Discussion in 'SpywareBlaster & Other Forum' started by iojay, Feb 11, 2004.
I just installed SPYBLASTER. Will it eliminate any cookies that existed BEFORE installation?
SpywareBlaster does not remove any cookies. All it does is set a block for a specific list of know spyware related cookies so that new ones for those sites will not come down. And, that feature only works for IE6, no other browser.
You'll need to delete old cookies yourself, or with another tool.
Thanks for your quick response.
Yesterday I switched from SPYBOT to SPYWAREBLASTER because of a cautionary letter Forwarded to me by a friend.
In essence the letter stated that SPYBOT and ADWARE were "compromised" and at this time are not effective.
I believe this is true because for the last 3 days I received NO flagged items for "removal" in SPYBOT at the end of my sessions.
That is why I switched.
Do you have any comments on this?
If it's true, it's news to just about everyone else in the world. (I assume by the second one you mean Ad-Aware).
SpyBot and Ad-Aware are almost universally agreed to be the best defenses of their kind, and you'll see just about everyone here recommend either or both of them in combination with SpywareGuard and SpywareBlaster. And even without the great Javacool ones, the first two are pretty darned effective.
(Edit, a P.S.) Ad-Aware lost some of its reputation for a while last year (I think it was) when definition updates mysteriously "dried up" and were unavailable for quite a while. But it turned out that was because Lavasoft was putting all their efforts into developing a new program version, and they've been good as gold about updates since then, including for those who still use the older program version. Those of us who use Ad-Aware can remember about two weeks ago a flurry of definition updates, something like 5 updates in no more than 3 or 4 days.
Mike, I'd like to Forward the entire letter I received about this matter.
Please let me know the best and or easiest way.
Your best bet is to simply post it here -- I'm by no means the best one to give you an expert opinion on it. Just copy-and-paste into a fresh reply, or else save it as a txt file and attach it to a reply (in either case, feel free to delete any personal info you don't want to appear).
And don't be too surprised if the mods decide it'll fit better somewhere else and move this whole thread there (probably "software") -- they're quite good about leaving a brief note here along with a link to its new location.
OK Mike, I'll give it a try.
I'm not a techie, but let's see what happens.
----- Original Message -----
To: "Support Alert" <firstname.lastname@example.org>
Sent: Wednesday, February 11, 2004 3:33 PM
Subject: Support Alert Newsletter Issue 106 - 11th February 2004
> Support Alert
> "Gizmo's top picks of the best
> Tech resources and utilities"
> Issue 106 - 11th February, 2004
> Support Alert is a registered online serial publication
> ISSN 1448-7020.
> Quote of the Week
> Tech Support 2004 Style
> Conversation with support at a certain controller manufacturer:
> "I can't answer that, please call your dealer."
> "I am the dealer."
> "Then call your distributor"
> "He said for me to call you"
> "Then have the customer call us"
> "AAAAAGH!" <click>
> In the last issue I spoke of the clever tricks being used by the
> latest generation of browser hijackers and other scumware
> Tricks to infect your computer just by visiting a web site and
> equally cunning techniques to prevent you removing the products
> once your PC has been infected.
> Well, the programmers behind these thieving products have just
> lifted their game and it's bad news for all.
> The Spybot home page is currently carrying this warning:
> "CoolWWWSearch.SmartKiller (v1 and v2) is a new, real ugly
> variant of CoolWWWSearch. When running, it will close every
> browser window you use to visit a large list of anti-spyware-
> sites, and even will close Spybot-S&D and some other anti-
> spyware applications as well."
> So we are now in a new game. A game of cat and mouse between the
> scumware merchants and the anti-scumware vendors like SpyBot.
> A game where the scumware programmers will keep coming up with
> new tricks to pull down and destroy products like SpyBot. A game
> where the anti-spyware vendors will have to be continually
> updating their products to protect them from being trashed by
> the very scumware products they are designed to detect.
> But there's even worse news: you can now get infected with
> scumware just by running some anti-scumware software products.
> No, not products like SpyBot and Ad-aware. They are the good
> guys. The baddies are the dozens of pseudo spyware/adware
> removers that are being sold or offered as "free downloads" that
> actually contain scumware products or behave in a similar manner
> to scumware.
> Here's a list of these rogue products I got from
> http://www.netrn.net/spywareblog. Some are borderline
> offenders, others quite flagrant: Spy Wiper, AdWare Remover
> Gold, BPS Spyware Remover, Online PC-Fix, SpyFerret, SpyBan,
> SpyBlast, SpyGone, SpyHunter, SpyKiller, SpyKiller Pro,
> SpywareNuker, TZ Spyware-Adware Remover, xp-AntiSpy, SpyAssault,
> InternetAntiSpy, Virtual Bouncer, AdProtector, SpyFerret,
> SpyGone, and SpyAssault.
> Now that's nasty; getting infected by the very products you've
> installed to protect yourself. Kind of like getting pregnant
> BECAUSE you used a contraceptive. ;>)
> So what to do?
> Without doubt, the most important thing you can do is to take
> all action necessary to ensure you don't get infected in the
> first place. Once infected, it's going to be increasingly
> difficult in the future to remove the scumware from your PC.
