Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Is SpywareBlaster useful for Firefox3.5


  • Please log in to reply
13 replies to this topic

#1 MaryBet82

MaryBet82

  • Members
  • 454 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:10:29 PM

Posted 28 December 2009 - 03:43 PM

I use Firefox [3.5.6] on WinXPSP3 except for when MS insists I use IE for updating. Firefox is set up to delete cookies on closing the browser. Should I also use Spywareblaster to prevent a cookie from ever being placed from the Block List? Does the Block List protect against sites w/ malicious content in jpgs, etc. - sites where preventing/deleting cookies isn't enough?

Does Spywareblaster offer other security tightening measures for Firefox?
My understanding is that ActiveX and BHO's are used/problems w/ IE. Does ActiveX also function in Firefox and would Spywareblaster provide security there? I haven't come across any settings in Firefox to allow/disallow "active content". The only MS add-in/plugin I have enabled in Firefox is Windows Media Player.

LSO's and dom storage are possible security issues in Firefox of which I'm aware. I use BetterPrivacy to delete LSO cookies on closing the browser. I don't know if dom storage has gone beyond theoretical problems to known problems and there are probably security concerns I haven't come across yet. Does Spywareblaster check out Firefox's about:config listing and plug security holes there?
mac 10.6 on macbook pro
WinXP sp2 on Dell 380 w/ 512 MB RAM- currently dead in the water
WinXP tab ed sp 3 on Thinkpad X41 w/ 1.5 GB RAM - lemony flavored
Win2K Sp4 on Sony VAIO GXR600 w/ 512 MB RAM - currently blue screening

BC AdBot (Login to Remove)

 


#2 garmanma

garmanma

    Computer Masochist


  • Members
  • 27,809 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cleveland, Ohio
  • Local time:10:29 PM

Posted 28 December 2009 - 07:42 PM

SpywareBlaster provides protection for your favorite web browser(s):

Internet Explorer
Mozilla Firefox
Netscape
Seamonkey
Flock
K-Meleon
and browsers that use the IE engine, including:
AOL web browser
Avant Browser
Slim Browser
Maxthon (formerly MyIE2)
Crazy Browser
GreenBrowser


Mark
Posted Image
why won't my laptop work?

Having grandkids is God's way of giving you a 2nd chance because you were too busy working your butt off the 1st time around
Do not send me PMs with problems that should be posted in the forums. Keep it in the forums, so everyone benefits
Become a BleepingComputer fan: Facebook and Twitter

#3 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 52,047 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:09:29 PM

Posted 29 December 2009 - 08:16 AM

SpywareBlaster is a program that blocks spyware tracking cookies in Internet Explorer and any browsers that use the Internet Explorer engine, including: AOL web browser, Avant Browser, Slim Browser and Maxthon (formerly MyIE2). It also provides protection for Mozilla Firefox, Netscape, Seamonkey, and Flock. SpywareBlaster restricts the actions of potentially dangerous sites by adding a list of sites and domains associated with known spyware, advertisers and marketers to the browser's "Restricted Sites Zone" and prevents the installation of ActiveX-based spyware, adware, browser hijackers, dialers, and other potentially unwanted software. Some types of malware are known to mess with Trusted Zones, Ranges and ProtocolDefaults set for a browser.

How does SpywareBlaster work? It adds sites to the restricted zones by adding the domain as a subkey under the registry key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains. A dword is then added to that domain named * and given a hex value of 4 to specify that it is part of the Restricted Sites Zone. More specifically, Spywareblaster sets the "killbit" on the CLSID (Class ID) of known spyware. Every program has a CLSID that is unique to the type of program. Once Spywareblaster enables (writes) those killbits they are "locked in" and any identified spyware cannot be opened. Spywareblaster writes these killbits in and then stays off until you need to re-write them again with an update.

Unlike many other security tools, SpywareBlaster does not run in the background. Instead it only requires installation and then enabling of all protection. After that you only have to check periodically for database updates using the built-in "Check for Updates" feature and then enable all protection again.

Note: If you use Spybot, SpywareBlaster and IE-SPYAD for ZonedOut together, there is some overlap of protection. Each one offers a different list but they are not completely identical. Thus, if you undo or disable the protection in one product, it may remove some of the protection installed by the other. You should re-immunize or re-enable the protection in the other products as appropriate.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#4 xblindx

xblindx

  • Banned
  • 1,923 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:29 PM

Posted 29 December 2009 - 11:49 AM

Hi, here is a screenshot of the Firefox protection screen. It blocks ad/tracking cookies.

Posted Image

Edited by xblindx, 29 December 2009 - 11:50 AM.


#5 MaryBet82

MaryBet82
  • Topic Starter

  • Members
  • 454 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:10:29 PM

Posted 01 January 2010 - 06:45 PM

Thanks. Spywareblaster sounds like a really good program. I do use Spybot, which only "immunizes" IE, so I'll take note to reimmunize IE after installing Spywareblaster.
mac 10.6 on macbook pro
WinXP sp2 on Dell 380 w/ 512 MB RAM- currently dead in the water
WinXP tab ed sp 3 on Thinkpad X41 w/ 1.5 GB RAM - lemony flavored
Win2K Sp4 on Sony VAIO GXR600 w/ 512 MB RAM - currently blue screening

#6 xblindx

xblindx

  • Banned
  • 1,923 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:29 PM

Posted 02 January 2010 - 11:55 AM

Spywareblaster does some of the same things that Spybot does, it adds sites to your HOSTS file and blocks tracking cookies.

