No Sites in Restricted Zone After SpywareBlaster Install

Discussion in 'SpywareBlaster & Other Forum' started by vanc, Jan 20, 2004.

Thread Status:
Not open for further replies.
  1. vanc

    vanc Registered Member

    Joined:
    Jan 20, 2004
    Posts:
    3
    After installing SpywareBlaster on XP Pro (I selected all items in the database & clicked "Protect Against Checked Items"), I checked Internet Explorer options. In the Security tab, when I select Restricted Sites, it tells me there are "No sites in this zone".
    Should all of the items in the SpywareBlaster database appear in the Restricted sites?
    Thanks;
    Vinny
     
  2. snowbound

    snowbound Retired Moderator

    Joined:
    Feb 18, 2003
    Posts:
    8,723
    Location:
    The Big Smoke
    Hi vanc :)

    Welcome to Wilders.

    SpywareBlaster does not restrict sites. How it works is it sets a KILLBIT for the activex based spyware u can get from webpages.

    Just keep it updated( i check mine about once a week) select all items, as u did and u will be protected.


    Hope this helps.



    snowbound
     
  3. snapdragin

    snapdragin Administrator

    Joined:
    Feb 16, 2002
    Posts:
    8,415
    Location:
    Southern Ont., Canada
    You may want to look at IE-Spyad, which will add known bad sites to your IE's Restricted Site Zone and block them from doing anything harmful to your system if you should happen to come across one while surfing. :)

    HTH,

    snap

    Hi there snowbound..lol..you posted while i was still typing..i am slowing down.
     
  4. snowbound

    snowbound Retired Moderator

    Joined:
    Feb 18, 2003
    Posts:
    8,723
    Location:
    The Big Smoke
    No snap, i just got lucky(i'm much slower than u) :D




    snowbound
     
  5. MetalDemon

    MetalDemon Registered Member

    Joined:
    Jan 10, 2004
    Posts:
    63
    Is there anyway to look at what sites will be put into the Restricted Zones, before install. And do those sites disappear, or are removed from restricted, after uninstall?
     
  6. LowWaterMark

    LowWaterMark Administrator

    Joined:
    Aug 10, 2002
    Posts:
    17,876
    Location:
    New England
    IE-SpyAd adds more than 6000 known adware / spyware sites to the IE restricted zone. The file that actually adds these sites (from the IE-SpyAd kit) it basically a text file that you could open in Notepad if you wanted to look at the contents.

    The things that IE-SpyAd puts into the restricted sites list are removed by following its uninstall instructions, so no trace would be left behind if you choose to remove it. It changes nothing else, either.
     
  7. MetalDemon

    MetalDemon Registered Member

    Joined:
    Jan 10, 2004
    Posts:
    63
    Thank you. Was just making sure before i installed.

    Also, one more thing, are there any sites on there that could actually be useful?

    Or maybe like they hav spyware or adware but like www.download.com seems to install zdnet cookie which adware detects but i get a lotta stuff from download.com that is useful, so would i be able to, afterwards, manually remove a site or two on that list... Ands would this later somehow inhibit my uninstallation (in the event that is necessary)?
     
  8. LowWaterMark

    LowWaterMark Administrator

    Joined:
    Aug 10, 2002
    Posts:
    17,876
    Location:
    New England
    Well, since IE-SpyAd's installer simply adds its list of sites into IE's own restricted sites list, you can manually remove any entry you don't want right from within the IE's > Tools > Internet Options > Security > Restricted sites > Sites button.

    Removing entries manually will not cause any problem uninstalling IE-SpyAd. It doesn't care if the entries are already removed and the process won't even give you any errors.

    The key thing obviously becomes - "How do I know which sites I might want to remove; 6000 sites is a lot?" Well, the good thing here is we are talking only about IE's restricted sites list. Sites in the restricted zone are not really "blocked" at all. They are simply treated with a higher level of security in IE than the Internet or Trusted zones. If a site in the restricted zone is accessed by IE you'll see signs of it. Either the status bar will show the restricted symbol, or perhaps an Internet or Trusted primary site will show signs of "mixed" content and also show a cookie block. See the image below for samples of these.

