Results 1 to 8 of 8
  1. #1
    2 Star Lounger
    Join Date
    Apr 2003
    Location
    Illinois
    Posts
    135
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Anti-Spyware Questions (Home Premium)

    I am now running Spy Sweeper 2007. A few general questions.

    1. Why do anti-spyware & anti-virus want to quarantine items rather than eliminating them? Is there some benefit? I wish I could set these softwares to automatically eliminate (delete) all items. Otherwise I have to go through simple but daily processes of manual deletion. Seeing as how I did a scan, then immediately did a second scan, which yielded a dozen new (or previously missed?) threats, this is a pain in the ass.

    2. Does having multiple browser tabs open (say, to a bunch of Yahoo group pages) increase spyware/adware risks?

    3. Are some browsers safer than others with shielding from spyware/adware?

    4. I have Norton Utilities and of course Windows Defender running. Plus Spysweep. How do these programs interact?

    5. A few days ago, I downloaded a spyware utility before installing SpySweep. (I can't remember the name, but it was recommended by reputable sites like ZDNet). This utility found over 300 threats, but I would have had to purchase the program to remove them. A few minutes later, I installed SpySweeper, which found I think only 1/3 of the number of risks. Why such a disparity?

  2. #2
    Plutonium Lounger
    Join Date
    Mar 2002
    Posts
    84,353
    Thanks
    0
    Thanked 29 Times in 29 Posts

    Re: Anti-Spyware Questions (Home Premium)

    4) Do you mean Norton Systemworks or Norton AntiVirus, or something like that? I don't think Norton Utilities still exists as a separate package.

  3. #3
    Plutonium Lounger
    Join Date
    Mar 2002
    Posts
    84,353
    Thanks
    0
    Thanked 29 Times in 29 Posts

    Re: Anti-Spyware Questions (Home Premium)

    5) The definition of a threat is rather flexible. For instance, one could consider the list of recently opened documents in Word to be a security risk, and your Lounge cookie too. It's in the interest of a company that wants you to buy their security product to report a high number of "threats", so it may very well include such items when reporting 300 threats. They probably won't tell you the number of real-world serious threats before you buy...

  4. #4
    Super Moderator jscher2000's Avatar
    Join Date
    Feb 2001
    Location
    Silicon Valley, USA
    Posts
    23,112
    Thanks
    5
    Thanked 93 Times in 89 Posts

    Re: Anti-Spyware Questions (Home Premium)

    <hr>1. Why do anti-spyware & anti-virus want to quarantine items rather than eliminating them? Is there some benefit?<hr>
    There are false positives and things that you want even though the software doesn't like them. For example, some AV programs misidentify certain Word documents as containing macro viruses due to a minor flaw in the binary format. I'd rather have the choice to receive and open the document than lose that email. ZoneAlarm suite deletes cookies on its blacklist automatically even if I personally don't object to them.

    <hr>I wish I could set these softwares to automatically eliminate (delete) all items. Otherwise I have to go through simple but daily processes of manual deletion.<hr>
    If the items are effectively quarantined, rather than merely identified, you shouldn't have to worry about it. Just let them fester there. <img src=/S/smile.gif border=0 alt=smile width=15 height=15>

    <hr>Seeing as how I did a scan, then immediately did a second scan, which yielded a dozen new (or previously missed?) threats, this is a pain in the ass.<hr>
    Maybe you have an active "infection"?

    <hr>2. Does having multiple browser tabs open (say, to a bunch of Yahoo group pages) increase spyware/adware risks?<hr>
    This depends on the contents of those pages...

    If you allow ActiveX controls to run for the pages you are viewing (in IE, Firefox does not run ActiveX controls), then installations of unwanted programs may occur. Having multiple pages open increases the possibility that the browser will display a prompt "out of context" (i.e., it may appear you are approving something for Site B instead of Site A) so you need to be more careful.

    <hr>3. Are some browsers safer than others with shielding from spyware/adware?<hr>
    Most adware and spyware requires a download to be installed on your computer. IE historically provided the most techniques to "push" a download to you without you initiating it, but that can happen in any browser. I use Firefox with the NoScript extension, and I'm reasonably choosy about enabling JavaScript. This is time consuming and most people wouldn't want to put up with it, but I do think it is the most secure approach at the moment. Unfortunately, after acquiring its maker Google has withdrawn GreenBorder, a solution that ran your browser in a virtual machine, blocking access to the sensitive parts of your system. If that is re-launched, it would be an ideal solution for those who like to roam the web, don't want to turn off functionality, and can't resist clicking.

