IOBit 360 is a relative newcomer on the antimalware scene, although the Chinese publisher is known for making solid utility software such as Smart Defrag. It's a fast and welterweight freeware utility for detecting and removing malware, and plugging your system's security holes before they can been exploited. The new improvements in version 1.10 include integration with the Windows 7 security center, a new feature that creates a USB key-portable version, a toolbar, and scan engine tweaks.
IOBit 360
(Credit: Screenshot by Seth Rosenblatt/CNET)If you're unfamiliar with the program, it's fairly simple to figure out and use. The interface has large left navigation icons with simple labels that won't confuse novices, while the tools menu offers some useful features that more advanced users are sure to appreciate.
The Overview tab is the main window and it contains links for immediate Smart scans, definition file updates, a "security analysis"--which evaluates potential exploits in your system and includes Windows security patches--and a status update window. This tells you whether your real-time protection, automatic scans and updates, and heuristic-based scans are on or off. Automatic scans and updates, and scheduled scans, are restricted to the paid upgrade, which is currently being offered on sale for $19.95. It's usually $29.95.
The Scan tab lets you initiate a Smart scan, a Full scan, or a Custom scan, and the Protection tab lets you toggle your real-time protection status. It seems a bit odd that a user would want the separate controls that the program offers for "known malware" and "unknown threats," but you can toggle them independently.
A running scan that wound up taking about six minutes to finish.
(Credit: Screenshot by Seth Rosenblatt/CNET)The Tools tab is what makes IOBit 360 comparable to others in its class, giving you seven useful system security tools. There's a Hijack scan for power users, a Security Holes scan, a Passive Defense that disables cookies in Firefox and Internet Explorer, and ActiveX in IE, and an Unlock and Delete tool for getting rid of files your system thinks are in use. This feature is slightly less important in Windows 7, which will tell you when you encounter a locked file where it lives, but the unlocking and deletion features are definitely useful.
There's a Privacy Sweeper that will clean not just cookies and cache but saved forms, download history, and other Internet traces in all the major browsers it detected on my system, including Firefox, Internet Explorer, Google Chrome, Opera, and Safari, but the sweeper will also check utilities such as archival tools, multimedia players, and other applications that regularly ping the Internet. These days, that's nearly everything.
Annoyingly, the PC Tuneup option takes you to the download page for another IOBit program, but users on the go will like that you can create a custom portable version, launchable from a USB key. IOBit 360 eats about 50MB of RAM when idle, with a Smart scan taking about 6 minutes and a full scan finishing in 45 minutes, making this one of the fastest in its class. I didn't notice any system lags while running it, and it didn't detect any malware on my system, although it did point out tracking cookies from multiple browsers. Third-party efficacy tests haven't yet been performed against high-performing competitors such as Ad-Aware or Malwarebytes, but IOBit is proving that the antimalware tool without antivirus isn't dead--yet.
Updated 1:45am PST Tuesday with pricing information.
McAfee has released a new security suite designed to help businesses better handle security for their growing segment of Macintosh computers.
Targeting small to large companies, McAfee Endpoint Protection for Mac provides antivirus and antispyware features, and both an inbound and outbound firewall, McAfee said Tuesday.
The company is positioning the tool as a plus for IT administrators and for users. Administrators can use the same console to manage McAfee security on both Mac and Windows machines, said the company. The software lets administrators deny or control which applications can run on supported Macs. The suite's ePolicy Orchestrator tool can also generate reports of malicious activity for review.
Some have debated whether the Mac needs security software since it has traditionally been a less visible target than Windows for attack. But with Internet threats continually on the rise, few computer environments are completely immune. Even Apple has advised Mac users to protect themselves with security software.
Antivirus software for the Mac has been sold for a long time by companies such as Symantec and McAfee. But most products have been geared to the individual user.
McAfee sees its Endpoint Protection suite as filling a growing need at schools, companies, and government agencies that have adopted more Macs in recent years.
"The demand for Macintosh in the enterprise is steadily growing, yet organizations are either not using any security technology for these endpoints, or they are using a standalone, non-manageable anti-virus protection solution," Peter Lincoln, IT director at Aquent, said in a statement provided by McAfee. "The use of McAfee Endpoint Protection for Mac enables us to have complete protection on all our endpoints. Using the same integrated management console also allows us to lower our operational cost and ensure security and compliance."
