Best Anti-Spyware Scanner

Discussion in 'other anti-malware software' started by G1111, Nov 22, 2007.

Thread Status:
Not open for further replies.
  1. G1111

    G1111 Registered Member

    Joined:
    May 11, 2005
    Posts:
    2,127
    Location:
    USA
    Which has better detection rates SUPERAntispyware, SpyBot S&D or Ad-Aware?
     
  2. EliteKiller

    EliteKiller Registered Member

    Joined:
    Jan 18, 2007
    Posts:
    1,138
    Location:
    TX
    SAS by a long shot. Spybot & AAW have lackluster detection rates, and AAW is the inferior of the two.
     
  3. G1111

    G1111 Registered Member

    Joined:
    May 11, 2005
    Posts:
    2,127
    Location:
    USA
    Thanks for the response. I dropped Ad-Aware as I didn't want to go with the new version that adds a service that is always running. Also dropped Spybot but was reconsidering. I do have free version of SAS along with KAV. I read somewhere else that SpyBot and Ad-Aware have not really kept up with the times, but wanted some more opinions.
     
  4. the Tester

    the Tester Registered Member

    Joined:
    Jul 28, 2002
    Posts:
    2,854
    Location:
    The Gateway to the Blue Hills,WI.
    I agree,Spybot and AdAware have fallen behind the last few years.
    SAS free is highy regarded.
     
  5. fcukdat

    fcukdat Registered Member

    Joined:
    Feb 20, 2005
    Posts:
    569
    Location:
    England,UK
    SAS by a long way.

    If we leave aside taget databases and frequency of updates for the moment and concentrate on underhood scanning engine differences.

    When AA and SSD stuggle to remove identified pests(as seen in their help forums/security forums)it is because they can flag the active code whilst it is loaded into memory.The reinfection is caused by their inability to unpack the packed malware files that are sat on the HD to affect a positive detection and subsequently affect a definite *kill* to them.

    I believe SAS absolutely smokes them for unpacking capabilities or a least scope(number) of packers it can unravel.

    Next up SAS has for sometime used DKOM scanning technology which has given it the edge on all its rivals with reguards rootkit malware detection and removal,neither AA or SSD could even get close to this level of *deep* scanning into ring0 and this is why SAS roasted them on kernel mode trojan detction & removal.

    Mind you SAS free is about to ramp it up another notch on all the fellow ASW/AT's
    shortly:D

    As far as i'm aware shortly to be released is the first free or payfor botkiller utilizing DDA:thumb: :thumb: :thumb:

    IMHO SAS free is putting more distance between itself and its rivals in the technology stakes(under the hood):p
     
  6. RCGuy

    RCGuy Registered Member

    Joined:
    Aug 7, 2005
    Posts:
    541
    I'm not sure about Spybot(even though I use it because it was recommended by another computer help forum), however, I heard that older versions of Ad-Aware were better and I also had the hassles with the newer version of Ad-Aware and uninstalled it and found a site where I was able to install older version 1.06 which I like much better.

    BTW, I think that the best anti-malware scanner is a-squared. However, there's an anti-tracking cookie program that I think is even better, but I'm going to start another thread about it because I have a few questions about it.
     
  7. Stijnson

    Stijnson Registered Member

    Joined:
    Nov 7, 2007
    Posts:
    533
    Location:
    Paranoia Heaven
    Please keep in mind that you will only be able to keep using this version of Ad-Aware until December 31st 2007. Than all support and updates for this version will end.
     
  8. RCGuy

    RCGuy Registered Member

    Joined:
    Aug 7, 2005
    Posts:
    541
    I didn't know that. Thanks.
     
  9. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    Normal disk scanning = talk to filesystem driver. Classic AV technology.
    Raw disk scanning = talk to disk driver. SAS, some AVs, RkU, etc.
    Direct disk access = o_O
    Wow, I'm impressed :eek:
     
  10. fcukdat

    fcukdat Registered Member

    Joined:
    Feb 20, 2005
    Posts:
    569
    Location:
    England,UK
    Both current SAS and discontinued RKU are using DKOM which is a different beastie to raw disk reading.

    DDA=raw disk reading:thumb:

    IRC only 2 AV's(Symantec10/Kaspersky) have achieved raw disk read technology in their software todate.No antitrojan or botkiller as of yet....

    Attached is sceenshot of SAS 4.0 scanning options:cool:
     

    Attached Files:

    Last edited: Nov 23, 2007
  11. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    Sweet :eek:
    SAS is da bomb. Actually, I'm cleaning most infections with just 4 tools: SAS + CureIT + Autoruns + ESET online scanner. If something looks really bad, I load RkU but I try to avoid it because I don't understand it fully.
    Today, SAS has cleaned 4 PCs infected via MSN Messenger (some worm which drops an IRC bot and Vundo-related crap)
     
    Last edited: Nov 23, 2007
  12. G1111

    G1111 Registered Member

    Joined:
    May 11, 2005
    Posts:
    2,127
    Location:
    USA
    Thanks for the responses everyone. I added Dr. Web CureIt in addition to my main scanners KAV 7, SAS free, A2 Free and Ewido Micro. I dumped ad-aware and Spybot. I also have upfront protection (KAV 7, hardware and software firewalls, HIPS and MVPS Hosts file).
     
