Printer Friendly Version

Malware makers aren't standing still, so neither can your prevention efforts. "Malware" means any destructive or nuisance software that can load itself onto your network, and it covers viruses, Trojan horses, adware, worms, and more. Many of the latest threats use rootkits, software that makes itself invisible to the computer its on. Luckily, the first enterprise software that can detect and remove rootkits is here.

Webroot Software began in the late 1990s and for years was known as the producer of Window Washer, a diagnostic and privacy tool that cleans files from a user's hard drive. In 2002, the company unveiled the Spy Sweeper line of malware-prevention tools, and business suddenly took off for the small company from Boulder, Colorado. It now counts more than 300 employees in its various offices.

The consumer release of Spy Sweeper is now on its fifth version, and, as of this summer, the enterprise version is on its third. This latest earns major points for being the first enterprise product that uses direct-disk access to detect malicious software and then remove it.

Spy Sweeper Enterprise has a new architecture, and now uses four kernel-level driver components to launch early in the boot-up process. This is crucial, as malicious software often loads before anti-virus tools in order to avoid detection. With this new architecture, Spy Sweeper loads quickly, so that it can analyze the rest of the boot-up sequence.

The secret of Spy Sweeper's rootkit detection is its new direct-disc access, which permits it to read and write at the device level. The program scans computers' directories sector by sector, then compares its results with Windows' own information. When it sees a program that isn't visible to the operating system, it knows that it's found a root kit and it quarantines the program on its own.

The consumer version of Spy Sweeper already had rootkit detection, so the two are finally equal in features.

Besides rootkit detection, this version improves security with new shields for real-time protection. The developers have added to the program's existing shields with four that block ActiveX installations, browser-helper objects (those that rely on access through a Web browser), known spyware addresses (using a constantly updated database), and Internet Explorer settings exploits.

Spy Sweeper's admin console works through a Web browser, and can be accessed through a Virtual Private Network (VPN) from outside the office. (See screen shot.) You can use it to monitor areas of concern, such as networked PCs that haven't been scanned in a set amount of time or computers with outdated virus definitions. The software will respond to threats by itself, without outside action, and by default will quarantine problem files or applications for 30 days before deleting them, although the admin can change that response.

Spy Sweeper Enterprise's pricing starts at $24.04 (a one year license for one user) for a quantity of between 10 and 24 licenses, and comes down to only $9.99 for a quantity of between 5,000 and 9,999 licenses. The company offers a free downloadable 30-day trial for new users.

Spy Sweeper Enterprise's browser-based admin controls let you set what the program does when it detects spyware.

Printer Friendly Version