The Cleaner Professional: Cleaning Up Malware Contamination System Monitoring and More Joe Moran
System Monitoring
The first step for a malevolent piece of software to get its hooks into your system is to modify the Registry (behind your back of course). To guard against this, TCMonitor runs in the background and keeps an eye on things, flagging you whenever a Registry change is attempted.
When a change is detected, TCMonitor pops up a warning accompanied by a rather jarring siren sound that plays over and over again until you dispense with the warning. (Only one alternative sound effect is offered, though you can substitute the .wav file of your choice or dispense with the audio altogether.) TCMonitor can also notify you via e-mail, which is nice.
With TCMonitor running in the background, we set out looking for some spyware. Before long we found some, and luckily, so did TCMonitor. We also ran some of the tests available at www.spycar.org, which, among other things, attempt to modify your Registry, change your browser settings, and execute programs the way a malicious program might. In this case, TC Monitor flagged every attempt at a Registry change, but it didn't prevent many of the browser changes or program executions.
But there's another catch: While adept at detecting Registry changes, TC Monitor makes responding to them more difficult that it should be. It's initial warning tells you which Registry key is being changed, but to examine the actual change you must click a button to open another window. Moreover, since TC Monitor displays two columns that list the key's entire contents before and after the change, the potentially damaging modification isn't always immediately obvious.
If you decide that the change is unauthorized your recourse is to click a button to launch the Windows Registry Editor, which you must then use to manually delete the modification yourself. We would much prefer a single dialog that warns of the modification, displays all the relevant information, and then offers the option to accept or reject the change.
The Cleaner Professional lets you schedule your scans and even the downloading of program updates, but here too the interface leaves something to be desired. You can create a new scheduled scan or update from within The Cleaner Professional, but the program then drops you into Windows Task Scheduler to configure the day/time along with any other options.
Conclusion
The Cleaner Professional works with most versions of Windows (98, Me, 2000, XP, Vista). (There's no Mac or Linux version, but who attacks those operating systems anyway, right?) You can download a fully-functional version of The Cleaner Professional to use for a 30-days. Registering the software after the trial period will set you back a $49.99 (plus an additional $4.99 and $10.95 if you want extended download rights or a CD, respectively). The welcome dialog box offers a link to purchase the software at a 10% discount, but no such discount was applied when we followed it.
It's hard to recommend a program that requires users to jump through so many interface hoops as well as interact with standard Windows tools like Registry Editor and Task Manager. When you add that with the software's uneven performance and relatively high price tag, the final verdict is clear: There are simply more effective, user-friendly, and lower-cost options in the never-ending quest to keep malware at bay.
Pros: Offers stealth mode, e-mail notification for discovered malware
