The most effective antispyware tool?

Not long ago, viruses spread from the web and email were the most dangerous enemies of computer users. There is now a new threat - spyware (spyware) - stealing user performance and peace of mind. The 'spyware' label can be assigned to legitimate but annoying programs that the user agrees (but is not aware of), installed on your PC, or refers to programs that install themselves without licensed.

Both types of programs consume computing resources, slow down Internet connection, monitor your web browsing, and even force the redirection of your web browser.Here, we call the first type of adware and the following is spyware.Adware clearly announces its intent with the uninstall tool, and can remove it completely from the system.In contrast, spyware installs itself secretly and is nearly impossible to remove without a help tool.

There are a variety of antispyware tools available. Some tools are very effective at cleaning the infected system and preventing new threats with real-time protection. We will look at 10 'big name' antispyware tools now that detect and remove spyware and adware from the PC, evaluate scanning speed (testing), detection rate, ability to prevent for unwanted apps that install themselves and ease of use.

We will compare 7 products from 20-40 USD: Internet Cleanup of Allume Systems (formerly of Aladdin Systems), Spyware Eliminator of Aluria Software, eTrust PestPatrol AntiSpyware of Computer Associates, SpySubtract Pro of InterMute, McAfee AntiSpyware of Network Associates, CounterSpy of Sunbelt Software and Webroot Software's Spy Sweeper. In addition, there are two popular free programs - Lavasoft's Ad-Aware SE Personal and Safer Networking's Spybot Search & Destroy - and the third free program works very differently but equally effectively, Merijn's HijackThis. org (you can download these 3 free programs at TGVT website, Download-> Security & anti-virus website). HijackThis is not included in the comparison table because it does not have an infection detection function like other programs.

Challenged antispyware tools remove 81 files and the process is made up of 45 popular adware and spyware programs. Spyware infection can start with an installation of adware. Normally, adware warns users about its intentions and users accept to exchange them for free use (or accidentally accept the agreement without reading the warning). Many adware programs wait for your approval before installing, but not all are so polite. Even if the free program promises only limited advertising, it can "inject" the system full of spyware by downloading and installing third-party programs.

There are many ways for adware to infiltrate your system. The two common search bars are Slotchbar and WinTools not displaying the End User License Agreement (EULA), where adware often publishes the installation of additional components. These two bars are the most secret and difficult to remove, using multiple processes to re-activate themselves when removed.

In contrast, popular adware programs such as WhenUSearch (search bar) and Bonzi Buddy (search help desktop component) offer easy-to-understand EULA before installing and providing effective removal tools through utilities. Add or Remove Programs of Windows.

WINDOWS ANTISPYWARE MAY BE NUMBER 1

Microsoft has just released a beta version of Windows AntiSpyware (www.microsoft.com/athome/security/spyware/software/), the former product of Giant Software acquired by Microsoft in December 2004.Beta testing for great results.Because the virus identification data of this product is newer, it cannot be compared with other products in the article.
Windows AntiSpyware can detect 91% adware / spyware in the test, of which 96% are in memory, 67% edit the home page and search page, 100% BHO and the toolbar, 95% change the Registry and 100% of other items such as menus and buttons added to the program. The tool scans 2.7GB of data in less than 3 minutes. AntiSpyware's real-time monitoring function prevents infections by prohibiting changes to the browser home page and search pages, recognizing strange processes in memory, prohibiting unauthorized modifications to the Hosts file , do not allow changes to the 'run' keys of the Registry.
To prevent attack on the browser homepage and search pages, AntiSpyware can automatically reset the system's default value.You can also specify your home page and your own search pages by selecting Advanced Tools.AntiSpyware will alert you when any program tries to change the settings of the specified pages.

Windows AntiSpyware is very good at blocking spyware and adware

Windows AntiSpyware has an intuitive, neat interface similar to CounterSpy - the tool also uses Giant Software's spyware identification technology.However, unlike CounterSpy, AntiSpyware automatically ignores cookies when checking - a pleasant change for users who like the automatic login feature and customize the site that the cookie provides.

Clean up

First of all, we consider the tool's effectiveness in removing spyware components; Then consider the real-time protection ability to prevent the installation from the beginning.

CounterSpy proved to be the most effective, found and prevented 93% of running processes (created by 45 test programs).CounterSpy is the only product (in test products) that can stop and remove WinTools from the system.Second, Spy Sweeper cleans 89% of active processes (but omits components related to WinTools and Slotchbar).The least effective are McAfee AntiSpyware and Internet Cleanup, the removal rates are 33% and 11% respectively.

