Spyware, Viruses, & Security forum

General discussion

How much anti-malware is too much?

by rccoffee / July 3, 2007 1:36 PM PDT

Several days ago, I had to uninstall Norton Internet Security 2006 which prevented IE from working. I also downloaded Norton Removal Tool to get rid of any trace of Symantec. Now, I feel vulnerable but my neighbor says that I still have too many anti-malware programs. He has fiber-optic cable with a router while I use dial-up.

I have:
(free) Windows Firewall
(paid) Lavasoft's Ad-Aware SE Plus with Ad-Watch (2005 version)
(free) Grisoft's AVG 7.5
(free) Windows Defender
(paid) Webroot's Spy Sweeper

I plan on buying Lavasoft's Ad-Aware SE Plus with Ad-Watch (2007 version). I understand Windows Defender is not very good.

Is this enough? Is this too much? Any suggestions to add or remove programs?

Thank you.

Discussion is locked
You are posting a reply to: How much anti-malware is too much?
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: How much anti-malware is too much?
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
by tomron / July 3, 2007 1:54 PM PDT

The rule of thumb is only one av enabled and only one firewall enabled.

More then one anti-malware program is suggested since one may catch what another one misses.

You seem to be in good shape.

You can add SPYWARE BLASTER which is not scanner but a preventer.

If you want also RogueRemover PRO 1.14


Collapse -
Consider adding a 3rd party hosts file
by Donna Buenaventura / July 3, 2007 10:14 PM PDT
Collapse -
The Windows firewall is...
by ust1268 / July 6, 2007 1:31 PM PDT
Collapse -
Windows firewall is...(cont)
by ust1268 / July 6, 2007 1:40 PM PDT

I forgot to mention - don't forget to disable the Windows Firewall after you have your new one installed.

From MS: Disable Internet Connection Firewall in Windows XP or Windows XP SP1.

Before you disable your firewall, you must disconnect your computer from all networks, including the Internet. To do this, follow these steps:
1.In Control Panel, double-click Networking and Internet Connections, and then click Network Connections.
2.Right-click the connection on which you want to disable ICF, and then click Properties.
3.On the Advanced tab, click to clear the Protect my computer or network check box.

Disable Windows Firewall in Windows XP SP2.
Before you disable your firewall, you must disconnect your computer from all networks, including the Internet. To do this, follow these steps:
1.Click Start, click Run, type Firewall.cpl, and then click OK.
2.On the General tab, click Off (not recommended), and then click OK.

Collapse -
I am either dumb or very lucky
by msgale / July 6, 2007 1:52 PM PDT

Typically I have two and one-half PCs running at all time, a server and a workstatgion running 24/7. I also have a notebook which is on and off during the day. I have had an always on broadband connection since 1999. Although I have been hit by a few things over the years nothing made it through. I run Symantec AV Coroprate version 10.1 and Windows Defender. I have a Linksys router which provides some firewall capabilities. I have the windows firewall disabled.

Collapse -
CounterSpy v2.5 will save your day...
by micaman / July 6, 2007 4:06 PM PDT

I would caution you against buying Ad-Aware 2007. Until more tweaking is done, I would stay away from this new program. Don't get me wrong, up until this latest version, I have been using Ad-Aware without a single complaint for several years.

However, the Ad-Aware 2007 version is a mess!

As a computer security consultant, I test computer secuity products and I feel good about suggesting CounterSpy v2.5's "free trial" that will give you a full feature 15 day trial run. And for around $10.00, you can get Sunbelt's "premiumware which includes a 20-issue subscription to PC Magazine or a 8.00 rebate!" Here is the page that say's this:


With my current "test-bed" machine running Ad-Aware 2007, it was running 43 processes at idle. It required me to update the dat files, and it took A LOT OF TIME (average time was 24 minutes) to run a full scan. It always found "cookies" but nothing more. Upon removing Ad-Aware and restarting my machine, it had 40 processes running at idle. After installing Sunbelt Software's CounterSpy v2.5, I have 41 processes running (even when scanning) and the machine, as a whole, is faster. Right away, it found 5 items that needed secured, 182 cookies and 4 objects that really needed to be removed! My CounterSpy scans are taking about 12 minutes for a full scan. Here is CNET's link to this program:


This test-bed machine is currently (it changes all the time) running McAfee Internet Secutiy Suite 2006, Microsoft's Windows Defender and Sunbelt Software's CounterSpy v2.5 and they are ALL auto everything! No more updating, applying updates or running scans...just set-it and forget about it. 'Each' of these products include 'at least' FIVE other tools, along with their scanning features, so you end up with 15 - 20 seperate security utilities by using the three. There is nothing more needed...ever.

I have unleased all sorts of malware, trojans, viruses, bad code/hacks and more on this machine - only to find that either Sunbelt's CounterSpy, Microsoft's Defender or McAfee' Virus or Firewall stepped in and prevented anything from happening, and even still...is totally aware of what is happening on my machine at every step.

As you can tell, I am NOW a BIG FAN of CounterSpy and I am very pleased to be with them now.

Another difference over the 'other guy's' malware programs is CounterSpy's VIPRE technology:

"CounterSpy's hybrid engine merges spyware detection and remediation with Sunbelt's VIPRE technology (Virus Intrusion Protection Remediation Engine). Because VIPRE incorporates both traditional antivirus and antimalware techniques, enhancements have been made to CounterSpy's underlying architecture that will enable advanced delivery of software and definition updates."

You can read a blog posting about this very subject that I wrote yesterday BEFORE getting my CNET Newsletter in my mailbox a few minutes ago.


The bad Guys hate CounterSpy for a reason.

Collapse -
Mallware protection
by dolari / July 6, 2007 8:57 PM PDT

I have Norton 2005,Addware SE, Firewall on and PC is still infected with mallware "Hacker.spammer"Virus on two or more files including "msdscs.exe" and some "tmwsock.dll"file.It cannot be repared or deleted & my PC is geting slower and slower my can't open eaven Google on my PC dunno why

Collapse -
by ust1268 / July 7, 2007 12:57 AM PDT
In reply to: Mallware protection

is a program I found a couple of years ago and I can't believe how fast and efficient it is! I just ran a scan on over 300,000 files, 42 running processes, and it took about 4 minutes! It has found trojans and spyware that others have not. It's a product of ParetoLogic and can be found here: http://www.paretologic.com/products/xoftspyse/index.asp.I've been a tech for about ten years and it's the best I've found - so far.

Collapse -
Downloaded Counterspy, now what????
by morninglory / July 7, 2007 1:14 AM PDT

Hi Micaman, I went with your suggestion concerning CountrySpy. I uninstalled my Spyware Terminator and downloaded CSv2.5. Oh, it scanned alright and found some stuff (1 critical) but it did not have a section to delete the junk. I understand this is just a 15 day trial but all it did was scan, nowhere to delete. At least Ad-aware and SW Terminator could DELETE the junk. What gives?

Collapse -
CounterSpy v2.5 does is a "fully functional trial"...
by micaman / July 7, 2007 9:03 AM PDT

You made the right choice in giving CounterSpy v2.5 a try, however you are mistaken about the 15 day free trial "only finding, but not removing items.

CounterSpy v2.5 is a "fully-functional, 15-day trial" that includes EVERY "feature-set" AND "full customer support" by Sunbelt Software!

Not only will it remove malware, but it will optimize your system for better performance. It also includes several other tools within the program. Take another look around, contact Sunbelt, contact me or post something more here about your specific issue, so we can get your machine malware-free and running strong again!

Again, you have overlooked the features of CounterSpy. I think you are used to those older freeware programs that require you to "do this and do that" - which CounterSpy does not!

CounterSpy v2.5 is run by the nicest people, with a support team that is first-class...and based in North America!

Collapse -
Micaman, I ran a new scan....
by morninglory / July 7, 2007 12:32 PM PDT

I ran a new (quick) scan and CS found a bunch of cookies (low threat) and 2 "toolbars" which it said posed a medium-to-high threat. I left the cookies but asked that the toolbars be removed. All my toolbars are still there, so I must have had some invisible toolbars that I didn't know about. I think CS is confusing. Or maybe I am just addled. LOL!

Collapse -
CounterSpy v2.5 is built for today...
by micaman / July 7, 2007 3:50 PM PDT

I am glad to hear that you ran another scan. Toolbars cab be hidden, which is one of the reasons they can pose security risks on your machine. Sunbelt Software's latest CounterSpy program will reveal many hidden aspects of your machine's innner workings.

It sounds to me that it may "just be a new program" to you, and therefore, seems a little confusing at first. If you take the time during your 15 day trial to explore each section of this very effective anti-malware program. You will be "as sure as I am" about your systems protection.

Be sure to use the utilities that are listed in the System Tools. I really like these and run them once a week to scrubup any privacy concerns!

Also, since you mentioned that you ran a quick scan, try to run a full scan, if you haven't done so since installing the program.

Sunbelt offers some handy information on their site as well. I have posted two items below, that you may like to take a look at, to better learn about the operations of CounterSpy v2.5.

These are "pdf files" that you can save to your computer and review anytime.

CounterSpy V2 Quick Start Guide
PDF format, 302,214 bytes, Mar 27, 2007

CounterSpy V2 User's Guide
PDF format, 4,355,333 bytes, Jun 27, 2007

Another thing to remember about CounterSpy is the "active protection" part, which will handle most security concerns before the automatic scan kicks in. By default the auto scan will run at 2a.m. each night, but you can change this to a different time if you like. You should set it to a time when your machine is turned on.

The purpose of the "15-day, fully functional trial" is to "kick the tires and stretch it out a little" to see how Sunbelt Software handles malware. Without digging a little deeper, you may only be sctratching the surface of CounterSpy v2.5 abilities.

Don't forget about their customer service, which is top-knotch and totally free for you to use.

Collapse -
Thank you, Micaman
by morninglory / July 8, 2007 7:33 AM PDT

Micaman, you must be one of the nicest persons on the Cnet forum to keep encouraging me to keep my CS trial and not berate me for having issues with CS. I do intend to keep it for the full 15-day trial. I am not really a newbie but I did not know about hidden toolbars. I like to keep my computer in good working order but I mainly use it for news, email, games, etc. I don't do any actual work on it. So thanks for the help; I will do the full scan later today and see what else pops up.


Collapse -
You are too kind.
by micaman / July 8, 2007 3:17 PM PDT
In reply to: Thank you, Micaman

The purpose of the CNET Forums is to grow from everyone's experience. I am very happy to do my small part with this malware issue. Since I spend A LOT of time each week...securing machines from exploits, while hunting malware online and researching the techniques used to exploit software vulnerabilities, it is my pleasure! I simply hate malware & online crimes/attacks, and want to prevent them from suceeding. By helping you secure your machine, I can remove it from the long list of machines controlled by the bad guys.

I am so very happy to know that you, as a consumer, chose to be "pro-active" with your computer's security defenses against internet threats. I hope you will continue on your path to explore just how serious of a problem it is in the year 2007.

You may enjoy watching this short video about malware. It is only 4 minutes long if you decide to watch it.


This is the page that it came from. There are many whitepapers and other interesting facts about malware and computer security.


I have enjoyed chatting with you and hope to see you around CNET again!

Collapse -
Trying Counterspy
by mistyomine / November 2, 2008 2:37 AM PST
In reply to: You are too kind.

So far I love it but come a full scan it spends two hours going through System Volume Information. I have tried with their help to get it to ignore this mass but no matter how I follow their steps (that don't fit mine)I can't seem to get this matter resolved. Any hints?

Collapse -
Anti-malware Applications: Another Perspective
by AJ North / July 9, 2007 1:39 AM PDT

Hello RC,

The answer to the question, "How much anti-malware is too much," depends upon several factors, not least among them how the individual is connected to the internet and interacts with it. A "layered" approach to security certainly offers the greatest protection, but the cost could be system slowdowns and instabilities. That you have a dial-up connection makes you inherently more secure than with a broadband connection (though most would gladly make the trade for a faster connection...).

I would concur with micaman with respect to Ad-Aware 2007. A Beta tester for the product, I feel that Lavasoft jumped the gun with its release; even with three updates after coming out of Beta, it is still not ready for prime time, alas. (Besides, it will still not be nearly as comprehensive as other applications.)

As mentioned by others, one ought to have only ONE active firewall and antivirus suite. Having additional on-demand anti-virus (or other malware) scanners for second (or third opinions) is fine - but during a scan with one of them, all other anti-malware engines should be temporarily suspended as, with the evolving nature of the nasties, these programs will often fight with each other. Additionally, as many will scan each others' files, if the option to exclude various files or processes is available for an application, I recommend delisting each of the anti-malware programs from one another's scans (this will also decrease scan times dramatically).

I have used, like and generally recommend, Webroot's SpySweeper (and Beta-tested its current version, 5.5), but have no familiarity with CounterSpy 2.5 (its predecessor, v. 2.0, had some serious issues which likely have been corrected in the current version). It may well be a worthy choice. As stated above, malware has evolved, and the distinction as to whether a particular agent is viral, spyware, trojan, etc, is often one without a difference. The trend now is to combine the various anti-malware functions into one unified engine. This provides, in general, faster scanning, more efficient use of system resources, as well as greater system stability. (Symantec has taken this route with their Norton Internet Security 2007 and Norton 360, both highly-rated products; NIS 2008 is now in Beta.)

As for a choice of stand-alone firewalls, my own top recommendation goes to Comodo Firewall Pro (http://www.personalfirewall.comodo.com/), PC Magazine's Editor's Choice (http://www.pcmag.com/article2/0,1895,1969207,00.asp) and a top pick of Ian "Gizmo" Richards' Tech Support Alert (http://techsupportalert.com/ - an excellent resource site) and many others. Indeed, recent critical testing put Comodo Firewall Pro at the head of the list - whether boughten or free (http://www.matousec.com/projects/windows-personal-firewall-analysis/leak-tests-results.php).

In addition to the "usual suspects" of malware, one need also be aware of the insidious rootkit, which can be very difficult to detect, as well as remove. The top-rated utility to do both is Panda Anti-Rootkit (http://www.pandasoftware.com/products/antirootkit/?track=39067), PC Magazine's Editor's Choice (http://www.pcmag.com/article2/0,1895,2119252,00.asp). It is regularly updated.

Though Spyware Blaster offers useful protection, I recommend IoBit's AdvancedWindowsCare Personal (http://iobit.com/), which has a much larger library and more frequent updates. It also performs useful tweaks and optimizations (which, for those who like to do their own tweaking, can be overridden). Just remember to update after installing, and perhaps once or twice a week, as the free version does not update automatically. IoBit's SmartDefrag is also a worthy [and free] defragmenter that does a better - and faster - job than the version of Diskeeper built into XP.

[Another useful free app is CrapCleaner (http://ccleaner.com/), which will compliment nicely AWC to keep things clean and running smoothly. (CCleaner can be configured to retain those cookies you may wish to keep, while AWC cannot. It also has a handy Uninstall tool and one for programs that start with Windows, essentially a shortcut to msconfig.) It is regularly updated by the authors.]

Finally, if you know someone with broadband, perhaps they could download whichever apps you're interested in and burn them to a CD for you, since downloading with dial-up would be almost prohibitive. (By the way, the same trick can be done for Windows Updates from the Burning Bush of Redmond - http://www.pcmag.com/article2/0,1759,2017577,00.asp.) Good luck!

Collapse -
depends on what's installed and what's active
by zlevee / July 9, 2007 3:06 AM PDT

Generally speaking antivirus programs don't play well together, so you should have both Norton and Mcaffee installed together -- they tell you this in their prodcut manuals. So choose just one of those.

You can have multiple anti-spyware and anti-adware programs installed at once, however you should only have one of those actively running in the background. I use Spyware Doctor primarily as it seems to have the most complete results. It also offers antivirus capabilities but I don't have that enabled because I'm using Norton. However I also occassionally run (but usually disable) Lavasoft Ad-Aware, Spybot Search and Destroy, and Webroot Spysweeper. Lately I don't even have Spyware Doctor active since it slows down boot time --instead I enabled the spyware protection in Norton Antivirus and only run Spyware Doctor occassionally.

