I have taken content from above , added some extra content and now it looks like much better.
Thanks to swatkat, theraven, it_waaznt_me for inspiring me to add my content to theirs.
What is Spyware?
Spywares are programs that get installed on your computer without your knowledge and collect data about your usage patterns like what sites you visit, what programs you run, even your personal details like age, gender and financial details too : all those things that can be useful for a marketing company to send you customized advertising. These programs send this data back to their websites where they are given to spammers and advertisers. All these things happen without the user's knowledge and that is the most ironical point of the story.
Categories of spywares:
ActiveX: ActiveX control is not a spyware but still it has been listed here and you will know soon. ActiveX is a Microsoft technology that allows Internet applications that are more powerful than simple scripts. ActiveX applications do work only in Internet Explorer, so the use of ActiveX on websites is not recommended. Due to the huge amount of influence ActiveX apps can have on the system (ActiveX apps have access to the same files you have access to, meaning all files in the case of most private computers), it is recommended to be very careful if dealing with ActiveX.
There are two types of ActiveX apps - signed and unsigned. The code of unsigned ActiveX apps hasn't been certified and should never be trusted. Signed ActiveX apps are certified, but can still contain malicious code! Signed ActiveX apps should be trusted only if coming from trusted websites and only on a prompt base (meaning that IE settings will ask every time a website wants to load an ActiveX app).
Many dialers and hijackers install themselves using ActiveX applications. Now you know!
Adwares: Adware is generally software that displays advertisements. Adwares usually monitors your usage patterns and show you ads corresponding to them. Adwares are usually installed as freeware and it is quoted in their EULA (End User License Agreement) that the program will show relevant ads.
Many of the adwares are freeware version of programs which are available as paid versions. Examples of these programs : Opera, Divx, Download Accelerator Plus, Flashget etc. While these programs specifically tells the user that they can upgrade to their paid version if they don’t want to get these advertisements but not every adware is like that.
Low Risk Adware: Low risk adware is an adware application that is designed to display advertisements through pop-up windows. However, this type of adware program is installed with your knowledge and conforms to the program’s End User Licensing Agreement which is usually presented to your prior to download and during installation. A low risk adware program will not transmit personal or identifiable information.
Browser Hijackers:
This is a broad category in which parasites like home page hijackers and search hijackers can be included.
Home page hijackers change the start page of the user's browser to some specific sites and some notorious of these are very difficult to remove.
Search hijackers change the search behavior of the user's browser and when user searches for something on the Internet, these search sites give them the results.
Usually both of the hijackers stated above work on clickthrough systems. Here they are affiliates to other companies which give them money according to the hits they receive through them. So, the ultimate goal of hijackers is to make the users click on the links through which they earn their revenue. As this is a difficult task, the program authors go extreme ways to achieve it and create difficult to remove parasites. Recent examples of such parasite are CoolWebSearch and AboutBlank.
Browser Plug-in: A browser plug-in is an application that can be installed in your Web browser. Plug-ins can come in the form of a toolbar that is included in your Web browser, a search or navigation feature, or extra task buttons on the browser. Although most plug-ins are designed to perform necessary functions, some plug-ins are harmful to your computer because they have complete access to your Web browser and can log, modify, and redirect any task you perform.
Browser Redirector: Browser redirectors are programs that change your Web browser settings, often altering designated default start and search pages. In addition, a browser redirector can modify almost every aspect of a Web browser including adding bookmarks, and redirects search traffic to alternative sites.
Dialers:
Dialers are programs that promise to make some "premium content" available to the users by making calls through them. Their entire objective is to make the users dial the number which are usually long distance numbers of their affiliates.
File Sharing Program: File sharing programs, also known as peer-to-peer, are popular applications used to share files of any type such as movies and music across the Internet. Many freeware and shareware file sharing programs install different types of adware and even some spyware software with them. Although most file sharing programs are not harmful, the adware and spyware programs contained in their bundle could be.
Only Shareaza 2.1 is spyware free and is open source. So go ahead and use it.
Layered Service Provider: It is also not a spyware and is very essential for your PC but is still exploited by Spywares. A Layered Service Provider is a system driver linked deep into the networking services of Windows. It has access to every data entering and leaving the computer, as well as the ability to modify this data. A few such LSPs are necessary to allow Windows to connect you to other computers, including the Internet. But Spyware may also install itself as an LSP, thus having access to all the data you transmit. LSP are currently used by CommonName, New.Net, NewtonKnows and webHancer.
Keyloggers:
Keyloggers aren’t thankfully installed by marketing companies. Usually they are installed by some trojans or hackers. Here hackers refer to those breed of computer users who use such programs to break into other's computers to steal passwords or to destroy those systems. These programs monitor each keypress on your system and keep track of them and send it back to their originators. There are many sophisticated keyloggers which have their own SMTP engine to mail back the tracking records.
Commercial Keylogger: A commercial keylogger is a program that is installed by one user of a computer to explicitly monitor the activity of other users. These types of program can be installed using stealth tactics to hide themselves from other users. These programs can be purchased from commercial organizations.
RAT: A remote administration tool (RAT) is a Trojan type of software that when run, provides an attacker with the capability of remotely controlling your computer over the Internet. The attacker usually has full access to functions on your computer.
Remote Installer: A remote installer is a program that is installed on your computer without your knowledge. Once the program is installed it can connect to a remote server and download additional programs and files, installing them on the computer without your knowledge.
Spyware: Spyware's primary purpose is to collect demographic and usage information from your computer, usually for advertising purposes. Spyware is usually silently downloaded onto your computer and performs covert activities. Spyware programs are often bundled as an unknown component of other programs downloaded from the Internet.
Tracking Cookies:
Cookies were meant to be used for customizing the websites according to the user's preferences. But marketing companies found another use of them. This useful feature is being abused by marketing companies by putting "third party cookies". Third party cookies means cookies stored by websites other than you are visiting - most often put through banners and ad rotators. These cookies can keep track of what sites you visit that contain their ads.
Trojan Horses: Even though a trojan horse is sometimes also called Trojan, it's more a Greek. The Greeks build the so-called 'trojan horse' in the fight about Trojan to get into the town, so they are the real snoops.
A trojan is a program that has gotten onto your machine without your knowledge and contains malicious code that would for example allows persons using another computer to connect to yours over a network.
Typical trojans are open to anyone trying to connect (any person on your local network or even the internet). Special trojans are designed to make you machine accessible just to the person who infected your computer with the trojan.
The access an outsider can gain using a trojan on your machine can be nearly anything. From watching all your behavior (like a keylogger) to manipulating your computer to basically doing anything you can also do using your keyboard and mouse.
Your computer can get infected with a trojan by multiple ways. A person with physical access to your machine can place it there, but you can also accidentally install it yourself by opening an unknown email attachment that by chance contains a trojan.
According to some definitions, trojans are also programs that sneak into other programs, for example to gain access. As these programs are consciously used by the other, they are not trojans, but are backdoors.
Usage tracks: Usage tracks are your fingerprints in your system. Whenever you visit a page with your browser, or just open any file, that information is stored deep inside Windows. In most cases that is very useful – if you want to open that file again, you can select it from a list instead of typing the whole filename or browsing the whole directory structure again. But in some cases you may want to hide your activity, because spyware and internet attackers may use that information.
Browser Helper Objects (BHO): BHO stands for Browser Helper Object. This is a small program, usually a DLL file, originally developed to enhance or customize the features of the Internet Explorer. Whenever a BHO is installed, this is registered in Windows Registry. When Internet Explorer is started, it checks the Registry for the entries of BHOs (which indicates the installation of BHO), these entries are known as CLSID's.
So, whenever the Internet Explorer is opened, the BHO is instantiated (created), and then this BHO has full access to the Page that is being viewed.
For example, if you have Google Toolbar, it installs a BHO, through which it can provide functions such as "Search within the Page", "Auto Fill", "Page Info" etc. Another one, a BHO from Adobe Acrobat Reader, which enables to open PDF directly in the IE windows itself or Downloading Softwares such as DAP, DEX will create one BHO to integrate with IE and to catch the Clicks on the download link.
So, using BHOs IE can be tweaked so that, it will be one mean browser....
If BHO enhance the functionality of IE, then why is it avoided?
Now, time for some bad news about BHO.
Windows does not provide any direct way to see the installed BHOs.This adds some amount of stealth capability to the BHOs. Actually, if we know the CLSIDs, we can view the installed BHOs through Registry using tools such as RegCleaner.
Due to this stealthy nature of the BHOs, it provides an easy way for Spywares, Adwares, Trojans or Viruses to attack. Lets see the effects of these bad programs on IE and your Computer.
Some Spywares add a BHO without the knowledge of the user. So what happens is, whenever IE is opened that SpywareBHO will run and it keep an eye on what you do in that browsing session. It can monitor, what pages you visit frequently, which services are used by you, etc. Even worse case is that, they can hijack the Browser, that is they can change the Default or Search page, and they can not be easily recovered.
Adwares go one step further and they can bring you PopUp Ad's or Bad tasted WebPages randomly or they even can bring you context sensitive Ad's, that is Ad's based on the content of the Web pages you were viewing.
Trojans/Viruses can contact their creator's website and download latest version of Trojans to your system.
If you see any HijackThis Log of Spyware/Trojan affected system, you will certainly see some BHOs, which will have links to suspicious Websites and also they will have links to download some files.
So, in all the cases, your privacy is at stake and your computer/data is at risk.
Since BHOs have virtually full access to the system, they can do anything. Some improperly coded or deliberately coded can cause Runtime Errors or Illegal Operation errors.
From Windows 98 onwards, MS has extended the support for BHOs to not only IE but also Windows Explorer. As you might be knowing Windows Explorer (Explorer.exe) is THE application that should be running anytime to use Windows. If any bad BHOs are installed, then they will get loaded whenever Explorer.exe starts. This is certainly not desirable.
What to do?
BHOs can be removed manually or by using any tools.
Manual removal can be done in two ways:-
1]By renaming the DLL file corresponding to the BHO which is to be disabled.
2]By deleting the DLL file and removing CLSID entry in the Registry.
We can make use of HijackThis to know the installed BHOs and delete their Registry entries and then we can delete the DLL file associated with it.
A typical CLSID and DLL file of a BHO (Google Toolbar, in this case ) is shown here,
Code:
CLSID = {AA58ED58-01DD-4d91-8333-CF10577473F7}
DLL File= c:\program files\google\googletoolbar1.dll
But, using some tools BHOs can be directly dealt with. There are many tools to view the BHOs installed in the system directly. Some of them are BHODemon, BHOInfo and Browser Sentinel. These tools list all the BHOs present in the system, so that user can decide which one to keep or remove.
So, BHOs are powerful means through which anything can be done, be it good or bad.
Common Spyware Terminology and Definitions
Adware
Any software application that displays advertising banners while the program is running is called adware. Adware tracks your online browsing habits and displays advertising based on your browsing activities on a Web site. Web sites often deposit adware on your computer during a visit. An adware program should be considered spyware when it was installed without your knowledge or consent and sends information to unauthorized parties.
Anti-spyware software
Anti-spyware software protects a computer from spyware infection. Spyware protection software can find and remove spyware without system interruption.
Drive-by download
A so-called “drive-by download� is when programs are downloaded and installed without your knowledge or consent. Most often accomplished when the user clicks to close or eliminate a random advertisement or other dialogue box.
Firewall
A firewall prevents computers on a network from communicating directly with external computer systems. A firewall typically consists of hardware or software that acts as a barrier between internal networks or computers and external systems. The firewall software analyzes information passing between the two and rejects it if it does not conform to pre-configured rules. Firewalls provide effective protection against worm infection, but not against spyware like Trojans, which hide in legitimate applications, then install secretly on your computer when the application is started.
Home Page Redirector or Browser Redirector
A redirector is a program that can change settings in your Internet browser including your search page to redirect all searches to a specified pay-per-search site, and your default home page to redirect you to the attackers Web page, often an adult content site.
Hosts file
The hosts file could be described as an address book. While the normal user is used to access other computers on the internet using names (for example
www.security.kolla.de ), every computer is accessed by a numeric address at a lower level. You may already have seen this numeric addresses; they look like 127.0.0.1 for example.
Every time you try to access another computer by using his name, your computer looks up his address in an address book. First it looks into a local address book (the hosts file), and only if it cannot find the address there it looks in a very big address book in the internet.
So if you want to block an internet website, you could simply redirect this sites name to a place where nothing will be delivered from. Such a place would be your computer for example. The address I already mentioned, 127.0.0.1 is an address that will always point to the local - your - computer. By adding an entry to the hosts file (your local address book) that redirects an ad site to your machine, you would trick your internet browser to think that ad site would be on your machine, and as your machine doesn't deliver ads, it wouldn't get the ad and it will not be displayed.
Another way of using the hosts file is if you want to access computers that are not listed in any address book yet. For example if you have a local network, you would not list your local computers in any internet address book, if only because that would be very expensive. So you could just enter them into the local address book (your hosts file).
Information Privacy
An ethical issue that is concerned with what information an individual should have to reveal to others through transactions such as Web browsing or online shopping and how that information is handled.
