Xoft Spy U3 Portable anti-spyware Review
Xoftspy SE goes portable
The market of anti-spyware applications faces a fierce competition. Huge PC security software suites with integrated anti-spyware modules, stand-alone solutions, all kinds of removal tools, and rogue antispyware - there's definitely something to choose from and a lot to stay away.
I'm a big fan of free software. Well, except Windows, because I'm used to it and feel kinda conservative (perhaps lazy?) to go for Ubuntu. But I have installed XoftSpy SE Portable Edition onto my Sandisk Cruzer Titanium, and feel happy about it since the very first day because it helped me a lot several times.
XoftSpy U3 Antispyware: GUI scan
The whole concept of U-free devices changed my attitude towards true mobility. I remember the days when I used to carry an external 40 GB hard-drive in a cage, with adapter, USB cable and power cord. That's 1 Kg of weight I guess. But that was merely a storage device, nothing more. It was inconvenient to use, dependable on a spare socket, and quite a fragile device (it wouldn't survive a drop off a table).
A U3 USB flashdrive is more than a storage option - it's a portable "Program Files" folder. Though I care about the size and number of installed applications so that to have about 1,5 gigs of free space. As you see from the screenshot above, my SanDisk Cruzer 2 GB is equipped with Avast! antivirus in addition to XoftSpy anti-spyware (it's because Avast! was supplied with a license at the time I ordered SanDisk's USB flashdrive), so that stylish little thingy is a real malware fighter =)
Believe it or not, PC's at work are protected by Eset's NOD32, and once it happened that an overall great antivirus didn't detect some nasty parasite. Online scanner was not an option because user accounts had limited rights assigned by the administrator. I called him, told about my suspicion regarding system infection, and asked whether I could just insert my U3 drive and run a Xoftspy scan. He replied 'Yes!' and I did that. Otherwise I'd had to wait until admin arrives.
Note: I'm an avid fan of Firefox! too =)
XoftSpy U3 Anti-spyware Scan
Paretologic Anti-spyware has a simple interface. Fancy skins and graphics for security software is the last thing I'd pay attention to, because I believe PC security is all about perfoming, and not looking.
Once XoftSpy is loaded, there's just one button to press: "scan". Difficult to get lost, uh?
XoftSpy U3 Settings
However, it is easy to customize the scan using the "Settings" tab. Pretty intuitive itself, it doesn't need explanations from the "Help" section (BTW, unlike you might expect, help-file is installed on U3 flashdrive itself, and not downloaded from the web each time you need it; I know how irritating it is to see a browser window opening whenever I click "Help" option).
Start scanning when the program loads.
Ticking this box will initiate automatic scan each time U3 flashdrive is inserted into USB port. I prefer to have some control over what's going on, so I keep this box unticked.
Scan U3 device.
Looks like a kind of preventive measure. XoftSpy will be scanning the flashdrive before going to PC hard drives. However, I have Avast! antivirus doing the same thing, so probably for my SanDisk it is not needed. I'm not that paranoid.
Scan processes an registry.
Ah, this is where things are getting more interesting. Desktop anti-spyware applications start scanning with processes running in memory and registry. Quite obvious it is important, so the option is checked.
Scan system folders.
Commonly spyware hides in Windows and My Documents folders - XoftSpy checks those places for malware.
Scan local computer folders.
This is where a separate folder can be specified for scan. Say, you have a bunch of files ready to be burnt onto DVD. A scan never hurts ;)
Enable ongoing protection prompts.
Actually, this is advertizing. If a scan detects malware, XoftSpy offers to download a trial version of its desktop counterpart - Paretologic Anti-spyware. But U3 edition removes infections nicely, so this advertizing option is not needed, and can be turned off. (Don't know why I keep it ON?..)
Automatically check for updates.
Very useful. Once XoftSpy is loaded, it automatically checks for updated anti-spyware definitions, and if there are some, then a box pops up suggesting to download the update. Of course, it only works when Internet connection is present. Earlier updates were issued twice a month, but over the last month I see them popping up once in a week. Unticking the box will stop the program from going online without your consent, and updates can be checked manually using the corresponding grey button.
That's it for XoftSpy anti-spyware settings. Nothing complicated at all.
