Security tools are powerful programs that can have serious side effects Jane Hoskyn reveals the tools and apps that aren't worth the hassle
Just because something calls itself a ‘security tool’, that doesn’t mean it’s going to keep you secure. It’s a bit like the building trade - anyone can call themselves a builder, then charge you the earth to mess up your house and cause you untold stress.
As we’ve seen from the AVG data-selling scandal, security tools don’t always have your best interests at heart. We’ll talk more about data-selling in our next article, but for now what we’re really interested in is tools that don’t work as well as they should - leading you to think your PC is protected when it’s not. Then there are the tools with empty promises and unwanted side effects.
Here’s what you should avoid.
Ineffective security guards
We’ll start with AVG because it’s been hitting the headlines lately for the reasons mentioned above, and because its results in our lab tests remain well below par.
AVG’s free antivirus (AV) suite (http://free.avg.com) is popular, and many of you may have installed it on your PCs. It’s also been around for years - since 1991, in fact, when it was launched in Czechoslovakia as Anti-Virus Guard.
So it’s had plenty of time to get its act together, but it still falls short. In the newly released quarterly test by our security team at Dennis Technology Labs (DTL, http://dennistechnologylabs.com), AVG came second-to-bottom of the league table - faring even worse than Microsoft Security Essentials (MSE), whose poor performance is legendary. Bottom of the list was Bullguard Internet Security (£49.95, www.bullguard.co.uk).
Neither Bullguard nor AVG, nor any other badly performing AV, is a scam - they’re better than no AV at all. But of the 100 threats our lab team threw at them under controlled conditions, they missed eight. 'Ihat’s not good enough to keep you safe, so the danger is they’ll create a false sense of security.
DTL’s head Simon Edwards says that poor AV is like an ineffective security guard: “Even if the security guard was not intentionally malicious, he could be completely incompetent. I’d choose a more consistently strong product” (read more on his blog at www.snipca.com/18695).
Free doesn't mean good
Don’t assume that just because a security product is free, it’s worth a go. At best, it’s a waste of your hard-drive space. At worst, it makes you assume you’re safe and may even conflict with other security tools installed on the same computer (see below).
There are much better free AV suites. Avast Free Antivirus (www.avast.com) experienced a blip in our latest lab test, but over the past three years it has consistently been in the top half of our leaderboard, ranking close to paid-for AV products such as ESET Smart Security.
Hard-to-remove AV tools
By their nature, installable security tools dig deep into your operating system (OS) and Registry to keep every area of your PC safe. But one side effect of this is that they can be difficult to remove from your PC.
At the risk of picking on AVG, it is a prime example. Once you’ve installed it, it may not get off your computer without a fight. If you uninstall it using your built-in ‘Uninstall a program’ tool, oodles of junk files will be left behind. Many users have even reported that it won’t uninstall at all (www.snipca.com/18698).
An AV you can’t remove is like a plaster cast that won’t come off. It does its job (more or less), slows you down in the process and then refuses to leave.
More worryingly, it reminds us of malware. Browser hijackers such as Binkiland dig their heels in when you try to uninstall them, no matter what adware-removers and malware-blitzing tools you chuck at them. Wiping your PC is often the only way to get rid of them.
The ideal solution is to avoid ineffective AVs in the first place, but that’s no help if you’re stuck trying to uninstall the thing. So we’ll recommend a tool we used to dislike intensely: IObit Uninstaller (www.snipca.com/18668).
IObit used to pack its program installers with PUPs and other unwanted extras that sometimes ignored your efforts to opt out of them. But IObit seems to have learned its lesson, and IObit Uninstaller now loads on to your PC without a hitch (provided you download it from IObit’s site, and not a download mirror such as the dreaded Cnet).
The program is powerful, easy to use and extremely efficient, removing all leftover junk, including Registry entries left behind by programs. You can decide which Registry entries to keep, but if you’re planning to install a new AV tool we’d recommend obliterating every shred of your old AV in order to avoid conflicts (see below).
Ransomware 'medicine' you don't need
All security software - much like medicine - has side effects. AV slows down your PC with its powerful background processes. This even applies to Kaspersky Internet Security, our lab tests’ consistent winner. In that case it’s a price worth paying, but in other cases you’re suffering side-effects of tools you don’t actually need.
Early we named ransomware the worst malware ever. Because it’s becoming increasingly prevalent, there’s been an opportunistic flood of anti-ransomware tools, such as the free CryptoPrevent (www.snipca.com/18655). Tools like these make your computer work very hard trying to get rid of a specific piece of malware that may not even be on your PC.
Our Problems Solved team has received a number of letters reporting crashes and unexpected error messages after installing CryptoPrevent. Worse still, readers have reported finding the tool difficult to remove.