#7 stillwaters

stillwaters

  • Members
  • 70 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:29 AM

Posted 02 January 2010 - 02:50 PM

There is an add on for firefox called NoScript that completely blocks all active content unless you allow it.

#8 MaryBet82

MaryBet82
  • Topic Starter

  • Members
  • 454 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:10:29 PM

Posted 04 January 2010 - 08:54 PM

Thanks for the info xblindx & stillwaters

And I think I meant malicious content in gifs [not jpegs] on websites. I seem to remember evil clear gifs or invisible gifs lurking about the internet. All I've been doing forever is reading on security issues and my brain has sprung numerous leaks.

I downloaded spywareblaster, but I switched from AVG to avast and I've spent hours trying to figure out avast so I haven't installed spywareblaster. I also have to reinstall firefox since my find function is grayed out and generating a new localstore_rdf and then a new profile didn't work. But I'll check out noscript for firefox when I'm reconfiguring after reinstalling. There are so many add-ons for firefox [which is very neat] I can't just browse thru them & pick.

When I do get around to installing spywareblaster - I don't have a hosts file. Well, I have a hosts file in that system32/drivers/etc. directory but it's only a sample file. Will spywareblaster install a hosts file or do I install a hosts file that it adds to? I've read about hosts & lmhosts but have never used either and I'm not clear on how a host file would work in my 2 computer peer to peer workgroup. Is it more related to browser function than networking function?

I can install a lmhosts file in network settings [first I'd have to write one] but I've never seen instructions on how to install a hosts file. If Spybot was supposed to install one when I "immunized" IE I guess I didn't' do it right. I never use IE - I just update it when MS tells me - so I wouldn't notice.
mac 10.6 on macbook pro
WinXP sp2 on Dell 380 w/ 512 MB RAM- currently dead in the water
WinXP tab ed sp 3 on Thinkpad X41 w/ 1.5 GB RAM - lemony flavored
Win2K Sp4 on Sony VAIO GXR600 w/ 512 MB RAM - currently blue screening

#9 xblindx

xblindx

  • Banned
  • 1,923 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:29 PM

Posted 04 January 2010 - 09:05 PM

Hi, a great list of recommended firefox add ons can be found in my signature. (The link is here)

Will spywareblaster install a hosts file or do I install a hosts file that it adds to?

Your HOSTS file is always there, what it contains is what changes. SpywareBlaster will add entries to the HOSTS file. Any sites listed in the HOSTS file will redirect back to your local IP address to prevent you from accessing them. So instead of accessing the blacklisted malicious site, you will just be receiving a "page can not be displayed" message or something similar.

#10 MaryBet82

MaryBet82
  • Topic Starter

  • Members
  • 454 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:10:29 PM

Posted 05 January 2010 - 10:52 PM

I installed and updated spywareblaster. The hosts file in system32\drivers\etc. didn't change so that must just be a sample file. Do you know where hosts is? Searching for "hosts" w/ "search hidden files" and 'search system files" checked just gets the sample file in etc. and a copy of the same file in I386. Can I add to or delete from the file myself outside of spywareblaster? What happens to the file if I uninstall spywareblaster?

From my reading and the sample file I had thought a host file was written like an autoexec.bat or boot.ini file and if it was in the right place and had something in it correctly written it got read. I hadn't figured out how it fit in w/ windows broadcasting and browser caching and dns resolution thru one's isp server. Getting the nitty gritty basics on windows networking that doesn't involve active directory or even win servers is very difficult. I've been trying for years.

I see that spywareblaster added a list of blocked cookies to Firefox and all those killbits in HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains. The ZoneMap = Restricted Sites Protection for IE, correct?. So where does the hosts file come in?
mac 10.6 on macbook pro
WinXP sp2 on Dell 380 w/ 512 MB RAM- currently dead in the water
WinXP tab ed sp 3 on Thinkpad X41 w/ 1.5 GB RAM - lemony flavored
Win2K Sp4 on Sony VAIO GXR600 w/ 512 MB RAM - currently blue screening

#11 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 52,047 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:09:29 PM

Posted 06 January 2010 - 07:19 AM

SpywareBlaster provides the ability to keep encrypted backup copies of your Hosts file. Should an unwanted program change your Hosts file maliciously, SpywareBlaster makes it easy to restore a good backup copy of your Hosts file - and restore proper access to web sites.

Javacoolsoftware Support: What is a Hosts file?

The HOSTS file is a text file that maps an IP address to a name. It has no extension and can be viewed using notepad. At the top is an explanation of the simple syntax. Each line is an IP address, a domain name, and an optional comment placed after a # sign. In Windows XP, 127.0.0.1 localhost is the universal IP address of all local computers and is the standard hostname given to the address of the loopback network interface which refers to the local computer only.

