G
Guest
Which one has better real-time protection?
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
B
Bill Sanderson
Microsoft Antispyware.
SpywareBlaster is an excellent app, but it does just one thing--it sets the
killbit on ActiveX controls. I'm not sure I'd even call this "active
protection," although that's probably not totally wrong.
Microsoft Antispyware monitors 59 different integration points where spyware
interacts with IE or Windows. They are really quite different apps.
SpywareBlaster is really the only other antispyware app I keep up with
besides Microsoft Antispyware. I'll run Ad-aware occasionally just to see
how many cookies I've accumulated, but SpywareBlaster is so neat and
low-impact that I keep it handy. I also use it to turn off flash.
SpywareBlaster is an excellent app, but it does just one thing--it sets the
killbit on ActiveX controls. I'm not sure I'd even call this "active
protection," although that's probably not totally wrong.
Microsoft Antispyware monitors 59 different integration points where spyware
interacts with IE or Windows. They are really quite different apps.
SpywareBlaster is really the only other antispyware app I keep up with
besides Microsoft Antispyware. I'll run Ad-aware occasionally just to see
how many cookies I've accumulated, but SpywareBlaster is so neat and
low-impact that I keep it handy. I also use it to turn off flash.
V
Vanguard
Which one has better real-time protection?
You don't know how SpywareBlaster works. It provides NO real-time
protection. It does not run in memory except when you execute it but
then you exit it, too. The author got carried away after the last major
version got released of his program in claiming that it will prevent the
installation of spyware. Nope, it will NOT prevent the installation of
spyware. It will prevent the *registration* of spyware into the
registry and it will prevent calls to the program if the registry is
used to locate it (rather than making direct calls to it).
All SpywareBlaster does is add registry entries under the ClassID for a
spyware program which includes a kill-bit. This will prevent some
install programs from completing because they error when attempting to
register the program (into the registry), but not all installs will
abort plus that doesn't eliminate the files that have already been
installed since the registration is done last after all the files have
been copied. It will prevent the program from executing if its
libraries are called by finding them through the registry, but the
program could call them directly by using a relative path (where they
are assumed to be in the same path as the executable) or using an
absolute path. The entry point into a DLL is still accessible even if
its method/function name is not defined within the registry.
SpywareBlaster doesn't prevent installation of malware. It doesn't
eliminate it if already on your system when SpywareBlaster is ran. All
it does is add kill-bit entries to the registry. It does also add other
items if you so choose, like adding domains to your Blocked cookie list
and domains to your Restricted Sites list. There are better ways to
manage cookies, and sites added to the Restricted Sites list only mean
that functionality of a web site is reduced but that does NOT prevent
connecting to those sites. Restricted is not the same as blocked.
I still use SpywareBlaster but realize that its protection is passive
and understand that how it deters malware is effective but not as
effective as the author now claims (his claims and explanation before
his last major release were more correct and he has gotten almost
misleading in his recent claims). The protection afforded by
SpywareBlaster is not included in MSAS, so you don't duplication
protection by using both. You update and run SpywareBlaster and then it
is gone from memory when you exit. It affords NO real-time protection.
The kill-bits in the registry are not active as with some background
program running trying to catch intrusions and checking for malware.
SpywareBlaster is like putting speed bumps on a road: it's a passive
approach to reducing violations but not that effective for those willing
to slam their cars over them. SpywareBlaster provides additional
protection. Don't equate it with MSAS, Prevx Home, Ad-Aware, Spybot
S&D, or other detection programs. SpywareBlaster never detects
anything. And, as far as I can tell, SpywareBlaster is only effective
against ActiveX controls since it is for that type of spyware that it
adds kill bit registry entries.
MSAS checks for ActiveX installs through IE. It doesn't add kill bits
to prevent their use if installed while MSAS is disabled or installed
through other avenues. SpywareBlaster doesn't run in the background and
is passive only (by adding kill bits in the registry). So use both.
One isn't better than the other because they don't overlap their
functionality. MSAS monitors for AX installs while SpywareBlaster
*attempts* to neuter them (not remove them but neutralize them).
Also note that MSAS *polls* for changes to the system rather than
intercepts them. This is why MSAS cannot report which program made the
critical change, and why you cannot define application rules as to which
program is allowed to do what. WinPatrol is the same way (but its poll
interval is even longer). For example, use Notepad to edit the hosts
file. When you exit Notepad then something like 5 to 50 seconds later
MSAS will notify you of the *past* change but Notepad is no longer
running for MSAS to know which process made the change. Prevx will
intercept and pend such actions until the user decides to accept or
block that action. In the above example, Prevx will pend the change to
the hosts file, Notepad is not allowed to complete its action (so it
remains loaded in memory), and Prevx prompts you to allow or block the
change (which you can choose to remember or not). Since Notepad is
still running but pended, it know the application that is attempting to
make the change to the hosts file. The Home version of Prevx is free
but is probably not something for newbie users as you will need to
understand what the prompts mean and willing to investigate whether or
not the change should be allowed if you don't already know about it.
MSAS and WinPatrol tell what happened but do so late. Prevx tells you
what *is* happening as it happens but means more prompts to answer and
more a more expert user.
G
Guest
I use them both as (at least I believe it to be the case)
they cover different areas. SpywareGuard from the same
people who created SpywareBlaster looks to be the same as
MSAS so I don't use that one since it seems to slow down
my PC a bit.
they cover different areas. SpywareGuard from the same
people who created SpywareBlaster looks to be the same as
MSAS so I don't use that one since it seems to slow down
my PC a bit.