A survey conducted last year by ITIC showed that a greater number of companies were planning to allow Macs into their workforce.
McAfee Endpoint Protection for Mac is compatible with the latest release of Apple's Snow Leopard as well as existing Leopard and Tiger environments. A McAfee spokesperson said the product's retail price would be $55.08 per computer for a network of 500 - 1000 computers. The pricing includes one year of Gold technical support.
If you missed out on Ashampoo's special deal last week, here is your second chance! In celebration of their 10th year Anniversary, Ashampoo is offering CNET users an exclusive deal on all of their software (except for CAD software) for just $10 USD.
Ashampoo makes a number of popular software titles including, but not limited to, Ashampoo AntiSpyWare 2, Ashampoo Music Studio 3, Ashampoo Office 2008, Ashampoo Magical Defrag 2, Ashampoo Burning Studio 9, Ashampoo Movie Shrink & Burn 3, Ashampoo HDD Control, Ashampoo WinOptimizer 6, Ashampoo UnInstaller 4, Ashampoo PowerUp 3, Ashampoo Slideshow Studio HD, Ashampoo Photo Commander 7, Ashampoo Snap 3, and Ashampoo Cover Studio 2.
You can get the special promotion by clicking on the $10 promo button on their product pages or simply enter in the special CNET Downloads coupon code download_com from their website.
This is an exclusive limited time offer, so get it before the time runs out!
Lavasoft has updated its popular malware and spyware detection and removal tool Ad-Aware. Rather than a dramatic redo, version 8.1 builds on the improvements made in the previous version. The new version is faster, has better removal abilities, and introduces a behavioral detection engine.
Called Genotype, Ad-Aware's heuristic-based behavioral detection engine isn't explicitly called out in the interface. However, I noticed that files that had been flagged falsely as threats in earlier versions were no longer called out as such, and the Quick Scan was able to complete in about three minutes, as opposed to 10 minutes in the previous version. These are empirical observations, of course, but this version's improvements should be easy to see for longtime users of Ad-Aware.
Removal techniques have also been improved. Lavasoft is calling the new system Neutralizer, although it's not called out as such in the program interface. What users will see is a "family" of grouped similar threats, such as cookies, the category of the threat, and the action taken. The program defaults to the Recommended action, which means you need to click on the drop-down menu to the right of the listing to see what action will be taken on a per-threat basis. The big action buttons introduced in version 8 still reside at the bottom of the window, which feels further than necessary--it'd be better to have the action button closer to where the mouse already is, at the top of the window.
There is one big change to the interface in v8.1. At the bottom left corner of the window, there's a toggle to switch between Simple mode and Advanced mode. Simple mode is for users who are set-it-and-forget-it types, with fewer options displayed. Advanced mode allows for deeper settings customization. There's also a gaming mode, so that full protection continues to run while you play games or watch videos, but detected threats won't interrupt your entertainment until you're done.
Ad-Aware's new Advanced mode, presenting more options by default.
(Credit: Screenshot by Seth Rosenblatt/CNET)Fans of personalization get more skin action in this version, too. In addition to the included skins, the community support offered at MyLavaSoft now includes community-sourced translations and skins.
However, fans of the free version do not get all the features available in the paid upgrades. Antivirus is only for paying customers, and while rootkit detection is present, behavior-based heuristics and real-time registry protection are not. Ad-Aware Free cannot scan networked drives, and even a basic feature like the scheduler remains off-limits in the free version. The Ad-Aware toolbox for system tweaks is only available in the Pro version. I encountered a pop-up for the upgrade, although Lavasoft told me that this was an infrequent occurrence. Ad-Aware Plus is available for $26.95, and Ad-Aware Pro is $39.95, and both have a 30-day trial.
Microsoft has released version 1.0 of Security Essentials, the successor to Live OneCare. Originally known as Morro, Security Essentials retains the core features of OneCare, but abandons the additional heft of a firewall, performance tuning, and backup and restore options in exchange for making the program free. Rather than taking aim at full-featured security suites made by Symantec or Eset, the features available in Security Essentials indicate that Microsoft is aiming to compete with basic-but-free security apps.