The original purpose of HOSTS files was to map the proper address to a site's name but now its also used for blocking purposes. The loopback address is used to stop web ads from displaying because 127.0.0.1 indicates home (the location of your computer) and whatever is redirected home will not leave the system. Anything that appears in your HOSTS file without an # at the beginning, except from the "127.0.0.1 localhost" line, should be viewed with suspicion. In Windows Vista the IPv6 localhost is ::1 localhost by default. To learn more about this, you can read Hosts File FAQS and LMHosts and Hosts files.

In Windows Vista and XP, the HOSTS file is located in this default location: C:\Windows\system32\drivers\etc\hosts.Anything that appears in your HOSTS file without an # at the beginning, except from the "127.0.0.1 localhost" line, should be viewed with suspicion. Although malware can be responsible for altering the HOSTS file in an attempt to redirect your browser, it does not do so without infecting other areas of your system.

To view the folder containing your Hosts file, go to Posted Image > Run..., and in the Open box, type: %windir%\system32\drivers\etc\
Click Ok.

The easiest way to access and view the contents is by using Notepad.
  • Double-click on the HOSTS file.
  • A message will appear saying Windows can't open the file or Choose the program you want to open this file.
  • Scroll down the list of programs until you see Notepad.
  • Select it and click OK.
To view the Hosts file in Notepad automatically, go to Posted Image > Run..., and in the Open box, type: notepad %windir%\system32\drivers\etc\hosts
Click Ok.

There are several Free Custom Hosts Files available for download.The MVPS HOSTS File zipped version includes a batch file (mvps.bat) that will rename the existing HOSTS file to HOSTS.MVP, then copy the included updated HOSTS file to the proper location. Just extract the zip file to the location applicable to your OS as shown in the Install Instructions and let it replace (overwirte) the existing hosts file.Note: You may have to overwrite the hosts file in "Safe Mode" if you get "an access denied message" when trying to do it in normal mode.

If using Vista, be aware that it's UAC (User Account Control) blocks access to the HOSTS file since itís a system file. To get around this you can either turn off UAC and edit it normally, or copy the HOSTS file to your desktop and edit the copy there. Then rename the copied file on your desktop to HOSTS and drag it into the etc folder. When asked if you want to overwrite the existing hosts file, click yes. See Updating the HOSTS file in Windows Vista.

If you connect to the Internet using AOL, a custom dialer, through a Local Area Network (LAN) or a remote proxy server, using a HOSTS file may not work. Using a remote proxy server (which does the DNS requesting for you) prevents the HOSTS file from being used. The browser will route its request through the proxy server before your machine looks up an entry in Hosts. The DNS serivce needs to be disabled and computer rebooted for the HOSTS file to take effect. Failing to disable DNS service will result in slow performance per MVPS instructions.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#12 MaryBet82

MaryBet82
  • Topic Starter

  • Members
  • 454 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:10:29 PM

Posted 06 January 2010 - 06:01 PM

Thanks quietman7,

So the host file in etc is being read by the dns client service. If I changed 127.0.0.0, then pinging 127.0.0.0 wouldn't ping localhost, correct? I'm glad to finally have that question answered and to know that hosts is for dns and lmhosts is for netbios per the msmvps blog.

Spywareblaster must just use the registry settings for internet zone to block sites for IE and add entries to Firefox to block cookies from those sites, because my host file hasn't changed. Unless I failed to click something I should have when I installed. Spybot also just adds entries to internet zones and not to the hosts file. Spywareblaster does have the back up host file option - I'm guessing in case something malicious adds entries to the host file you can restore, not because it changes anything.

Since I use Firefox rather than IE a program/service that does add & update entries to the hosts file might be better for me.
Having read the Microsoft_DNS article at wikipedia I'm wondering if all those block addresses added to internet zone would fit in the DNS cache. The cache on my computer would certainly be a lot larger than it is currently.
mac 10.6 on macbook pro
WinXP sp2 on Dell 380 w/ 512 MB RAM- currently dead in the water
WinXP tab ed sp 3 on Thinkpad X41 w/ 1.5 GB RAM - lemony flavored
Win2K Sp4 on Sony VAIO GXR600 w/ 512 MB RAM - currently blue screening

#13 xblindx

xblindx

  • Banned
  • 1,923 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:29 PM

Posted 06 January 2010 - 06:34 PM

You can always add the MVPS HOSTS file
Download it here in its zipped version. Installation instructions are here

#14 damedic

damedic

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Great NorthWest
  • Local time:06:29 PM

Posted 25 January 2010 - 02:48 PM

My head hurts!

Way too technical for me, but I am glag marybet you got your answer :flowers:

I just download Spyware Blaster, keep it updated & Enable all protection.

Good enough for me :thumbsup:
IBM Desktop, w/Intel Pentium 4 HyperThreading - 3000 MhZ, XP Pro SP3, 512 DDR, 80GB Hard Drive

By Author Unknown

"Life was so much easier when your clothes didn't match and girls had cooties!"




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users