Sugar and Spies And Everything Nice

By Robert J. Elisberg

July, 2007. It's understandable that the world of

anti-spyware software would be dominated by the Big Names. Spysweeper,

Windows Defender, Spy Doctor and so on. With other programs (like photo

editors, for instance), if you make a "wrong" choice, it doesn't impact

much. But with protection software, your computer is at risk. So, going

to a trusted name tends to offer the most comfort. Moreover, Big Names

get the reviews, so it's hard to even check on what else is out there

in the great beyond. This is no criticism of Big Name software —

several are quite impressive. But there are a few smaller fries flying

under the radar. And not just smaller, but several are free, as well.

(Generally, free versions of more feature-packed programs.)

An

important issue with anti-spyware, more than anti-virus software, is

that it's important to have more than one program on your computer.

Why? Because while a virus is basically a virus, but there's no

agreed-upon definition of what spyware is. In fact, there's not even an

agreed-upon name: is it spyware? Malware? Adware? So, different

programs scan for different things.

(Note: you should only run

one "active" anti-spyware program at a time — "active" is a program

that is always running †1C since they can conflict. However, it's

fine to have several "stand alones" and manually run scans with them.

Once a week, for example. But always remember to update their spyware

"definitions" each time †1C a "definition" tells the software what

spyware to look for. Happily, most good programs have a setting that

automatically checks whenever started up.)

While it's difficult

to make one's way through the minefield of smaller programs, it's not

impossible, and here's a place to start. And also with a look at a far

better-known product, once a leading contender, that fell off the radar

for a while as it took its time developing its latest update — which

has now, finally, appeared.

  • SUPERAntiSpyware
  • Sunbelt Counterspy
  • TWW Notes

SUPERAntiSpyware Professional (3.3)

 

 

SUPERAntiSpyware comes in two flavors. Free and Pro. Unlike most free

versions which have limited functions from their paid counterparts —

for example, some will scan but not remove whatever is found — the

Free and Pro editions of SAS are essentially identical where it counts.

The main differences are that SAS Free will not schedule scans or run

active (just manually), which

encompasses several features. But when you do scan with the Free

edition, you'll get core scanning and cleaning features of the Pro

edition.

The Professional version is what was tested here.

The bottom line issue for any anti-spyware program is how does it do

its job: blocking spyware from entering your system, finding spyware

that makes its way through the protections and deleting or quarantining

it once found.

By most accounts, SUPERAnti-Spyware is very successful. The comprehensive Spywarrior

testing website lists it as one of only seven trustworthy products, and

is the only software that isn't one of those major Big Names in the

field. This stems not only from its ability to protect against known

spyware, but also develop heuristics that will identify newly- created

spyware, adware, Trojan Horses and keyloggers, as well.

Keep in mind that no anti-spyware product is perfect, for the

reasons mentioned above. Moreover, there's no standard test for

spyware. One common test is to set up a folder on a computer, fill it

with latent spyware and check to see what a product will find.

SUPERAntiSpyware says that they prefer to create a product that may

ignore files sitting dormant where they would never reside in actual

use, but find spyware that exists as it naturally would "in the

wild," actively running on a system.

To achieve this, SAS has what they call, "First Chance Prevention"

to examine over 50 critical points of your system whenever your boots

up or shuts down, which are the most critical times for getting

infected.

When SUPERAntiSpyware loads, a profoundly bland home screen comes

up: gray with boxes that appears to be from another era. Of course, far

better to have a program that protects you than dazzles only with

glitz. Though, a little glitz wouldn't hurt.

The heart of this home screen is Preferences, which allows you configure SAS from its Control Center.

Right-clicking on the SAS icon in the System Tray (that place on

your monitor near the clock) allows you to launch the program or

directly view your preferences, as well as check for updates and such.

However, it doesn't go to every available area on the SAS home screen.

(For instance, it won't directly load the Scanning screen, Schedule

screen or Quarantine area.) This isn't remotely problematic †1C once

you launch the program, everything is only one click away. But direct

access would be nice.

 

By the way, if you launch the Preferences Control Center directly

from the System Tray — rather than from within the program — it will

pop up alone. Should you want to run other features of the program, you

have to separately launch SUPERAntiSpyware.

(Also, the terminology isn't as clear as it should be. When you

right-click on the icon, the top option is phrased, "Scan for Spyware,

Adware, Malware…" This implies it will take you directly to the

"Scan" screen. In fact, it's what launches the program and loads the

home screen. To scan, you have to click the "Scan your computer"

button. This is not remotely a problem, just a small, but notable item

that isn't phrased well.)

 

SAS checks for definition updates every eight hours. This is a

reasonable timeframe, though some programs give the option to check

every hour. More checking can slow down one's computer, but the reality

is that it's a minimal drag at most. However, SUPERAntiSpyware can be

configured to check for updates before starting any scan, so you'll

always get the most current definitions at that point.

If you choose to run scheduled scans, the software provides options

of what to do after the scan finishes, if spyware is found. Most are

standard, such as automatically quarantining and removing. But a nice

touch is automatically rebooting your computer if needed to complete

the cleaning.

