Top 10 rogue anti-spyware

Top 10 rogue anti-spyware

Summary: What is rogue anti-spyware? Rogue anti-spyware programs are defined by spyware and anti-spyware expert Eric Howes on the Rogue/Suspect Anti-Spyware Products and Sites page.

TOPICS: Tech Industry

What is rogue anti-spyware? Rogue anti-spyware programs are defined by spyware and anti-spyware expert Eric Howes on the Rogue/Suspect Anti-Spyware Products and Sites page. 

"Rogue/Suspect" means that these products are of unknown, questionable, or dubious value as anti-spyware protection. 

Some of the products listed on this page simply do not provide proven, reliable anti-spyware protection or may be prone to ridiculous false positives. Others may use unfair, deceptive, high pressure sales tactics to scare up sales from gullible, confused users. A very few of these products are either associated with known distributors of spyware/adware or have been known to install spyware/adware themselves.

A bit of history about the Rogue Anti-Spyware page, if you will.  I had been loosely tracking complaints on the web about anti-spyware apps for some time when the first "super rogue" was unleashed just over 2 years ago. In late November 2003, complaints about a program called Spy Wiper started popping up by the dozens in forums and blogs all over the net. I had an entire blog category devoted to Spy Wiper and its successor Spy Deleter. Eventually the Center for Democracy & Technology (CDT) filed a complaint about the two, and later the FTC took action and that operation was shut down.

Due to the Spy Wiper/Spy Deleter attacks I was really fired up about rogue anti-spyware and started blogging about rogue apps. A while later I learned that Eric Howes had also been tracking anti-spyware complaints and testing the applications. We began collaborating and the Rogue/Suspect Anti-Spyware page was officially launched on June 26, 2004 with about 50 apps listed.

Less than a year later, on June 9, 2005, the rogue list reached 200 apps. If you are wondering why there are so many rogue anti-spyware apps, click here and scroll down a bit. The list currently stands at 241 programs including 19 that have been de-listed but remain on the page with notes about why they were listed and later de-listed.

This year we have seen a proliferation of what I call super rogues, blogged here and here. These super rogues are usually seen on pages designed to look like a Windows security center, seen here and here. The super rogues are also known for hijacking desktops and being installed via security exploits, along with a myriad of spyware and adware apps, and are usually part of an infestation called smitfraud.

Let me say that choosing the top few was very difficult because they are all nearly identical in behavior and installation methods. I've ranked them in part by their pervasiveness and the number of complaints found about them on the web. They are apps that debuted this year, except for one honorable mention, an app that's been around for about 2 1/2 years but continues to appear regularly in spyware infestations. The names of the programs are linked to a complaint or example of the app, not the website of the vendor or program. 

Without further ado, I present to you the top 10 rogue anti-spyware applications of 2005.

Dis-Honorable mention goes to VirtualBouncer/AdDestoyer for its 2 1/2 year history of being stealth installed in exploits without notice or consent.

10. Spyware Bomber brought to us by the same folks behind Enternet Media, the spyware company shut down recently by the FTC.

9.  SlimShield tied with Winhound Spyware Remover for hijacking and stealth installation.

8.  WinAntiVirus and its companion WinAntiSpyware 2005 for hijacking, aggressive advertising and inappropriate collection of personally identifying information.

7.  SpywareNo and its clone SpyDemolisher for stealth installation and deceptive aggressive advertising.

6. Razespyware for stealth installs, desktop hijacks and aggressive advertising.

5.  Spy Trooper for stealth installs, desktop hijacks and aggressive advertising.

4.  WorldAntiSpy for stealth installs, desktop hijacks and aggressive advertising.

3.  PSGuard for stealth installs, desktop hijacks and aggressive advertising.

2.  SpySheriff for stealth installs, desktop hijacks and aggressive advertising.

1.  SpyAxe for desktop hijacks, stealth installs and deceptive, aggressive advertising.

Note: For anyone landing on this this page while searching for help with removing these rogues, I'd suggest going to one of the reputable spyware help forums and posting for help.  SpyWareBeware, the home of ASAP, the Alliance of Security Analysis Professionals lists member sites where users can get expert help with spyware removal from trained volunteers.

