In the true, etymological sense. Nothing more. Nothing less.
And here I thought you meant it in the technical sense in which there is
quite a bit of confusion.
What I meant was Registry-monitoring as it applies specifically to
browser-hijacking.
In that area, SG is also inadqueate compared to its rivals. Which was my
point. The art of browser hijacking has improved by leaps and bounds,
since the days of SG. There are much more ways to hijacking a browser
than just changing
HKLM\Software\Microsoft\Internet Explorer\Main\*
and a few other minor keys.
No program could possibly monitor the XP Registry completely with user
notification of changes without rendering the system useless.
There is of course no need to monitor the while Registry. But even
monitoring a limited subset that allows autostarts is a much harder task
then expected. Still you try to keep up with the most common ones used by
malware.
And this is yet another area where SG has lagged behind.
Or you could use hooking as opposed to polling which lightens the load
tremendously.
I think that I should have been more clear WRT to my reply to the OP,
as I parroted the developer. Javacool continues to advocate the use of
SG as a complement to SpywareBlaster which is still considered a
worthwhile AS app by many.
As I said before, many people will continue to support it out of
inertial, and of course when we come down to it,, it's better than
nothing. But still, a shrew reading of the statement you quote (which btw
is several months old by now), and reading between the lines, it's time
to switch.
I am in no way advocating the use of either
product over another product.
Of course not. But *I* am advocating against the use of SG in view of the
fact there are better free alternatives. Neither am I contradicting
Javacool, since he is not commenting on other products.
He is saying only the browser hijack component works. I'm not
disagreeing, it works if the browser hijacks the few keys monitored.
I'm just saying given the fact that there are far more ways to hijack a
browser , I wouldn't rely on SG to provide too much protection.
I said MS ... the use of ActiveX, _not_ MSAS. If MSAS used ActiveX, it
would not be on my WinXP box.
Personally I think this fear of ActiveX is misplaced, but that will be
another topic, another day.
In any case, I'm giving you another reason to use MSAS.
I stand by this.
I was not talking about signatures, just the browser-hijacking issue.
My point is in both areas, SG is provably inferior to any other
alternative out there.
Signatures? Of course, but we're not talking about signatures.
Registry monitoring? I don't know. It's like comparing an AV engine to
the vendor's database.
Nonsense. With due respect you don't have a clue at all what you are
talking about when comparing AV engines to simple registry monitoring.
MSAS, Winpatrol, SG etc all poll the registry, it is transparent and
simple to compare what they are doing with regmon. Nothing complicated is
happening.
An AV engine on the other hand is really a black box. They handle packers
in different ways, some use passive heuristics, some use emulation,
static unpackers etc..
There are those in a.c.a-v who contend that the
NAV engine hasn't changed since 2002, but is still adequate for use as
an AV app.
It's extremely unlikely that ANY contunually updated AV product's AV
engine hasn't changed since 2002, anyone who contends that is highly
misinformed. Please point me to someone who thinks that. AV engines are
changed to handle packers for example.
I appreciate your comments, but I think that you misunderstood my
position. My bad, of course. Is SG of use as a complement to
SpywareBlaster? Javacool software still contends that this is the
case. Whether this is true or not, I have no idea. That was my point.
I did not misunderstand your position. I'm stating my disagreement. Based
on facts, not on bias against MS, or some misplaced loyalty to an aging
and mostly obselte app.
It's a stand I have advocated for a long time now, and even when javacool
came up with this statement you quote (I read it on broadband DSL months
ago), it's fustrating to see diehard SG supporters still failing to get
it.
I do understand that you are a diehard SG supporter, and SG is clearly
better than nothing. But that doesn't mean it isn't inferior to other
freeware alternatives out there.
These include
Winpatrol
MSAS
And perhaps Avorax Shield (but I haven't tried this yet to test its
effectiveness)
Maybe it's all smoke and mirrors to you, but if you try to study and
research the issues as I have done, the smoke gets a bit less well smoky.
I'm hardly an expert, but it is possible to get some answers based on
objective citeria (say studying the effects of spyware and adware),
rather than listening to hearsay and rumours that MS is evil. Or that
Winpatrol polls too slowly.