    If you come across a cookie being blocked (by clicking on the cookie block symbol shown) that you really want to allow, then you can look to see if the site is in the restricted zone. Same thing with mixed content, though that has never caused me a problem.
     

    Attached Files:

  9. MetalDemon

    MetalDemon Registered Member

    Joined:
    Jan 10, 2004
    Posts:
    63
    so this IS a recommended progam right?

    and last thing, again im sorry and thank you :) , are there any conflicts with SpywareBlaster, SpywareGuard, Adaware, or Spybot S&D? Thanks again in advance.
     
  10. LowWaterMark

    LowWaterMark Administrator

    Joined:
    Aug 10, 2002
    Posts:
    17,876
    Location:
    New England
    Yes, this is a recommended program and no there are no conflicts with those other protection programs.

    In fact, the IE-SpyAd author posts here and holds an expert title here at Wilders Security:

    http://www.wilderssecurity.com/showthread.php?t=19801
     
  11. vanc

    vanc Registered Member

    Joined:
    Jan 20, 2004
    Posts:
    3
    Thanks to all for the responses. :)
    Is it correct to say that SpywareBlaster stops "only" activex based Spyware from ANY location, while tools like IE-Spyad can stop a variety of "crapware" (cookies, Java, Active-X, scripting) but ONLY from specific sites listed in the registry file?
    One more question, which is "better" - tools like IE-Spyad which add sites to the Restricted Sites zone or tools which hack the hosts file and redirect the same list to the localhost? It seems like the host file method is "safer" & would completely block the offending sites. o_O
     
  12. LowWaterMark

    LowWaterMark Administrator

    Joined:
    Aug 10, 2002
    Posts:
    17,876
    Location:
    New England
    Well that is close, but I would say it this way... SpywareBlaster stops a specific list of Active based spyware from anywhere (any location from which they might come), but not "all ActiveX" - only those among the many hundreds listed in its definitions. That's why you need to check for updates (every week or so) and keep current.

    That's true. By placing a large number (6000+) sites into the IE restricted zone, it certainly does stop a variety of things from running from those sites.

    Neither approach is necessarily better. Personally, I use both. IE-SpyAd covers whole domains in terms of forcing them into the IE restricted zone. A hosts file (I use hpguru's) can block a large list of specific host names. (I think my Hosts file has about 16000 entries.)

    Yes, if all the web based objects come only from the specific site names listed in the hosts file. For example... If you add "lowwatermark.com" to IE's list of restricted sites, then absolutely every subdomain from the site lowwatermark.com will be treated as restricted by IE. Such sites as "here.lowwatermark.com" or "there.lowwatermark.com" are all covered automatically. But, a hosts file must list each individual sub domain to block it...

    A Hosts file entry for just "lowwatermark.com" only blocks name lookup references specifically to "lowwatermark.com" and does nothing for "www.lowwatermark.com" or "here.lowwatermark.com" or anyother sub domain. Each would need a separate line in the hosts file. It's just the way it all works.

    Using both does not hurt.
     
  13. vanc

    vanc Registered Member

    Joined:
    Jan 20, 2004
    Posts:
    3
    Great information :D I will use all three methods (SpywareBlaster, IE-Spyad & hosts file). Are there any performance concerns with all of these entries (6k restricted sites, 16k entries in hosts file) - have you noticed any slowdown in your web response?
     
  14. LowWaterMark

    LowWaterMark Administrator

    Joined:
    Aug 10, 2002
    Posts:
    17,876
    Location:
    New England
    No, there doesn't seem to be any issue at all with IE restricted zone entries. There are some rare circumstances where a large Hosts file can cause some slowdowns. On NT based Windows systems it is best to disable the local "DNS Client" service if using a large Hosts file.

    Earlier today, Hpguru commented on the question of large Hosts files, and I agree with what he said:

    http://www.dslreports.com/forum/remark,9132078~mode=flat

    I've never seen a slowdown from either IE-SpyAd or my Hosts file.
     
Loading...
Thread Status:
Not open for further replies.