Virus And Spyware Removal

Sunbelt VIPRE

Sunbelt Software VIPRE Antivirus 4.0 is like one of those bright kids in class who knows the answers but doesn’t show off. It does a very good job at cleaning up malware and keeping malware from infesting a clean system, though not quite as good as the very top products such as Spyware Doctor with AntiVirus 2010 and Norton Antivirus 2010. It does offer some bonus tools more commonly found in security suites than in standalone anti-malware programs, and I especially like Sunbelt’s support policies.

I’ve commented on the different ways security companies think of tech support. Sunbelt’s policy is very clear. When you buy VIPRE they will make sure it cleans up any malware on your system. If the malware keeps VIPRE from installing their tech support experts will handle the situation. If VIPRE can’t clean up a problem they’ll work through any necessary remediation. As you can tell, I like this policy.

In my own testing I ran into problems installing VIPRE on two malware-infested test systems. Tech support pointed me at the free VIPRE Rescue command-line scanner, which cleaned up both systems enough to allow installation of the full product. This VIPRE Rescue scanner is free for anyone to use; give it a try if your anti-malware software needs a helping hand. Just remember to download a new copy on each use, as Sunbelt updates it daily with the latest malware definitions.

As for those bonus tools, VIPRE includes a secure deletion (”shred”) utility, a cleanup tool for erasing traces of browsing and other computer use, and an advanced “PC Explorer”. This last tool offers a view of numerous system areas that can harbor malware. For example, it will list all running processes, all installed browser add-ons, and all programs that launch at startup. It flags each program as safe, unknown, suspicious, or hazardous. Advanced users will definitely appreciate these tools.

VIPRE did well in my malware-removal tests and even better when I tested its ability to protect a clean system. I do have some concerns about its behavior-based advanced protection, but that feature is turned off by default. For more details, see my full review of VIPRE Antivirus 4.0.

All the major Web browsers use blacklists to attempt to protect you from known malicious Web sites. Some browsers use Google Safe Browsing API (which Google still calls “experimental.”) But Microsoft’s IE8 has dits own, called SmartScreen, built on the Phishing Filter in IE7. Smartscreen checks the site you request against a blacklist they maintain; when you request one that is on the list, you get one of these warnings:

Google method works similarly from the user standpoint. But how does it construct its blacklist? That is the subject of an entry in the Windows Team Blog.

Microsoft gets site reputation data from a many sources; it doesn’t block a site based on just one report, but once it’s in Microsoft’s database, its fate depends on its behavior and, potentially, the behavior of other sites: Are other sites on the domain also malicious? Are other sites in the same IP address block also malicious? SmartScreen could end up listing the entire block or domain.

The blog entry was filed on Friday, 3/12. Today, 3 days later, the site is still accessible through Google Chrome in spite of their Safe Browsing API. True, it’s only a sample set of 1.