Java applet
A Java applet is capable of doing more than just a JavaScript, but does not have the full access to your machine like a full Java application. An applet still needs the browser to be run in, while a full Java application could run stand-alone (using just the runtime engine).
Java Script
A Java script is a very small program that is running on your computer when visiting websites that have defined such a script. Java scripts have little access to your computer, but can modify your browser.
Operating System
The operating system is usually the underlying software that enables you to interact with the computer. The operating system controls the computer storage, communications and task management functions. Examples of common operating stems include MS-DOS, MacOS, Linux, and Windows.
Passwords
You surely know what a password is. When accessing private data on a protected system, you need a password (sometimes also called passphrase) and most often a username to tell the system your identity.
Most things about passwords have already been said, but some things cannot be repeated to often.
1. Do not tell your passwords anyone. If you are asked by anyone to tell them your password, say no. There is simply no reason. If sometime tells you he is an admin and needs to know your password, he lies.
2. When choosing your password, do not choose something that others could simply guess. Do not use the name of your spouse or cat, or the company name printed on your computer or monitor. While the best thing would be a random string of characters and numbers and even special characters, if you really need something that is easy to remember, take parts of words and combine them into something that you can still speak, but that gives no sense. Attach a few numbers to it to be on the saver side.
3. Don't write your password down on a sticky attached to your screen, or anywhere on your workspace. If you need to write it down, put the paper with it into your wallet, but never anywhere the computer.
4. Don't save a file with all your passwords on your computer. If you cannot remember them all, write them down. If you really want to save them in a file, encrypt that file.
Personally Identifiable Information (PII)
Personally Identifiable Information is information such as name, address, phone number, credit card information, bank account information, or social security number.
Privacy
Privacy is an ethical and often-legal issue that is concerned with an individual’s right to have areas of his or her life that are free from interference and scrutiny by other people and organizations.
Privacy Policy
A privacy policy is the responsibility of the organization that is collecting personal information. A privacy policy should clearly explain why personal information is being collected, how it will be used, and what steps will be taken to limit improper disclosure.
Opt-out
A misleading option that is often found in spam. That is, if you respond to a request for removal, you very well may be subjecting yourself to more spam, because by responding, the sender knows that your e-mail account is active. A 2002 study performed by the FTC demonstrated that in 63% of the cases where a spam offered a "remove me" option, responding either did nothing or resulted in more e-mail.
Shareware
Shareware is software distributed for evaluation without cost, but that requires payment to the author for full rights. If, after trying the software, you do not intend to use it, you delete it. Using unregistered shareware beyond the evaluation period is considered software piracy.
Spam
Spam is unsolicited commercial e-mail. It is sent, usually in bulk, through open-relays to millions of people. Spam is cost-shifted advertising. It takes a toll on Internet users' time, their resources, and the resources of Internet service providers (ISPs). Most recently, spammers have begun to send advertisements by text message to cell phones.
Spyware
Spyware is software that transmits information back to a third party without notifying you. Some privacy advocates also call legitimate access control, filtering, Internet monitoring, password recovery, security, or surveillance software spyware because it can be used without notifying you.
How Does Spyware Get Installed?
Spyware finds many ways to install itself on your computer, sometimes with your permission but usually without it by hiding in other programs or claiming to be something useful. However, before something can be installed on your computer, you usually have to click on or open some object or program.
Below are a few of the most common methods used to encourage you to install spyware:
Opening spam e-mail
Clicking on deceptive pop-ups
Downloading free utilities, games, toolbars, or media players
File sharing programs
Visiting corrupt Web sites
Mainstream software applications
While there is content available on the Internet that is not designed to covertly monitor your actions, there are many free and over-the-counter software that contains spyware. Spyware not only gives advertisers information about your online activities, it can also lead to disclosure of sensitive personal data. Here is how spyware ends up on your hard drive and what you can do to prevent it.
One mistake when browsing the Web is to have your Internet browser security settings set too low. A low security setting allows spyware programs to be stored in your computer memory. A few things that you can do in order to keep spyware off your computer includes setting your Internet browser security at the default level or higher, scrutinizing what you download, keeping current on operating system updates, and finally, installing an anti-spyware program on your computer to catch all that you miss. Anti-spyware software can help to locate, quarantine, and then delete spyware that your computer unwittingly accepts.
Follow your instincts! If the source does not seem familiar or trustworthy, then do not open the e-mail, click the pop-up, or visit the Web site. Get your utilities from a source you trust— sometimes the free ones are not worth the price you pay in headaches. Look for a motive when you see an enticing offer. Why would anyone want to offer you regular free atomic clock updates for your computer anyway?