For the select 75,000 public beta testers who got their hands on the program when the limited public beta was offered in June, there will be few appreciable differences between the beta and the final version. For the rest of the planet, Security Essentials features key defenses that are boilerplate for any respectable security program.
Features
It uses both definition file and real-time defenses against viruses and spyware, and also offers rootkit protection. The program's reputation-based detection and software signature-based detection seem to rely heavily on Microsoft SpyNet, the unfortunately named cloud-based service that compares file behavior across computers running various Microsoft operating systems.
The official version 1.0 of Microsoft Security Essentials looks identical to the popular limited beta version from June 2009.
(Credit: Screenshot by Seth Rosenblatt/CNET)SpyNet was introduced in Windows Vista and extended to Windows 7, but Microsoft Security Essentials is the only way to access the network on Windows XP. Unlike other security vendors that allow customers to take advantage of the benefits of their behavioral detection engines while opting out of submitting information, there's no way to do that with SpyNet.
You can choose between two SpyNet memberships. Basic submits to Microsoft the detected software's origins, your response to it, and whether that action was successful, while the Advanced membership submits all that plus the location on your hard drive of the software in question, how it operates, and how it has impacted your computer. Both basic and advanced warn users that personal data might be "accidentally" sent to Microsoft, although they promise to neither identify nor contact you. Opting out of SpyNet, however, is not an option in Security Essentials.
Security Essentials benefits greatly from having a simple, streamlined interface. There are four tabs, each with a concise and understandable label: Home, Update, History, and Settings. The program also uses easy-to-grasp labels, imported from OneCare: green for all good, yellow for warning, and red for an at-risk situation.
From the Home window, you can run a Quick Scan, Full Scan, or Custom Scan, and a link at the bottom of the pane lets you change the scheduled scan. The Custom Scan lets users select specific folders or drives to scan, but it doesn't allow for customizing the type of scan used. For example, you're not going to be able to choose to scan only for rootkits or heuristics, as you can with other security programs. The program installs a context-menu option for on-the-fly scanning in Windows Explorer, too.
The Update pane manages the definition file updates, with a large action button, and History provides access to a spreadsheet-style list of All detection items, your Quarantine, and items you've Allowed to run. Although it's a basic layout, this no-frills approach to security could prove appealing to computer users who are overwhelmed by more detailed security choices.
Users can choose between two options for SpyNet, but no way to not contribute to it.
(Credit: Screenshot by Seth Rosenblatt/CNET)The Settings window allows users to further customize the program by scheduling scans, toggling default actions to take against threats, adjusting real-time protection settings, creating whitelists of excluded files, file types, and processes, and the aforementioned SpyNet options. There's also an Advanced option which is still fairly basic: here you can set Security Essentials to scan archives, removable drives, create a system restore point, or allow all users to view the History tab.
Security Essentials comes pre-configured to run a scan weekly at two in the morning, when your Microsoft thinks your system is likely to be idle. New malware signatures are downloaded once per day by default, although you can manually instigate a definition file update through the update tab. Attachments and downloaded files will be automatically scanned by Security Essentials.
Help is only available in the form of the standard offline Help manual that comes with all Microsoft programs. There's nothing fancy here.
Performance
I found that it installed in less than one minute, and completed its first Quick Scan in less than 30 seconds. The Full Scan took more than an hour to reach the halfway point, and this was borne out by tests performed by CNET Labs' benchmarks. Microsoft Security Essentials actually sped up the boot time of our test computer by more than two seconds, and it sped up the shut-down time by more than two and a half seconds. However, compared to major security vendors it was significantly slower at scanning--Security Essentials took 2,340 seconds to scan, whereas most scans would clock in between 1,000 and 1,100 seconds.
The program comes with a few options for customization, but not many.
(Credit: Screenshot by Seth Rosenblatt/CNET)In our iTunes decoding test it scored similarly to its competition, about 7 seconds slower than an unsecured computer. In our MS Office test and media multitasking tests it was faster than some--503 seconds versus 552 seconds for Norton AntiVirus 2010 in the Office test, and 844 seconds versus 876 seconds for Trend Micro Internet Security Pro in the media test.