> So passive measures like disk scans with SpyBot are now second
> priority. Much more important is active prevention.
> As a start you should minimize your chance of infection by
> fixing Windows vulnerabilities exploited by the scumware
> merchants. Stay current with all the Windows patches by visiting
> the Windows Update often. Better still, turn on automatic
> update notification. And don't forget to update MS Office and
> other software products on your PC. They can be exploited as
> Another preventative step is to ensure your browser settings are
> safely configured. In Internet Explorer, select Tools/Internet
> Options/Security and make sure the slider control is set to at
> least "Medium." Then select "Custom" and set "Download signed
> ActiveX controls" to Prompt, "Download unsigned ActiveX
> controls" to Prompt or Disable and "Initialize and script
> ActiveX controls marked as unsafe" to Disable. Hit OK and exit.
> Next you check your browser's current vulnerability to known
> exploits by running the security tests at these sites (Internet
> Explorer and IE based browsers only):
> http://browsercheck.qualys.com/ http://www.jasons-
> Prevention also means using the active anti-infection measures
> offered in some anti-spyware products. Spybot has its
> "inoculation" option. The paid version of Ad-aware has something
> One of the very best anti-infection programs is a freeware
> product called SpywareBlaster. It's not a scanner like SpyBot
> but rather a stand-alone inoculation routine. It provides
> protection against more than 1500 products that use ActiveX
> based exploits. That's about three times as many products as
> SpyBot's "inoculate."
> A companion program to SpywareBlaster is SpywareGuard. Again,
> this is not a file scanner like SpyBot. It is a protective
> program that works like an anti-virus suite by checking programs
> before they are executed.
> Both SpywareBlaster and SpywareGuard are quality freeware, are
> regularly updated and have active support forums. They should
> be on every PC. If you haven't got them, I strongly recommend
> you download and install them at the first opportunity. Get
> them here: http://www.javacoolsoftware.com/spywareblaster.html
> The next preventative step is to keep all your defenses current.
> In this cat and mouse game you are already at a disadvantage
> because the bad guys have the initiative. Spybot, Ad-aware,
> SpywareBlaster and SpywareGuard all have features that make
> updating easy. Make sure you use them.
> Finally, only use reputable anti-spyware software products like
> the ones mentioned in the preceding paragraph. Do some research
> before installing any new product. Just how embarrassing would
> it be to get infected by a product you installed to protect
That letter deoesn't say to stop using Spybot or Ad-Aware. All it says it that new variants of some spyware try to kill off these programs, but nothing about them actually being comprimised. It does list other products that you should stay away from, because they pretend to be cleaners or protective programs but are really spyware themselves.
At the end the letter says...
We here agree with this. Those four programs can be used together to give you a good amount of protection.
Because 3 consecutive days of having no flagged items (this has NEVER happened before) on my SPYBOT I am suspect enough to not rely on it for now..
I have uninstalled it and will rely solely on SPYWAREBLASTER.
That is certainly your choice, of course.
However as I said, neither that newsletter nor anything we here have heard, support the idea that Spybot, or Ad-aware for that matter, are in any way compromised and we know all the people and products involved extremely well.
In any case, let us know if you have any other questions.
Both AdAware and Spybot S&D have issued a special program that will counter-attack the version of CWS that tries to close down the programs window.
As long as you are not infected (and trust me, you will notice) there is no reason to doubt the proper working of either program.
And, in all honesty. I would be worried if the programs found something everytime I ran them, because that would mean I had a leak.
The fact that CWS targeted these two programs should tell you something.
They can't attack SpywareBlaster in this way because the program does not have to be running to protect you. On the other hand SpywareBlaster's protection does not work for most of the variants of CWS.
What does work is to fully update Windows and IE.
Hope this clarifies a bit,
I run spybot & adaware every other day, but most times unless I've been researching the "dark" side of the net I don't get anything showing in either adaware or spybot
That doesn't mean they aren't working, but means that the other protection I use, spyware blaster, spywareguard and the IE Spyads list from http://www.staff.uiuc.edu/~ehowes/resource.htm#IESPYAD
along with sensible security settings are protecting me
adaware & spybot are reactive defensive methods and pro-active preventative methods should be the first line of defence and spybot/adaware as the second line to clean up what does get through.
Thank you ALL for your re-assurances. I appreciate it.
I just re-installed SPYBOT and will keep it along with SPYWAREBLASTER for a little extra protection.
This Wilder Security Forum is great; easy to use and quick responses from qualified people.
LowWaterMark - we believe that XP-Antispy is not to be included in the malware list.
Thank you and best wishes
My comments above were not meant to endorse or support the overall content of that newsletter, but merely to refute any thought that SpyBot was compromised in any way.
I don't know the author of that newsletter, so I can't comment further on that, however, he might very well mean the site that "took over" the previous XP-Antispy domain name and then started foisting dialers and such on people who visited looking for the real xp-AntiSpy. The "bad site" is: www . XP-Antispy . de
The good site (as you linked as well) is: http://www.xp-antispy.org Which also has a warning posted on its main page about the bad site.
Separate names with a comma.