|Spybot - Search & Destroy|
Patrick Michael Kolla
Safer Networking Limited
1.6.2 / January 26, 2009
Microsoft Windows, Windows Mobile, and Symbian
| Most of this page uses content from Wikipedia. The original article was at Spybot - Search & Destroy.|
The list of authors can be seen in the page history. As with Malware Wiki, the text of Wikipedia is available under the Creative Common Attribution-ShareAlike 3.0 License.
Remove this template when most of the Wikipedia content has been removed or the Wikipedia information is outnumbered by non-Wikipedia information.
Spybot-S&D was written by the German software engineer Patrick Michael Kolla, and is distributed by Kolla's Irish company Safer Networking Limited. Development began in 2000 when Kolla, still a student, wrote a small program to deal with the Aureate/Radiate and Conducent TimeSink programs, two of the earliest examples of adware.
Spybot - Search & Destroy is currently released as freeware. However, the fine print of the license limits this to only free for private use. Corporate users are required to purchase a yearly license.
Spybot S&D can fix problems with the registry, Winsock LSPs, ActiveX objects, browser hijackers and BHOs, PUPs, cookie trackers, heavy duty, homepage hijackers, keyloggers, Trojans and other kinds of malware. It can also to some extent protect a user's privacy by deleting usage tracks like tracking cookies. Spybot S&D also includes an "Immunize" feature to block the installation of spyware before it occurs. Another tool included in Spybot S&D is a file shredder, for the secure deletion of files. Spybot S&D is not intended to replace anti-virus programs, but it does detect some common Trojans. Spybot S&D has also recently added an anti-rootkit function.
The TeaTimer module can be optionally enabled, providing a level of active, real-time protection from undesirable registry changes and the like. This comes in the form of pop-ups which alert the user to registry changes, and ask for approval before allowing the change. Registry changes only tend to be made when programs are installed/uninstalled/updated, so random changes can indicate the presence of the virus.
Some programs ship with attached spyware or adware and refuse to run when the undesired co-programs are removed; newer versions of Spybot replace the spyware binaries with inert dummies (designed to fool programs which require the spyware's presence).
In order to efficiently detect recently created programs, detection updates are released weekly along with other improvements such as added languages and better heuristics algorithms. These updates are downloaded from within the software from a variety of mirrors and are then automatically installed.
Spybot S&D is available for all versions of Windows from Windows 95 and up, and offers more than two dozen different languages and several skins to users. Instructions are available on the website to enable users to design their own skins.
Technical support is currently supplied by means of Internet forums and support e-mails (with a usual response time of no more than 24 hours).
A number of people have made Spybot 'clones' with a similar user interface and similar program names. Some clones have been made by spyware manufacturers to make programs that pose as anti-spyware programs, but actually install spyware themselves. These programs are known as rogue antispyware programs.
Searching the words "spybot", "search & destroy", "spybot antispyware" or any other related search on Google will often result in a paid advertisement for "SpywareBot". This program is a known rogue antispyware software, which uses the "search and destroy" logo and a name similar to Spybot to fool users into downloading their product instead of the original Spybot Search & Destroy.
Norton Internet SecurityEdit
The makers of Spybot S&D have come into conflict over claims of incompatibility with Norton Internet Security. Symantec recommends uninstalling Spybot S&D before installing Norton Internet Security. According to Safer Networking, no satisfactory explanation has been provided to them for this decision. Antivirus professional Mary Landesman suggests a possible explanation may stem from a graphical glitch in TeaTimer module's confirmation dialog. An official explanation from Safer Networking states that this error stemmed from a bug in the program used to build their code. The result of the bug was that users had difficulty enabling Norton Internet Security to make necessary changes to critical registry areas, such as allowing itself to launch on startup. Aside from this Mary Landesman, like Safer Networking, concludes that the two programs have no issue with one another. The bug exists only in the 1.4 version of Spybot-Search & Destroy and has been fixed as of the 1.5 release.
Kaspersky Internet SecurityEdit
In certain instances Kaspersky Antivirus and Kaspersky Internet Security 2009, forces users to uninstall Spybot during installation process, although there is no serious incompatibility yet known. The discussion was concluded in the Kaspersky forum, which said not to install Spybot at all. Kaspersky seems to be reluctant to fix the issue although they have received several complaints.