Uniblue SpyEraser 2 Review

Reviewed by: Mark Goldstein, March 2008
Published by: Uniblue
Requires: Microsoft Windows 2000 / XP / Vista (32-bit), Intel Pentium 4 1GHz or equivalent processor, 512MB RAM, 200MB available hard disk space, Internet Explorer 6 or later
MSRP: US$39.95 (but often discounted)

Spyware detection utilities may seem like nothing more than a great big yawn, but you better pay attention. Strident and screeching claims throughout the media about billions of dollars worth of annual theft through spyware are hard to prove and might be sensationalized, but unfortunately there remains all those real and painfully verified tens of millions of dollars worth of theft through spyware to deal with. Most people with infected computers at home and at work believe their machines to be spyware free right up until the moment eBay calls to tell them their account has been hijacked or their bank or credit card company calls to ask about some unusual purchase. Some fun, huh? SpyEraser 2 is designed to scan and protect Windows PCs against initial spyware intrusions or attacks and to clean PCs already infected.


SpyEraser 2 found TrueSword (SpywareWarrior.com says it's not spyware, Symantec says it is) along with a dozen seriously vicious spyware installations on a deliberately polluted test machine. We ran SpyEraser 2 for several weeks normally after that on several different active PCs while still using the test machine to browse known malware sites, including sites with known drive-by installations and other nasty things. SpyEraser 2 detected and protected the PC just as well as the antispyware components in our benchmark AVG Internet Security and Norton Internet Security 2008 suites.

We encountered a few false positives during the initial scan with SpyEraser 2. Re-running a scan immediately after one which reported a false positive sometimes did not report the problem item again. For the uninitiated, a false positive occurs when a spyware or virus scan reports that a normal piece of software has been detected as spyware or containing a virus. Because products like SpyEraser 2 contain options to automatically or selectively delete or erase the 'offending' software, false positives reported after a scan could cause you to inadvertently delete an important program. That's bad. However, SpyEraser 2 is much better than previous versions with fewer false positives for sure and no more than competing utilities in its price range. But we encountered one issue which left us scratching our heads. Basically, the trial version of the software sometimes appears to report more problems than the fully registered version with almost every system we tried. The impression we were left with is that there may be a bit of a trial version sales pitch built into the software, something with which we're not particularly comfortable. Upon closer scrutiny, the trial version report dialog may be interpreted as a report about potential problems, but it's a sales tactic which is just a bit too sly for our taste.

Heuristic scanning is a wholly different animal. Simply put again, heuristics are commonsense rules designed to increase the probability of solving a particular problem, in this case the detection of new kinds of spyware installations and attacks. The biggest trick or accomplishment in any application of heuristics is to come up with the right set of questions, i.e., what does spyware look like to an operating system when the spyware is attempting to install and hide itself from normal view, what hiding places or protected places (files, folders, etc.) on a computer are potentially good for spyware, and what techniques might be used by spyware to circumvent user passwords or commands normally needed to access such areas on a Windows hard drive. There's more, but you get the idea. The answers to the questions guide programmers when they're designing background scanning to look for certain kinds of activity, thereby increasing the odds of detecting a spyware installation before it takes hold.

A brief look at how SpyEraser 2 does its work may also reveal the source of both accurate scanning and scans which produce false positives in all antispyware products. SpyEraser uses two forms of scanning and detection: a) profile-based, and b) heuristic analysis. Profile-based scanning is relatively simple up front because it's based on a lot of hard work by programmers and technicians who regularly identify new spyware making the rounds and then develop small routines (usually called either signatures or profiles) which when loaded into SpyEraser 2 help it identify new spyware. Every new SpyEraser 2 update contains signatures/profiles for the latest threats that the software maker has detected online.




© Copyright 2000-2008 kickstartnews.com. All rights reserved. legal notice
home | previous reviews | hot news | about us | search | store | subscribe


The latest in tech news and information Find a product review on KSN Home Previous Reviews About Us Store Subscribe