[2forza]

Blocklist, blocks all known "bad" ActiveX controls
E*A*S*Y**T*O**B*E**A*P*P*L*I*E*D***********
This method for blocking Spyware is not new, This might be handy for people who wants to protect their pc.

original website spywareguide.com
regfile blocklist.reg

Quote

Tired of all that Spyware and Adware crap being installed by ActiveX ?
But don't want to lose out on functionality?

We have created a system that blocks all known "bad" ActiveX controls from running inside Internet Explorer by setting the "Kill bit".

When a page tries to install a component from our list, it will fail.
When a page tries to use a component from our list that was already present on your system, it will fail too!

Other, "friendly" components are not affected.
For a full technical explanation how this works, look at this Microsoft article.

RunOnceEx.cmd

REG ADD %KEY%\100 /V 1 /D "REGEDIT /S %systemdrive%\Install\Registers\blocklist.reg" /f

---

[23 june 2005] Update: Automatic blocklist Update
E*A*S*Y**T*O**B*E**A*P*P*L*I*E*D***********
Automaticly applying the latest blocklist file after installing your UA cd.
E*A*S*Y**T*O**B*E**A*P*P*L*I*E*D***********

check the attachment (blocklist-autoupdater.zip)

Tired of updating blocklist all the time?
yes

What does this script do?

First the script is checking updates online.
If file sizes don't match, assume there's an update and download it to the directory.

What does the script contains?

; Spyware & Adware ActiveX Blocker File

Global $name
Global $site
Global $dir

Blockfile()

Exit

Func Blockfile()
    $name='blocklist.reg'
    $site='http://www.spywareguide.com/' & $name
    $dir='%systemdrive%\Install\Registers\' & $name
    Seek()
EndFunc ;==>Blockfile

Func Seek()
    $sizeweb = InetGetSize($site)
    $sizehome = FileGetSize($dir)
    if $sizeweb <> $sizehome Then
        TrayTip("Updating",$name,3)
        InetGet($site,$dir,1,0)
    EndIf
EndFunc ;==>Seek

RunOnceEx.cmd blocklist auto updater

REG ADD %KEY%\100 /V 1 /D "REGEDIT /S %systemdrive%\Install\Registers\blocklist.reg" /f
REG ADD %KEY%\100 /V 2 /D "%systemdrive%\Install\Registers\auto-blocklist-update.exe" /f

E*A*S*Y**T*O**B*E**A*P*P*L*I*E*D***********
This (AutoIT) script is original maded by Xander, I modified a bit.
This is a standalone script, there are no special software needed.

Attached File(s)

•  blocklist_autoupdater.zip (113.73K)
  Number of downloads: 40

This post has been edited by 2forza: 23 June 2005 - 06:49 AM

[Mike_Wilson]

I found this to do nothing, use firefox and your sorted.

[2forza]

yup firefox all the way, but too bad not all websites supports firefox

[Coolsights2000]

Mike_Wilson, on May 17 2005, 04:51 AM, said:

I found this to do nothing, use firefox and your sorted.
<{POST_SNAPBACK}>

LOL NOT ANOTHER IE HATER........

LOL

Learn how to lock down IE

and you will be

safe........

I use popupcop with adshield (adshiled using a adserver block list) and Spywareblaster and turn off install on demand ... and of course the IESPY list...

Firefox OPERA and all the rest of the so called cool browser can take a flying leap... cause they are not that great .. You just think they are great and safe cause they are strip down versions of IE... Limited I mean.....

I know for a fact OPERA will download and save viruses to the cache.......

Mac!

[Mike_Wilson]

dont preach your s***e to me, users shouldnt have to download external crap to make IE safe. It should be provided safe with no holes and crap in it. Firefox works fine for me and many others, thats why its used so much.
Also I said the ActiveX blockers dont work very well, so you can take a leap off a cliff

[Coolsights2000]

Mike_Wilson, on May 17 2005, 12:33 PM, said:

dont preach your s***e to me, users shouldnt have to download external crap to make IE safe. It should be provided safe with no holes and crap in it. Firefox works fine for me and many others, thats why its used so much.
Also I said the ActiveX blockers dont work very well, so you can take a leap off a cliff
<{POST_SNAPBACK}>

LOl I'm not here to get into a p***ing contest... I'm just posting to enlighten other reader that see this kind of crap posted.. Cause I could careless how you run your computer..

Windows XP out of the box is set up to trust everyone....

Like I said learn what to turn off...
Learn how to lock it down.........

Protections is your responsibility..........

LOL the way you put it then why do I have to install a antivirus and use a firewall.. when I install windows

DOH wake up mate...
You sound like a linux user,,,
They claim it is so great but all they can say it is free.........

LOL Besides Firefox is slow on a computer with not enough memory......
IE out loaded it 100 to one........

Mac!

[war59312]

I really wish there was a rule that reads something like:

"Internet browser wars will not be tolerated. All of those involved will be banned indefinitely".

But yea blocking activex really does help a lot. Then again you can just disable it completely too if you wish. Well I do. I also disable java and flash. I do not care about all the fancy stuff so, not a big deal to me.

cya,
Will

[Coolsights2000]

war59312, on May 17 2005, 01:47 PM, said:

I really wish there was a rule that reads something like:

"Internet browser wars will not be tolerated. All of those involved will be banned indefinitely".

But yea blocking activex really does help a lot. Then again you can just disable it completely too if you wish. Well I do. I also disable java and flash. I do not care about all the fancy stuff so, not a big deal to me.

cya,
   Will
<{POST_SNAPBACK}>

LOL Like I said I'n not looking for a war or a p***ing contest .. I'm just posting to clear the air for the other readers that see this crap post about IE...... I know I'm in a no win contest cause this crap has been burned into people heads that IE is bad and I will never be able to change the -r to +rw......

Disabling java and flash is not a good idea.......
Cause allot of sites use these to show the normal web pages..

Just use my line up......
I have been safe for years...

LOL time to take my grandson swimming......

Mac!

[peter_hob]

Just because microsoft keeps failing to deliver a safe out of the box product doesn't mean users should leave ie in favour for a different browser.

Security is the end users responsibility in the end. You the user decide to use what ever means of protection, not ms.

"Disabling java and flash is not a good idea.......
Cause allot of sites use these to show the normal web pages.."

True, since both are often used in web (navigational) interfaces.


I personally use the sp2 popup blocker, with sp2 firewall and a (huge) custom hosts file, in combination with ie-spyad and this activex blocker.

My system has been running with no problems what so ever for over a year. I use the same setup an systems of relatives, friends and co-workers. They were all apprehensive at first, but after a while even they noticed the benefits of securing windows yourselves....

[kurt476]

nice job

[binh25]

Proxomiltron is your friend ... AWESOME proxy highly configurable and support regular expression..

support all browsers.. I use extensively with Opera

Binh

[Alanoll]

Quote

Firefox works fine for me and many others, thats why its used so much.

I just have to comment on this...
Have a small percentage of the market share isn't neccesarily a definitiion of "used so much". The fact that is isn't attacked nearly as much is simply because it is such a small population. If you take the current populace of Firefox/Mozilla users, most of those aren't the common computer users and as such know how to guard their systems adequately. But there are those that used it simply because others said to, but they do not have adequate protection. So in reality if we take that assumption, you're getting MAYBE 40-50% of the firefox populace (i'm guessing) with any browser attack. Figure 6% market share (which i don't think Firefox is even close to) and you get maybe 3% of the users. By comparison to the number of IE users out there, IE is vastly the larger target.

Now i don't mean to get into a discussion of whether it's Microsoft's fault for installing IE with their OS, but think of it honestly...The average person doesn't know that CAN use another browser. They use a computer to surf the web and email and MAYBE chat using messengers. Their Microsoft allows this right out of the box with their software. True, they should allow other software to interact with the system and allow to be installed, but that does not mean they shouldn't provide a working base system for the average customer.

Once Firefox get's on par with IE's market share we will undoubtedly have a level playing field between IE and Firefox attacks.

It's simply a matter of numbers and getting the most out of the attacks on users. IE plain and simple is the obvious target.

As previously stated, end-users are left on their own for security (atleast up until SP2 of XP and SP1 for 2003). Whether or not that is wise is another discussion, but they should atleast be warned. But then again, shouldn't listening to the news and reading it online sort of beg to question whether or not you're safe?

I will give this to Firefox, they are faster with their patches. But they're still patches, and so the argument that Microsoft should provide a fully working and safe product is mute as both have the problem.