Below are various types of spyware installations:
Drive-by Download
A drive-by download is a program that is automatically downloaded to your computer, often without your knowledge or consent. Unlike a pop-up download, which asks for consent (albeit in a calculated manner likely to lead to a yes), a drive-by download is carried out invisibly: it can be initiated by simply visiting a Web site or viewing an HTML e-mail message. Frequently, a drive-by download is installed along with another application. For example, a file sharing program might include downloads for a spyware program that tracks and reports user information for targeted marketing purposes, and an adware program that generates pop-up advertisements using that information. If your computer's security settings are lax, it may be possible for drive-by downloads to occur without any action on your part.
Commercial product installation bundling
When you download a commercial or shareware program you might get the program plus spyware installed. For example, the installation of some popular peer-to-peer file sharing programs can lead to the installation of a lot of adware and spyware.
Misrepresentation of intention
A product that promises to block advertisements should not deliver them. A product that promises to stop spyware should not be spyware.
Misrepresentation of source
If a product claims to be from a company, usually a trustworthy company like Microsoft, but is not it is misrepresentation of source. Spyware might prompt you from a Web page to accept installation of a Microsoft product when it is not a Microsoft product but is actually spyware.
Silent Download and Execution of Arbitrary Code
This occurs when an installed program downloads and installs without your knowledge or consent, usually spyware or adware.
Commercial spyware and key loggers
Some spyware and key loggers are designed to be small enough to be attached to e-mail. A key logger can log Internet conversation, window activity, application activity, clipboard activity, printing, keystrokes, Web site activity, and may also capture screenshots and Web-cams. Such products can be quite stealthy, for example, many spyware programs do not show up as an icon, do not appear in the Windows system tray, do not appear in Windows Programs, do not show up in the Windows task list, cannot be uninstalled without a pre-specified password, and do not slow down the operation of the computer it is monitoring.
What are the Signs Your Computer is Infected with Spyware?
Below are five signs that your computer might be infected with spyware:
1. Your Web browser's homepage is reset to an undesirable Web site and you cannot change it back.
2. You are experiencing problems with pop-up advertisements both when you are browsing the Internet and when you are offline and your Internet browser is closed.
3. Your computer is running slower then normal and your connection to the Internet is not as fast as it used to be. You might also be experiencing abnormal network activity coming from your modem or broadband connection device (cable or DSL modem).
4. When you are using your favorite search engine your searches are being redirected to an unfamiliar search engine or unrelated Web site.
5. You notice strange additions to your Favorites list or you have a Start menu item that you never added.
How to fight with the Spywares?
Your PC becomes a battlefield when you are confronted with all those naughty spywares. You have to first gear up for fighting up with them. You need to know some important information so that you can create a virtual shield around your PC so that spywares cannot penetrate into your PC.
The spywares take advantages of the open doors in your PC through which they enter your PC. They can be : using older versions of certain softwares, not updating your Windows regularly, not updating your anti-virus software and not having proper anti-spyware software and many more. You should first close these doors for which I have given methods in Avoiding Spyware Topic below.
Avoiding Spyware: Ambush
Below are some simple tips on how to avoid spyware:
1. Make sure the Windows Update Service is always running to stay current with the latest security updates and service packs.
2. Use additional backup protections. In addition to AntiSpyware softwares, make sure to run software or hardware firewalls and up-to-date antivirus applications to protect yourself against redirectors and viruses. AntiSpyware softwares are not a replacement for these.
3. Beware of peer-to-peer file-sharing services. Many popular applications include spyware in their installation procedures. Also, never download executables over peer-to-peer sharing networks, because you cannot be absolutely certain what they are. Actually, it is a good idea to avoid downloading executables from anywhere but vendors or major well-known sites.
4. Avoid “web bugs.� Web bugs are spies that are activated when you open contaminated HTML e-mail. They can work in many ways, but a very common example is sending an HTML email with a reference to a JPG or other graphic. When the recipient opens the mail, and the HTML is drawn, it obtains the picture from across the Internet as specific by the HTML mail’s author. This allows the mail’s author to effectively see when a mail is actually read. In addition, by sending a unique picture link to each mail address, they mail’s author can even tell which email address is valid, and at what time that particular user read the mail! Get rid of unsolicited e-mail without reading it when you can; turn off the preview pane to delete messages without opening them. In Outlook 2003, on the Tools menu, click Options, click on the Security tab and click Change Automatic Download Settings. Make sure you do not download pictures or other content automatically in HTML before the e-mail is checked.
