.org/about.php

seanferd
seanferd

Download.com for quite a while. MalwareBytes, that is.

tlccomputers
tlccomputers

And it has served me well until I ran into a new strain of the Personal Antivirus malware just last week. MalwareBytes was unable to fully eradicate this pest. A little research pointed me to SuperAntiSpyware, which was able to remove every remnant of the Personal Antivirus. I have now added this tool to my arsenal of malware removal tools, which include AVG antivirus, CWShredder, and the two aforementioned programs. MalwareBytes is still my favorite tool for removing the Antivirus 2008/2009 scamwares.

Neon Samurai
Neon Samurai

I'd normally use a liveCD to delete the remaining files just like Flash 7 and previous require to truly uninstall. I'm forwarding this on to the person who's actually dealing with the infestation and will try to report back on the outcome.

SmartAceW0LF
SmartAceW0LF

These products are good for many newer users as they encompass a wide range of defense. That said, I will never sacrifice my money nor my CPU time to a single security package. The fact is that there is no such thing as in infallible solution. Common sense with a healthy does of skepticism, NAT and a good virus scanner (not one that wants to dominate your system with its own processes) are the order of business on my systems.

HarryG
HarryG

Threatfire (get the free version from at www.threatfire.com) is great at warning you if malicious software tries to install itself on a system (it is behavior-based, not signature based), though I haven't had a chance to test its removal capabilities. Still, I put it on all systems, since it can run beside antivirus and antispyware apps without impacting performance and using apparently minimal resources.

Neon Samurai
Neon Samurai

It seems to be a new mutation of the older ZLob. So far manual and tool removal hasn't managed to do it though I couldn't remember the name of Ice Sword to recommend it until just now. On the up side, the effort to clean the system finally outweighs the desire to not reimage. This makes me happy because it's the only way I'd trust that machine again if it where directly under my own care.

Jacky Howe
Jacky Howe

especially if Data is involved. I like to try and get the infection under control before backing up the Data. No sense infecting another PC. Let us know how you get on.

Neon Samurai
Neon Samurai

The fun of an IT family is passing questions back and forth though. ;) I'm sending your comment on along with the spybot recommendation. If doing it right and wiping the machine clean was an option it would be fixed already though.

Jacky Howe
Jacky Howe

if you are not at the PC. Are you sure that there are no other infections. Have you tried checking for a Rootkit. I will provide manual removal instructions or at least this is what I would try. This is from Symantec. Trojan.Zlob is a Trojan that allows the remote attacker to perform various malicious actions on the compromised computer. When Trojan.Zlob is executed, it copies itself as one of the following: %System%\msmsgs.exe %System%\ld100.tmp %System%\regperf.exe It may create the following registry entries so that the Trojan runs every time Windows starts: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\"MSN Messenger" = "%System%\msmsgs.exe" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\"Shell" = "Explorer.exe, msmsgs.exe" The Trojan also adds the following registry entries: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run\"wininet.dll" = "regperf.exe" HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\"notepad.exe" = "msmsgs.exe" It also adds the following marker in the registry: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\"uuid" = "86c29b2f-3389-418b-9b47-c2b09b6abc07" The Trojan then injects itself into explorer.exe. It attempts to make HTTP connections to the following hosts: vnp7s.net zxserv0.com dumpserv.com The Trojan uses different URLs that allow the Trojan to ping, report its status, and execute remote files Unfortunately it copies itself into explorer.exe but explorer can be replaced from this directory. C:\WINDOWS\ServicePackFiles\i386 Start the infected PC in Safe Mode. Click Start, Run type msconfig and press Enter. Now if you have the Configuration Utility open. Configure selective startup options In the System Configuration Utility dialog box, click the General tab, and then click Selective Startup. Click to clear the Process SYSTEM.INI File check box. Click to clear the Process WIN.INI File check box. Click to clear the Load Startup Items check box. Verify that Load System Services and Use Original BOOT.INI are checked. Click the Services tab. Click to select the Hide All Microsoft Services check box. Click Disable All, and then click OK. When you are prompted, save the settings and shutdown the PC. Boot with the XP CD and choose repair at the first R. At the command prompt rename explorer and copy the fresh one over from C:\WINDOWS\ServicePackFiles\i386. Restart the PC in Safe Mode and using the instructions above navigate the Registry and remove the offending Keys. If this doesn't work try running HijackThis and post the log file. You may even be able to use HJT to remove the registry entries.

rwatters
rwatters

Have you tried Spybot S&D running at system startup? You'll have to use Spybot in "Advanced Mode" (which is available from the Mode menu if I remember correctly). Once you've switched to Advanced mode and clicked OK on the warning that some settings can damage your system (haven't had that happen yet), you'll have additional menues on the left side. Go into the settings and scroll down through the list looking for system start up and tell Spybot to run once on next system startup. This should allow Spybot to clean the infection before the process starts or gets in memory. I've generally had really good luck with Spybot and some annoying pieces of mal-ware using the advanced mode/system startup option.

Neon Samurai
Neon Samurai

It's some nasty mutation. System Restore turned off, safe mode booted, malwarebytes used.. the nasty is still there though.