Lavasoft may be best known for its free Ad-Aware antivirus, but the company offers several other levels of protection. Ad-Aware Total Security 11 ($48 per year, direct; $69 for three licenses) is the top of this product line. In addition to antivirus protection that’s better than what’s in the free product, this security suite offers a firewall, parental control, phishing protection, and a separately-installed privacy toolbox. There’s no spam filter, but not everyone needs antispam. However, the quality of the components varies quite a bit.
In a way, Ad-Aware Free Antivirus+ 11 serves as a preview to this suite. The main windows of both products are laid out exactly the same, with all the same controls. It’s just that in the suite, all those controls are enabled while in the free antivirus most are disabled.
Lavasoft does offer two other products in between the free antivirus and this suite. Ad-Aware Pro Security 11 ($36 per year, direct; $54 for three licenses) includes everything except parental control and the privacy toolbox. Ad-Aware Personal Security ($24 per year, direct; $42 for three licenses) further drops the firewall and real-time email scanning but includes the advanced antivirus features. Depending on your needs, one of these may be a good choice for you. I’m reviewing Total Security because it includes every single feature contained in the others.
The free antivirus includes basic malware blocking and removal, and did a decent job in my hands-on tests. The suite adds email scanning and protection against malicious websites. My malware blocking test doesn’t involve email or the Internet, so I wasn’t surprised to find I got exactly the same results as I did with the free antivirus.
Ad-Aware wiped out 83 percent of my malware samples right away, as soon as I opened the folder. Once the initial bloodbath ended, I launched the remaining samples. Lavasoft’s suite didn’t do a thing about those; they all installed fully. Ad-Aware’s 8.3 points for malware blocking is lower than that of most recent products.
There’s a five-way tie for first place in this test. Among those sharing the top score of 9.4 points are F-Secure Internet Security 2014, Avira Ultimate Protection Suite (2014), and AVG Internet Security 2014.
Ad-Aware made a more impressive showing when challenged to block downloading of recently-reported malicious URLs. I started with a list containing thousands of URLs gathered by MRG-Effitas and skimmed out those pointing to malicious executable files. Then I went through the list trying to download each one. Even though these URLs were just hours old, quite a few had already gone missing. I kept at it until I had checked about 100 still-functional links.
The Web Protection component kicked in to block 68 percent of the URLs, preventing the browser from opening the dangerous sites in question. However, the antivirus didn’t block any of the downloads that got past Web Protection. This test is fairly new; I’ve only run it on six products so far. Just one of those, avast! Free Antivirus 2014, scored higher than Ad-Aware. Avast! blocked 69 percent of the malicious URLs and whacked another 10 percent during the download process, for a total blocking rate of 79 percent.
Note that the sample set for this test is never the same; rather, it always includes the most recent malicious links that I can get. But then, in the real world that’s exactly what a user is likely to encounter. The chart below reflects the results of both tests. For more about my hands-on testing, please read How We Test Malware Blocking.
Ad-Aware Total Security 11 malware blocking chart
No Help from Independent Labs
I do like to get my hands dirty, putting security product features to the test, but I don’t have the resources of the big independent testing labs. I always like to check a product’s lab results, especially the innovative real-world tests from labs like AV-Test, AV-Comparatives, and Dennis Technology Labs.
Unfortunately, the labs give me next to nothing about Lavasoft’s products. None of the three I mentioned include them in testing, and they also don’t participate with West Coast Labs or ICSA Labs. The only test results I have come from Virus Bulletin. Out of the last 12 tests, Lavasoft participated in three and received VB100 certification in two. That’s just not enough to base a lab-test score on. The chart below does summarize recent tests for other vendors. To learn more about how I boil down the many tests into these star-ratings, see How We Interpret Antivirus Lab Tests.
Ad-Aware Total Security 11 lab tests chart
Ad-Aware’s free antivirus doesn’t include phishing protection, but all of the paid products do. When I tested it with the very newest fraudulent URLs, it did a better job than many. However, Norton Internet Security (2014)’s detection rate came in 22 percent higher than Ad-Aware’s. Top scorers in this test are Bitdefender Internet Security (2014) and Kaspersky PURE 3.0 Total Security, each of which managed a detection rate 3 percent better than Norton’s.
For a full explanation of how I gather the very latest fraudulent websites and conduct this test, see How We Test Antiphishing.
Ad-Aware Total Security 11 antiphishing chart
Ineffective Parental Control
Parental control in this suite falls under Web Protection. To enable it, you must define a four-digit PIN and supply an email address in case you need to reset the PIN. With that task out of the way, you choose one of five profiles for age-appropriate content filtering, or choose a custom set of categories. Whatever you choose, it affects all users; you don’t get per-user configuration.
There’s no way to see which categories are blocked in each profile. You only see the list of categories if you choose to create a custom collection. In the custom settings page you can choose any of 11 high-level categories, or expand one category at a time for more granular control. The organization is just plain odd. For example, the top-level category “Health / Medical” contains just one entry, “Health,” and “Cultures / Society” contains only “Religious.”
I set it to “Children Restrictive (under 12)” and trolled for inappropriate websites. The content filter works in any browser, and blocked some of the sites I tried, but let a number of porn sites slip past. It also lacks the ability to filter secure (HTTPS) websites, so a clever child could subvert the whole system by logging in through a secure anonymizing proxy website.
There’s a simple three-word command line sequence that will disable a handful of poorly-made parental control systems. Ad-Aware is one of those few that crumbles in the face of this command. Parental control in FortiClient 5.0 is similarly limited to content filtering, with no per-user configuration, but at least it resists this particular attack and also blocks secure anonymizing proxies. It also gives you a list of blocked sites (and which user tried to visit each); Ad-Aware does filtering only, no monitoring.