While running the Full Scan, I noticed that it took up about 86 MB of RAM. However, it felt far lighter, and I was able to perform resource-intensive tasks like uploading photos without any noticeable freezes.
Third-party virus detection efficacy scores were not available at the time of writing, and it's not currently clear whether Security Essentials shares the same detection engine as Live OneCare. However, CNET reporter Ina Fried mentioned that Security Essentials stopped her from accidentally coming down with a case of Koobface.
Conclusion
Microsoft Security Essentials is a lightweight security app that people might turn to for a number of key reasons. It's easy on the system resources, it's easy to figure out how to use, and it comes pre-configured. It only works on legally licensed Microsoft computers, which is understandable but potentially leaves a large segment of the unprotected population still unprotected. You can't opt out of contributing to SpyNet, which isn't understandable at all. Overall, it's recommended for those who want something to set and ignore, but users who want more robust configuration choices or don't want to contribute to the cloud should look elsewhere.
(Credit:
CNET)
If you are using a Windows machine or even a Mac running Windows in a virtual environment, you need to pay attention to security. At the very least, you should always have at least one program for each of the major security threats: antispyware, antivirus, and a software firewall (if you don't already have a router-based firewall). Some antivirus suites have begun to include antispyware in their software, so if you have antivirus software, check to make sure you're covered. But if you're reading this and you don't have software to cover these three areas, we strongly suggest you visit our Download Security Center and browse through each of the categories.
To get you started, we've rounded up the top free antispyware software options. Most of these programs offer a paid upgrade with added useful features, but we made sure to only pick software that followed through and removed spyware without the need to buy during the initial trial. It's important to note that each of these programs has its own set of algorithms and different times they update their definitions, so we recommend using two antispyware programs to make sure you catch everything.
(Credit:
CNET)
Spybot Search & Destroy was one of the first antispyware options available and it still is a fairly strong contender for finding threats. Other useful tools, including Secure Shredder, complement the program's basic functionality for completely destroying files. The interface is pretty dated, but with all the added extras of this 100% free program, it's worth a look.
(Credit:
CNET)
Ad-Aware Anniversary Edition has been in the antispyware game for a long time as well. They have always been close to the top of our list for antispyware detection, but you'll need to pay for added features like scheduling and shield-based protection. With several interface refinements, faster scanning times than previous versions, and numerous other enhancements, this might be the easiest-to-use Ad-Aware yet.
(Credit:
CNET)
Spyware Terminator is a free option that offers an easy-to-understand interface and lets you schedule your scans for the time most convenient for you. The real-time protection for this program is stronger than most, but can get distracting as you'll need to personally approve many actions. Fortunately, you can designate a lower level of protection to keep you safe without all the hand-holding. This is one of our favorites at Download.com for its relatively quick scan times, free real-time protection, and the ability to designate how deep of a scan you want to use.
(Credit:
CNET)
CounterSpy makes it simple to schedule and customize spyware scans or run scans on demand, while also offering an adjustable level of real-time protection. Added features like a PC Explorer to browse running ActiveX controls and running processes are useful additions. This one offers a 15-day trial with which you'll be able to remove threats found by CounterSpy, but you'll need to pay to use this program regularly.
(Credit:
CNET)
SuperAntiSpyware Free Edition, despite its rather uninventive name, is a solid antispyware program. This program offers a number of options for the types of files you want scanned. Like many of the programs listed here, you'll need to pay for the full version of SuperAntiSpyware to unlock the ability to schedule your scans and use real-time protection.
(Credit:
CNET)
Malwarebytes is our Editors' Choice at Download.com so we recommend it as one of your choices in your antispyware arsenal. Scans are quicker than other programs in this category, and Malwarebytes is often able to distinguish between real threats and common false positives. You'll also be able to scan individual files on demand and a handy File Assassin lets you delete locked malware files. You'll need to pay to set up regularly scheduled scans and real-time protection, but with this solid program, registering is worth your money.
Norton Internet Security 2010 won't be available for a few more months, but the beta version is available now. In it, Symantec continues to build on the rejiggering it did last year. Built upon the dramatic performance improvements are deeper integration with other security tools like OnlineFamily. Norton, and the new Norton Insight for judging threats by community behavior as well as file definitions.
