Friday, June 15, 2012

Asquared, Spyware doctor find many viruses missed by better-known vendors

I took in a Toshiba Netbook to Geek Squad on June 7, 2012, with symptoms of very slow bootup, which sometimes fails (sometimes in the black screen), and slow startup of processes.  The initial expectation was that a hard drive might need to be replaced (only 18 months old but shaken to the floor once on an Amtrak train).

The netbook (which runs under Windows 7 Starter and had all updates, and has Kaspersky anti-virus ans firewall) passed all the hardware tests, including hard drive.

Geek Squad scanned it with Kaspersky, Norton. Trend, and its own Analyzer, and found no viruses. But “Spyware Doctor”  (CNETwebsite  review here) found 25 items and was able to remove 9. And ASquared (apparently now called Emsisoft, link), found a whopping 126 items and removed 109.

Geek Squad also removed four unnecessary group processes. 

Here’s a 2009 review of Asquared by Nevyan on blogger, link

From what I can tell, Emsisoft (the word sounds like “emesis”) is designed to supplement other products and not conflict with them.

At the end of 2008, a Best Buy Geek-Squad consultant told me that the “best” company changes every year.  In 2009 it was Webroot/Spysweeper, then it was Kaspersky.  Now it seems that Spyware Doctor and Emsisoft/ASquared catch huge numbers of problems that better known packages miss.  There is also a change from data files to cloud-based security, as with Webroot and Secure Anywhere.

It took eight days to get the netbook back, rather than three, partly because of the tedium of so many scans and fixes (under the Tech Support plan), and maybe partly because of short staff.

Thorough scanning is potentially a serious issue.  Undetected malware could lead to disclosure of important accounts (such as banking, or even self-publishing) and compromise by thieves or even mischief.  Even though reports of “downstream liability” lawsuits and prosecutions against ordinary home or small business users are rare (for child pornography loaded by a virus, or for abuse of a computer to facilitate piracy or DOS attacks), they still represent a remote threat that could happen to anyone, however remote or unlikely statistically (see Nov. 11, 2009 posting on this). 

It’s also disturbing that less familiar security vendors are finding so many problems that major brand vendors miss.

The machine, when I got it home and brought it up, was slow on the first boot, as it had to reconfigure many updates and 11000 registry cleanup changes. After shut down and one more cold restart, the performance was much better (than before the virus removal), although the other Gateway netbook, similar in design, is still faster. Both have 1G memory.

Geek Squad recommends 2G memory upgrades for netbooks.

I also got a warning from Toshiba, an “HDD/SSD Alert, unable to get disk information, unable to use the alert feature”. This makes me wonder if some of the malware was specific to Toshiba marketing.  Maybe all or most of the 126 items found by Asquared were variations of some kind of adware, maybe related to Toshiba specifically.

No comments: