View Full Version : Spybot/Spywareblaster conflict CasaleMedia
Once again, it appears that today's SpyBot Immunization is removing protection from an IE restricted site that's being placed there by SpywareBlaster; specifically, CasaleMedia.com
I realize such conflicts seem to happen "once in a while"... I'm reporting it so that the "powers that be" be made aware, and decide how (if at all) to reconcile matters.
Terminator
2009-04-16, 21:41
I'm having this problem as well. Its a relief to know that I'm not alone in experiancing this issue.
"Its a relief to know that I'm not alone in experiancing this issue".
Since I've confirmed the cause/effect relationship on more than one machine, I can only conclude that the conflict/removal is part of the programming... meaning that EVERYONE who uses both SpywareBlaster and Spybot should expecience this issue upon accessing immunization in SpyBot.
Of course, not everyone who opens SpywareBlaster may take note of the disabled entry...
I have also reported the problem at the SpywareBlaster forum. And I'm surprised by the minimal response in each forum so far.
just like to comfirm its not just you two,i also experince the same issiue.
in fact i came here to post this.
MadelineC
2009-04-17, 04:58
I'm getting the same thing too, probably a lot of people are.
@ ky3311
I've posted about it on your thread in the SpywareBlaster forum too.
FYI: The CasaleMedia conflict continues, after today's (4/22/2009) SpyBot update...
Hi,
(almost) everybody will have this little "problem" with Spybot and SpywareBlaster... please remember, we had such a discussion a few weeks before:
XTROcash (2) unchecked in spywareblaster due to SpyBot? (http://forums.spybot.info/showthread.php?t=45928)
Well, to explain it in very simple english, it seems that Spybot and SpywareBlaster have a different "opinion" (recarding bad downloads, etc.) according to this internet site.
Bitman explained it already very well. :bigthumb:
ky331,
From your posts here I can tell that you at least technically understand what is happening here. However, I'm not certain that these differences between Spybot S&D and SpywareBlaster are being understood at a philosphical level, nor how easy it is for you to resolve them without changes to either program's database.
Though in the past both programs have appeared to always agree on the status of 'blocked' sites where they overlap, on occasion there have been differences, though generally temporary as you've mentioned. Though this may not really have changed, it's completely possible that it might, so I don't believe we can assume the programs will always attempt to remain 'in sync'.
Since the philosophy of what is a 'bad' site that requires protection is highly subjective, it's common for different security programs to have wildly different opinions and thus different sets of similar protections in place. Though in some cases these differences merely 'overlap', in others they can appear to 'conflict' as in this particular case. However, this situation isn't really a 'conflict', since neither program's operation is actually affected, it's simply a difference of opinion on one (and over time potentially more) site(s).
Since Spybot S&D contains the [necessary] ability to remove old 'orphaned' entries that have changed so they aren't forever left in the registry, when an entry is removed from the blocked list it will also be removed from the registry during a fresh Immunization, which you have noticed. So if Spybot S&D is run after SpywareBlaster, it will remove any corresponding entries that the Spybot Team have decided to remove the protection for, no matter what the reason.
The solution here is obvious. Simply decide which program of the two you wish to 'trust' the most, or alternatively whether you prefer the 'most' sites blocked or the 'most selectively chosen'. SpywareBlaster's list has always been larger, but has also seemed to be slightly less well maintained than the Spybot Immunizations, though this is just personal my observation not deep analysis.
Once you've made this decision, simply execute the program who's selections you prefer most last. This will result in either the removal of one or more individual Restricted Sites entry by Spybot S&D or the combination of all sites contained in both if SpywareBlaster is executed last. This solution is simple and removes any concern for differences between the two program's lists which will continue to occur as the lists evolve.
Bitman
Bitman,
I simply posted here as an "advisory", so that "the powers that be" --- as well as any users experiencing this conflict --- will have the matter documented on public record. I am not trying to force either program/party to make changes.
We're only talking about one site here, which is not worth debating the pros & cons; my personal preference is to use/combine both programs, re-applying SpywareBlaster after immunizing by SpyBot.
Question: You wrote: "SpywareBlaster's list has always been larger". By my count, the current version of SpywareBlaster protects [only] 4,826 restricted sites, whereas SpyBot protects 10,548 "domains" (which I believe is the proper comparison); and of these, they share 1,291 in common. How is SpywareBlaster's list "larger"?
Shows how closely I've been watching these since I stopped using Immunization on all but an old Windows 2000 PC over two years ago.
You're correct, there was explosive growth in the Restricted Sites portion of Immunization starting in June of 2007 when they nearly doubled from 3,366 to 5,561 entries. Since then they've almost doubled again, so now Spybot's list nearly engulfs SpywareBlaster.
Personally, I just recently reinstalled Windows 2000 on that old system, so I've only bothered to put Spybot S&D back in operation. From this discussion I don't think I'll bother with SpywareBlaster myself, since I know more about how the Spybot Team operates and tend to trust their list more anyway. I especially like that they built in the very clean-up feature we're discussing, since otherwise it was possible for these domains to remain in your resgistry for ever, unless you took the time to 'Undo' Immunization before every update to Spybot S&D.
I understood what you were saying, but I believe this issue is really insignificant and those who are bothered by it should simply stop using either SpywareBlaster or the Immunize feature of Spybot, since these inconsistencies will continue to pop up in the future and only serve to irritate them over and over again.
Bitman
you wrote: "I know more about how the Spybot Team operates and tend to trust their list more anyway". --- there's nothing like having "inside information" :D:
you also wrote: "I believe this issue is really insignificant". Agreed. But most users don't want to have to choose (nor do most have sufficient knowledge to properly choose) between these programs. Each has its advocates. And since, with few/minor exceptions such as the one we're discussing here, they can "peacefully" coexist together, I think many people will continue to combine both, on the basis that doing so will "maximize" their (passive) IE protection. [of course, this reasoning does not apply to IE8, which has an issue with "large" collections of restricted sites.]
I actually have virtually no "inside information", I simply have seen more discussion here about how the Spybot Team makes decisions than I have about SpywareBlaster, though again I don't spend time at the Javacool forums, if they even exist. I also feel that Spybot provides a broader range of protection options in one package, so why mix and match many specialized applications when I can simply avoid these issues by combining Spybot S&D with a good basic antivirus (Avast! in my case) to provide everything I need?
I am less forgiving. I believe if an issue such as this makes a user uncomfortable and they really don't understand the issues behind such a difference, especially if they don't want to, then they should simply get rid of one (or possibly even both) of the programs.
As for Internet Explorer 8, I actually dropped Immunization completely on my systems with IE 7 and Windows Defender, since together these are relatively effective protection <EDIT> on a well maintained system. Since IE 8 improves this even more with SmartScreen filter, I see no reason to even consider using Immunization with these myself. Again, this is personal preference, but Spybot S&D's modular design makes this easy to support and tune as desired.
The reason Spybot S&D is still effective is due to this modularity and its usefullness as a tool when malware is already present. Most suites and other monolithic designs are fine while simply providing protection, but difficult to use or nearly ineffective once malware is present.
Bitman
I too have this unusual conflict. It would be nice if Safer and Javacool could resolve this issue amicably since similar instances will probably appear in the future.
If you check the official SB forum on Wilders, you will see that Javacool has added a nice feature to 'find unprotected', which spares those who are curious from the tedium of having to scroll through the entire list searching for the needle in the haystack.
I too have this unusual conflict. It would be nice if Safer and Javacool could resolve this issue amicably since similar instances will probably appear in the future.
If you check the official SB forum on Wilders, you will see that Javacool has added a nice feature to 'find unprotected', which spares those who are curious from the tedium of having to scroll through the entire list searching for the needle in the haystack.
There's absolutely nothing unusual about it, it's quite simple if you'd just read the answers already given here.
Just run the SpywareBlaster program last and you'll never have this issue again. You're creating a problem where there is none. There will almost always be slight differences between these two programs, so if you can't handle it, just don't use one of them to 'Immunize', it's that simple.
Bitman
:funny: :laugh: But you are right! ;)
There's absolutely nothing unusual about it, it's quite simple if you'd just read the answers already given here.
Just run the SpywareBlaster program last and you'll never have this issue again. You're creating a problem where there is none. There will almost always be slight differences between these two programs, so if you can't handle it, just don't use one of them to 'Immunize', it's that simple.
Bitman
Dude, you need to relax. That kind of attitude is a disservice to the forum and to yourself. And if you don't like my post, don't reply to it; to use your own words, "it's that simple". And I did read the answers.
I DO find it unusual because I have been running both Spybot and SpywareBlaster together for several years on two machines with innumerable updates to both, and this is the first occurrence of this problem that I have encountered. In my book it is accordingly 'unusual', and in fact unique in the literal sense. If you don't care for my characterization of my own experience, well I am just sooo sorry. It's that simple. Jerk.
and this is the first occurrence of this problem that I have encountered
But there were some identical problems between these two tools which you didn't notice, see for example here (http://forums.spybot.info/showthread.php?t=45928).
Bitman has already told you a method how you won't have any issue again. Follow it.
Perhaps this "problem" will be fixed by Javacool with the next update like he did a few weeks before too. Calm down please, we don't really have a problem between these two tools... ;)
A simple statement (please, let's not make mountains out of mole hills):
SpywareBlaster database update 4/27/09
Observation: This update has removed casalemedia.com from the restricted sites zone, so there is no longer a conflict between SpywareBlaster and Spybot concerning this particular site.
A simple statement (please, let's not make mountains out of mole hills):
SpywareBlaster database update 4/27/09
Observation: This update has removed casalemedia.com from the restricted sites zone, so there is no longer a conflict between SpywareBlaster and Spybot concerning this particular site.
Like I said before... ;)
I am personnally adding site to my host file since numerous years. I always add them before the "# Start of entries inserted by Spybot - Search & Destroy" marker.
Since 2009/04/21, Spybot is removing one of my own entry :devil: "b.casalemedia.com" :devil:.
I hate that Spybot alter my own entries.
I did never alter any entry between the "Spybot" markers. It should never alter entries outside of his own markers.
Spybot 1.6.2.46
detection update: 2009-05-13
With the detection update: 2009-05-27,
Spybot keep removing my personal entries in the hosts file.
I want to keep "casalemedia" :devil: and "adultfriendfinder" :devil: addresses to 127.0.0.1.
I cannot figure out why Spybot is imposing me this add bloating. It usually protect me well against this kind of excess.
Summer is here. Have a good time.