Looking for an efficient ASW/AV combination

I am looking for an AS program to replace Spy Sweeper (5.5.x) which has become bloated and buggy beyond usability. I also use NOD32 for AV and so far SAS seems like the most likely candidate to replace the increasingly bloated SS. I haven't used it enough to have a definite opinion but so far SAS seems to use less resources than SS (which is no surprise) and as long as future update bugs don't start showing up then I hope that SAS can soon become my main AS program for the future. I have been trying out ThreatFire also and this seems like a nice complementary program to use with NOD32 and SAS. Any other ideas about this combination of AV (NOD32) and AS programs (SAS and TF) or any other configuration suggestions are appreciated.

 

Re: superantispyware

This is very interesting, it seems SoCalReviews and I have similar goals.

I have NOD 32 on trial, it is going very smoothly, and as well I have demoted SS to on demand status. As well, ThreatFire (free version) is on trial, it also is very light and trouble free!

Where I'm "weak" is ASW, in the gap left by SS. Not a big worry with NOD 32, SpyBlaster and ThreatFire working away BUT still, one hole in a defense wall is well, not good.

 

Re: superantispyware

I had to drop SS a while back due to incompatibilities with ZA. I am also running SAS (on demand only) and trialing threatfire. But with Nod32 and threatfire and ZA OS firewall running and the weekly scan with SAS, I can't really see the need for an additional ASW package.

 

Re: superantispyware

Hi oldshep:

Thing is I don't have the ZA piece any more that you have, unless you are just using ZA as a FW and have turned off any of it's ASW features.

I can't remember your set up but maybe it has changed, if this is OT just PM me.

 

Re: superantispyware

Escalader, My goal is to find a high quality set of paid and/or free security programs that work together, don't drag down the system resources and are easy to update or auto-update.

On my own system I used to run NAV along with ZA/ZAP (1.x, 2.x, through 5.x ) years ago then I realized that NAV was causing more problems than it was solving so I looked for alternative AVs. NOD32 not only solved the problems that NAV 2004 and later caused but worked much better than I expected in many other areas.

Spy Sweeper used to be a good reliable AS program but it seems to have followed the footsteps many of the traditionally popular AV programs (NAV, McAfee, etc.). SS used to be one of the programs I used and recommended but not anymore. Therefore SAS is now under "Review" and if it works out it might end up on many systems, not just my own. I review, recommend and install security software not only for myself and my company but numerous other companies, individuals and businesses.

Oldshep, your setup looks fine. I am also testing out ThreatFire and so far its seems to work well. To help keep all the programs from fighting each other make sure you add the exclusions for TF in your other programs and exclude those other programs in the TF exclusion list. I am looking at SAS to provide another layer of AS protection. SAS might not be necessary in your setup but if it works well with the other security programs without major issues then it is another possible program available to implement.

 

Re: superantispyware

FWIW, I agree with you 100%.

Thing is, history of past few years has shown that the "high quality set" some call it a layer, doesn't stay fixed forever! Our collective experience shows that SS has faded out, and as is well known here for me the ZA phone home issues took it off the table. So I think the question of SAS and reviewing/ trialling it make plenty of sense.

These last few posts maybe slipping OT and into a potential new thread along the lines of your quote.

If our moderator could advise on that, I for one would be happy to contribute to it. here or in a new thread split off with this one and maybe the last 2 as well? But this is not my thread!

 

Re: superantispyware

You are right that this might be a better topic for another thread and I agree that what used to be "high quality" from "well known names" does not always hold up over time. I provide full support for the software I install but I have found that some security software is more of a hassle than it's worth. A combination of several buggy releases and poor customer service can make customers flee a security software company's products faster than "rats jumping off a sinking ship". Sometimes it is better just to move on than to feel like you are wasting your time trying to beat a dead horse.

That is why forums like this one are so valuable so that we can exchange ideas about the many security software solutions. I appreciate everyone's input. It is also great to have information in this forum provided by representatives for some of those security software companies. The information in this and other threads about SAS has been very helpful and so far it seems like a great product.

 

Hi all,

As has been suggested, I've split the above posts out of the SuperAntiSpyware thread into this new thread of their own.

Regards

Menorcaman

 

Iv'e been using NOD and CounterSpy for sometime now and they work great together. The last time i used SAS it consumed more resourses than CounterSpy although that may no longer be the case I don't know.