Security apps you no longer need
The most effective anti-ransomware tool we’ve tested is a free Android app by Avast. Avast Ransomware Removal (www.snipca.com/18657) is specifically designed to remove CryptoLocker and Simplocker ransomware from your tablet. It’s good at its job - but only if it has that specific job to do. If there’s no ransomware on your device, the app serves no purpose and just clogs up space, battery and processor power. If you are infected you can still download the app to your device from www.snipca.com/18657 via your PC.
As a rule, if a tool has a specific purpose, only download it for that purpose. You wouldn’t eat a bowl of prescription drugs for breakfast if there was nothing wrong with you. If you do solve a problem using a security tool specially designed for that purpose, uninstall it afterwards.
Fake security apps
Just as the ransomware epidemic has brought tools swarming out of the woodwork, it’s also triggered a flood of phishing. Cybercriminals have created ransomware-themed phishing emails, web pages, fake apps and other bait containing malware.
Android users should be especially careful. Windows can be protected by powerful AV, and iOS is effectively a sandbox that helps keep nasties out. But Android’s more open, versatile nature makes it a bigger target for malicious apps, including fake security apps that do nothing other than empty your wallet.
Virus Shield is the best-known example. This app, which has no AV capabilities at all, topped the Google Play Store charts a year ago after fooling thousands of people into downloading it for $3.99 (£2.65). The website Android Police exposed the scam (www.snipca.com/18685) and Google took the unusual step of refunding everyone who’d bought the app - coughing up around £160,000.
In October, security firm ESET found that malicious apps were installed more than 200,000 times in one month after bypassing Google Play Store security (www.snipca.com/18682).
We still urge you to install apps from official sources only, but these examples show that even Google can be hoodwinked into hosting dangerous apps.
Furthermore, never root (‘jailbreak’) your tablet or phone If required to do so by any app. It makes your phone unstable, much more vulnerable to threats and voids your warranty.
How to make AV work in XP
Many AV suites still work in Windows XP, which is no longer protected by Microsoft. However, no AV can keep you completely safe in an unpatched, unsupported OS.
Instead, use a portable security tool that you can download using Windows 7 or later, then run it in XP from a USB stick.
Both Kaspersky and Avast let you create bootable versions of their AV programs. This means you can run them from a USB stick and remove infections before Windows even starts up.
For Kaspersky’s ‘Rescue Disk’ (www.snipca.com/18046), insert a USB stick (256MB minimum) and then click ‘The ISO image of Kaspersky Rescue Disk 10’ and ‘The utility for recording Kaspersky Rescue Disk 10 to USB devices’. For Avast (www.snipca.com/18699), click ‘Create Rescue Disk on a USB drive or CD’ and follow the instructions.
WHY TWO AVs ARE WORSE THAN ONE
Common sense would suggest the more security tools you've got, the safer you are. But if there are two AV products installed and running in your PC, that means war - and you'll be the first casualty.
This is what we mean by 'conflicting' AVs. Any installed AV suites run constantly in the background. In a worst case scenario, if two are running at the same time they will identify each other as infections and effectively cancel each other out. At best, according to Simon Edwards, "they'll badly affect your PC’s performance. It's very unwise."
This is why we never recommend installing AVG or MSE as a "spare" AV simply because they're free. They'll make your computer crash, and they may even prevent your main AV from working properly.
AVOID CONFLICTS WHEN SWITCHING AV
If your current AV has expired and you want to install a different one, or you simply want to switch AV products, you should uninstall the existing one first.
Microsoft's built-in security tool Windows Defender will protect you in the interim. Defender is not exactly the most powerful of security tools, but it’s a useful safety net while you'i between AV programs.
Once you've removed the old one (completely, using IObit Uninstaller), install the new one and run a full scan with your new AV. Windows Defender will disable automatically once your third-party AV is up and running.
Conflict problems don't apply to portable malware-removers like the free version of Malwarebytes Anti-Malware (www.snipca.com/18658) and adware-removers like AdwCleaner (www.snipca.com/18659), because they don't run constantly in the background. Just make sure to use the current version, so they can catch and kill the latest threats.
PC HELP THAT'S ALL PAIN AND NO GAIN
When we searched Google for 'avg can't remove', the top result was an outfit called Guru Aid, complete with a reassuring UK web address. You'll see GuruAid in Google results for many PC problems.
Don’t be fooled. GuruAid is neither UK-based nor helpful - it's a money-making scam. The firm, based in Connecticut, USA, demands your credit-card details before handing over any advice. Its phone number is "toll-free", a US phrase that means the call is free (but only from inside the US).