If it's one thing I don't like about Firefox is simply the fanboys, wait that goes for ALL browsers. They simply come out say one is better then the other, flame it for all it's worth, but never actually provide any substantial proof that one is better then the other. The statement that it's "safer" then IE, is as stated before is a cause of numbers and not really a target as of yet. The statement that Microsoft shouldn't provide a browser with their product says that you think Microsoft should have an OS that is bare of any additional applications and the User is left to decide. But wait, you say that Microsoft also include safety precautions to prevent attacks on the user...doesn't that negate the issue that Microsoft shouldn't include programs?

I'm up for a real discussion on browsers, but when people start flaming or just come out as fanboys....then everything just turns to idiocy and nothing is really said from that point on

(FYI - I have no preference for browser. I tend to use both throughout the day, just depends on the mood I'm in)

I should also note, most sites that have ActiveX controls that install with damaging effects are sites that probably should be avoided. Reputable sites shouldn't be distributing ActiveX controls or any other software to damage you system knowingly.

Anyone have an example of a site that installs Adware/Spyware without your knowledge?

[Martin Zugec]

2Alanoll: You are the voice of sanity in the wildness of this browser war

I am NOT affiliated with Microsoft, but I must say I am getting quite bored with FF fans.

Internet Explorer was dangerous browser - BEFORE SP2. Times changed.

Firefox was designed to be secure - to not include the security holes from IE. The problem is it introduced new security vectors. You want to talk about security? In past three month, IE have one security hole discovered. Firefox had nine, including two extremely critical! Microsoft is trying to solve this security problems and to not remove functionality - firefox is just disabling the functionality, that is not secure in today implementation.

BTW spyware gurus (Ben Edelman or Sunbelt for example) have message for firefox users - 10% of market share is the line, when we will see spyware designed for firefox.

[MAVERICKS CHOICE]

war59312, on May 18 2005, 05:47 AM, said:

I really wish there was a rule that reads something like:

"Internet browser wars will not be tolerated. All of those involved will be banned indefinitely".

But yea blocking activex really does help a lot. Then again you can just disable it completely too if you wish. Well I do. I also disable java and flash. I do not care about all the fancy stuff so, not a big deal to me.

cya,
  Will
<{POST_SNAPBACK}>

Gotta agree with you War I always block Active x altogether.

[war59312]

binh25, on May 18 2005, 12:59 AM, said:

Proxomiltron is your friend ... AWESOME proxy highly configurable and support regular expression..

support all  browsers.. I use extensively with Opera

Binh
<{POST_SNAPBACK}>

I pefer Ad Muncher.

And yes regular expressions will be supported soon if your wondering.

Take Care,
Will

[war59312]

Coolsights2000, on May 17 2005, 02:50 PM, said:

Disabling java and flash is not a good idea.......
Cause allot of sites use these to show the normal web pages..

True but I do not normally run into that problem myself. Or I white list them.

Or I just add some javascript / css to html to the page in question. I add my own menu.

I do this with ad muncher if your wondering.

Take Care,
Will

BTW I have never been effected with damaging spyware/adware nor virus/trojan etc..

Now I have had some crap on my system but it got no were due to my security in place.

Also I run Process Guard which stops any junk from running in the first place. And like I said I disable all the eye candy so its pretty rare I ever seen any junk on my system. Normally its just my antivirus warning me about some possiable unknown virus in my IE cache. Which I clear btw and cookies every time I close IE. I use popup cop to do this.

Also I have not seen an unwanted popup in months. Same with **** banner ads.

So I think IE is pretty safe and yes its up to the end user to make it so.

BTW your internet browser is hardly the weakest link in your security system. Normally its YOU!!!!

Just something to think about.

I just wish people would stop blaming their browser for all their computer problems. Be it whatever browser in question or OS.

Oh and this is all out of box.

So your point is mute.

Unattended install of course.

[Martin Zugec]

2war: I also vote for ad muncher Great, small and fast program with kind autor

[Tokyudo]

Back to the subject at hand....

I have found one problem with the active x block list. It renders a certain online virus/spyware scan useless.

http://www.pandasoftware.com/activescan/co...n_principal.htm

I use this free scan all the time when I working on customer's infected PCs, very handy.

[2forza]

Updated this thread,
Added AUTO blocklist updater




Automaticly applying the latest blocklist file after installing your UA cd.

Powered by: AutoIT, http://www.hiddensoft.com/autoit3/

[JoeMSFN]

All this talking about "Ad Muncher" I did a search for it, but mistyped the search and found "AdCruncher"

http://www.softdevla...her/ReadMe.html

Anyone have thoughts on this ?