Immunization count nearly doubled
I installed v.1.6 and noticed that the immunization count went to 81,093. I haven't installed 1.6 on my other computer yet, it still has 1.52, and the count is 45,865.
I understand that counts can and do vary somewhat between computers, but this is nearly double and there are different versions involved, so I hope to hear an explanation.
ChalupaPatrol:
If you look at the various Profiles in the immunization list in Spybot 1.6, you will note that in the Pofiles listed for under each category labled as Internet Explorer, there a two (2) items that reference Domains: i.e. "(Domains)" and "(Secure Domains)".
Spybot 1.5.2 only immunized "(Domains)" not "(Secure Domains)" under each Internet Explorer category. This accounts for a significant increase in the immunization count.
Getting an answer is one thing, learning is another.
Microsoft Windows XP Home Edition running on a 2.40GHz IntelŪ PentiumŪ 4 Processor with 512 MB of RAM and a 533 MHz System Bus.
Thank you for your explanation. I wish I understood it better... like why is it better to immunize Secure Domains?
ChalupaPatrol
I was just try to explain the discrepancy in the immunization counts with my explanation.Originally Posted by ChalupaPatrol
Actually, me too. Spybot 1.4 immunized in some registry hives that I personally felt were unnecessary or redundant to other immunization except under very special circumstances.
Spybot 1.5 seemed to have eliminate the immunization in some of those registry hives that I questioned as unnecessary or redundant.
Spybot 1.6 added immunization to "Secure Domains", that I have not had the time to research enough to determine if the "Secure Domains" immunization adds worthwhile protection to other immunization already being done or if in fact "Secure Domains" immunization even applies to my Windows OS of XP Home.
I'm sorry for being so wishy-washy with my explanation, but in my originally reply to this thread, I was just attempting to explain why the immunization count could have radically increased and that there was a visual indication of that increase .
Getting an answer is one thing, learning is another.
Microsoft Windows XP Home Edition running on a 2.40GHz IntelŪ PentiumŪ 4 Processor with 512 MB of RAM and a 533 MHz System Bus.
You're not being wishy-washy. You're giving me the best you've got. What more can anyone ask for? Appreciate the replies.
I must admit the bugtracker entry about it doesn't say much more as well.
We've seen it been used in malware already, so at least they think it's useful
Just remember, love is life, and hate is living death.
Treat your life for what it's worth, and live for every breath
(Black Sabbath: A National Acrobat)
Some information on "Enhanced Security Configuration" and the type of immunization done by Spybot's "Secure Domains" immunization.
IE-SPYAD (originally maintained by Eric Howes now maintained by Spyware Warrior) adds restricted sites zone entries similar to Spybot's immunization.
Here is what they have to say about "Enhanced Security Configuration" in:
Other information:
...
-------------------
Windows 2003 Server
-------------------
If you're installing IE-SPYAD on Windows 2003 Server, there are a few special considerations that you should keep in mind:
1) The INSTALL.BAT installation utility does not work on Windows 2003 Server
INSTALL.BAT makes uses of the CHOICE command line utility, which has undergone significant changes in Windows 2003. See the following
for more information:
http://www.microsoft.com/resources/d...-us/choice.asp
Specifically, the MENU command for CHOICE has changed, rendering the INSTALL.BAT incompatible with the Windows 2003 version of
CHOICE.
Thus, to use the use IE-SPYAD you will need to merge .REG files manually in order to install and uninstall the IE-SPYAD Restricted
sites list. To do so, follow the instructions contained above for "manually" installing and uninstalling IE-SPYAD.
2) The .REG files may need to be modified before merging
By default, Windows 2003 Server uses a slightly different Registry location to store zone entries for the Internet Security zones of
Internet Explorer. Where all previous versions of Internet Explorer store zone entries in these two Registry keys:
Domains:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\
Internet Settings\ZoneMap\Domains\
Ranges:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\
Internet Settings\ZoneMap\Ranges\
...the version of Internet Explorer that ships with Windows 2003 Server stores them here:
Domains:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\
Internet Settings\ZoneMap\EscDomains\
Ranges:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\
Internet Settings\ZoneMap\EscRanges\
In short, the DOMAINS key has become the ESCDOMAINS key, and the RANGES key has become the ESCRANGES key.
Before merging any of the .REG files to install or uninstall IE-SPYAD (both the IE-ADS.REG installer and the IE-ADS-UNINST.REG
uninstaller), you'll need to do a manual search & replace in your favorite plain text editor to change the Registry keys to match the
Windows 2003 Server locations.
The version of Internet Explorer that ships with Windows 2003 Server can be configured to use the same Registry keys as other
versions of Internet Explorer on other versions of Windows. To do so, you must disable the Internet Explorer "Enhanced Security
Configuration" component. When the "Enhanced Security Configuration" component is installed, Internet Explorer uses the special
ESCDOMAINS and ESCRANGES Registry keys to store security zone entries. When the "Enhanced Security Configuration" component is
disabled, Internet Explorer uses the same Registry keys as other versions of Internet Explorer.
To disable the Internet Explorer "Enhanced Security COnfiguration":
1. Open "Add/Remove Programs" Control Panel applet.
2. Click the "Add/Remove Windows Components" button.
3. Uncheck the box for "Internet Explorer Enhanced Security Configuration."
4. Press the "Next" button to finish the reconfiguration.
For more advice and tips on manually editing and customizing IE-SPYAD's Registry files, see the "Customizing IE-SPYAD" section below.
...
- What Is Internet Explorer Maintenance Extension?
http://technet2.microsoft.com/window....mspx?mfr=true- Download details: Managing Internet Explorer Enhanced Security ...
http://www.microsoft.com/downloads/d...DisplayLang=en- Adding Sites to the Enhanced Security Configuration Zones
http://msdn.microsoft.com/en-us/libr...81(VS.85).aspx- Enhanced Security Configuration for Internet Explorer
http://msdn.microsoft.com/en-us/library/ms537180.aspx
Getting an answer is one thing, learning is another.
Microsoft Windows XP Home Edition running on a 2.40GHz IntelŪ PentiumŪ 4 Processor with 512 MB of RAM and a 533 MHz System Bus.
i would not recommend ie-spyad, as it has not been updated since Feb 5 '08
and is heavily outdated. there is malicious sites appearing everyday, and even sites that no longer exist are not removed in ie-spyad regurarly.
PepiMK:
re: Immunization for "Secure Domains".
Please see the comments I added to:
- Support Enhanced Security Configuration on Win2003 immunization
http://forums.spybot.info/project.php?issueid=237
Getting an answer is one thing, learning is another.
Microsoft Windows XP Home Edition running on a 2.40GHz IntelŪ PentiumŪ 4 Processor with 512 MB of RAM and a 533 MHz System Bus.
Heavily outdated? I would consider it dated and not updated in a while... but not heavily outdated. Of course it's a small chance you'll encounter those sites right?
Why not give MVPHosts a test? Although it only supports IE, I think.
Posting Permissions
Reply With Quote