A good firewall is important too and for that ZoneAlarm is far superior to Windows Firewall for the reasons other people have already posted. it also offers anti-spyware protection (and another version has antivirus) but it is most effective as a firewall and the other features canbe turned off in favor of programs that handle those tasks better.

Collapse -
To continue this thread
by saleh.2201 / July 9, 2007 12:04 PM PDT

In my experience, I would recommend: #1)Get rid of Windows Firewall! You are only half protected using it. I personally love Comodo firewall. It's easy to use and leak free. #2) Give Counterspy a another look. Compared to Spywaredoctor and Spysweeper, Counterspy is the only program to get 5 stars out of 5 in most ratings. They have really done a bang up job of improving it. I like the ability to access things like my hosts file and have complete control over it (I don't think the other antispyware programs will let you contol this). #3) Spywareblaster is a MUST. Better to stop the crap before it gets in. Just my thoughts. Other programs out there can do most of these things, but you will most likely have to pay for them.

Collapse -
Comodo firewall (replying to Budzoid)
by morninglory / July 10, 2007 5:23 AM PDT

Hi Budzoid, Micaman helped me a lot with Counterspy, maybe you can help me with Comodo. I use the free Comodo and it works great; however, it doesn't seem to remember what sites are permitted. It constantly pops up and says stuff like "internet explorer is attempting to connect" or "Firefox is trying to connect", etc. I have pulled up the libraries and clicked on allow but I still get these warnings asking if want to allow these and many others that I know are OK. Have any suggestions? Thanks!

Collapse -
Hope this helps
by saleh.2201 / July 10, 2007 11:44 AM PDT

In the Comodo firewall, on the start page under security and then under component monitor, check to see if learning mode is checked. If it is, check the ON button Then check ON and run the most common programs and check remember and allow (or deny). You should soon see a reduction of popups requiring your input. Soon it will remember your answers and only popup when a new application starts. Be patient and after a couple of popups with component monitor turned ON, you will not get the popups for your normal apps. The protection offered by this firewall is worth the ocassional popup asking approval. I only get the popup asking for allow or deny when I open a new app.

Collapse -
Comodo Firewall Pro Pop-ups
by AJ North / July 10, 2007 3:49 PM PDT


I would echo Budziod's reply, and add that when an application uses another (such as IE or Firefox) to access the internet, Comodo will ask for explicit authorization, certainly the first time. It will also ask again if there has been any change to the the driving app (or browser) due to any changes that are perceived, such as an update. This is a safety feature: it is better to "err" on the the side of security, even at the risk of annoyance, than compromise the system.

Collapse -
My recomended settings
by harsh_ankola / July 10, 2007 2:14 AM PDT

Your security is nice but I generally refer to Cnet Editor's Choice as I have seen products which gets this choice are really good. The settings for Basic Security is
Firewall: ZoneAlarm Pro v7.0
Antivirus: Kaspersky Antivirus 6
Spyware Defense:Online Armor, SpySweeper,Lavasoft Ad-Adware 2007 with Ad-Watch,Windows
The ZoneAlarm Internet Security Suite 7 has Antivirus engine from Kaspersky Labs. ZA suite 7 with much powerful spyware defense is good.
But remember a system should have only 1 firewall and antivirus else it would be difficult to get optimal performance from system.

Popular Forums
Computer Newbies 10,686 discussions
Computer Help 54,365 discussions
Laptops 21,181 discussions
Networking & Wireless 16,313 discussions
Phones 17,137 discussions
Security 31,287 discussions
TVs & Home Theaters 22,101 discussions
Windows 7 8,164 discussions
Windows 10 2,657 discussions


Help, my PC with Windows 10 won't shut down properly

Since upgrading to Windows 10 my computer won't shut down properly. I use the menu button shutdown and the screen goes blank, but the system does not fully shut down. The only way to get it to shut down is to hold the physical power button down till it shuts down. Any suggestions?