What anti-spyware anti-adware combos do you use nowadays?

paugie

Storage is cool
Joined
Dec 13, 2003
Messages
702
Location
Bulacan, Philippines
Hello. Since the start of the spyware/adware crisis, I have used 3 programs mostly because of feedback from this place:
1. Adaware
2. Spybot S&D
3. Spyware Blaster

Got to thinking, maybe they don't cut it anymore, because my dial-up is crawling. Scans don't come up with anything.

What's new in this area?
 

MaxBurn

Storage Is My Life
Joined
Jan 20, 2004
Messages
3,243
Location
SC
I primarily use Spybot and Adaware too. I checked out the microsoft one for a little while but it just didn't seem to find anything that addaware/spybot didn't already find.
 

Groltz

My demeaning user rank is
Joined
Jan 15, 2002
Messages
1,295
Location
Pierce County, WA
1. AdAware SE Professional v1.06r1
+
2: Giant AntiSpyware v1.0.301
+
3: Webroot Spy Sweeper v3.2.0 Build 148
 

Jake the Dog

Storage is cool
Joined
Jan 27, 2002
Messages
895
Location
melb.vic.au
I only use the MS anti-spyware tool nowadays. I've no need for anything else since I started using Firefox & Avast.
 

LOST6200

Storage is cool
Joined
May 30, 2005
Messages
737
For some reason I never get any spyware. Am I missing out on something? How do you all get spyware?
 

Groltz

My demeaning user rank is
Joined
Jan 15, 2002
Messages
1,295
Location
Pierce County, WA
Oh.

To clarify, I almost never get spyware'd due to using firefox.

Most of my antispyware program use is on the laptops of friends that have asked my help.
 

Handruin

Administrator
Joined
Jan 13, 2002
Messages
13,336
Location
USA
I don't get any spyware either, but to be certain, I run their tool on occasion to make sure I have not obtained something nasty. I also use firefox 100% of the time now, so I have less concerns
 

Howell

Storage? I am Storage!
Joined
Feb 24, 2003
Messages
4,740
Location
Chattanooga, TN
I use Firefox and Adaware on my computer. Haven't ever found anything other than cookies.

For clients I install MS anti-spyware. They are usually too stubborn to try anything other than IE and too stingy for Adaware Pro.
 

paugie

Storage is cool
Joined
Dec 13, 2003
Messages
702
Location
Bulacan, Philippines
hmmm, I use Firefox, too. It seems many of you are saying, maybe the reason I'm not getting any infections is because I'm not infected.

could it be my modem is choking up? it's 3 years old. could that be the reason my connection is so slow?
 

Howell

Storage? I am Storage!
Joined
Feb 24, 2003
Messages
4,740
Location
Chattanooga, TN
paugie said:
hmmm, I use Firefox, too. It seems many of you are saying, maybe the reason I'm not getting any infections is because I'm not infected.

could it be my modem is choking up? it's 3 years old. could that be the reason my connection is so slow?
What aspect of the surfing experience seems slow? ie. What makes you think your connection is slow?
 

Santilli

Hairy Aussie
Joined
Jan 27, 2002
Messages
5,077
I use IE, but, I also run Adaware once in awhile, and, I'm usually clean.

Seems like turning off auto cookie handling has stopped most of the cookies, and that's pretty much all I catch, though I do get redirects, sometimes, from questionable sites.

However, since going to prompt for third party cookies, and denying access to almost all, I've been very clean.

The best suggestion I can make is moving email to a machine that is different then your primary machine, and turn off auto cooking handling.

Accepting first party cookies, with request for other, third party cookies has worked very well for me.

I also try and run Trendmicro once a week, but, lately, no email, no virus, worms, or spyware...
s
 

Fushigi

Storage Is My Life
Joined
Jan 23, 2002
Messages
2,890
Location
Illinois, USA
Sunbelt's CounterSpy is the highest-rated anti-spyware product. I'm slowly migrating to it at home (it's free for 30 days; then $30 for 2 years). Otherwise I use AdAware, Spybot S&D, and/or the Giant/Microsoft Beta. Counterspy has the same definitions as the MS product + adds their own.