  5. #5
    Plutonium Lounger
    Join Date
    Mar 2002
    Posts
    84,353
    Thanks
    0
    Thanked 29 Times in 29 Posts

    Re: Anti-Spyware Questions (Home Premium)

    1) Depends on the software - my Norton AntiVirus removes e-mail viruses permanently and silently. Windows Defender is also configurable (see Tools | Options)

  6. #6
    Silver Lounger
    Join Date
    Oct 2002
    Posts
    1,993
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Anti-Spyware Questions (Home Premium)

    1. By using my imagination I can think of some scenarios when I would be happy if a file is quarantined rather than deleted. Now, first, getting spyware or virus is not that I usually do; personally one virus on a floppy during 15-20 years.

    Anyhow: IF the file that is affected is one that you only have one copy of, not a program file but say your most important project, then I would rather see the program trying to heal the file (but I know that that is most of the time futile, better to replace with a copy), or I would try to extract information manually.

    So, when installing an AV or AS program I always have a look at the settings and change them from auto delete to quarantine, or even do nothing, only report.

    It seems as you have to deal with several cases of virus or spyware, surely you should not find several new threats every day? Are you or the program also counting internet browser cookies as threats? You may have one infection that is not completely removed, then installing more infections.

    Secondly, false positive; recently users of a particular e-mail client and a major AV program found that the e-mail client was treated as a trojan. As soon as the client was started, the AV kicked in and removed the program. Some had more problems than others, and put them self in a mess with reinstalling the e-mail client, and away it went again etc, until they temporarily did set a rule for that program in the AV program. Some day later with new definitions the false positive was gone. Still, the quarantine was good, since users could set a rule, and then restore the e-mail client from the quarantine. A deleted program file would generate more work with reinstall. But this is for confirmed false positives.

    2. Don't think so. In general. More a case of what browser, if up to date, what pages that are visited, AV defence etc. Not necessarily how many tabs that are open.

    3. Tough question. Obviously the latest of the different browsers; IE7 instead of IE6, Fx2 instead of Fx1.5 etc. Firefox do not use ActiveX controles, like IE, that have over the years been used as spyware, browser hijacker, dialer software etc.

    4. Sorry, but I would almost say; since you have the programs, you must be the one who knows how they interact. <img src=/S/smile.gif border=0 alt=smile width=15 height=15> Seriously, when it comes to real time monitoring there is no need for more than one AV and one anti-spyware. If having several real time monitoring softwares they can get in the way of each other. On the other hand on demand scanning; you can have more than one anti-spyware installed and used for on demand scanning. That can even be a good thing, a recommendation, but only one real time monitoring in each category.

    5. Again, you are the one that ran the program, so you are the one that could read the scan result, if they presented any details. I can only guess, but on a clean PC or on one with only a limited amount of threats, such big difference can be a result of that one program also counts very low risk threats as threats, in this case cookies, i.e. cookie files in the browser cache. This is the standard answer. But it can very well be that one program is better in finding some types of threats. That is why it is hard to answer with no more information.

  7. #7
    2 Star Lounger
    Join Date
    Apr 2003
    Location
    Illinois
    Posts
    135
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Anti-Spyware Questions (Home Premium)

    Thanks to everyone for the answers.
    Hans, you are correct, I meant to say Norton Internet Security (including AV)

  8. #8
    Plutonium Lounger
    Join Date
    Mar 2002
    Posts
    84,353
    Thanks
    0
    Thanked 29 Times in 29 Posts

    Re: Anti-Spyware Questions (Home Premium)

    Norton Internet Security, Windows Defender and SpySweeper all have (1) an on-demand scanning function and (2) real-time protection against spyware.

    I would schedule regular scans by all three, frequency depending on your surfing habits - once a week as a minimum, once a day if necessary.

    But having all three running real-time protection simultaneously is overkill, and it might slow down your PC. I'd choose one only (whichever you prefer).

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •