Wesley Vogel said in
2) SpywareBlaster
SpywareBlaster doesn't scan and clean for spyware - it prevents it
from ever being installed.
Correction. It prevents it from *running*. It can still get installed.
It will not kill the installation program from running, storing its
files on your drive, and creating registry entries. But it will not run
because the kill bit for the class prevents it from running. It's like
stepping on the roaches when they enter, making them dead, but never
sweeping away their carcasses.
I use it but be aware that it doesn't prevent the install, only the
execution. Since it doesn't stay running, *it* cannot do ANYTHING when
it is not running. It just sets the kill bit to *disable* the AX
control should it ever creep into your system. The author used to
explain this. I don't know why he is hiding this information now, or
why he is making wild claims that the spyware cannot install. For
example, if you have not disable the Xupter toolbar AX control, look
under the registry key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX
Compatibility\{2662BDD7-05D6-408F-B241-FF98FACE6054}
where either you find a value name "Compatibility" with a value of zero
or that value name is not defined. If you then use SpywareBlaster to
block that AX control, it changes this registry key to have
Compatibility = 0x00000400. That's it folks, just setting compatibility
mode (the kill bit) so the AX control won't run. The author has become
far to "creative" in the description of his product to the point of
misleading users.
I don't have SpywareBlaster manage bad cookies. All it does it add
those cookies to your Block list. After using SpywareBlaster to block
cookies, look in Internet Options under Privacy and click the Edit
button to see the custom domain list. All those that SpywareBlaster
added are set to Block the domain. It is also a quick registry change
to add the entries under:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet
Settings\P3P\History
with a value of 5 (or 0101 binary to set the bits that designate that
the domain for an entry is Blocked). A value of 1 (0001 binary)
designates to Always Allow that domain to save cookies. I don't bother
with this feature because I use PopUpCop which give me a whitelist for
cookies. Any domain not in the whitelist is allowed to create a cookie
(per IE's cookie settings where I still block 3rd party cookies) but
they get deleted when the last instance of IE is exited; i.e.,
non-whitelisted cookies are forced to be per-session cookies.
Lastly, the bad domain list that restricts some sites is just another
registry edit to add those sites under:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet
Settings\ZoneMap\Domains
Each security zone gets a value (4 is for the Restricted Sites zone).
But you can see the same list by looking in IE's Restricted Sites
security zone. It castrates those sites but does NOT prevent access to
them. For example, putting
www.doubleclick.com in the Restricted Sites
zone does not prevent you from entering that URL in the Address bar and
opening their home page. Since none of the IE security zones block
images, you can still end up with web bugs for those sites in your
HTML-formatted e-mails that are getting rendered by IE for display
within your e-mail client.
Add the kill bit in the Compatibility value for the classID of an AX
control prevents that AX control from executing, not from it getting
installed. Cookie management is better performed by using whitelisting
than inserting a huge list of domains that are configured to Always
Block them from creating a cookie file. Adding a huge list of bad
domains to the Restricted Sites security zone only castrates them but
doesn't block access to them. I use SpywareGuard's AX kill-bit list as
a roach motel: if they get in, they'll get stuck, but there's no
prevention from them from getting in. I don't bother with its
bad-domain list to block cookies since I'd like to keep the list small
and easily manageable (in fact, I only list Always Allow domains for the
cookie list since all those not whitelisted in PopUpCop will get purged
anyway, and often you need the cookie when at a site to have it fully
functional but not after you leave). I'm still not sure if I want to
use its bad-domain list in the Restricted Sites zone. I do us it for
now.