 

Hi Hammer:

I have NOD 32 as well but no online ASW yet. So based on your post either, SAS and CounterSpy work okay and don't clash. I'm assuming XP sp2 is that correct?

Setting aside the resource usage concerns for a moment, do you have any information/ links on the effectiveness of SAS and CounterSpy on detecting and then removing malware?

 

My opinion... Firstly, I think Nod32 provides some decent ASW functionality ("potentially unsafe applications", "potentially unwanted applications"). I believe SAS is a good scanner but I don't know about its "real-time protection" capabilities. I had to disable the startup scanning in SAS because it would occasionally keep my Logitech Setpoint application from starting. So I'm not really sure how much SAS real time protection I have enabled - aside from the home page hijack function. The question is with threatfire and NOD32 ... Do you still need a strong, dedicated ASW on top of these other apps? Right now, my answer is, I don't think so.

 

Correct on XP sp2. Both SAS and CounterSpy are highly respected here so I tried both and went with CounterSpy just for personal preference. No links to provide I'm afraid regarding detection/removal.

 

Hey Escalader, If you put any stock in PCMAG reviews see:

http://www.pcmag.com/article2/0,1759,2100539,00.asp

and

http://www.pcmag.com/article2/0,1759,2127210,00.asp

 

Hi oldshep:

Good to hear from you, this has the potential to be a great thread!

You maybe right that I have enough for me. For my own sake I hope you are correct!

But the OP was looking for a efficient ASW / AV combo right? So given that, I think you are saying that one such combo is:

NOD 32/ ThreatFire, which I happen to have as one man's combo.

However, ( as is my custom) I challenge my own set up of layer components and ask the nasty question are these tools the best that I can do/find?

That I don't know, so I hope to learn about other possible combo's that will be more effective than what I have!

I've never used SAS or CounterSpy myself and don't object to trying them.

ThreatFire uses behavior as an ASW tool. So having 1 other non behavioral based tool might make sense. We all know ( or should) that no one tool ot type of ASW/AV will prevent/catch/remove 100% of these nasties. So having 2 increases the odds in our favor. But if that knocks cpu usage up to 99.9 % on security tools, I'm not going there either.

I'm interested in effectiveness first. This for me is prevention and removal if a scan finds somnething.

Scan times, cpu cycles and usage, RAM. $ etc are for me (not everybody) are only tie breakers in selecting between 2 ASW that were similar on effectiveness.

So here are 2 possible options for layered security for discussion, for completeness I have included other layer components, FW etc. These have also been adapted from SoCalReviews earlier work so I get no credit for them.

NOTE I AM NOT RECOMMENDING ANYBODY ELSE RUSH OUT AND TRY THESE ON THEIR PC's! I DON'T HAVE EITHER OF THESE OPTIONS WORKING 100% on MY set up.

Option 1

Real Time

Kerio 2.1.5 or succcesor
NOD32
SAS (paid version for auto updates)
Spywareblaster (free)
TF (free)

On Demand

Spybot S&D
Adware 2007
SS
KAV /House call /Bitdefender web scans

Real Time Option 2

PC Tools free (or Comodo free or Windows SP2 FW)
Avira free or AVG free)
Spybot S&D (free)
Spywareblaster (free)
TF (free)

On Demand

Adware 2007
SS
KAV /House call /Bitdefender web scans


For those who are interested here is my total current set up so any new AV/ASW combos need to be in sync with the balance of this list.

Real Time

1) AlphaShield FW
2) Router
3) Kerio Personal FW tight rules as aided and abetted by Stem and Herbalist
4) PeerGuardian 2 for incoming and outgoing ip blocking
5) NOD 32 (trial) for antivirus
6) ThreatFire
7) SpyBlaster
Host File loaded by latest SpyBot S& D blocking sites
9) Spam Monitor set aggressive

On demand:

1) SS
2) SpyBot S& D
3) Adware 2007
4) Various utilities, CCleaner, Window Washer, Registry Mechanic, MRU Blaster
5) Paragon tools for backup and recovery

My system has 1.5GB RAM, dual 3GHTZ system. I have 24 tasks running, and my CPU % ranges between 2 and 4%. Boots up in 30 seconds, shuts down in about 45 seconds.

