Help Me Choose Antispyware

I currently am running KIS 6.0 and SpySweeper, some minor slowdowns of course, I am considering dropping Spysweeper (not that it doesn't work) it just seems to slow the system down a little too much, then again KIS could be slowing the system down as well. Either way if I was going to change Anti-Spyware software, which would be my best bets. I have seen people here praise (CounterSpy, Trend Micro and AVG Anti-Spyware). Which do you think would run the best with KIS 6.0 of course SpySweeper is still an option. Please don't recommend a product over another one just because it might be free. If I have to pay for something that is a better product that is fine. Also you are free to recommend other products that are not listed since I cant possible know all products that might be available.

Thanks All,

Billy S.

 

http://www.spywarewarrior.com/rogue_anti-spyware.htm
Here you can find Anti-spyware that isn't what they say it is lol, and trustworthy ones .
http://www.spywarewarrior.com/uiuc/soft6.htm - trust these
http://www.spywarewarrior.com/rogue_anti-spyware.htm#trustworthy - check this

 

for a light antispyware id suggest superantispyware pro.

 

You might not need an antispyware. You've got KIS. Relax. You don't need a standalone IMO.

 

I think with KIS u don,t need an antispyware.
My view is taht if u download and install with wisdom u don,t install spyware urself. Now all that left is drive by downloads. In my opinion any good AV should be enough to take care of these. Otherwise If u are doing anything while on internet and installing anything, I don,t think any real time antispyware is going to protect u in the long run
I wonder how maay times u people get a warning from ur antispyeware in real time? I don,t get at all but again I am a very very safe surfer.

 

I recently got rid of Spyware Terminator but when I had it, I got ZIP warnings besides BHO's that I purposely installed, or startup warnings, again, purposely installed stuff.

 

Ya I mean realy malware pop up.

 

I use Trend Micro Anti-spyware and it is very trustworthy, easy to use, and I like it alot. Other anti-spyware programs I would use would be counterspy(when they iron out the resources it uses) and CA etrust anti-spyware.

 

That is one way it works, depending on how you have it configured. It pretty much alerts to everything. Relies on the user knowing whether an alert is from an intended application, as in the case of your installing toolbars, or not.
Personally I find the application (SpywareTerminator) excellent.

 

Why use one of the blacklist scanners realtime and suck up your resources when they can be used as on demand.

Use Firefox with adblock and noscript extentensions run through Sandboxie as a first line of defense and you will be better protected than any realtime blacklist scanner can provide.

 

Originally posted by Franklin

What would that be, then?

 

I would look at CounterSpy when 2.0 beta goes final.
I understand that you don't mindpaying for it.Still,Sunbelt offers CS at a reasonable rate for license and renewal.

You could try SAS pro and see how that runs for you.

 

I really don't recommend a standalone AS for you. You REALLY shouldn't waste your money. I'm telling you now, I don't think you need it. Sure spyware is prevalent, but you have KIS. Just be careful and you'll be fine. I don't want to see another person waste money on things they dont need. Don't buy anything, IMO.

 

I think if you use Firefox or Opera instead of IE no need an on-access anti-spyware program, install Spyware Terminator free edition and make a weekly scan just to be sure (also this way saves your money) .

 

Thanks for the reply, as i stated though i do have spysweeper and it seems the new version is slowing down system a little more than old version, from what i understand you think im ok with just KIS and no anti-spy?

 

I will give it a try when it is released, but as KDM said I might not need anything other than KIS?

 

KDM may be right.
I don't use KIS so I can't comment on it.
My answer is based on the idea that you may be looking for an alternative to SpySweeper.

 

u should be fine w/o realtime antispyware as KAV/KIS do offer excellent protection. u can use one or two on-demand scanners if u like.

 

Given the poor performance of most of these products, I don't think I'd be inclined to hand over moneu for the priviledge of their use.
http://malware-test.com/smf/index.php?PHPSESSID=8308f31ad55eebc857b437b29ab43bd6&topic=2359.0

 

The thing about antispywares is that none give the coverage that good AV's give concerning viruses. So if you want to be sure, get AVG AS, Spybot S&D, SuperAntispyware, A-Squared, all free on-demand scanners, and the Spyware Doctor trial to re-check.
For resident, it's like the others said. Try to prevent it, by using Opera/Firefox, plus a sandbox.

 

Mainly use Opera have those anti-spyware progs on my Win2k machine, and all but a squared on my xp since it won't insatll. There are also online anti-spyware scans, Trend Micro do one.

 

AVG AS and SAS first, A-Squared second and Spy Bot S&D and AdAware SE third.
No need for paid scanners

 

I just removed SpySweeper, I cant believe how much faster my computer seems to be right now.

 

I agree with SomeOne

I Sandbox/virtualisation will do. With Kis you already have a blacklist, heuristics and behavior protection. Try to stay away from overlap.

See explanation

When you look at different HIPS, they can be characterised by the basic approaches they use. HIPS often use different approaches in one solution. That is why it is so confusing to understand them.

At the highest level there are 3 main approaches (1, 2 and 3) with each some sub-approaches (the A's and B's).

1) Using signature based reference lists.

A) black list approach
This is common in most AV and anti-spy applications

B) white list apporach
This is common part of classical HIPS applications (like SSM, Antihook, Dynamic Security Agent, ProSecurity, Process Guard, Appdefend, et cetera).

2) Using intelligent pattern recognition

A) heuristics or code patterns recognition:
These actively or passively scanning parts of code for potential malicious activity, the idea is to recognise code patterns in a intelligent way whether the code has good or bad intentions. Heuristics is becoming an important add-on to AV-programs. Some have even artificial intelligent rules engines to eveluate those code patterns.

B) behavior blocking or application/process behavior patterns.
This type of security software recognises potential dangereous behavior (like dll or data injection, or adding a hidden process/registry entry). The intelligence and limitation of this type of security software that an anomaly (strange behavior) is not per se malicious. Most of the classical HIPS also use this as a part of their security approach (e.g Antihook, SSM, PG warn/prevent when software tries to inject dll into another process). Some firewalls (like Comodo) apply this on network level and some innovative AV's have extended their heuristics with behavior blocking.

3) Seperating the execution environment.
These fall into two main classes (with each two sub-approaches). The classification gets 'blurred' because the term Sandbox and virtualisation are used together. Therefore in Netherlands we use this type of classification.

A) access right restrictions ("sand boxing")
This approach is aimed at restricting the rights the user has to perform. This type of protection has two main differences:

- The ones which only affects "privelage restriction" of programs.
Examples are DropMyRights and Amust Defender, this are also called "Sandboxes". The down side of these privelage restriction is that it also limits the user in functionality.

- The ones which also effect the "privelage restrictions" of files which are created by those programs.
Examples are GeSWall and DefenseWall. They remember the trusted or untrusted state of the files created. The advantage of this type of programs is that they use "seamless security": no restriction in functionality and no seperation of file and or operationg system. Seamless is sometimes also called virtualisation (one of the reasons for confusing).

B) Virtualisation.
This approach is aimed to allow the user to make bigger changes in the registry and file system because they do not really affect the underlying system.

- Virtualisation affecting the file system only
This type of programs seperate the virtualised applications from the file systems. So they make the changes in a seperate file layer. The changes can be turned back afterwards. Examples are Sandboxie and BufferZone. This type of programs also apply rights restrictions (in side and out side the virtualised file system).

- Virtualisation also seperating the OS-system
This type of programs seperates the virtualised system including OS from the protected system. Some applications require n another OS in the virtualised system (like VM Ware), others seperate snapshots of the same OS (First Defense ISR).