This suite component is worthless. If you actually need parental control, consider using a powerful stand-alone tool like AVG Family Safety.
Ad-Aware’s firewall did a decent job blocking exploits. When I attacked it using the Core IMPACT penetration tool, it identified 11 of the 30 exploit URLs as “Dangerous.” The antivirus caught another three when they tried to drop a malicious payload. Overall it blocked just under half of the attacks. That’s better than F-Secure and AVG, among others. Note, though, that Norton blocked every single exploit and supplied the exact exploit name for a quarter of them.
Exploit protection is about the only thing I like in this firewall. It did manage to stealth all ports, but even the built-in Windows Firewall manages to stealth all ports.
Most personal firewalls also manage network access by running processes. Some, like Norton, handle the process entirely within the program. Others will pop up a notification when a program attempts network access for the first time, asking the user what to do. I don’t approve of this “noisy” type of firewall. The user isn’t equipped to answer those questions.
However, there are things worse than being noisy. Ad-Aware used to let you set the firewall to Allow (the default), Deny, or Ask. This edition removes Ask (the source of those pesky popups) as an option. If you want any program control at all, you must set the firewall to Deny by default, and then manually define a firewall rule for any programs that should be allowed access. Right, so, the user who couldn’t choose correctly between Allow and Block is now going to correctly fill in the complex set of choices that define a firewall rule? This is not the right solution to the annoying firewall popups.
Although I doubt many users will even attempt it, I tried setting the firewall to Deny and adding a rule to allow all access by Internet Explorer. It didn’t work. I tried Firefox, with the same results. I even defined a rule for a hand-coded tiny browser I wrote myself. None would connect. My Lavasoft contacts confirmed that at present this feature is broken.
There’s one very real way in which none of this matters. A malicious program would have no trouble totally disabling Ad-Aware’s protection. I had no trouble terminating its running processes and stopping its services. This firewall needs to go back to the drawing board.
When you purchase Ad-Aware Total Security, you get a separate download link and registration code for Lavasoft Privacy Toolbox. It’s a little easier than Trend Micro Titanium Maximum Security 2014, which comes as four separate downloads, but you do have to make two installations.
The appearance of the privacy toolbox is also quite different from that of the main security suite. Where the suite’s main window uses pastels and links, the toolbox is painted in bold colors with plenty of buttons. As it turns out, this tool actually comes from Lavasoft partner SafeIT Security, also a Swedish company.
You can just drop a file or folder onto the desktop icon to start the encryption process. I like the fact that by default it offers to shred (securely delete) the original. Click Encrypt, supply a password, and you’re done. It even offers to shred the log of its own activities.
The encrypted file, which has the file extension .safe, resides in the same location as the original. Just drag it onto the desktop icon to start the decryption process. You can also choose to create a self-decrypting file, for sharing with someone who doesn’t have Ad-Aware. Those who understand such things can choose among four encryption algorithms; Blowfish is the default.
Advanced File Shredder
As noted, the encryption tool offers to shred unsecured originals after doing its job. You can also shred any file or folder, either by choosing it within the File Shredder or by right-clicking it and choosing shred from the context menu.
By default the file shredder uses a simple algorithm that overwrites the file’s data once and then deletes it. You can choose from a dozen more algorithms, a dizzying collection in no particular order all the way up to one that overwrites the data 35 times before deletion. It’s not clear how you’re supposed to make the choice, but the one-pass default will foil the vast majority of techniques for forensic file recovery.
This tool can also handle files that you deleted previously, through the simple technique of shredding all the unused space on your drive. The process takes quite a while, but when it’s finished there will be no incriminating data lurking in that free space. For a full and total whitewash, you can have it also shred the “slack,” a term for the unused storage space at the end of every file’s last data cluster.
The two tools in the privacy toolbox are definitely intended for power users, if not experts. If my descriptions made your head spin, consider looking at Ad-Aware Pro Security 11 instead.
Tiny Performance Impact
The dinosaur age of security suites that visibly slowed system performance is long gone. Hardly any modern products create a serious slowdown. Even so, some have a lighter touch than the rest, Ad-Aware among them.
Real-time protection against malware typically means a security product will scan files on any kind of access. Heavy-handed on-access checking could conceivably slow normal file operations, so I timed a script that moves and copies a big collection of huge files between disks, first with no suite and then with Ad-Aware installed. Averaging many runs, I found the script took 8 percent longer under Ad-Aware, way less than the current average of 19 percent.
Another script that repeatedly zips and unzips the same file collection was even less affected. It took just 1 percent longer with Ad-Aware keeping an eye on things. Given that the average for this test is 14 percent slowdown, that’s impressive.
Security protection needs to load as soon as Windows starts, which can affect how long it takes to boot the system. My boot-time script times how long it takes until the system is ready for use (defined as ten seconds in a row with no more than 5 percent CPU usage). Averaging 100 tests with no suite and 100 with Ad-Aware active, I found Ad-Aware slowed the process by just 8 percent. The suite average for this test is 25 percent.
For more detail about how I test performance impact, see How We Test Security Suites for Performance.
Ad-Aware Total Security 11 performance chart
Pick Something Else
This version of Ad-Aware adds parental control, but the parental control system is rudimentary and ineffective. Lavasoft updated the firewall to avoid annoying program control popups, but unfortunately their solution requires the user to manually define firewall rules—and it doesn’t work. It does a good job of phishing protection and blocking malicious web sites, and the bonus file encryption and shredder are nice, but I just can’t recommend it.
For just $10 more you can get a three-license subscription to Norton Internet Security (2014) or 4.5Bitdefender Total Security (2014), both full-featured suites and both Editors’ Choice products. Either of these will be a better choice.
Copyright © 2012 Ziff Davis, Inc