Spybot – Search & Destroy (S&D) is a spyware and adware removal computer program compatible with Microsoft Windows. Dating back to the first Adwares in 2000, Spybot scans the computer hard disk and/or RAM for malicious software.
This article needs additional citations for verification. (August 2024) |
Developer(s) | Safer-Networking Ltd. |
---|---|
Initial release | 2000 |
Stable release | |
Written in | Delphi |
Operating system | Microsoft Windows, Windows Mobile, and Symbian (older versions of Spybot only)[2] |
Type | Spyware removal software |
License | Proprietary |
Website | Safer-networking.org |
Spybot-S&D was written by the German software engineer Patrick Michael Kolla, and is distributed by Kolla's Irish company Safer-Networking Limited. Development began in 2000 when Kolla, still a student, wrote a small program to deal with the Aureate/Radiate and Conducent TimeSink programs, two of the earliest examples of adware.
Licensing
Spybot – Search & Destroy was formerly released as freeware for personal users (the former freeware edition is now a donationware), with more featureful versions available for purchase. Corporate and technician users have to buy a commercial version. The paid versions contain an anti-virus component that uses the BitDefender engine.
Spybot features
In addition to spyware and adware detection and disinfection, Spybot-S&D can repair the registry, winsock LSPs, ActiveX objects, browser hijackers and BHOs, PUPs, HTTP cookies, trackerware, heavy duty, homepage hijackers, keyloggers, LSP, tracks, trojans, spybots, revision, and other kinds of malware. It can also delete tracking cookies. Spybot-S&D has an Immunize function to block the installation of spyware before it occurs e.g. by modifying the hosts file. A secure file deleter is included. Spybot-S&D was not originally intended to replace but complement anti-virus programs (prior to v. 2.1 'Spybot +AV'), but it does detect some common trojans and rootkits. A free-standing rootkit finder, RootAlyzer, is available.[3]
Some programs are supplied with attached spyware or adware and refuse to run when they are not present; newer versions of Spybot replace the spyware binaries with inert dummies (designed to fool programs which simply check for the presence of the spyware's file).
In order to detect recently created programs efficiently, detection updates are released weekly with other improvements such as added languages and better heuristic algorithms. These updates are downloaded and installed from within the software from a variety of mirrors.
Spybot-S&D is available for all versions of Windows starting with Windows 95. It is supplied translated into many languages and with several skins. Instructions are available on the website to enable users to design their own skins.
Technical support is currently supplied by means of Internet forums[4] and support e-mails.
Reviews and awards
Versions of Spybot-S&D won awards including the World Class 2003 Awards, the PC Magazine Editor's Choice and PC User Top Buy #1. It has been recommended by ZDNet, the Wall Street Journal, The Guardian, MSNBC, CNN and other reviewers. Although PC Magazine initially rated it highly in 2003, their rating declined to "poor" in 2008 and "dismal" in 2012, improving to "fair" in 2014.[5][6]
Newer versions of the program (ver. 2.2.25 and ver. 2.4), issued in 2014, received a 5/5 rating from TechRadar.[7][8] In 2018 TechRadar considered Spybot among 4 of the best anti-malware software available.[9]
Versions
Version 1.5 had better compatibility than previous versions with Wine (software which allows running of Windows programs under Linux), and restores compatibility with Windows 95[10] which was faulty in 1.4.[11]
Version 1.6 was said by Safer Networking to scan several times faster than version 1.5.[3]
Version 2.4 was released in July 2014.[12]
Conflicts with commercial anti-malware
It was reported in 2009 that several commercial security products required users to uninstall the freely available Spybot S&D when they are being installed or run, due to stated incompatibility with memory-resident "immunizer" TeaTimer (Spybot's real-time protection application).[13]
The makers of Spybot-S&D came into conflict with Norton Internet Security over compatibility issues in 2006.[14] Symantec recommended uninstalling Spybot-S&D before installing Norton Internet Security. According to Safer Networking, no satisfactory explanation was provided to them for this decision. Antivirus professional Mary Landesman suggests a possible explanation may stem from a graphical glitch in TeaTimer module's confirmation dialog. An official explanation from Safer Networking[15] stated that the error was caused by a bug in the program used to build their code. The result of the bug was that users had difficulty enabling Norton Internet Security to make necessary changes to critical registry areas, such as allowing itself to launch on computer startup. Aside from this, Mary Landesman, like Safer Networking, concluded that the two programs had no issue with one another. The bug was fixed in the 1.5 release.[11]
Kaspersky Anti-Virus and Kaspersky Internet Security since version 2009 force users to uninstall Spybot during the installation process, although there is no serious incompatibility yet known. The discussion was concluded in the Kaspersky forum, which said not to install Spybot at all. Kaspersky seems to be reluctant to fix the issue, despite receiving several complaints.[16] Incompatibility between the products might occur when Spybot S&D tries to modify the hosts-file (if selected by the user during immunization), which Kaspersky will interpret as an attempt to harmfully manipulate the file. This can be circumvented by not immunizing the hosts-file in Spybot S&D.
Trend Micro Officescan followed Norton, Kaspersky and McAfee in simply removing Spybot without warning or notification afterwards.[17]
Internet Explorer 8
The immunisation feature of Spybot – Search & Destroy caused Internet Explorer 8 to start slower than expected.[18] Fix KB969897, which resolved this problem while addressing certain other security vulnerabilities, was issued by Microsoft in 2009.[11]
Malicious lookalikes
There are several malicious programs designed to look like this anti-malware software, with similar user interfaces and program file names. Some actually install spyware. These programs are known as rogue antispyware. One such program is "SpywareBot".[19] This program is a known rogue antispyware program, which fraudulently impersonates various anti-malware software including Spybot Search & Destroy.[20] However, this lookalike, unlike Spybot S&D, requires payment.
References
External links
Wikiwand in your browser!
Seamless Wikipedia browsing. On steroids.
Every time you click a link to Wikipedia, Wiktionary or Wikiquote in your browser's search results, it will show the modern Wikiwand interface.
Wikiwand extension is a five stars, simple, with minimum permission required to keep your browsing private, safe and transparent.