I don't generally see spyware/adware beyond 'evil cookies' on any of my machines.

For AV, I to use AVG at home & McAfee at work. No virus problems in more months than I can remember.

I use Firefox but my wife uses IE.

For anti-spam I use Spamihilator at home, the wife uses what's built in to Yahoo mail, and at work it's the Symantec (formerly Brightmail) corporate product suite.

My other layer of defense is Tiny Personal Firewall V2 for a personal firewall to supplement the firewall in my home router/WAP. It's ancient, but it truly is tiny in terms of footprint and resource consumption and it does everything I need it to do.
 

Tannin

Storage? I am Storage!
Joined
Jan 15, 2002
Messages
4,432
Location
Huon Valley, Tasmania
Website
www.redhill.net.au
Hijack This rules.

Seriously.

We use Ad-Aware a lot, and Spybot whenever we are not confident that other tools are cleaning the system up, but the single most powerful, useful tool we have is Hijack This. We clean the spyware out of maybe 30 machines a week. Spyware is by far the single most common cause of people needing professional help with their computers.

Of course, these tools are only useful when you are already infected. To prevent infection, there are really only two things you need to know:

* Don't install any file-sharing crap (Kazaa, Limewire, anything else similar).
* Don't use Internet Explorer.

Customers who listen and comply with this advice don't come back with more problems. Customers who don't, do. Simple as that.

We are gradually, ever-so-gradually, winning the spyware war. One by one and two by two, people are learning to protect themselves by following simple hygene guidlines (no filesharing crap, use a competent modern browser - it ain't difficult) and we are slowly, ever-so-slowly, seeing the infection rate drop.

On our own machines, we practically never get infected - largely because you risk a swift smack in the chops if I catch you surfing the web on one of my machines and you ain't using a modern browser.

For myself, that's usually Mozilla, but Opera or Firefox are more-or-less equally safe.
 

Buck

Storage? I am Storage!
Joined
Feb 22, 2002
Messages
4,514
Location
Blurry.
Website
www.hlmcompany.com
I've been very successful with Giant/MS antispyware, plus Adaware (certainly nice for deleting MRUs). When it comes to fee based options Spy Assassin has been very good.

Thanks for the information Tannin, I'll have to give HijackThis a try.
 

time

Storage? I am Storage!
Joined
Jan 18, 2002
Messages
4,925
Location
Brisbane, Oz
MS Antispyware may well be useful for removing infections, but I sure wouldn't want to live with it - one of the most invasive programs I've seen for years.

I didn't realize that Adaware et al still missed stuff that Hijack This found. BTW, don't forget to grab CWShredder and Kill2Me from the same author.

Personally, I think Hijack This is getting a bit long in the tooth - there are exploits that don't show up. I now use Security Task Manager. It's not free, but the trial version solves most problems. I think it's an essential tool; you can see exactly what's happening. For example, check out tasks 2 through 6 (1 is remote control software):

 

Fushigi

Storage Is My Life
Joined
Jan 23, 2002
Messages
2,890
Location
Illinois, USA
Groltz said:
Fushigi said:
Sunbelt's CounterSpy is the highest-rated anti-spyware product.
In a comparison field that omits Giant.
Giant doesn't exist anymore; it's now the MS product. CounterSpy includes the MS product's database as well as their own. It doesn't seem likely that the MS product would be able to do a better job.
 

LOST6200

Storage is cool
Joined
May 30, 2005
Messages
737
I use a 3-year old installation of Win2K with IE 5.5, but still there is no spyware. :( What exactly causes the spyware, downloading porno, mp3 files, spam e-mails, visiting criminal websiotes?
 

Bozo

Storage? I am Storage!
Joined
Feb 12, 2002
Messages
4,394
Location
Twilight Zone
I have been using TOR and Privoxy for a couple weeks. Web sites are completely void of advertisments. No pop ups at all.
Of course, no cookies either which means I must log into places like SF manually.
I ran AdAware when I installed TOR and Privoxy and again last night. It found 3 items.
Maybe I'll try some of the other spy removal programs to see how they do.

