You are here: Home Contents V7 N2 V7N2_Martins.html
Personal tools

Comparing the Effectiveness of Antispyware Removal Tools



Full text

Journal of Information System Security
Volume 7, Number 2 (2011)
Pages 1525
ISSN 1551-0123
W. Martins — University of Plymouth, UK
S. M. Furnell — University of Plymouth, UK
Information Institute Publishing, Washington DC, USA




Spyware represents a significant threat to Internet users, introducing malicious code that is capable of tracking their online activities and stealing their personal information. As a result of this threat, various products have been introduced to remove spyware from PCs and many users consequently rely upon these to be a sufficient against the problem. Following an assessment of related prior work, this research examines the effectiveness of present day anti-malware products in removing spyware from a test computer. The results suggest the removal capabilities of the products are unsatisfactory, with spyware components, active processes, and Registry keys still remaining after three rounds of antivirus scanning. These findings indicate compelling reasons for more thorough detection and removal of spyware from home computers.




Spyware, Malware, Antivirus




AMTSO. (2008), The Fundamental Principles of Testing. Anti-Malware Testing Standards Organisation. 31 October 2008. (accessed 10 January 2010).

Aquilina, J., Casey, E. and Malin, C. (2008), Malware Forensics: Investigating and Analyzing Malicious Code. Massachusetts: Syngress.

Arnett, K. and Schmidt, M. (2005), “Busting the Ghost in the Machine”, Communications of the ACM, 48 (8): 92-95.

ASC. (2008), Considerations for Anti-Spyware Product Testing. ASC Testing Document, Anti-Spyware Coalition, 7 April 2008. (accessed 10 January 2010).

Boldt, M., Carlsson, B. and Jacobsson, A. (2004), ‘Exploring Spyware Effects’. Proceedings of the 8th Nordic Workshop on Secure IT Systems (NordSec04). Helsinki Finland.

CNET. (2008), ‘How We Test: Antispyware Software’, CNET Reviews.;rb_mtx (accessed 10 January 2010).

Harley, D. and Lee, A. (2007), Testing, Testing: Anti-Malware Evaluation for the Enterprise, White Paper, eset, May 2008. (accessed 10 January 2010).

Harriman, J. (2006), A Testing Methodology for Antispyware Product’s Removal Effectiveness. White Paper, Symantec Security Response. (accessed 10 January 2010).

Howes, E.L. (2004), The Spyware Warrior Guide to Anti-Spyware Testing. (accessed 10 January 2010).

McAfee. (2005), Potentially Unwanted Programs - Spyware and Adware. White Paper. McAfee System Protection Solutions, October 2005. (accessed 10 January 2010).

Metz, C. (2004), ‘Spy Stoppers’,, 2 March 2004.,1759,1524269,00.asp (accessed 10 January 2010).

Microsoft. (2008), ‘List of antivirus software vendors’, Microsoft Support, Article ID 49500. (accessed 10 July 2009).

Naraine, R. (2007), ‘Die, Spyware, Die!’, PC World, 22 August 2007. (accessed 10 January 2010).

Paget, F. (2005), ‘Free Adware & Spyware Detection/Cleaning Tips and Techniques’. Avar International Conference November 17 – November 18, 2005. Available at: (accessed24 10 January 2010).

PandaLabs. (2008), Annual Report PandaLabs 2008. Panda Security. (accessed 10 January 2010).

Stamminger, A., Kruegel, C., Vigna, G. and Kirda, E. (2009), ‘Automated Spyware Collection and Analysis’. Proceedings of ISC'09, 2009 Information Security Conference. 7-9 September 2009. Pisa, Italy: 202-217.

Webroot. (2005), The Unique Challenge of Spyware: Important Differences to Know About Spyware and Viruses. White Paper. Webroot Software Inc, USA. (accessed 10 January 2010).

Webroot. (2008), State of Internet Security: Protecting the Perimeter. Webroot Software Inc, USA. (accessed 10 January 2010).