Comment Alternative solution (Score 1) 814
My company is addressing this problem by monitoring the vulnerable points in the file system and registry, logging attempts to change them, and optionally undoing the changes. It seems to me that this is the best way to address the issue because it confronts the more general problem without requiring a database of known spyware that needs constant updating.
This solution is really intended for competent IT managers, since you have to coordinate it with actual updates (like service pack installs), but it's pretty easy to use. I have been using it to manage my wife's system and several neighbors. Before I started, the systems were the usual spyware-fest. Now it's just amusing to get a notification every time someone tries to install something they shouldn't.