Topic: Tech Industry

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • another FCC target was Spyware Assassin

    The FCC shut down a Washington state operation selling Spyware Assassin. Company agreed to pay $76,000 to settle the action.
  • another FTC target was Spyware Assassin

    The FTC shut down a Washington state operation selling Spyware Assassin. Company agreed to pay $76,000 to settle the action.
  • Spyware

    SPY FERRET should be on that list. To get you to purchase it it scans and finds Bonzi Buddy, cws and several other bad ones. After that it never finds a thing, but, pops up with the same exact ones every so often. I uninstalled it and re-loaded it several times and the scans all came up with the exact same thing as the first time and it was supposed to have removed them. all my other spyware detectors find things though if they are there and tell me where they are so I can check it out for myself. Spy Ferret seems to create the same list over and over again. Don't trust it.
    • Yes

      SpyFerrett is indeed rogue and has been on the Rogue/Suspect list since it went up on June 26, 2004. This list was aimed at new rogue apps of 2005.
  • Spy Sherriff

    These guys who put out this spyware are looking for money. Can we not track them down via merchant accounts and if enough of use sue them in small claims court it could soon add up to a lot of money.

    Steve A
  • spyaxe

    Forget suing in court. I would love to beat the ever living crap out of the makers of SpyAxe. These people are on the same hatelist I have along with Al-Qaeda.
    MIS Master
  • Of Hatelists and such...

    Maintaining a "hate-list" seems like such a waste. I don't like what Al-Qaeda did on 9/11 (or what they continue to do), but I don't waste my time hating them. I would rather be doing something about their misdeeds.

    Likewise with pseudo-spyware ("rogue" seems a dark glorification of this useless trash). We have been contending with WinFixer at work for some time now. It is an annoyance, a resource hog, and a possible security risk.

    In common with most malware (virii being a possible class of exceptions), WinFixer uses social engineering to gain a toehold on a network, and to spread itself across that network.

    It seems to me the best preventive is educating users in basic techniques of detecting and avoiding social engineering. That, and training in how to properly use the tools made available on an enterprise network to control malware would go a long way toward mitigating this threat. That said, it only takes one person unaware to start the whole business.

    Yes, there are some malwares out there which don't use social engineering, but, on a properly secured workstation (with a decent firewall and proper detection/removal tools) these can be kept to a minimum.

    Choice of OS is NOT really the best way to deal with the problem. I like Linux, and I like Mac OS X, but they are just as vulnerable as Windows if not properly secured. A better approach is to look at each station in a network individually, and secure each station as needed. (I routinely work in a heterogenous environment.)

    While we're on the subject, let's not forget that malwares can cause system failures leading to data loss. A workable backup strategy is a necessary part of any defense against virii/sypwares and their kin.

    Just a few maybe not-so-random thoughts...
  • Bring On The Witch Hunt!

    Thanks Suzi for the article on Rogue spyware. I am commenting about the 02/28/2006 post from horusfalcon. I don't believe he/she gets the pont of maintaining such a list -- not all PC uses in the world are network security experts. This Rogue List was designed generally for the non-expert and non-experienced home user. I also see that horusfalcon fails to make any mention of the remidy he/she so claims to avoidance of infection.

    As an IT Professional having more than 10 years experience in the IT service industry, serving primarily the Home User, I recommend this "black list" of Rogue Spyware be distributed with every new PC entering the market. Such awareness will save home users countless of billions of dollars in wasted money for PC repairs and Anti-Virus/Anti-Spyware defense.

    As for horusfalcon's post, its just another waste of white space.

    T. Chambers
    City Computer Service
    Lakewood, OH
  • RE: Top 10 rogue anti-spyware
  • RE: Top 10 rogue anti-spyware

    The best SPYWARE REMOVER I've heard is SpyZooka. It can remove spyware, Adware,Trojan Horses, etc to protect your system.
  • RE: Top 10 rogue anti-spyware

    The best spyware remover I've uesd is SpyZooka. It can remove spyware, Adware,Trojan Horses, etc to protect your system.
  • RE: Top 10 rogue anti-spyware

    K7 Computing TotalSecurity 10.0 is available to block
    spyware. This is one of the fastest and resource light
    antivirus and <a href=>anti
    spyware</a> programs available
    anti spyware