SpywareBlaster blocks WScript.Shell in local HTML documents

Discussion in 'SpywareBlaster & Other Forum' started by MikeF, Mar 8, 2004.

Thread Status:
Not open for further replies.
  1. MikeF

    MikeF Guest

    SpywareBlaster 2.6.1 with 29-Feb-2004 updates prevents IE6 instantiating a WScript.Shell object in HTML documents. These are legitimate 'active' documents on the local file system of a Windows XP PC.

    The security issues around ActiveX controls in IE are quite well covered by the security options in IE, so SpywareBlaster seems to be over protective here.

    This raises the issue that with hundreds of ActiveX classes now in the database, its difficult to isolate which one causes a problem such as this. I'm currently comparing report logs from SysInternals Registry Monitor to identify the class or classes that I can search for in the list panel to switch them off.

    It would be useful if you could select ranges of entries in the list to enable or disable.
    It would also be useful to be able to save your own custom list of classes not to block so that when you download an update, you don't have to remember which entries to remove the check mark from.
  2. LowWaterMark

    LowWaterMark Administrator

    Aug 10, 2002
    New England
    Good points MikeF. There is a little more on this over in this thread, I think:


    We'll have to see if Javacool will be changing the way these are done in the next versions of SPywareBlaster.
  3. javacool

    javacool BrightFort Moderator

    Feb 10, 2002
    The thread LowWaterMark linked to should explain the reasoning and how to find them in the database (you can right-click on the database and use the "Find" option as well).

    And regarding your idea above - that feature will be in the next version of SpywareBlaster. :)

    Best regards,

Thread Status:
Not open for further replies.