Speaking of which, SAS has an interesting feature called Boot Safe.

When spyware is found, it's often necessary to clean it by re-booting

the computer in Safe Mode, which is an uncommon and convoluted

procedure for many people. With Boot Safe, the software will handle

that automatically.

SUPERAntiSpyware's scans aren't the fastest in the world, but fine. And fast isn't

necessarily good. You want thorough. There is a choice of Complete, Quick or Custom scans.

Another helpful feature is protecting your browser's homepage, a

common target for hijacking. This is strong protection, but if you are

someone who changes your homepage a lot, know that with this option you

can only change your homepage from within SAS. Also, it only works with

Internet Explorer, not the Firefox browser.

Should spyware be found, SUPERAntiSpyware allows you to send a

diagnostic report of your system for the company to help root out more

serious infection. In fact, SAS is particularly strong on customer

service. The company provides free, unlimited 24/7 technical support

through e-mail, though no phone number is available. The company says

this is most efficient for them, particularly in conjunction with the

diagnostic report.

I had two reasons to test this out, first, an odd glitch occurred

whereby the scheduled scan stopped running. Using their tech support

website — and during a holiday weekend — the

company was extremely responsive, and within only two days had

re-created the problem on their end, and just two weeks later released

a fix to resolve the problem, adding in some additional updates.

The second glitch occurred when scanning would pause at the same,

inexplicable point. Over the course of several weeks, SAS's response

showed its strength and one weakness. On the downside, though the

company promises to reply within 24 hours, this wasn't always the case,

one time taking four days, and two days on a few occasions. To be fair,

it was a complicated problem that required time re-creating, often to

no avail. On the upside, they were always polite, knowledgeable and

very diligent, and ultimately resolved an extremely perplexing

conflict. While you never want there to be anything wrong, glitches

happen with software. The best you can hope for is for a company to be

responsible, accessible and able to address it. SUPERAntiSpyware has

been that.

Admittedly, when you're sitting in the dark waiting for a response,

especially if it runs beyond 24 hours, you can't know if the other end

is taking time being diligent, or if you've fallen through the cracks.

Happily, their track record lands heavily on diligence. And

knowledgeable.

The free support is available to all users, both paid and free. From

the main website, there is a user group for discussion and questions,

and the company provides a blog with frequent updates on spyware and

program-related matters.

For all the strong hands-on attention, oddly there is no Help button on

the program's main page. It's easily accessible from the System Tray

icon, however. (You can also access Help from the SUPERAntiSpyware

folder in the Start menu, though it has to "re- configure" itself. The

file therefore doesn't load instantly †1C it's not a problem, only

taking five extra seconds, just unexpected.) Also, while the Help file

is easy to navigate, there's no Index for searching.

SUPERAntiSpyware has a few bonus items that could proved beneficial,

should you did them. If certain areas of your computer system or

browser have been damaged by spyware, the program will do some repairs

to these areas — for example, the System Tray, your Desktop Wallpaper,

or the Internet Zone Security setup.

Needless to say, SAS handles the basics — allowing users to restore

or remove items that have been quarantined, among others. And if the

program determines a "false positive," you can manage this by allowing

access to any trusted programs.

Finally, a big problem with some anti-spyware these days is software

bloat, where programs grab a great deal of memory and system resources,

slowing down one's computer (in some cases to sludge). That's not a

problem with SUPERAntiSpyware, however, which is reasonably light on

its feet with resources. Also, the program is designed to be compatible

with anti-virus and other

anti-spyware programs, which isn't always the case for every

anti-spyware/anti-virus combination.

SUPERAntiSpyware Professional costs $30, with a $15 annual renewal.

But the company has

an interesting option. At the time of initial purchase, you can select

a lifetime updates renewal for only $10. If you decide to wait on that,

though, you can still get a lifetime renewal after the first year for

$20.

Though a small company and under the radar, the respect that

SUPERAntiSpyware has gotten in anti-spyware circles is understandable.

There are items that can use some improving, along with a few odd

choice, and one day a brighter main screen will come along. But with

strong scanning and cleaning, light resources and several nice bonus

features, the free version would make an excellent choice to consider

as a manual backup, while the Pro edition is well-worth looking into

for active protection.

SUNBELT COUNTERSPY

CounterSpy was a well-regarded performer in the anti-spyware field

when it was introduced not long ago. Because it hadn't released a

version 2.0 of its strong entry, however, it got passed by a few

competitors. But finally, CounterSpy is back, and version 2.0 has

joined the fray.

I liked CounterSpy in it earlier form, and the latest seems to join

right in. The program has always had a clean interface that was

user-friendly. CounterSpy has stayed strong here. All areas are

well-presented on the home page, and accessible from all other pages by

a "toolbar-like" menu at the top of each page.

Its options for protecting your system remain comprehensive.

CounterSpy uses a new hybrid engine that they call VIPRE technology.

(Every anti-spyware product has its special technology, and no known

human knows the difference.) The bottom line is that tests have

generally rated the program high in catching and eliminating spyware.