 

Here is my combination :

- CounterSpy (real time protection)
- AVG Antispyware (free edition, for on demand scans)
- Antivir Personal Edition (a great AV, imho superior to Kaspersky)

With these three programs, you've got a fortress

Cheers

 

I like your combo, will add it to my list!

Out of curiosity what SFW do you have with these 3?
Not having looked at CounterSpy or AVG I don't know if they include a FW

Suspect they don't but you would know

 

Hi Escalader,

I do recommend Look'n'Stop. It is a brilliant piece of software, extremely powerful and reliable, very light on resources (~ 2 MB) : this prog is a must have.

Cheers

 

Here is a simplified list of my ASW/AV combo. As to praising my own set up no not my game but I can say is it works.

Kerio Personal FW
PeerGuardian 2 for incoming and outgoing ip blocking
NOD 32 (trial) for antivirus
ThreatFire
SpyBlaster

 

Here is an update:

 

I really appreciate everyone's input. After using the trial software and after reading many helpful posts and replies by Nick (SUPERAntispy) and others in the anti-malware forum here at Wilder's I purchased the SuperAntispyware (SAS) Pro lifetime updates subscription. See post #23 in the thread below for more information about my decision.

https://www.wilderssecurity.com/showthread.php?t=187876

I will be continuing to evaluate the compatibility of other security software. I encourage everyone to keep posting their opinions and evaluations...

So far I have found this antivirus and antispyware combination to work well together...

NOD32 AV (paid)
SAS Pro (paid)
ThreatFire (free)

Others I recommend using:

Spybot S&D (free) w/immunizations and bad address blocking enabled
Spywareblaster (free) w/all protections enabled
Windows Defender (only because it's free)
FWoYC (firewall of your choice)
__________________

 

Here is an Updated simplified list of my ASW/AV combo.

Kerio Personal 2.1.5 FW ( not active, held in reserve as a FW backup)
PeerGuardian 2 for incoming and outgoing ip blocking
NOD 32 (2 year license for antivirus)
ThreatFire (removed as it clashed with the OA 2 HIPS now in a learning thread)
OnLine Armor (paid, 2 year license), advanced FW now installed
SpyBlaster

Holding off on SAS Pro for now pending OA 2 / 3 work completion.

Comments welcome at any time

 

I have both, paid versions, of SAS and AVGAS. My biggest objection to SAS is that it bogs the system for a minute or so when it starts.
I don't find that problem with AVGAS. I suspect that SAS may be the better at detection and removal, but if I wanted a light AS I would choose AVGAS.

I have used Counterspy and SS, and much prefer CS. If I were looking for a new AS I would trial CS, SAS, AVGAS, and a-squared. I use a-squared as a scanner, and find it finds more traces for whatever that is worth.

Most of the time I do not run either real time since I use a suite.

Best,
Jerry

 

Jerry:

Tell us a bit more about the combo's in you KIS suite.

What capabilities does the FW (KIS has one I'm assuming) have.

Can it bind applications to specific ip's, ports/prtocols and/or can you tell application X to only connect to a specific site for updates?

Can you prevent all applications from sending/receiving email except your email client?

In and out packet filtering?

these are not challenge questions just curious about the powers of various FW's in combination with others available.

Currently, I'm trying out OA 2's as you know.

 

Hi Escalader,

Yes KIS does have a firewall, but I do not have the knowledge to evaluate it or to tell you about its capabilities.

I know that your questions are not a challenge, but I don't know the answers.
I trust Kaspersky KIS 7 and it runs well on my system, and that is about all I know. I could not argue that KIS is better than KAV with other good applications. Separate might be better, but KIS does work.

Prior to KIS I used LooknStop and Kerio 2.1.5 on my two computers. I used those FW with Bit Defender up to V9.5, Avast, Avira Premium, and F-Secure. I did not find any conflicts. I stopped using the stand alone FW when I went to FSIS. If I ever go back to separate applications I want to try OA. It seems to have an excellent reputation, and Mike Nash is very responsive. A great combination.

Sorry I could not be of much help. I suspect someone else can chime in and have better information.

Regards,
Jerry

 

Hi Jerry:

Not a problem! I like your candid answer! Someday I will find our more about their FW

On OA we are working that SW in a learning thread here and you are right, Mike Nash is very good at responding to posts!


See you