Bozo :mrgrn:
 

ddrueding

Fixture
Joined
Feb 4, 2002
Messages
19,315
Location
Monterey, CA
I really like the new version of housecall. It does a great job on spyware and adware as well as the normal virus. On top of that it's got all the stuff I like in a utility application.

a) No TSR
b) No install, runs directly from the source
c) free

can't really knock that.
 

Santilli

Hairy Aussie
Joined
Jan 27, 2002
Messages
5,077
Time:
I like that program, Security Task Manager.

I don't use this machine much, and, since it's only a P2 400 mhz, keeping unwanted garbage from booting is important.

I just found Real Player, and Mac Convervsion in the startup folder, and removed them. No need.

Probably blew it with Real Player, since I'm pretty sure it's part of AOL's system crap, but, we will see.

For Windows 2000 I LOVE RegCleaner by Jouni Vuorio

www.jv16.org



Hope this helps.

s
 

Fushigi

Storage Is My Life
Joined
Jan 23, 2002
Messages
2,890
Location
Illinois, USA
ddrueding said:
I really like the new version of housecall. It does a great job on spyware and adware as well as the normal virus. On top of that it's got all the stuff I like in a utility application.

a) No TSR
b) No install, runs directly from the source
c) free

can't really knock that.
a) is also the biggest weakness. Your scans will always be after the fact. Even if Housecall is 100% effective at finding and eradicating malware, it offers no protection against getting infected in the first place. Barring a sufficiently secure OS, which Windows obviously is not, some form of TSR is necessary to detect and stop potential infections as they occur.
 

Tannin

Storage? I am Storage!
Joined
Jan 15, 2002
Messages
4,432
Location
Huon Valley, Tasmania
Website
www.redhill.net.au
Fushigi said:
(No TSR) is also the biggest weakness. Your scans will always be after the fact. Even if Housecall is 100% effective at finding and eradicating malware, it offers no protection against getting infected in the first place. Barring a sufficiently secure OS, which Windows obviously is not, some form of TSR is necessary to detect and stop potential infections as they occur.
Gotta pick you up on this one, Fushigi. I'm sure that there will be no shortage of people here to point out some trivial exception or another, but there are essentially just five ways you can get nasty stuff into your machine. Let's think about them, one by one.

1: Direct infectors. Use a hardware firewall and kill them stone dead. Next question please.

2: Deliberate downloads (i.e., programs that you download yourself because you think that they are going to give you precision time or 390% faster downloads on your dial-up, or a wonderful sex life). Correct defense: think harder, learn to use Google, don't download and install stuff that you don't know anything about.

3: Email attachments. Use a decent mail client (essentially anything else except Microsoft Outbreak) and don't open attachments. 99% of the time, attachments are just crap anyway — massive, slow-loading MS Word versions of the exact same text you already read in the body of the email, and the like. Who needs them?

4: File-sharing. Just say no. Uninstall Kazaa and Limewire and anything else remotely of the same nature.

5: Browser exploits. Use a real browser. One that was invented in the present century. One that actually has a security model and sometimes even sticks to it. One that doesn't swamp you with pop-ups and other assorted crap and leave you open to every scumbag programmer on the Internet.

Bottom line: you don't need a TSR.

More to the point, if you do "need" a TSR because you are breaking one of the five simple rules of practical security, then one day you are going to get slammed — 'cause no anti-virus program can protect you against a threat that it doesn't know exists yet.

The essential basis of security is really, really simple: if it can't get in, then it can't get in.

An anti-virus TSR is like Berocca on a Sunday morning — it might make you feel a little better for a little while, but the real answer is not to get so stinkin' drunk on Saturday night.
 

Tannin

Storage? I am Storage!
Joined
Jan 15, 2002
Messages
4,432
Location
Huon Valley, Tasmania
Website
www.redhill.net.au
Interesting .... Prompted by this thread, I just went to run Housecall 6 (seeing it's about time I did another checkup).

