Whats the Best For RealTime Protection of Spyware.

I once used to have a bucketload of on access realtime protection programs running at the same time and my browsing suffered because of it.

Now for protection i simply have Kaspersky Personal 5, Outpost Pro 3 (with Antispyware) Spywareblaster and Counterspy 1.029 running on access. I also run CCleaner once a day or once everytwo days. I thought i was pretty much safe (i also never use I.E only Firefox).

However with what i have read with peoples recent opinions of Counterspy and its ability at on access blocking of spyware installing i am a little concerned. Especially as today i tried to install a program that had a piece of nasty spyware on it. Outpost spyware popped up first to remove it and said it had. Then Counterspy popped up to remove it too. And i thought that definitely had. I then a couple of hours later done an on demand scan with Counterspy and i was shocked to find that apparently that nasty piece of spyware was still found in the registry. And i removed it then.

So i am now very concened as both still let this thing install on my system. So i was wondering if it would be beneficial to remove CS. And Keep Kaspersky and Outpost 3 With Spyware.

But what is the thing i should replace it with to have protect my system from spyware installing, (And when i say protect i mean stop any and all spyware and espacially my main extrme worry diallers ever getting onto my system).

I have heard people mention, Regdefend. WinPatrol Pro and Process Guard (which i tried once but when i program hanged it wouldnt let me access Cntrl+Alt+Deleate to close the crashed program so i had to force a power down and it messed up my system for a brief period so i took that PG off there imediately, plus ive heard its for trojans and not spyware and hopefully my Kaspersky will stop them..

But are these three programs good at stopping spyware from getting on my system without it being too cumbersome to my daily activities like what happend with my trial of PG.

Thanks For your Help
Anthony

 

Not sure what to tell you Anthony. By all normal wilders standard, you have the best (or one of the best) AV,firewall, AS.

What types of registry entries did CS find? Perhaps it was just some traces, changes that occured before CS's real time monitor recognised what was going on. Were you suffering any adverse effects?

RD would have stopped those registry changes yes, but if the changes were with the keys being monitored AND you were smart enough to realise that it was dangerous and blocked it.

I suspect, RD wouldn't help much.

 

winpatrol with R.I.D looks interesting Anthony - certainly independent testers gave it the thumbs up (though it had difficulty with some of the beasties)

winsonar should stop you being victim of a driveby download but if you download something then whitelist it and execute it then there is no protection.

OA may address your needs - perhaps Mike Nash would care to comment?

also regdefend to protect your registry.

 

with regard to dialers - if you have a BT account you may find this useful (though i have found it throws up false positives once in a while)

 

This Online Armor from brief reading sounds interesting. Though i do come to wilders and other security forums a bit (not as much as i should though) and havent heard of it before. (maybe ive been reading the wrong posts).

But from what i have read from Download.com the reviewers seem to be saying its an Antivirus/Anti-Trojan. I believe i am more than covered with this aspect using Kaspersky (which has to be one of the best app i have ever tried, alongside Outpost and CCleaner which i use).

But if it is an AntiSpyware, Is this in the same league as MSAS and Counterspy and spysweeper or is it an antivirus with some antispyware capabilies. Similar to that add on for Mcafee Enterprise 8 that brings up more false positives than i dont know what.

Also finally if it is the one for me, does it by anychance offer any sort of Student Discounts, (I ask as all the other apps, even though they may not say it. Have gave me one after i have emailed and asked them very nicely, guess they all must know what its like to be a final year university student).

*Edit: I noticed a post here where someone has said a reduction of $10 is available if you have any paid security apps. If this does do what i want, what would you do to get this reduction. I have a serial i paid for. Will this if i gave it to OA will they go and cancel the serial for that app or are you allowed to still use it for that program alongside OA.

Also can i ask if it is an on access antispyware (which is all im interested in as i have Spybot and Adaware for on demand) but how is it at stopping my two main pains. xxxtoolbar and ExploitByteVarify. Which for some reason seems to be the thing that every single dodgy adult site i have ever went to has for some reason). So is it good at stopping those two swines i have read it is some sort of filter so will it actually remove them from the web pages before it loads or have i misunderstood the term filter.

Thanks
Anthony

 

i've extracted this from another thread Anthony - it was written by Vikorr - it will give you a flavour of what OA is about. i suggest you visit the OA forum and put your questions there i'm sure you will find them helpful.

Online Armor

Execution Protection with Whitelist/Blacklist
-Installation tracking
-Can uninstall what installations it has tracked
Phishing protection
-email filter (for tricks used by phishers)
-DNS checker (checks your high value sites against a central database)
-these are listed in the Protected Sites tab
Web filter
-filters ActiveX & Java (popup if site is unknown)
Trusted sites
-list websites intro Trusted, Untrusted, or Ask(?)
-trusted lets activex etc through, untrusted doesn't, Ask asks.
Keylogger Protection
-detects keylogger via behavioural means
Browser Protection
-I'm not entirely clear on this, says :
-IE extensions
-Homepages settings (for all browsers)
Hosts file protection

Pros
-Very easy setup
-User-friendly interface
-Fantastic support
- Mike listens to suggestions
-Frequent updates
-Program still works if you don't pay a renewal fee...you just don't get the updates (rather fair policy).
-Uninstalls completely (heard this from other users)

Con's
-Hmmm...ummm...it hasn't reached 1.2 yet !!! (when it gets registry protection)
-Still a few programs it conflicts with (I think...as they get fixed quickly...)

 

You can keep using the old software at your discretion and still be eligible for the discount. The crossgrade offer is our way of easing the pain for those who may have purchased other solutions.


Mike

 

If all that was detected was Registry entries and not the program files, then the scanners did stop the spyware but just did not fully clean up afterwards. Orphaned registry entries are not harmful (and you'll have them after uninstalling most programs also) but can bloat the registry if they are allowed to accumulate.

If you want tight control over what goes into your registry, then programs that intercept and block Registry access (RegDefend, KAV2006 and, I believe, Online Armor) are what you need to consider. Outpost's AntiSpyware plugin, CounterSpy and virtually all other software with registry monitoring capability work by polling (checking for Registry changes, then undoing any that are found) which can be countered by sophisticated malware.

I would be more concerned about the program you ran though, and why Kaspersky didn't flag it as malware.

 

The program i tried to install was called Bitcomet Accelerator. It comes with apparently some nasty bundled spyware software with it. Which i did not know at the time. And i think it was only when it was trying to access the internet (which was immediately after BCA installation) did Outpost come into action. It seems i dont really need Counterspy no more as Outpost now does its job then.

 

If you mean New.net then this is not strictly spyware since it does not collect or report information back. It instead provides access to "new" domains run by New.net - however it has caused problems for people including loss of Internet access if uninstalled incorrectly and has been bundled (sometimes surreptitiously) with other software so many spyware/adware detectors will flag it.

 

Well it's adware for sure.