Xoft Spy U3 Anti-spyware Restore
The "Restore" option might be used when XoftSpy identifies spyware. The program asks then to create a profile of infected files so that you could restore them back to original state in case you need. Personally I've neved done that because never had false positives. "Restore" works on every computer scanned by XoftSpy, so it keeps separate profiles for every PC.
XoftSpy U3 Anti-spyware Help
Finally, there's "Help" tab. As I've mentioned earlier, the reference file is kept on the flashdrive itself, so there's no need to look through the website.
What is more interesting here, is "Submit Log" option. If you happen to have some stubborn spyware that doesn't want to leave your PC for good, you can submit the log file to XoftSpy's labs, where they might develop a solution for your particular case ;)
Since this is a review, and not a sales letter ;) I guess I can write what I think is needed to be said in conclusion.
Not that many people would ever need to use portable anti-spyware on a constant basis. Among my friends I cannot name a one with a U3-capable flashdrive. They're all hapy with ordinary storage devices and look upon portable apps as a way of showing off.
I can't really call myself an advanced PC user, but tend to ;) and security is something I pay attention to. Whenever one of my friends asks me to come and see "what's wrong with my puter?", I always take SanDisk with me because it comes in handy quite often. Internet connection is not availbale in all households yet, so a portable flashdrive with installed apps conveniently replaces old-fashioned bootable CD-roms (it certainly takes time to rebuild ISO image every time there's a need to update antivirus definitions, etc). With U3, it's way easier; I just insert SanDisk, click on XoftSpy icon, the program automatically checks for new anti-spyware definition file, and runs web update if there's one available.
With its signature database, Xoft Spy Portable needs less than 10 Megs of space as of now. Because I tend not to keep apps that I don't need on a regular basis and I care about the space they occupy, this is a feature I like about XOFTspy U3. It's small and lightweight.
Portable anti-spyware is a better alternative to bootable CD's (which are impossible to update without re-writing), and as far as I know XoftSpy's U3 anti-spyware edition pioneered the market with its option to detect and remove trojans, keyloggers, adware and spyware directly from a U3 drive. I've seen Lavasoft SE 1.06 compiled for U3 flashdrives, but the company ceased its support at the end of the last year, so there are no updates provided for it. Seems like XoftSpy is the only app of its kind.
XoftSpy Scan Results
Below is a snapshot of a scan result window XoftSpy displays. As you see, there are infections found on the PC. The number of "Objects" corresponds to the number of lines in the window. All in all, there are 3 registry keys, 2 files and 1 registry value that are found to be malicious.
XoftSpy conveniently displays information for each identified threat - its name, type, path to location on a hard drive, etc. An interesting feature is available under "characteristics" tab - if you click on "View Details", you will be redirected to Paretologic XoftSpy's website where a detailed description of the threat is given. Of course it is for reference purpose only. As you may or may not know, each security software vendor gives its own names to pieces of malware, so one and same threat is referred to under different names. If you happen to run XoftSpy on a heavily infected computer with hundreds of parasites, there's little sense in watching details on every detected threat; it will take ages. So I suggest clicking the "Remove" button to clean the malware out.
XoftSpy Threat Cleaning
After clicking "Remove", XoftSpy asks if you want to save a backup before removing the found threats, or just want to finish the cleaning process. The backup will allow the restore of the removed files if you later discover that something of significant importance was deleted by the program. However, I can't really imagine the situation when most people would want to restore infected or malicious files or registry entries, so I click "Yes" straigt away.
XoftSpy Clean Process Finished
When the malware is removed, XoftSpy goes on advertising its dekstop countepart - Paretologic Antispyware (which replaced XoftSpy SE; this change in program reference has not yet been corrected by the debelopers of XoftSpy Portable, but I guess it's of very little importance to us, users). The desktop version of XOFTspy anti spyware features an absolutely crazy amount of known malware signatures, but this is a different story for another hub (hopefully).
XOFTspy Portable Anti-spyware Innovation Award
In April 2007, ParetoLogic received Innovation Award for XOFTspy Portable Antispyware. This stunning U3 security software was the first in the world to provide spyware and adware protection carried on USB flash drives.