It won't run on my system in IE6. No huge surprise there; HC6 has been a bit flakey from day one. My IE security settings are plain vanilla (why bother? it's not as if I use IE for anything that ain't 1005 safe anyway). You click on the Javascript button and exactly nothing happens.

But - and here is the interesting bit - it runs just fine under IE 5.0 on the same system. Go figure.
 

paugie

Storage is cool
Joined
Dec 13, 2003
Messages
702
Location
Bulacan, Philippines
Wow, has this thread been running!

What aspect of the surfing experience seems slow? ie. What makes you think your connection is slow?
sorry for the late response, I was troubleshooting a client's rig and couldn't check back.

I am on dial-up, a supposedly 52K connection. but observing the connection's status, the number of bytes received is tallied, the number stops for a while, say 10-15 seconds then it runs for 5 seconds and the number increases by maybe 3k-5k bytes. it keeps on doing this - stopping then running. sometimes it stops for a minute and makes me think the connection is dead.

It wasn't like this before. I used to be able to download some 10-12mb in an hour. now I'm lucky to get 3-5mb/hour
 

mubs

Storage? I am Storage!
Joined
Nov 22, 2002
Messages
4,908
Location
Somewhere in time.
Tannin, I'll have to support Fushigi on this one. Despite following safe practices and using Netscrape Email, I was infected once and passed it to on some others that I had sent mail to. That's when I began using a resident AV. Ultimately I think it boils down to just how secure one wants to be, so to each his own.
 

ddrueding

Fixture
Joined
Feb 4, 2002
Messages
19,315
Location
Monterey, CA
Since I started using Firefox and Outlook 2003 I haven't had any issues of any sort. I do just for fun run housecall (which works fine for me in IE6 with SP2 after I trust the website) and it always comes up clean.
:shrug:
 

Buck

Storage? I am Storage!
Joined
Feb 22, 2002
Messages
4,514
Location
Blurry.
Website
www.hlmcompany.com
Tannin said:
Bottom line: you don't need a TSR.
This only works if all of your customers follow each process exactly the way you would - terribly unrealistic! It doesn't matter how much you train, lecture, or scold them. That 75 year-old new computer user who has a hard time double-clicking and doesn't remember how to work the instructions he wrote down two days ago is not going to fit your model Tannin. There's also that 16 year-old teenager who knows better, but her friends all use Kazaa why can't she? Oh I've explained it more than once, but when she's eager about some video download with the latest stud-o'-the-month, who do you think she'll listen to, her three pushy friends or that big guy at the computer shop? Granted, some listen, especially business people who view their time and data as gold. But your Utopian model does not fit most people - alas, I wish it would.

So, I'll continue teaching your basic security model, but success will indeed be limited. Therefore, NOD32 will be installed.
 

Handruin

Administrator
Joined
Jan 13, 2002
Messages
13,336
Location
USA
I do the same, no TSR for me either. I now use firefox for 100% of normal daily use (IE and others for compatibility testing of HTML) and thunderbird as my IMAP e-mail client (prior to that I used outlook 2003 for a long time with no problems). I run housecall 6 every month or two to ensure nothing has been infected.
 

Mercutio

Fatwah on Western Digital
Joined
Jan 17, 2002
Messages
20,336
Location
I am omnipresent
Website
s-laker.org
I do not get spyware. Or viruses. Of course, I know what I'm doing, and if I'm doing something that's anything other than perfectly safe, I do it on a *nix box.

First thing I do is install Firefox. I've been keeping it, with all the plugins I need, on a flash drive that I just copy to other people's machines.

I use Adaware - I actively dislike the for-pay version, in that the warnings are too confusing for mere mortals.
I use Spybot.
I use Spywareblaster.
I install the hosts file from everythingisnt.com when my own accumulated hosts file is not available.

I do not use Giant/Microsoft. It's buggy and annoying (invasive, someone else said) in my opinion.

I use Hijack This.