Figure 1: CounterSpy leads the way in detecting and killing spyware

The most effective antispyware tool? Picture 2

Spyware often attacks the homepage (homepage) of the browser and search pages that redirect to other porn or unwanted websites.More seriously, reversing these redirects can be difficult because they are monitored and restored by active processes.Home page and search page changes are difficult to fix.Internet Cleanup, McAfee AntiSpyware, eTrust PestPatrol Anti Spyware, and SpySubstract Pro all failed to detect these changes, while Spyware Eliminator only managed 7%.CounterSpy once again took the lead - but only with a 53% success rate.

Browser Helper Object, or BHO, is a program that customize IE and other browsers, often with legitimate purposes. For example, the Google Toolbar is a BHO. But adware and spyware developers also use BHO to create components loaded with IE, they exploit ActiveX to download and install BHO on your PC, create unwanted toolbars over the firewall. and get Internet access.

In our evaluation of tools for the ability to detect unreasonable BHO, both CounterSpy and Spy Sweeper are 100% successful. Ad-Aware, eTrust PestPatrol controls Spy Spy, Spybot and SpySubtract 62%, and McAfee AntiSpyware and Spyware Eliminator reach 31%. Internet Cleanup does not detect any BHO and toolbar.

The 'run' keys of the Windows Registry and the system startup folder are also favorite launchers for adware and spyware. Programs included in these critical locations will be activated every time Windows starts. Unfortunately, with this type, spyware checking tools are not very good. CounterSpy detected 86%, followed by Spy Sweeper with 82% and Ad-Aware 77%. Internet Cleanup only detected 5%.

The menu of the browser may also be changed. Such changes do not automatically load spyware, but if the user selects the added menu, the infectious agent can be activated. CounterSpy and Spy Sweeper have 100% detection rates for menu and button items. SpySubtract Pro and Ad-Aware control 75%. Internet Cleanup, eTrust PestPatrol Anti Spyware, and McAfee AntiSpyware completely bypass this category (0%).

Other solution

The most effective antispyware tool? Picture 3

Figure 2: Spy Sweeper's Shields feature blocks many Windows vulnerabilities

The 10th program, HijackThis, is not like regular spyware testing tools.HijackThis provides a report of active processes, boot registry keys, Startup folder contents, BHOs ​​and services in the system.With this report, you can identify unwanted or suspicious boot components.Identifying suspicious components in the report requires experience.Inexperienced users can send their reports to Internet forums (eg TomCoyote Forums, http://forums.tomcoyote.org) to identify unwanted processes.

Using HijackThis in conjunction with Add or Remove Programs in the Control Panel of Windows XP, surprisingly, nearly all of the 45 addware / spyware programs on the infected system appear with the corresponding uninstaller (in Add or Remove Programs). Go ahead and uninstall, then use HijackThis to identify and delete the remaining active components - great results, kill 100% of the active components of adware and spyware on your computer. The results are similar when using HijackThis following CounterSpy. There is no other combination that gives 100% results - the WinTools processes that other tools missed prevent system cleanup attempts, and HijackThis cannot stop these processes.

Review by number

The most effective antispyware tool? Picture 4

Figure 3: HijackThis detects all processes on the system, but you need to consider before you act.

There are significant differences between the test speed of the tools.CounterSpy is the most efficient and fastest tool at the same time, taking only 1 minute to perform a full system test of 2.7GB of data.Spybot and Spy Sweeper are also fast, just a little over 2 minutes.In contrast, Spyware Eliminator is both unstable and slow, taking from 10 minutes to 1 hour.The remaining tools take about 4-5 minutes.

Spyware testing tools report that infections are also very different. For example, when installing WhenUSearch on a test system, CounterSpy detects two separate adware objects, WhenUSearch and SaveNow. Ad-Aware, by contrast, detects the same toolbar for a total of 73 objects. After using CounterSpy to remove all active components of WhenUSearch, Ad-Aware continues to announce 5 'dangerous' objects - it turns out this is only 3 empty Registry keys and 2 empty folders.

Continuous monitoring

Removing spyware when infected is important, but preventing infection is even more important (prevention is better than cure). One of the most effective tools in this respect is Spybot. Using the additional Resident TeaTimer component, the tool recommends immediately when any program changes important entries in the Registry. Even spyware processes that can load themselves into memory are prevented from changing the Registry, so are quickly removed simply by restarting the system.

