Friday, April 25, 2008

Spyware Doctor Starter Edition, a pure winner!

Spyware Doctor and a-squared Free Tests

I decided to really put to the test Spyware Doctor Free with a bit of overlap removal from a-squared Free. As most of you know, Spyware Doctor was extremely valuable in removing a good portion of the threats that AVG 7.5 let on the system. See the AVG Avast Tests.

So with a new XP install, with zero AS or AV protection, I installed the following, xponlinescanner, Winantivirus pro 2007 and System Doctor. All of these are well known threats.

After the machine was fully infected, I then downloaded and installed Spyware Doctor Starter edition from Google Pack. Then I removed the infections, used a-squared to catch only 4 remaining “traces”. Was very impressed at how Spyware Doctor was able to kill the infected processes running in the background.

Then I decided to infect the machine again, just like I did, but only this time, using Spyware Doctor’s limited real time protection, and was amazed at the results.

You can see the test results here: http://bangsonpc.com and look at the left margin.

Again, Spyware Doctor Free proves to be one of the best protection software’s to have on a PC.

Thursday, April 24, 2008

AVG 8 a bit better, but nothing over Avast!

AVG 8 Free a bit better.

AVG 8 Free edition was just released and of course I wanted to redo the AVG 7.5 vs. Avast Test with the same infected files.

While AVG 8’s new feature “Linkscanner” is now included, this did prevent IE 6.0 from loading the page winantivirus.com, however systemdoctor.com and xponlinescanner.com did load fine.

AVG offered better real time protection against most of the infected files of the test, but allowed winantiviruspro.exe to be placed on the desktop of the host system.

During the install of winantiviruspro, AVG 8 did stop several items, much more than AVG 7.5 did. Also, it appears as though the virus was stopped all together, but certain parts were installed.

The oddest part however is after I rebooted, although AVG 8 did stop a “fat” program from winantiviruspro from launching, but the AVG Tool bar vanished from the browser. However this is a minor issue, as the website winantivirus.com still would not load, so AVG 8’s linkscanner still seemed to be functional.

Bottom line, AVG 8 with its minor improvements’ still does not hold water against Avast Home Free. In fact with AVG 8, you will lose your email protection after 30 days unless you purchase the product.

I’m still with Avast as the best Anti Virus protection for free!

You can see the test results at http://bangsonpc.com, look at the left margin.

Tuesday, April 22, 2008

Anti Spyware

Anti Spyware: So Many Choices

Recently due to my blog about the AVG and Avast Test, I have been asked many times to recommend the best or best combo of Anti Spyware applications, moreover, which ones are free.

Well I will only cover my 3 top recommendations, and frankly, they are a must have on any PC system.

Keep in mind, there are two areas that need to be addressed by Anti Spyware products, prevention and removal. Again, some apps are designed for one and not the other, while some apps attempt to do it all. Here are my “must have” recommendations and why.

Preventive

Spywareblaster
http://www.javacoolsoftware.com/spywareblaster.html
Spywareblaster will do the following:
Prevent the installation of ActiveX-based spyware, adware, browser hijackers, dialers, and other potentially unwanted software.
Block spyware/tracking cookies in Internet Explorer and Mozilla Firefox.
Restrict the actions of potentially unwanted sites in Internet Explorer.

Spybot
http://www.safer-networking.org/en/index.html
Here is an overview of what Spybot can do: http://www.safer-networking.org/en/spybotsd/index.html
However Spybot has an Immunization feature that will do the following:
Prevent the installation of ActiveX-based spyware, adware, browser hijackers, dialers, and other potentially unwanted software.
Block spyware/tracking cookies in Internet Explorer and Mozilla Firefox.
Restrict the actions of potentially unwanted sites in Internet Explorer.

Note: Spybot’s Immunization ability is the same as Spywareblaster. Why use both? Simple, some of these preventive protections may be different, while some will be the same, causing an overlap in protection, but when do you not want too much protection?