After I have installed and updated all that, I use each of the programs in turn from safe mode. I do a final sweep with Housecall 6 from "Safe Mode with Networking".

Then I start Windows up in normal mode and compare Process Explorer's output to Task Manager.

THEN I hand the user in question a 25-page screenshot-filled document about following most of the steps I just performed, and another 10 pager introducing the web browser they will be using from now on.

And I completely agree with Tannin: A resident spyware scanner is worthless to most people. Every one I have ever seen displays crap warnings that no average computer user has any hope of comprehending, and no scanner works so well that it keeps everything out. Rather, people need to TAKE RESPONSIBILITY and actively maintain their PCs. The TSRs just create a very false sense of security.
Especially since, often as not, I find out that the person whose spyware I am removing already has some kind of of crapware TSR Spyware protection (Mcafee or Symantec or something even more dubious).

I boil it down to this: You either update and run a scan with the very useful free tools, in safe mode, once a day or once a week, or once a month. I will let you know which category you're in. You do not install tools that cost money - in my experience they all suck, and suck hard. You use Firefox/Mozilla, and you quit downloading anything that came from a P2P service or a banner ad (1001 free smilies!).
 

Tannin

Storage? I am Storage!
Joined
Jan 15, 2002
Messages
4,432
Location
Huon Valley, Tasmania
Website
www.redhill.net.au
That is a very similar routine to the one that I use, Merc, with minor variations. (I haven't tried SpywareBlaster, for example, and I use my OS/2 box for tasks that you use your 'nix box for.)

Mubs and Buck, I am not suggesting that Joe User relies on safe practices and not have an A/V program. Let's face it, on average, Joe User (or Joe User's kids) ain't too bright.

I am saying that anyone here is perfetly capable of staying safe without a TSR scanner. - and is, in fact, probably safer without one. Merc's method has a great deal to recommend it.

Mubs, if you got infected then, ipso facto you weren't following safe practices. Where did you slip up? My guess (and it's just a guess) is that you got an HTML-formatted email which hot-linked you to a script-ridden site. Netscape email, if I remember correctly, is vulnerable to that unless you switch it off in the options.
 

Fushigi

Storage Is My Life
Joined
Jan 23, 2002
Messages
2,890
Location
Illinois, USA
One of the foundation practices in information security is defense in depth. Take a layered approach to security. That means you defend your perimiter with the firewall/router. You have logons to the PCs. You use secure tools (FF over IE) when available. You only go to trusted sites. You log activity for forensic purposes. And even then, just in case, you have active scanning.

Here are a couple of things I heard about today while at an InfoSec conference:
- An Air Force General who took his laptop, which was approved at Top Secret clearance, home. He let his granddaughter (or other youngster) use it to play games on the internet. It got infected. When he took it back to his day job, he connected it to the most secured level of the USAF's LAN and promptly brought it to it's knees.
- When SQL Slammer was running amok, one bank thought it was immue as it's SQL Servers were on a private network w/o Internet access. Problem was the sys admins had set up dial-in modems and dialed in while they happened to be on their home broadband connections. The bank basically couldn't process transactions for 36 hours.

In both cases, with proper Anti-Virus/malware software with current updates, these events would have been avoided. In the Slammer instance, the patch had already been out for weeks prior to the infection but the patch was never applied because the systems were thought to be on a secure net. Also in both cases, the persons who were inadvertently responsible were people who knew and understoof security but simply made 'tactical' errors.

Oh, another fun one: This firm did an evaluation of the wireless LANs in a building. The company had 2 WAPs; 82 WAPs were identified. The extra 80 were from other companies in the surrounding buildings. Unfortunately, PCs from the company in question were unknowingly connecting to those other WAPs and sending sensitive corporate data through other peoples WLANs.

Stuff happens. Plan for it. Even if you're confident that it won't impact you, do it anyway.

I haven't had a virus in several years and the only spy/malware I get are some evil cookies. But that doesn't mean I'd feel remotely comfortable eliminating AV, anti-spyware, spam filters, etc. from my systems.
 
Top