The public beta for Microsoft Security Essentials, the free replacement for Live OneCare, is now closed, but that doesn't mean you've missed your chance to see what it's like.
In this First Look video, we look at the new interface, the new features, and the new limitations of the latest free antivirus to enter the market. Should AVG and Avira be scared? Watch and find out.
Updated June 25 at 12:50 p.m. PDT: Several commenters pointed out a secondary scanning process that runs while a scan is running. While Microsoft Security Essentials uses little memory when not scanning, during a second round of tests it used 60MB to 70MB of RAM, while consuming around 200MB of Virtual Memory.
Updated June 24 at 11:30 a.m. PDT: The 75,000 available slots for testing Security Essentials have been taken. There is no word at the moment whether Microsoft will allow more testers to download the public beta in the future.
Microsoft on Tuesday released its latest foray into security software as a limited beta. Microsoft Security Essentials, known in development as Morro, is limited to 75,000 downloads in four countries: the United States, Israel, Brazil, and China.
Security Essentials contains all the basic features that users have come to expect from free security software: multiple built-in and customizable scan options, a scheduler, automatic definition file updates, a real-time defense shield, and rootkit protection.
It's been a bit hard to gauge user interest at this point. Despite the download limitations, I was able to download the installer onto one computer at 10:15 a.m. PDT, and another at 10:45 a.m. Microsoft has also said that the download cap might be lifted at a later date.
This hands-on will be limited to testing the on-board features since CNET doesn't maintain a virus zoo for security reasons. Also, users should note that Security Essentials will run a Windows Genuine Advantage check before installing. If you're running an illegal copy of XP or Vista, you're out of luck here. The program will run on Windows 7 RC, and there's a separate installer for users with 64-bit operating systems. The 32-bit installer for Windows Vista and Windows 7 was small, weighing in at 4.73MB.
The main interface of Microsoft Security Essentials is streamlined and uncluttered.
(Credit: Screenshot by Seth Rosenblatt/CNET)If you're familiar with other free antivirus solutions such as AVG or Antivir, Security Essentials will probably strike you as an incredibly similar experience. The program opens with four tabs: Home, Update, History, and Settings. When you first start the program, it will ask you to update the definition files. This was a surprisingly fast process, taking about a minute when tested on two different Windows 7 computers.
After updating the definition files, it will ask you if you want to run a Quick Scan. On both of those Windows 7 machines, the Quick Scan worked true to its name and completed in less than 10 minutes. Quick Scans are good tools if you're worried about major infections, but deep scans are recommended regularly to maintain a higher level of protection.
The Home landing page summarizes your security status, indicating whether your system has been scanned successfully, whether real-time protection is on, and if your virus and spyware definitions are up to date. A pane on the right contains scanning controls, and a pane at the bottom tells you when your next scheduled scan is. There's a link to the scheduler, as well.
Security Essentials' Full Scan took nearly an hour and a half to finish, but only used 4MB of RAM while running.
(Credit: Screenshot by Seth Rosenblatt/CNET)The Full Scan took about 86 minutes, which is a bit long for a deep scan on fairly new, regularly-scanned computers. I didn't think that the program would turn up any risks, but somewhat notably Security Essentials didn't turn up any false positives, either. The Custom Scan lets users select specific folders or drives to scan, but it doesn't allow for customizing the type of scan used. For example, you're not going to be able to choose to scan only for rootkits or heuristics, as you can with other security programs.
The program installs a context-menu option for on-the-fly scanning in Windows Explorer, too.
What did impress me was the shockingly small memory footprint. During the most resource-intensive action you can take with the program, the full system scan, it worked itself up to using only 4.6MB of RAM. More often than not, it hung around a few bytes lower, at 3.9MB.
The Update tab tells you your definition file version numbers, when your last update was, and has an Update button so you can force an update check. The History tab shows only files detected as potentially harmful. You can sort files it's detected according to All Detected Items, Quarantined Items, or Allowed Items.
User can customize some, but not all, aspects of the program.
