On Dec 23, 9:27 pm, "VanguardLH" <Vanguar...@mail.invalid> wrote:
> "Dave" <dav...@optusnet.com.au> wrote in message
>
> news:476ee2b3$0$26179$afc38c87@news.optusnet.com.a u...
>
> >I run avg antivirus and would like to know what is a good spyware
> >download
>
> Spyware? You really WANT *spyware*? Maybe you actually meant
> ANTI-spyware products.
>
> So why not also try Grisoft's AVG AntiSpyware product (notice it is
> called ANTIspyware, not spyware). While the download is for a trial,
> it will remain useful after the 30 day period except you don't get the
> on-access (realtime) scanning. I'd rather not have dozens of security
> programs consuming my computer's resources so I only use them as
> on-demand scanner (so even when I got AVG AntiSpyware and was within
> the 30-day trial period, I disabled their on-access scanner). AVGAS
> used to be ewido before Grisoft bought it.
>
> Another poster suggested BOClean (free from Comodo). It is archaic in
> what it detects based on signature and its primary use now is its
> heuristic detection. Peculiarly Comodo has yet to roll the trojan
> signatures (the only type of malware that BOClean detects) into their
> anti-virus product. They promise to roll in the detections from
> BOClean into version 3 of their anti-virus program. Unfortunately,
> Comodo has deliberately kept version 2 in beta status to thwart being
> compared against any other anti-virus products, like atwww.av-comparatives.org. Their version 1 had dismal coverage (38%)
> but no one knows what version 2 has for coverage since the independent
> test sites won't bother with beta versions when comparing against
> commercial/released versions. Even the original author of BOClean has
> acknowledged that the detection mechanisms of BOClean are archaic and
> useless against recent pests. Development of BOClean for heuristics
> went stagnant years ago. The signatures that it downloads are only
> for trojans as BOClean is a trojan hunter. I gave up on BOClean.
> Visit their forum and you'll conclude that it is too old a product and
> too specific on pest type coverage.
>
> A single anti-spyware program is not sufficient to detect a large
> majority of pests. You need a layered approach which means using
> several products. However, if you decide to buy one or get a free one
> that includes on-access scanning, only enable the on-access scanning
> in one of those products and use the others for on-demand scanning
> only.
>
> Spybot S&D
> Lavasoft Ad-Aware
> SuperAntispyware
> AVG AntiSpyware
>
> Those should cover most pests. The next step would be to incorporate
> HIPS (host intrusion protection system) software. Online Armor is a
> firewall with HIPS (but still needs a couple more features to be
> comprehensive regarding HIPS features). Comodo's anti-virus in
> version 3 is supposed to include HIPS. Comodo's version 3 firewall
> includes HIPS but there are too many problems with the firewall, like
> lack of ease-of-use and use of global rules rather than using stateful
> packet inspection to grant inbound connects on programs that are
> allowed to make outbound connects. HIPS in their firewall regulates
> what can connect. HIPS in their anti-virus v3 product regulates what
> can load into memory (and run). System Safety Monitor is a HIPS
> program. Antihook, too, but seems to incur more impact on
> responsiveness of the host. ProcessGuard has been long dead as also
> for AppDefend so don't bother with those. HIPS means *you* have to be
> more intimate with your software to know what should be allowed to
> load or connect.

JFTR, Spyware Terminator has a HIPS function. (although I don't use
it.... PITA!)