Spybot has the feature to protect Hosts file. The Hosts file provides 'routes' for the browser, containing the website address and the corresponding IP address. This file is often exploited by hackers to prevent users from browsing security sites like the antivirus software company's site.

CounterSpy and Spy Sweeper also prevent changes to the Hosts file, prohibit Registry edits, prevent changes to the browser homepage and search pages, and detect suspicious processes in memory.

Ad-Aware SE Personal does not have real-time protection, but you can set it to prohibit changes to the Hosts file. Ad-Aware SE Plus and SE Professional versions ($ 27 and $ 40) add Ad-Watch to features similar to CounterSpy and Spy Sweeper. eTrust PestPatrol Anti Spyware can detect suspicious processes in memory, but it does not warn when critical system settings are changed. SpySubtract Pro warns when the browser home page and search pages are changed and detects suspicious processes in memory. McAfee AntiSpyware has a real-time protection mechanism, but its level of recognition is low.
Spyware Eliminator's real-time protection and Internet Cleanup capabilities are not much.Spyware Eliminator only makes 'blacklist' suspicious websites and ActiveX sites.Similar to Spyware Eliminator, Internet Cleanup ignores changes to the home page and search page, does not detect suspicious processes, and does not protect Hosts files.However, it blocks pop-up ads and provides personal information locking features to avoid disclosure.

SELF-PROTECTION OF SPYWARE: CHANGE OR UPDATE APPROVAL

The most effective antispyware tool? Picture 5

Zango may not be welcome, but at least it tells you what will happen.So you will not be surprised when the browser redirects to advertising websites. You can protect yourself against many spyware by switching from IE to another browser, like Mozilla Firefox.However, it is possible that the alternative browser has flaws that lead to trouble.And you will encounter problems with some websites not working properly with other IE browsers.
For those who do not want to convert, IE version 6 and newer has a better default security protection. (Go to find.pcworld.com/46692 for more information on IE security settings.)
Upgrading the latest version ensures the system is patched

, and caution when installing unknown software will help prevent spyware.
At PC World Spyware Help Center (find.pcworld.com/46694), you can learn the software before installing.For the software to install, read the user agreement (EULA) carefully;there may be recommendations to load other programs.Finally, if your system is infected with spyware, try the easy solution first: check the list of Windows Add or Remove Programs to see if the uninstaller is available.

Easy to use

The most effective antispyware tool? Picture 6

Figure 4: Removing the obscure icons of Ad-Aware, the interface is easier to understand.

Counterspy's interface is attractive and easy to use.The Scan Now button appears prominently on the welcome screen, easy-to-operate menu system and the real-time protection mechanism remains in effect when the program is closed.The interface of Ad-Aware is equally attractive, but the program's menu is hidden behind nameless icons, requiring a bit of speculation.Spybot requires users to first switch to Advanced mode and browse through the various items to find the settings and tool options.Both Ad-Aware and CounterSpy provide easy-to-understand reports.

HijackThis's simple text interface is easy to use, although the result announcement requires experienced people to decode.

Spyware Eliminator has a clear menu interface, but this tool loads very slowly. Internet Cleanup interface is confusing and difficult to use.

Although easy to navigate, eTrust PestPatrol Anti-Spyware's interface is unattractive. Spy Sweeper's interface is intuitive, but only allows closing the main program when real-time protection is turned off. McAfee Anti Spyware installs the McAfee Security Center icon in the system tray, but there is no option to access the antispyware component.

No. 1 candidate?

You can use the free antispyware tool, but this is an area worth investing in. Spybot & Destroy Free has the ability to detect 54% and effectively check real-time. According to the free policy, you can combine Spybot with Ad-Aware SE Personal with a slightly higher rate of detection of active infections than Spybot.

CounterSpy proved to be the most valuable with the highest detection rate, clear interface and fastest test speed. Price of 20USD for 1 year of updates and technical support is not expensive. You won't be disappointed with Spy Sweeper, as well as CounterSpy, quick and easy to use. Combining either of these products with HijackThis, you can protect your system from spyware.

Top download addresses for Spyware removal software:

1. Ad-Ware of Lavasoft firm: http://www.lavasoftusa.com/
2. Spybot Search & Destroy: http://www.safer-networking.org/en/download/index.html
3. Microsoft Anti Spyware:
http://www.microsoft.com/athome/security/spyware/software/default.mspx