Slashdot Mirror

← Back to Stories (view on slashdot.org)

Antispyware Shootout

Posted by Hemos on from the battle-royale dept.

An anonymous reader writes "ZDNet has published a review of 8 antispyware products from Computer Associates, Lavasoft, McAfee, Microsoft, PC Tools, Symantec, Trend Micro and Webroot. Check out the Editor's Choice. Interesting winner ...." I've used quite a number of these scanners on and on & off basis, and I think the reality is that you if you are truly to clean a machine out, you're going to need to use like three - five of these. Each of them captures a certain area, but none are the One Ring or anything.

9 of 343 comments (clear)

  1. Spyware Warrior by popechunk · · Score: 5, Informative

    This might be a little out of date, but it's still my favorite review site. It talked me into paying for Giant right before MS bought it, which is too bad, because it was the best one I'd ever used.

    1. Re:Spyware Warrior by Mitchell+Mebane · · Score: 5, Informative

      Well, then you'll be happy to know Microsoft wasn't the only one who got Giant code. Sunbelt produces CounterSpy, also based off of Giant, and they seem to have a tougher stance on spyware than MS does.

      --

      The roots of education are bitter, but the fruit is sweet.
      --Aristotle
  2. Enterprise vs. Personal Use by mencik · · Score: 5, Informative

    Note that the test was for enterprise versions of the products, meant for support of a 150 or so user network. Your mileage may vary if a test is done for single computer home use.

  3. Summary by Big+Nothing · · Score: 5, Informative

    For those of you who are too lazy or otherwise unable to reach the article (which in a matter of minutes should be just about EVERYONE), here's the summary:

    Scenario 1: This larger (over 150 users) company is seeking dedicated anti-spyware. It needs a solution that can detect and clean up a range of malware on its machines.
    Winner 1: Computer Associates eTrust Pest Patrol and Symantec Client Security. Once a network goes above 150 nodes the case for centralised management command and control capabilities becomes more important. CA wins here for its performance and ease of management, and Symantec for its accuracy.

    Scenario 2: This smaller (less than 150 users) company is seeking dedicated anti-spyware. It is seeking a solution that can detect and clean up a range of malware on its machines.
    Winner 2: PC Tools Spyware Doctor 3.0 for its ease of use, accuracy, and performance.

    Editor's Choice: Symantec Client Security 3.0
    It was neck and neck for the Editor's Choice Award between CA and Symantec. Had CA or even PC Tools detected more (they were both above average), they could have won, however, Symantec blitzed the field in detection which is really what you want. Note that this is at a trade-off to performance, and bear in mind that Symantec also includes antivirus, so your decision may come down to what virus scanning policy and system your business is already using.

    --
    SIG: TAKE OFF EVERY 'CAPTAIN'!!
  4. Re:Free solutions by lowrydr310 · · Score: 4, Informative
    I have a formula that works farily well to combat spyware/adware, successfully removing existing spyware and preventing the system from getting new spyware.

    1. Kill all unfamiliar windows processes
    2. Remove anything strange from the 'startup' folder
    3. Go to "add/remove programs" and try to remove anything you don't need
    4. Run Spybot S&D (my personal favorite too)
    5. Run HijackThis (another excellent FREE tool for getting rid of browser helpers and other search redirection 'utilities', though it's not for the novice user)
    6. Install Firefox, delete all shortcuts to IE.

    I've done this to several computer-illiterate friends' and family computers, and they've been working spyware-free for quite some time. I ran into one really nasty search redirection on my brother's computer that the above steps didn't fix. It involved IE calling one specific DLL for a search, and it would reappear as another name if I tried to delete it. Somehow, it was running as a disguised Windows 2000 system process that I simply had to turn off which allowed me to manually delete all associated files.

  5. Re:Enough power by afabbro · · Score: 3, Informative
    Next, if you really are that desperate for free programs, movies, porn, then get a seperate box for the P2P software

    Or VMWare. eMule runs nicely in VMWare. Create a master copy, clone it, and run eMule/BitTorrent/whatever on the clone. If the clone becomes fouled, delete it and reclone.

    In my experience, serious P2P does not play well with other apps - it needs a dedicated box. It sucks up the network stack something foul (run eMule for a few days and then see how long netstat takes). However, if you have the RAM, you can run it in VMWare in the background quite nicely...I've had eMule charging away while playing F.E.A.R. with no noticeable performance hit to either (3Ghz HT, 2GB RAM).

    Of course, if there was eMule for Linux...(no, don't tell me about amule...)

    --
    Advice: on VPS providers
  6. Re:Were they reviewing Spybot or not? by killmenow · · Score: 5, Informative

    Click the "Print Article" button on the first page and it will present the entire article to you in one long HTML page.

  7. Re:Free solutions by Cunjo · · Score: 3, Informative

    I worked at a computer repair shop at one point, and my SOP is very similar, although I typically run HijackThis earlier in the process (Before removing programs), and I include - if necessary - some passes with other programs.

    Worst-case Scenario:
    1) Kill all unecessary processes manually (if able)
    2) Run MSCONFIG and disable unecessary startup processes (if able)
    3) Run Spybot S&D (if able)
    4) Run HijackThis
    5) Install Avast! AV and updates, and schedule a boot-time scan (if able)
    6) Uninstall/manually remove unecessary applications
    7) Reboot
    8) Repeat all setps 1-6 which did not work the first time
    9) Run Spybot S&D (again)
    10) Install and configure Firefox with Adblock extension.
    11) Install and configure SpywareBlaster
    12) Lock Down IE
    13) Reboot
    14) Manually clean up any remnants with the help of HijackThis
    15) Install and configure Kerio PF

    It takes longer than is typically necessary of a simple cleanup, but so far I haven't run into anything that couldn't be fixed in such a manner. Most importantly however, it doesn't cost a dime. I keep both a USB flash drive and a CD on hand with all of the programs and updates I need as well as some other fallback programs (some pre-installed directly on the CD/flash drive), so if the infected machine is unable to connect for downloads/updates it won't slow me down. It also helps that IE is not needed when loading everything from the CD or flash drive.

    Of all the machines I have used this on, only those of the incedibly stupid have had problems resurface, while most have run clean for a year or more. I use the same preventative measures on my own PC and have never picked up any spyware/malware.

    --
    "Those who think they know everything are of great annoyance to those of us who do." - Isaac Asimov
  8. Re:Coral Cache... by mfreed · · Score: 3, Informative

    Coral synthesizes robots.txt files to disable search-engine caching.

    Requests for anything.nyud.net:8090/robots.txt returns:

        User-Agent: * Disallow: /

    I'm not sure what might be going on with Google.