Also keep this in mind, if you reviewed my AVG vs. Avast tests, you will see 3 known Rogue Sites that were accessed, systemdoctor.com, winantivirus.com and xponlinescann.com, if you had Spybot and Spyware blaster installed you would not even be able to access those sites, you would have seen a blank page.

Now, this added protection can lend a false perception that AVG was doing this, but alas, very incorrect, Spywareblaster and Spybot were stopping those sites. So as you can see, just having those two applications in stalled, and their protection enabled, is critical.

Removal

There is really only one choice for free products, Spyware Doctor.
The free version of Spyware doctor can be obtained thru Google Pack, as many other neat applications as well.
http://pack.google.com/

Spyware Doctor free is one of THE BEST removal products I have used. The free version does have limited real time protection, but at a small cost of some system resources. So if you have a low end system, best to enable Spyware Doctor, update, scan, remove and then shut down. If you have a high end system, don’t shut it down and make use of its real time protection.

Let’s recap on how to use these three products.

Spywareblaster:
Run
Update
Enable Protection

Spybot:
Run
Update, download.
Immunize
Scan (if suspected threats exist on the system, remove)

Spyware Doctor:
Enable (run)
Update
Scan
Remove
Leave running (high end PC’s)
Shut Down (low end PC’s)


Cheers,

S

Thursday, April 17, 2008

Anti Virus Protection

Greetings everyone,

This is Scott from http://bangsonpc.com, your friendly computer guy.


Norton and McAfee

First, let me cover the Norton McAfee topic really quick. I don’t recommend Norton or McAfee at all. The first reason is both of these applications are intense resource hogs, they utilize too much of your system memory and can slow your PC down to the speed of a drunk tortes. The second and probably the most important reason, is because, they just do not perform at the level of protection they should, especially for a product that demands a fee based subscription. The majority of PC’s, laptops that I have had brought to me for virus and spyware removal, had either Norton or McAfee installed, updated and didn’t detect, or remove the hundreds of infected files I was able to remove and clean off of your machines.

The reason for this is because Norton and McAfee are just too “famous”; they are so popular that when some of these evil virus creators are working away at their next project, it’s easy for them to write in stealth abilities to circumvent Norton and McAfee. Remember, “well known” doesn’t mean “the best”. Take me for example; I am not that “well known”, but I am certainly the best computer guy! :)

Anti Virus Protection

Ok, let’s get back to Anti Virus protection. Anti Virus Software should perform at three levels, listed below in order of importance.

Prevention Contact: Preventive measures will prevent a virus from coming into contact with your system. Meaning, if you accidently make a wrong click while browsing the web and a virus is starting to be saved on your system, your AV software should kick in and stop that from happening. Same is true if a friend brought over a CD with some cool software to show you, and an unknown virus was present, your AV Software should prevent that file from being copied onto your system.

Prevention Intrusion: Preventive Intrusion measures will prevent a virus from actually being “installed” in the Operating System of the machine. Should a file actually sneak itself in and get placed on your system, then usually the virus will then need to be executed. This usually occurs when a user runs the EXE file, or the setup program to install their “cool new software”. The virus will then start the Intrusion phase. A good AV product should be able to detect and stop this intrusion.

Removal: This is probably one of the most difficult phases to perform for all AV products. A virus got on the system, it successfully completed intrusion, and now your machine is a mess. However your AV product did a recent update, and now is able to detect the virus, and its infected files, however a bit too late. So now your AV product has the responsibility of attempt to remove and clean your infected files.

Obviously, if an AV product can succeed in the first phase, it doesn’t need to worry about the second or third, and likewise if an AV product was able to succeed at the second phase, it wouldn’t have to worry about the final and terrible third phase.

Let the Tests Begin

Recently I had the opportunity to acquire several viruses and spywares and was able to bring them in contact with several systems in a controlled environment. This is where I discovered that AVG 7.5 Free failed at the most fundamental and most important phase of AV Protection, Preventive Contact. It also failed at Preventive Intrusion, and it failed at Removal.

