Do I need anti-spyware software?

This is my current security setup:

Anti-virus: Kaspersky Personal 5
Firewall: Sygate Personal Pro
Misc: Process Guard

I used Microsoft Antispyware for 6 months and to be honest all it found was tracking cookies. Process Guard alerts me to any strange things going on in my system. I've installed Windows Defender now and it really sucks. I'm thinking of uninstalling it. As I have Process Guard, is it worth keeping a seperate anti-spyware product?

Thanks for any advice

 

What happens when you install a program - do you disable PG? If so, it is not going to help you with any spyware\adware that piggy-backs in with the software you install. It is also possible for stuff to get installed through your browser, where, for example, you have failed to set Rundll32 to 'Permit Once' in PG, or accidently click something through etc.

Obviously it is a good idea to do periodic check-ups with AS progs to give your system a clean bill of health. As to whether or not you need realtime AS monitoring I don't know, it would depend on your surfing habits etc, but I personally like to have it - though I'm not going to claim it is essential.

Running KAV with extended data-bases should pick up most stuff, but I doubt that it will find all the low grade Adware type nuisances and dedicated AS packages would certainly help with that.

 

Well I never disable PG, it picks up everything during the installation of software. Also have rundll32.exe set to Permit Once so its OK I also have KAV with the extended database, so it should be OK. Looks like I'll be uninstalling Windows Defender now...

 

I had always assumed that one needed one each AV and AT. In addition, anti-spyware apps such as Spyware Doctor, Spyware Guard, and Adaware were necessary to prevent infection.

I am re-thinking this in light of the problem I just had with too much anti-stuff on my system.

I am wondering if the paid programs, such as Spy Sweeper, Counterspy, and Spyware Doctor, really add anything to these;
Bit Defender or pick an AV, Ewido, Spyware Guard, and Adaware.

I do not really recall that my paid AS ever found anything except FP. I suspect that Ewido is a good AS in addition to being an AT. Plus with SG and Adaware I seriously wonder if a paid AS is a useful addition.

Jerry

 

Is a realtime AS 'essential' ? No.

Generally : It all depends on what you do on the net, what security settings you have, what other programs you run, and what you are comfortable with.

KAV, PG, + Firewall (and firefox if you have it) is pretty good for when you are surfing the net.

I know I haven't had an infection in ages (I think over a year now...before I started hardenning my browser settings etc...and I run regular scans with a variety of products).

The only realtime protection I run is ShadowUser, Online Armor, AV, and Prevx1 (however I only run both OA and Prevx1 together because I like watching them develop...not because I need both).

Actually...even that seems too much these days...none of them have ever alerted me to anything.

Of course every person should have the amount of protection they feel comfortable with.

 

Vikorr,

Thanks for the reply.
My own apps are Bit Defender 9, Ewido, LnS firewall and I am also behind a NAT, SG, Adaware, and Spysweeper.
I also have Firefox, Snoopfree, UnHackMe, and Win Patrol. I like WP as it gives info as to what is running and what the app is in the Plus version.

I do have paid versions of Counterspy (on my notebook) and Spysweeper. I see no reason to ditch them, but maybe using them disabled, but as a scanner is the best way to go.

I think if one has KAV he does not need an AT from the results of AV Comparatives.

Jerry

 

Hi Jerry.

I like WinPatrol too – it has a very user friendly GUI, and also perhaps the best startup manager I’ve come across (seeing as you can ‘disable’ and ‘enable’ programs in the autostart list).

Do you have KAV? Your list says BitDefender.

I’d be tempted to run just KAV(or BD if that’s what you have), Snoopfree, and your software firewall…and have the others for on demand scans (I think Unhackme is just an on demand scanner? I’ve never used it).

If you feel uncomfortable with just that, then I’d personally add only one of either CounterSpy/Spysweeper/Ewido. The incremental benefits from adding more than one of those, in my opinion, would be very very minimal (and besides, they’d just use up resources on your computer)

 

Hi Vikorr,

I agree that WinPatrol has some nice funcitional utilities that can come in handy (like you said regarding the startup programs manager)...even if it is not ran in resident.

Regarding UnHackMe....it IS or can be used as resident (user option)....but in the default setting it is set as resident and to "scan" at whatever interval the user chooses (1,2,3 minutes etc.). The scan takes only about a second or two max, and the most frequent interval that it can be set to scan for is every 1 minute. But checking for rootkits every minute is probably about as often as that check would need to be done.

 

Thanks for the info JR. Well, once a minute is not hard on the comp (though I'd probably set it to maximum...30 min or whatever it is), so running it resident sounds fair enough.

 

I do not have KAV, just BD. Kav has a much better detection rate for trojans according to AV Comparatives. I am hoping BD improves its detection rate of trojans. Actually, I think it was better last year than it is now.
The Aug 05 test showed its detection rate for trojans as 93.96%, and this last test as 87.89%. Maybe not much, but not comparable to the close to 100% for KAV.

I know that it is said that detection rates alone should not be the criterion for choosing an AV, but what else do we have to go on if the app runs ok on our machines?

FWIW, NOD showed 92.68% last year, and 96.29% this year.

I am considering trying NOD to see how it runs on my machine. I did try KAV on my laptop, and it would not update, but I may retry it on this desktop. Its detection rates in all areas do reduce the need for other anti-malware programs.

I never notice UnHackMe or Snoopfree.

Jerry

 

Fair enough, a number of other people feel that way.

There are other things to consider as well though :

-different AV's behave differently on each individual machine (some conflict, or run sluggishly on certain setups)
-renewal fees are different (BD is quite reasonable I understand)

 

If you use Firefox with java turned off and noscript extension (to choose your javascripts), I would say that you dont need any antispyware. Ever since I started to use Firefox a couple of years ago the antispyware apps became obselete. Once every other month or so I run Spybot search&destroy out of curiosity to see if anything has happend but it never finds anything than an occasional harmless tracking cookie.

 

Hello,
I think it's a nice solid setup. What's your browser? If it's non-IE, then you're ok.
Mrk

 

MSAS does not detect any type of cookies at all!!

 

Well we are assuming that you don't get adware spyware from other sources such as those bundled in software right?

 

That´s right. Never happend to me, even tho I test alot of software. But of course I never install programs that are known to have spyware.
As I said I do scans with spybot S&D (and occationally with other anti spyware such as MS giant, ad-aware for example) just to see if I can have anything, but either the anti spyware are totally useless or I just dont get any spyware. I have other means of monitoring strange behaiviour too. I actually do find it hard to get infected with anything :/
(If someone has a link to something really bad - please do PM me the link or suggest something else where I could test my system safety, because I start to think that malware is a myth nowadays )

When I used Internet explorer it was a different story
But to be fair, I did not tweak IE to be safe and I was logged in as an admin back then (still are btw)
My point are this: If one is not prepared to tweak the IE and log into windows as an restricted user - then it is safer with Firefox and a couple of extensions (or Opera for that matter) If you on the other hand do tweak IE and run as an restricted user, the anti spyware apps are of no use anyway. I guess same goes for HIPS (which I use, mostly for educational purpose in lack of infections and stuff )