One new feature is FirstScan, which runs upon system boot-up, and

importantly bypasses the Windows operating system to search for and

remove the most deeply embedded malware.

There are three main areas of CounterSpy.

System Scan lets you schedule scans, as well as determine if you

want the scan to be Full, Quick or Custom (which lets you check just

the registry or selected folders.) The Help file, however, doesn't help

much in differentiating between Full and Quick.

Active Protection lets you enable whether you want CounterSpy to run

resident with full- time protection or just standalone to run manually.

(If you have two anti-spyware programs, only one should be active

because they can conflict, though you can run as many manually as you

want.)

If you do enable Active Protection, you have a choice of what you

would like monitored, and

CounterSpy provides a wide array of 13 checkpoints (each well-defined

for easy explanation). These includes whether anything is trying to

change your Internet Explorer home page, or if any new toolbars are

trying to be added to IE. (One downside is that it checks Internet

Explorer only, not Firefox.) System registry changes, the installation

of ActiveX controls, executable files and Trojans trying to impose

themselves are among the items monitored.

You can also determine how deeply you want CounterSpy to protect

you. Alert Status gives the choice between: Paranoid, Cautious,

Trusting or Custom. These range from all threats, no matter how minor

the risk, to checking for only the most serious. The Custom option lets

you determine how CounterSpy will react to threats. The default is

"Quarantine and notify" when encountering a bad application, and "Block

and notify" a bad action.

One new feature of Active Protection is that it now works inside the

Windows kernel, a common area of attack since it's the core of the

operating system. This will ideally allow CounterSpy to stop malware

before having a chance to execute.

The final area of CounterSpy is System Tools, which moves a bit away

from anti- spyware, but deals with protecting your system in a very

full-featured way.

My PC Explorers helps with controlling obscure but important

features on your PC. This includes determining what programs

automatically load on your computer, modifying programs that change

Internet Explorer, and showing what add-ons are running on your

Internet Explorer browser. But

Internet Explorer only, not Firefox.

My PC Checkup will check your systems security settings, suggest changes and help you make them.

History

Cleaner can remove evidence of your browser usage, Windows temp

folders, Windows search history and also files stored by many popular

programs, like RealPlayer, Quicktime, WinZIP, Adobe Acrobat Reader and

Windows Media Player. Again, however, it doesn't include Firefox, which

is unfortunate.

Secure File Eraser lets you select any file on your computer that

you want wiped out completely, rather than just deleting it. (A file

that is merely deleted can be easily undeleted, so this feature offers

added security.)

Additional features on CounterSpy include letting you manage your

files that the program has quarantined. And General Settings give the

option of choosing Beginner/Advanced user mode. You can also determine

what bells-and-whistles you want enabled during a scan, or drop them

all for

a Fast Scan.

One problem that a few of the top anti-spyware programs have had

(notably the otherwise excellent SpySweeper) is that they can be huge

memory hogs and slow your system to slog. CounterSpy

has been reengineered with a smaller memory footprint and appears to

run fairly smoothly (as did its previous incarnation), without a

significant impact on performance.

The user-friendly interface of CounterSpy allows for a very easy and

reasonably clear user experience. Definition file updates are small,

and can be set to automatically

download. However, if you run Counterspy manually (not on Active

Protection), you have to remember to manually update your files (some

programs will remind you). The homepage of program does let you know

the date of your current definition files are out of date, but it's

still up to you to download.

CounterSpy retails for $20. Though the new version isn't loaded with

improvements, that also means it hasn't been burdened with bloat. What

has been added is solid, and beneficial to detection spyware. The Help

files could be a touch better, but things are pretty well explained all

along the way. Automatic downloading of file definitions would be nice,

too, for manual use. Also, the one consistent downside is that nothing

related to Firefox as a browser is checked. This is very secondary to

the larger issue of spyware, but would still be helpful. Overall,

however,

the negatives are minor. CounterSpy is back with a very strong program.

TWW NOTES

  • For

    people who long-used Macs, but migrated to Windows — or just the mere

    curious — the Mac browser Safari was released in June for the Windows

    operating system. It's not particularly that the world needs another

    Windows browser (Internet Explorer, Firefox and Opera, among others

    have filled in the space nicely), but what's most likely is that the

    release was done for reasons that have to do with the new iPhone.

  • In

    the Great Uncertainty over what will become the standard, Blu-Ray or

    HD, the computer manufacturer HP plans to offer a new hybrid DVD drive,

    developed by LG, currently in prototype. A standalone version is

    reported to cost $1,200, though no word yet on what HP's in-computer

    drive will cost.


Note: The Writers Guild of

America, East neither implicitly nor explicitly endorses opinions or

attitudes expressed in this article.

Copyright 2007, Robert J. Elisberg. All rights reserved.

Robert J. Elisberg

has written about computers for such publications as C/NET, PC Games,

CD-ROM Today, Yahoo! Internet Life, E! Online and Hollywood

Screenwriter. He also wrote a regular technology column for WGA.org

Online and the Television Academy Online. A screenwriter, he served for

five years as a member of the WGA, west website editorial board and

Editorial Advisory Committee.