This week’s test drive is Ad-Aware Total Security Suite 2011. Also flaunting dual scan engines like last week’s test drive subject, The installer was a little intimidating at almost 400 Megabytes!
For the purpose of this test, I left all settings as they came when first installing, except the firewall, which I set to high security. And then the fun began. As usual, the test consists of trying to infect the test computer by visiting known malicious websites and observing the security product behavior when doing so.
Went to the first malicious website, containing a fake antivirus. Loading the website lagged momentarily (Ad-Aware was checking the content of the website before allowing access) and then denied access to the malicious website, announcing through a pop-up window there was malicious content and access had been denied. HOWEVER, I did get prompted to download a file (info.exe) and when, emulating a less than expert user, I clicked to download it and save it, it did so. And then when I tried to open it, there was no protest from Ad-Aware!
The only reason why the computer did not get infected when doing that was, well, a technical unrelated reason. Just to make sure the file was indeed malicious, I submitted it to a website that checks any given file against 36 different scan engines from different security companies. To be fair, only ONE scan engine labeled the file as malicious. So what we had here was a very new infection that had not made its way yet to the signature files of most scan engines. But regardless, it was a miss and the behavioral (heuristic) module should have detected it. Because of the technical reason that impeded its execution, we’ll give it the benefit of the doubt and not flunk it right away, but keep on testing.
Second try, malicious page on a youtube.com link (very popular these days). One of the scanning engines successfully spotted the maliciousness and denied access to the website altogether, both popping up a window and placing a message smack in the middle of the browser instead of the intended page, letting the user know the link was a malicious one. Pass on this one.
Third round: A Trojan hidden in a malicious website. Similar result to the first round. In fact, so similar, I took the malicious file and executed in a controlled, yet uninhibited environment (a “sandbox”) and soon realized it was basically the same file with a different name. Moving along then.
Fourth round: A different, very malicious type of Trojan, hidden in a Russian website. Ad-Aware successfully identified the malicious code and denied access to the website altogether. Good.
Fifth, sixth, seventh rounds: Like the second round.
Conclusion:
The test drive is considered a pass, since no infection occurred and no malicious payload delivery occurred, and no breach of data or behind the scenes connection happened, no matter the attempts to do so.
A note on system resources usage: I counted 9 different processes running in the background to make Ad-Aware Total Security Suite work, with over 400 Megabytes of system memory being used altogether. So needless to say, old computers with relatively low memory should stay away. Newer computers, with plenty of system memory, won’t mind (My test computer, for example, has about 8,000 Megabytes of memory, so it’s undisturbed by a process using 400 Mb).
So that being said, we can add Lavasoft’s Ad-Aware to the list of security suites that have survived unscathed my test drive. These are, in the order they have been tested:
1. Kaspersky Internet Security 2012.
2. VIPRE Antivirus Premium.
3. ZoneAlarm Extreme Security Suite 2012.
4. Avira Internet Security Suite 2012.
5. Emsisoft Internet Security Pack.
6. Lavasoft’s Ad-Aware Total Security Suite 2011.
Stay tuned for more test drives in the near future. Next one is probably going to be F-Secure, which releases its 2012 version next week.