Workspace-Steve-Hargreaves

toggle-button
 
In a Hurry?
  Go straight to the Quick Selection Guide
Introduction

The internet is a dangerous place to be in the 21st century, with many people using increasingly ingenious ways to part you with your hard earned cash, whether it be by exploitation, surreptitiously harvesting your credit card and bank details for their own nefarious purposes, or tempting you to spend money on products and services that you neither need nor want.

During the latter years of the 20th century, and the early years of the 21st, Spybot S&D and AdAware were kings, protecting you from all manner of malware that tried to infect your computer with the sole intention of parting you from your wallet. But as technology improves, so do the malware writers, and the kings of yesterday in terms of protection may no longer be up to the job.

Discussion

With every new generation of malware, there will be a new generation of software to combat it, and in my own tests, there are none better than SuperAntiSpyware. How can I be so confident? Because to save you the trouble, I went hunting around the seedier side of Hong Kong websites, picking up as many infections as I could find in a 30 minute surfing session, and then seeing how today’s anti-malware software coped, and without a doubt SuperAntiSpyware was the best.

During my surfing session I managed to acquire nearly 200 nasties, and SuperAntiSpyware found 176 of them. Compared with the second best performer, this was an amazingly high figure, but not quite perfect. However, there are more plusses here. Installation was quick and painless, with scanning time at the default settings impressively quick, and the cleanup process effective. However, it was when I cleaned up that the only fly in the ointment appeared. Whilst SAS did clean every infection it found, on the first attempt it left some behind. A second scan and clean cured this.

The final cleanup was done with a full scan, rather than the quick/smart scan used for testing the software reviewed here, though this took three times as long to detect a single additional threat. Nevertheless, nothing else even came close to the detection rate of SAS.

The runner up in my test was MalwareBytes Anti-Malware, which detected 104 threats, though the time taken to detect them was a little longer than SAS. Having said that, scanning again after I let SAS clean up my system, Malwarebyte’s offering still found an additional 28 threats that SAS had failed to detect. Most of these were Trojans, which suggests the two are aimed at slightly different threats. Anti-malware happily removed these with no troubles at all.

Surprisingly, despite being much maligned of late, AdAware 2008 came third in my tests, finding 86 of the original threats and finding 3 that both SAS and Malwarebytes had ignored, suggesting that the former champion isn’t quite prepared to roll over dead just yet.

Perhaps the most disappointing test was A-Squared, which if you ignore the 10 tracking cookies, only detected a paltry 3 threats from the original infection, and none of these were malware as such, but simply mechanisms by which malware may operate. These remained even after cleaning with the previous three products.

More disappointingly, A-Squared gives no real indication of scan times, having just a progress bar which shows 100% complete long before the scan was actually finished.

Both Spybot S&D and Spyware Terminator were ineffective against the infections on my test system, detecting approximately 5 – 8% of the original infections. After cleaning, there was nothing left for these to claim any glory at all, and I find it hard to recommend either.

Prevention is, however, better than cure, and none of the free products already mentioned offer prevention.

Enter stage right Comodo BOClean and Threatfire which both aim to stop malware entering your system in the first place. It’s difficult to assess the effectiveness of both products with any degree of accuracy, though both seem to have a place in our systems.

Employing different methods of protection, Comodo’s software will attempt to monitor changes to your system and block those presenting a threat using, as far as I was able to tell, a heuristic approach. ThreatFire, on the other hand, uses aggressive behavioural analysis to prevent unwanted applications installing.

My own experience suggests that Comodo can be a little resource heavy, and may also introduce instability to some systems, whilst ThreatFire can be a little too aggressive, preventing perfectly safe and legitimate software installing and running. However, there are many more people using both products without difficulty, and both are certainly worth considering as a part of your overall protection.

Arovax Shield is starting to gain support from users, though despite the current version number (2.1.103) appears to be newly available to users. At first glance, Avorax Shield appears to be competent and vigilant, asking for permission to allow other software to make modifications to your system without being too "in your face". However, I did notice an annoyance after a few days of use, and appearing to be caused specifically by my own system tweaks. The annoyance was that every 2nd boot (oddly) Avorax would stop the boot process complaining that a system service was not running. I can only assume that Avorax was launching before the service did, hence the complaint. What was especially annoying was that, at this point, Avorax refused to acknowledge user intput to it's warning, and so the window could not be closed. Since Avorax was halting the startup sequence, the only recourse was a hard reboot. Hardly ideal, and in my mind indicative that Avorax is still very much a beta version. However, if you are running a "standard" Windows system without the various tweaks many of us use to maximise performance, Avorax looks like it could be a useful first line of defence. I will certainly re-visit the software a few versions down the line.

Being neither a malware scanner, nor prevention, HiJack This is an excellent tool for helping to protect your system from uninvited software, but it isn’t for the faint hearted. HiJack This will analyse your system and offer a comprehensive log of installed software, startup items, registry keys etc. Reading the logs requires a good understanding of the system, though fortunately there are some very helpful forums where some very knowledgeable people are willing to help.

Generally, more is better, and it is well worth installing more than one product. Some will detect threats that others will miss, and different products will be more effective against different types of threat. However, the best protection is only as good as the user, and you should always exercise common sense when surfing the web and installing software. Only be sure to visit sites and install applications that you trust.

A final safeguard against web based threats comes in the way you get there. Despite improvement in version 7, Internet Explorer is still very vulnerable, and being the most popular browser, the most heavily targeted. Alternatives such as Firefox and Opera will provide you with an altogether safer browsing experience.

{C} {C}

Related Products and Links
List related products and links here if you like. Otherwise delete this section...

{C} {C} {C} {C} {C} {C} {C} {C} {C}

Quick Selection Guide

SuperAntiSpyware    Rating 9 of 10  Gizmo's Top Pick

Pros   Thorough detection and removal rate
Cons   The free version offers on demand scanning only
Developer Home Page   http://www.superantispyware.com/
Download link   http://www.superantispyware.com/downloadfile.html?productid=SUPERANTISPYWAREFREE
File Size   6.33MB   Version 4.21.1004   License Type Unrestricted Freeware   Installation Requirements Windows 98, 98SE, ME, 2000, Vista, 2003 and XP Home/Pro
Info   Although there is no 64-bit version, it will run on a 64-bit OS in 32 bit mode quite happily

MalwareBytes Anti-Malware    Rating 8 of 10

Pros   Effective trojan detection and removal
Cons   Less effective on other malware
Developer Home Page   http://www.malwarebytes.org/mbam.php
Download link   http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html
File Size   2.42MB   Version 1.31   License Type Unrestricted Freeware   Installation Requirements Windows NT, 2000, XP, Vista, 2003 Server

AdAware 2008    Rating 6 of 10

Pros   Continues to maintain a reasonable detection rate
Cons   Many threats go undetected
Developer Home Page   http://www.lavasoft.com/products/ad_aware_free.php?t=techspecs
Download link   http://www.lavasoft.com/single/trialpay.php
File Size   22.7MB   Version 7.1.0.11   License Type Unrestricted Freeware   Installation Requirements Windows 2000/2003/XP/Vista
Info   Also requires either Internet Explorer (version 5.5 or higher), Firefox (version 1.5 or higher) or Opera (version 9 or higher) Pro version available for free by completing a trial offer.
Insert a table row for each product here (remove/replace the row with this text). Create each row with the create-details.php script...

Please rate this article: 

Your rating: None
0
No votes yet