My testing logic used the following criteria.

Each machine had a fresh Windows install, and the AV Software was installed first, updated and performing at 100% without issue.

Each test had three phases:

  1. Attempt to download known infected files to the host machine, and attempt to copy those same files from another machine to the host machine via a network connection. This replicates the friend with a cool CD scenario I touched on above.
  2. If any files actually passed phase 1 and got placed on the host system, then we would attempt to install those files and allow the virus to start the Intrusion process.
  3. Final phase of each test was removal of any virus that actually was able to partially complete the Intrusion step.

You can review the actual screenshots and notes of each step that was performed and see the proof for yourself. Go to http://bangsonpc.com and in the left margin you will see a link AVG Fails Preventive AV Test, while Avast Concurs!

That link will allow you to download a ZIP file which contains 3 PDF documents.

AVGPrevTest.pdf: This will illustrate that AVG 7.5 Free, failed miserably at all 3 of the testing phases. Yet this is the highest rated free AV software on the Internet.

AvastPrevTest.pdf: This will illustrate that Avast Home Edition, passed 100% of phase 1. We were unable to test phase 2 and 3, as none of the infected files were even allowed to come into contact with the host machine.

AvastCleanAVG.pdf: Now I decided to have some fun, so I installed Avast on the same PC that AVG allowed to be infected. This was an attempt to clean and fix the damage that AVG allowed to occur. While Avast did get more of the items off of the infected machine, it did not get everything, and this is ok, I will explain more below.


Even the Best Anti Virus Protection is Still Not Enough

A PC cannot rely on good AV protection alone; a PC also needs AS Protection, or Anti Spyware protection. Viruses and Spyware by definition are very different and have distinct characteristics, yet some Viruses and some Spyware share very similar characteristics.

In the AvastCleanAVG.pdf document, you will see at the end I had to bring in PC Tools Spyware Doctor Free version, available from Google Pack to clean up the rest. Which it did, so in combination Avast with Spyware Doctor, this PC was fully cleaned and healed.

What Now?

Remove AVG: I would recommend using Revo Uninstaller for removing ANY program. This can be downloaded here, check it out: http://www.revouninstaller.com/

Install Revo, and then run Revo and use its ability to remove AVG. As always, when using Revo to uninstall a software application, do not restart your computer, after the uninstaller finishes, Revo has more things to do, if you restart your PC, this will cancel out what Revo needs to do, and you cant have Revo continue after the PC is rebooted.

Install Avast Home Edition: Avast does require registration, but it’s free and this will give you a license number good for one year. At the end of that year, you just request another key and you’re good to go for another year. Pretty painless for a free AV Product that has great protection ability. You can get Avast Home here, check it out: http://www.avast.com/eng/download-avast-home.html

Install the free version of Spyware Doctor from Google Pack, check it out: http://pack.google.com/intl/en/pack_installer.html?hl=en&gl=us

Note, Spyware Doctor does utilize a good amount of system recourses, if you have a lower end PC, then use this, update it, scan your system, remove infections, and then shut it down. Right click on the Spyware Doctor icon in the systray (lower right corner by the clock) and choose shut down. You can always run this again from your Programs start menu.

Before doing any system scan for viruses or spyware, always use CleanUp to remove your temporary files from your PC, so the protection scans will take less time. You can get CleanUp here: http://www.stevengould.org/index.php?option=com_content&task=view&id=29&Itemid=72

Ok everyone; I think this about covers it for now. As always feel free to contact me if you have any questions, comments or concerns, and of course I can assist you in making the transition or cleaning up your systems.

Thanks again,

Scott

Wednesday, April 16, 2008

Shocked about AVG

I have to say, I was quite shocked to learn about AVG's lack of ability of real time prevention.

I wonder if AVG is letting the free product on the back burner with their new paid only version 8 release?


bangsonpc

AVG and Anvir Reviews testing results here: http://bangsonpc.com