5. Beware of spam. Spam can use exploits in Internet Explorer or your e-mail client to download spyware to your computer.
6. Do not install anything without knowing exactly what it is. This means reading the end-user license agreement (“EULA�) carefully, as some EULAs will actually tell you that, if you install the program in question, you have also agreed to install some spyware with the software. Check independent sources as well, as some EULAs will not tell you about spyware.
7. Protect yourself against automatic downloads. Make sure your browser settings are stringent enough to protect you. In Internet Explorer, this means your security settings for the Internet Zone should be at least set to medium. Deny the browser permission to install any ActiveX control you have not requested. Optimum settings should be to disable unsigned ActiveX and option of scripting unsafe ActiveX Controls. You can find these settings in IE at
Tool>>Internet Options>>Security>>Custom Level
Here you should disable unsigned ActiveX and unsafe ActiveX. Also you should block cookies through Tool>>Internet Options>>Privacy. Also check Block Popups if you have IE 6 with SP2 on Windows XP.
8. There is another alternative to tip no. 7 above which is to change the browser. Yes switch from IE to any other browser. The best alternative to IE is Mozilla Firefox or Opera.
Ammunition Required:
There are many softwares pretending to fight spywares and viruses but only few of them dare to do that and stand out. Here I am listing World famous Anti-Spyware, Anti-virus and other security softwares and will tell you who actually won the battle.
The numbers shown are the actual rankings.
Anti-Virus Softwares:
1. McAfee VirusScan Pro 9.0
2. Norton Anti-Virus 2005
3. Panda Titaniun Antivirus 2005
4. Kaspersky Anti-Virus Personal Pro 5.0
5. avast! Antivirus v4.6
6. Trend Micro PC-Cillin Internet Security 2005
7. F-Secure Anti-Virus 2005
8. AntiVir Personal Edition 6.0
9. AVG Anti-Virus 7.0
The brand name Symantec makes Norton the leader but sometimes truth is bitter to digest. Norton Anti-Virus is too heavy in terms of memory and CPU usage and loses sometimes in fast detection of viruses. I like McAfee for its fast response, easy usage and detection of almost all types of viruses. A real surprise is the New Panda Titanium Antivirus 2005 which has won my heart. If you want some free and good antivirus protection go in for Antivir Personal or AVG Free Editions. AVG is better in this case. According to a survey I read somewhere Kaspersky can detect maximum number of viruses so it is not a bad option either but I don’t like it.
Conclusion is that go in for any one but McAfee, Norton or Panda are the true winners.
Firewalls:
1. ZoneAlarm 5.5
2. McAfee Personal Firewall Plus 6.0
3. Sygate Personal Firewall 5.5
4. Kerio Personal Firewall
5. Norton Personal Firewall 2005
6. Windows XP Firewall
ZoneAlarm wins because of easy usage and highly configurable but loses to McAfee in terms of a feature called Port Blocking. Sygate is also very good. Now, the real losers are Norton and Windows XP Firewall. Windows XP Firewall is not configurable and does not block outbound events and Norton – much better alternatives exist. Kerio Personal is also a good one.
Internet Security Suites(Firewall+Antivirus)
1. McAfee Internet Security 7.0
2. Norton Internet Security 2005
3. Kaspersky Internet Security 1.0
4. ZoneAlarm Security Suite 5.5
No discussions as there is only one undisputed winner: McAfee that has a right mix of all elements plus an antihacker. Rest of the two are also very good but not as McAfee. ZoneAlarm lost because of poor Antivirus capability.
Anti-Spyware Softwares:
1. Spybot - Search & Destroy 1.3
2. Ad-aware SE 1.05 Personal
3. Ad-aware SE 1.05 Professional
4. Microsoft AntiSpyware 1 Beta
5. SpySubtract
6. SpywareBlaster 3.3
7. Webroot Spysweeper
In the free category Spybot and Ad-aware Personal and in the shareware category Ad-aware Pro wins. Microsoft has done really good work in releasing AntiSpyware program which has many rock solid features and real time detection but misses small utilities like Shredder. Also SpywareBlaster is a very good anti-spyware for protection from cookies and Internet Attacks.
Now a special Mention of Browser Sentinel 2.0. It is a very good software for protecting your IE. It can detect all types of softwares, extensions, toolbars, bands and context menu extensions lingering to your browser and can remove the unneeded. It can also detect startup changes and that too in real time. A must download.
Adwares: 
like maxthon (still based on IE tho), FireFox, Opera [top 3]