(Credit: Screenshot by Seth Rosenblatt/CNET)The last tab, Settings, is where most of the customization features reside. A left sidebar list contains options for Scheduling your scans, adjusting Default actions, tweaking Real-time protection, Excluding files, folders, file types, and processes from scans, Advanced controls, and managing your Microsoft SpyNet enrollment.
Yeah, Microsoft actually called something "SpyNet."
SpyNet, apparently, is a telemetry system Microsoft uses to quality-control definition-file updates after they've been sent out. According to the Microsoft news release, SpyNet reports back on the efficacy of old definition file removal and the implementation of new definitions, as well as how detection rates on false positives.
Security Essentials users must participate in SpyNet. The default option, Basic, reports to Microsoft on where a potentially infected file came from, what your action was, what the recommended action was, and whether the action taken was successful.
Security Essentials' SpyNet malware reporting feature.
(Credit: Screenshot by Seth Rosenblatt/CNET)The Advanced membership in SpyNet will send even more information to Microsoft, including the location on disk of your potential infection, how it has affected your computer, and how it operates. For both Basic and Advanced SpyNet membership, Microsoft warns that, "personal information might unintentionally be sent to Microsoft," but that the company "will not use this information to identify or you or contact you."
On the surface of it, this sounds like a standard security software reporting process on malware behavior, although I don't know how deep other programs go into your system behavior. However, it's definitely odd that Microsoft has chosen to call it out in this way.
It's hard to gauge any antivirus program without reliable data on its detection and removal rates. Microsoft Live's OneCare security program has a reputation for low false positives and strong "new" detection rates, but it's not clear how much of Security Essentials is built on or from OneCare. At this point, I'd advise users who are curious about Microsoft Security Essentials to try it out, but I wouldn't recommend it yet as a primary security solution without more field testing.
Editors' note: This article was first published on February 27, 2008, and was titled, "Clean your PC with Trend Micro HijackThis." It was updated on May 21, 2009.
Malware has gotten more sophisticated at hiding its tracks compared with a few years ago. Adware, it seems, with its pop-ups and unwanted browser toolbars, has taken a backseat to the sly, ever-dangerous, and much more lucrative realm of the botnet, also known as that class of malware that conscripts your computer into an army of spam-spewing zombies, or worse.
If you suspect your Windows computer may be compromised, you should always try running standard adware-removal programs first. Ad-Aware and Avira AntiVir Personal Free are two good starts. If they can't seem to keep the nasties at bay, Trend Micro HijackThis digs deep. For most, HijackThis will be diagnostic software for Windows XP (with high compatibility for Vista) that creates a log of your Windows Registry and file settings. It is not a spyware removal tool. However, its capability to identify commonly abused methods of altering your computer can help you (and the Internet community) determine your next course of action.
Step 1: Install it
Version 2.0.2 of HijackThis contains an installer, unlike the previous version that launched from a ZIP file or EXE. If you're using that legacy version, be sure to update. You'll find that this build also downloads a desktop icon for quick-launching.
Step 2: Scan your system
If you scan without a log file, you can always create one later on.
Trend Micro HijackThis opens with a simple interface that offers limited instruction. Running the program and interpreting its results can be confusing. Click either of the two "system scan" buttons to bring up a list of registry and file entries. Expect to see a mess of entries--even a Firefox plug-in on a completely healthy computer can produce multiple listings. If you choose to scan the system only, you can still save a record after the scan by selecting the "Save log" button on the bottom left. This will save the log as a plain text document that you'll be able to open in Notepad.
Step 3: Identify problems
Add safe entries to the Ignore List to speed up future scans.
Here's the rub--now that you've got a long list of your computer's contents, how do you determine which results are critical, and which benign?
There are a few determining factors. Some entries may be obviously tied to a legitimate program you installed. A browser helper object like Adobe PDF Reader Link Helper is clearly harmless and installs with the Adobe Reader application. Listings like these you can ignore or can add to the Ignore List to bypass in future scans. To excuse any entry from showing up in the results list in the future, click the adjacent box to add a check mark and choose the button reading "Add checked to ignorelist." See it in action in this video (Note: The video accurately demonstrates using the ignore list on a previous version of HijackThis.)
... Read more