  13. SystemJunkie

    SystemJunkie Resident Conspiracy Theorist

    Joined:
    Mar 3, 2006
    Posts:
    1,500
    Location:
    Germany
    What do you not understand related to Rku? Is self explaining, isn´t it for you?
    I never found any use for SAS, too slow.
     
  14. Tarq57

    Tarq57 Registered Member

    Joined:
    Oct 7, 2006
    Posts:
    966
    Location:
    Wellington NZ
    That looks like pretty solid protection to me.
    Only posting to say just be aware that Cureit doesn't update its definitions as do other free scanners. If you want new defs, you have to re-download the application. Only 5Mb, so no biggie, IMO.
     
  15. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    I don't have (yet) the self-confidence needed to use RkU as a malware removal tool. I don't have any problems using it as a system benchmarking tool (i.e. I save logs before and after installing software, so I know which software installs which hooks)
    I guess that I'm "ready" to use it as a main weapon against malware. On the other hand, the infections I see everyday aren't that stealth to require a powerful ARK to remove/unhide them.
     
  16. Cerxes

    Cerxes Registered Member

    Joined:
    Sep 6, 2005
    Posts:
    581
    Location:
    Northern Europe
    Personally I´m avoiding RKU after this warning from Dmitry Sokolov (Greatis Software).

    /C.
     
  17. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    I'll quote myself
     
  18. Cerxes

    Cerxes Registered Member

    Joined:
    Sep 6, 2005
    Posts:
    581
    Location:
    Northern Europe
    Maybe you´re right lucas, I don´t know the politics behind that conflict. But I´m avoiding it anyway following the principle "better safe than sorry..."

    /C.
     
  19. Wordward

    Wordward Former Poster

    Joined:
    Jan 12, 2007
    Posts:
    707
    Why not give Spyware Doctor Starter Edition a try? You can disable the Real Time Guard and use it as On Demand only.
     
  20. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    There's nothing wrong with that appraoch. However, using a simple packet sniffer on a separate machine will reveal if RkU tries to "phone home". I haven't found anything suspicious on it, but I'm not a reverse engineer or network guru.
     
  21. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,408

    Any idea when 4.0 will be released?
    I use SAS for on demand only.
    I can wait till it's ready, just curious.
     
  22. G1111

    G1111 Registered Member

    Joined:
    May 11, 2005
    Posts:
    2,127
    Location:
    USA
    Yes I am aware you need to download the latest version each time to get the latest definitions. It is 7.7 Mb now. Easy with broadband connection. I've run it a couple of times now.
     
  23. G1111

    G1111 Registered Member

    Joined:
    May 11, 2005
    Posts:
    2,127
    Location:
    USA
    Maybe I'll give it a spin sometime. Thanks.
     
  24. fcukdat

    fcukdat Registered Member

    Joined:
    Feb 20, 2005
    Posts:
    569
    Location:
    England,UK
    It currently in Beta/Pre release phase(has been for a while) and I'm unsure of when Nick is going to release this edition to the mass's.


    I'm sure he dose'nt want to repeat what certain other competitors have done in the past by prematurely launching software as finalized only to have to update it sevaral times for major/minor bug fix's in the following months:(

    Of course your opinion and knowing already one of the tools in your bag of tricks makes me chuckle.....NoAdware 10x times quicker scan but probaly 100x less effective at detection and removal of realife malware infections.

    Just a 'lil comparison of detection capabilities going on and maybe speed should'nt be such an issue afterall....well at least when pitching against real life malware infections and not software experimenting;)

    NoAdware =*find file* chokes when it meets malware that is using names of system files as it dose'nt want to delete a system file by accident....

    SAS smart rules will track a known bad GUID's back to the source file so even if the checksum of the source malware file is not known to the SAS target database the malware file will still be detected and removed.

    One software is lightning fast and severly lacking in capabilities,the other is more pedestrian but parsing a lot more data from alot more locations on the HD:thumb:

    One is free to use to remove malwares and smokes,the other one is pay for and blows;)

    As i have said all along,the best way to access SAS free is to let it lose on an infected machines as opposed to running on a clean machine;)

    Have a great day dude:thumb:
     
    Last edited: Nov 24, 2007
  25. david banner

    david banner Registered Member

    Joined:
    Nov 24, 2007
    Posts:
    576
    I tried SAS. It seems very slow and hung halfway through scan. When I tried to close it said it was still running?
     
Loading...
Thread Status:
Not open for further replies.