Close
  • Latest News
  • Artificial Intelligence
  • Video
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Artificial Intelligence
  • Video
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity

    Anti-Spyware Hones Searches

    Written by

    Andrew Garcia
    Published October 10, 2005
    Share
    Facebook
    Twitter
    Linkedin

      eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

      In the long run, at least, eWEEK Labs believes that anti-spyware defenses are an appropriate and logical component of anti-virus security suites. Integrating spyware and adware defenses into the anti-virus platform can provide a single point of management; ease research, testing and deployment; and, ideally, scan, clean and block threats efficiently and effectively.

      In previous tests, however, we found some well-known anti-virus companies integrated products were not yet up to the task, lagging well behind stand-alone solutions in effectiveness—particularly at blocking new threats from infecting a “protected” system. (A review of several anti-spyware/anti-virus products is at www.eWEEK.com/labslinks.)

      But other anti-virus companies have made significant strides in the war against spyware, using new technologies—or using traditional technologies better—to keep infections off the desktop.

      Panda Software International S.L.s products feature a robust signature database and TruPrevent to help avoid infection from previously unknown malware strains. TruPrevent, a behavioral analysis module, looks at actions by installed applications, rooting out suspicious or damaging behavior.

      Some products, among them Eset s.r.o.s NOD32, also include Web filtering technologies to help keep users from downloading malicious code from known bad Web sites. NOD32 uses advanced heuristics that create a virtual machine in memory, which allows NOD32 to unpack or decrypt packages without infecting the underlying operating system or file system. In this way, Esets product can root out malicious code embedded in packed or encrypted files. With an integrated engine thats built for speed, NOD32 also promises the fastest scans in the industry for viruses, adware, spyware and other potentially dangerous applications.

      Kaspersky Lab also uses a number of techniques to block threats. Kaspersky Labs methods include several types of heuristics, checksum technologies to avoid scanning files known to be good, and scanning of repackagers and archives.

      However, Kaspersky Lab gets the biggest kudos for its signature database. Ultimately, signatures are the most accurate way to detect threats or properly clean them, and Kaspersky Lab is renowned for the speed with which it releases signatures for newly discovered threats, promising hourly updates. To reduce the impact on the network, Kaspersky engineers are committed to keeping these constant updates very small, usually in the neighborhood of 50KB each.

      Batting cleanup

      We brought two consumer-grade anti-virus packages into eWEEK Labs—Panda Software Internationals Panda Platinum 2006 Internet Security and Esets NOD32 Version 2.5—to test-drive their spyware defenses on a pair of infected systems. Both products are intended for home use, but each taps the same scanning, cleaning and blocking technology as its enterprise-grade sibling.

      /zimages/2/28571.gifClick here to read about Microsoft anti-spyware for the enterprise.

      Platinum 2006, which started shipping last month priced at $80, contains a desktop firewall, a spam filter and Web content filtering. In tests, Platinum 2006 performed extremely well at cleaning and blocking. It immediately removed the most worrisome spyware traces on our systems, including ISTbar, 180solutions and Internet Optimizer. After we performed a signature update, Platinum 2006 also found and destroyed SurfAccuracy. However, Platinum 2006 did not touch several less threatening Claria-based applications, nor did it act on WeatherBug.

      Platinum 2006 blocked new infestations extremely well in tests. We were thwarted in our attempts to infect systems with 180solutions, PurityScan and Zango, among others, because Platinum 2006 blocked installation via a Web browser and removed malignant components of archives saved to the local system before installation.

      With Platinum 2006, we could also record default browser settings, so if a piece of malware did manage to change the default home page or search page, we could easily restore them with the press of a button.

      However, Platinum 2006 buries its scan controls, making it much easier to accept default behaviors than to customize defenses. Spyware and adware are clumped into the category of known threats, which includes viruses and the like, and we were required to globally accept a default action for the entire category.

      Esets NOD32 2.5, priced at $39 for a single license, excelled at blocking spyware installation. NOD32 consists of AMon, a file system monitor; IMon, an Internet monitor for HTTP and POP3 (Post Office Protocol 3) traffic; and the NOD32 on-demand scanning engine.

      IMon denied our attempts to install malware via the browser, and AMon successfully deleted known threats as we attempted to unpack and install them locally. The notification of found threats was a little more intrusive with NOD32 than with Platinum 2006, but the actual blocking action was similarly effective in both products.

      Although NOD32 easily disabled processes running in memory, it was less effective at cleaning threats fully from the file system. A few 180solutions-based threats kept reappearing after reboot, and Internet Optimizer went undiscovered as well.

      Unlike Platinum 2006, NOD32 did not remove items from the Add/Remove programs dialog box in Windows, even if the application was otherwise deleted.

      Technical Analyst Andrew Garcia can be reached at [email protected].

      /zimages/2/28571.gifCheck out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.

      Andrew Garcia
      Andrew Garcia
      Andrew cut his teeth as a systems administrator at the University of California, learning the ins and outs of server migration, Windows desktop management, Unix and Novell administration. After a tour of duty as a team leader for PC Magazine's Labs, Andrew turned to system integration - providing network, server, and desktop consulting services for small businesses throughout the Bay Area. With eWEEK Labs since 2003, Andrew concentrates on wireless networking technologies while moonlighting with Microsoft Windows, mobile devices and management, and unified communications. He produces product reviews, technology analysis and opinion pieces for eWEEK.com, eWEEK magazine, and the Labs' Release Notes blog. Follow Andrew on Twitter at andrewrgarcia, or reach him by email at [email protected].

      Get the Free Newsletter!

      Subscribe to Daily Tech Insider for top news, trends & analysis

      Get the Free Newsletter!

      Subscribe to Daily Tech Insider for top news, trends & analysis

      MOST POPULAR ARTICLES

      Artificial Intelligence

      9 Best AI 3D Generators You Need...

      Sam Rinko - June 25, 2024 0
      AI 3D Generators are powerful tools for many different industries. Discover the best AI 3D Generators, and learn which is best for your specific use case.
      Read more
      Cloud

      RingCentral Expands Its Collaboration Platform

      Zeus Kerravala - November 22, 2023 0
      RingCentral adds AI-enabled contact center and hybrid event products to its suite of collaboration services.
      Read more
      Artificial Intelligence

      8 Best AI Data Analytics Software &...

      Aminu Abdullahi - January 18, 2024 0
      Learn the top AI data analytics software to use. Compare AI data analytics solutions & features to make the best choice for your business.
      Read more
      Latest News

      Zeus Kerravala on Networking: Multicloud, 5G, and...

      James Maguire - December 16, 2022 0
      I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
      Read more
      Video

      Datadog President Amit Agarwal on Trends in...

      James Maguire - November 11, 2022 0
      I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2024 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×