Neil Turner's Blog

Blogging about technology and randomness since 2002

Spybot S&D – Take Two

Over the Christmas break, SpywareInfo caused a storm when it suddenly advised against using Ad-Aware to remove spyware. Most people, including me, switched to Spybot Search & Destroy.
While I was impressed with the range of options, its speed and the wide range of issues it brought up, when I first tried to clean my system with it, back in December, it crashed. So today, I decided to give it a second chance.

To make the test fair, I ran an update, which included a new release and additional definitions files. The update facility is built in to the program, which is handy, and works a little bit like Norton’s LiveUpdate.
Once that was done, the updates were installed, and the program restarted. I scanned again, and this time, it went smoothly. It didn’t detect anything specific, but it did fix the ‘What’s Related’ entry in IE to stop it from using Alexa, and stopped Windows Media Player for using its ClientID string. It did, however, detect a false-positive on Steve Gibson’s LeakTest firewall testing utility. I suppose you could argue that the program does phone home, but…err… that’s the whole point of the program. It also didn’t like the Steve Bell screensaver I downloaded from the Guardian, but it’s worth pointing out that these were picked up in a scan of my downloads folder, which the program admits can be inaccurate and that all files should really be checked first.
The program is still considerably quicker at detection than Ad-Aware, probably because Ad-Aware scans the entire hard disk for spyware whereas Spybot S&D just targets the files, folders and registry entries that are likely to have the parasites. You could argue this is less secure (it may miss some files that are in non-standard folders) but on the other hand it can also reduce false-positives.
It does use quite a bit of memory though – nearly 3MB on my machine, so it’s not something I’ll be setting to run at startup. Apart from the fact I generally don’t get spyware anyway – I’m not big on P2P and I don’t use IE so it’s harder for me to get infected. I also have ZoneAlarm and Mike Lin’s StartupMonitor which alert me to anything that tries to phone home or install itself on startup without my permission. But it’s still important to check regularly for this stuff as even the most advanced users can be befuddled sometimes.
I’m also not quite so happy with the interface. I hate MS Sans Serif with a passion, and anyhow, you’re supposed to use MS Shell Dlg now, which transaltes to Tahoma in Windows 2000 and XP. Which in XP means it will work with ClearType if its enabled. I also don’t like the Outlook-style bar on the left – I’m more partial to an Explorer-style tree interface. And the Options sheet should really be a separate dialog. Context-sensitive help would be nice too. This HCI stuff is getting to my head.
But all in all, I’m impressed. Updates to Spybot S&D are almost weekly at the moment, so you’re well protected. And, of course, it’s free.
That said, if the new Ad-Aware is better (when it finally comes out) I’d be happy to switch back. But for the time being, Spybot S&D does the job nicely.

Comments are closed.