Home What is a Trojan Horse? Ho we reviewed anti-trojans About us |
|
|
Since the time I created this site the problem of malware infection has both escalated and changed in character. At the same time anti-virus products have become much better at detecting trojans. As a result of these developments I no longer recommend for most users the routine use of a separate anti-trojan program such as those listed below. I've left these now dated reviews on this site for reference purposes only. Indeed those faced with removing an existing trojan infection will find the trojan removal capabilities of some of these products useful, particularly the free version of Ewido (now known as AVG anti-spyware). For my latest security recommendations check out the editorial column in the most recent issues of my newsletter - Gizmo, May 2007. Pest Patrol from the Carlisle, PA based software company of the same name has quickly developed a good foothold in the marketplace. PestPatrol is unlike any other product in this survey. It not only detects trojans, it also detects spyware, adware, hacker tools and other potentially malicious programs as well. Design and Usage PestPatrol has a number of components all tied together with a control panel interface. The components include:
(The Corporate Edition of the products includes two additional modules but we have not listed these as it was the home version we tested in this review.) According to the documentation the memory monitor checks for 4000+ pests in memory including binded executables and polymorphic trojans. We can't confirm this - it's just what is claimed. The memory monitor also launches the keylogger detection monitor on startup and again every thirty minutes. The control panel has a clean interface and is logically laid out with tabs covering the various functions. Scan options are numerous and are handled by three separate tabs covering where to search, what to search for and what to exclude. Separate tab handles automatic updates and scheduled scans. All these options would prove a bit overwhelming for the average user. A simple wizard would be a desirable feature particularly as some of the default options are rather odd. For example by default PestPatrol does not search for binders, commercial remote access trojans, loaders, nukers or packers. In our tests we over-rode the defaults and searched for all these kinds of malware. Another oddity is that memory monitor is not turned on by default. To do this you have to right click in the taskbar icon and enable it. For advanced users PestPatrol offers a process viewer and a list of programs that startup with Windows. Neither is a particularly sophisticated example of their kind but have the saving virtue of offering clear plain English information. Products like TDS-3 and Trojan Hunter offer a better set of diagnostic tools for the advanced user. But such users are not really the target market for this product. From an information perspective, PestPatrol is one of the the most user-friendly product in this current series of tests. Take for example, its excellent descriptive database of trojans, adware and spyware products. Unlike the databases in most other products, it's actually useful and informative. Furthermore it has an excellent help file. Need cheap inkjet cartridges? Check out http://www.techsupportalert.com/cheap_inket_cartridges.htm Performance PestPatrol scan time was by far the fastest of any of the products we tested. On the other hand it detected the fewest trojans. I guess one goes with the other. You can initiate a scan from control panel or from the mouse right click context menu. However each gave different results. The control panel approach took longer but threw up more hits. It is not clear to us why this is the case. We used the control panel initiated scan in our tests. The memory monitor takes up about 6.2 MB of memory which is about average for the products we reviewed. It runs quite actively even when the system is idling, though without consuming a great deal of CPU power. This can be seen clearly in the graph below which shows system resource usage in blue with the monitor's usage in green. Note that there is no great increase in monitor activity when a program is executed - that's the hump in the blue graph.
The PestPatrol memory monitor is not protected and could be easily terminated with Windows Task Manger. This makes it vulnerable to Trojan Attack. PestPatrol's Trojan detection performance was poor. It only picked up two trojans in our test set, a performance that placed it equal last amongst the products we reviewed. Note that before we did our tests we changed the default scan options to detect the most trojan file types. If we had used the default scan selection detection performance may have been even worse. Looking at the trojans missed we find it hard to accept the assertion that PestPatrol detects binded and polymorphic trojans. In fact it missed every one even with the program optioned for maximum detection capability. Detecting modern trojans is a difficult task even for dedicated anti-trojan programs. PestPatrol is too generalized a tool to be able to adequately cope with this problem Other Reviews Pest Patrol has fared quite well in reviews, particularly those that rate products according to the number of trojans found by simple scans of large test sets (1, 2). One review in particular (3) rated it right at the top though it should be noted that this particular review was funded by the vendor. In another review that looked at the detection of compressed or encrypted trojans (4), PestPatrol performed poorly, a result duplicated in the PC Flank review. Support PestPatrol has an excellent in-built help file. Without doubt, the best of any product we tested. The clearly laid out website has a useful array of support resources including a FAQ, a set of how-to guides plus a vendor supported user forum. There is also email support with a promised 24hr response time. We tested the latter and obtained answers to our questions well within 24 hours. Judging from the on-line forum, most users seem very happy with Pest Patrol, particularly in it's spyware detection role. Summary If you only want protection against trojans, then there are specialist products that will do the job better than PestPatrol. However if you want to broad ranging protection against adware and spyware products with some additional protection for trojans then PestPatrol would be a solid choice. Stop Press: On August 16, 2004 PestPatrol was acquired by Computer Associates International Inc. The product will continue to be marketed as eTrust PestPatrol and elements will incorporated into other CA security products. Version tested: 4.4 Home Edition Price: $39.95 Download: Click here for trial version Buy: Click here for purchase details Trojans in database: 20212 "pests," including trojans, as at the 26th August 2004 Website: http://www.pestpatrol.com Signature File Update frequency: Minimum of twice monthly
Advertisements: The Best Backup Software: 18 backup programs reviewed and rated but only one get "Editor's Choice" Inkjet Printer cartridges: The best places to buy cheap inkjet cartridges. We looked at 47 seven sites but could only recommend eleven.
|
