Review: Spyware Detectors

Spyware isn't just annoying, it's dangerous and expensive to combat. We found some eye-popping statistics when working on this article, but one particular blog entry really illustrates the problem: Researchers at Sunbelt Software, which participated in this review, last month uncovered a large cache of detailed financial information that had been gathered by a keylogger, Srv.SSA-KeyLogger. The data was culled from apps that use HTML forms (see more here). The FBI is investigating, and while prosecution in these cases is iffy, one thing is certain: We will see more of this sort of malware.

Now we'll tell you the secret to stopping spyware: Restrict users from installing software, period. We found that deploying users in our Active Directory with local workstation administration rights caused 100 percent of our contaminations. In our months of tests involving 30 varied pieces of spyware and other unwanted programs, not one byte was installed when we restricted user rights on the workstation. Giving users local administrator rights is a relic from the Windows NT era, when software developers all too often didn't build applications to run within minimal-rights environments. Bottom line: Spend the money you've budgeted for anti-spyware software on deploying a minimal-rights desktop computing environment.