SpywareBlaster released

Discussion in 'SpywareBlaster & Other Forum' started by javacool, Oct 27, 2002.

Thread Status:
Not open for further replies.
  1. javacool
    Offline

    javacool BrightFort Moderator

    SpywareBlaster has been released:

    "SpywareBlaster doesn't scan and clean for spyware - it prevents it from ever being installed.

    How? By setting a "kill bit" for the CLSIDs of spyware ActiveX controls, it prevents the installation of any of them from a webpage. You can run Internet Explorer with Active-X enabled, but you will never even get a "Yes/No" box popped up, asking you to install a spyware Active-X control (Internet Explorer will never download or run it!). All other Active-X controls or plug-ins will work fine.

    The SpywareBlaster database contains information on these known spyware Active-X controls. Make sure you run the Check For Updates feature frequently to get the latest database! (And make sure you check the new items to protect your system against them!)

    As a side benefit, setting this "kill bit" will also prevent the spyware Active-X from running, in many cases, if it is already installed on your system.*"

    Full details, and download, here: http://www.wilderssecurity.com/spywareblaster.html

    Enjoy! :D

    -Javacool
  2. the Tester
    Offline

    the Tester Registered Member

    Hey Javacool!Another interesting addition to the Blaster family!I have one question about Spyware Blaster.Is this a program that I should have running when I surf?I clicked the boxes and the kill button.Do I close the program and fire it up next time I reboot/start up?You know what I mean?It doesn't have a tool bar icon like ID Blaster and Hijack Blaster.So I'm thinking maybe it's not a "run in the background" program like the other two?One thing I like already is that I don't have to answer Active X prompts all the time anymore!I reset Crazy Browser and IE6 already and the prompts are indeed gone.Thanks for another innovative program Javacool!
  3. javacool
    Offline

    javacool BrightFort Moderator

    Yes, this is a "run-once" program.

    You may however, want to use the check for updates feature every once in a while, and download the latest updates (and then check the new checkboxes and "kill" those new items).

    Regards,

    -Javacool
  4. controler
    Offline

    controler Registered Member

    Ok this is getting a bit out of hand isn't it? You are going to make using MS producst safe yet javacool LOL

    This one looks cool too good job :D
  5. Marianna
    Offline

    Marianna Spyware Fighter

    Javacool,

    Thanks !
  6. WE Sim
    Offline

    WE Sim Guest

    :eek:

    Wow! New program to rival SpyBlocker, huh? How's it as compared to SpyBlocker like its features and spy database etc etc

    BTW, does it work for OPERA?

    Thanks
  7. Harry
    Offline

    Harry Guest

    SpywareBlaster seems to be unavailable at: <http://www.wilders.org/HTMLobj-1466/spywareblastersetup.exe>.
  8. javacool
    Offline

    javacool BrightFort Moderator

    Not quite - SpyBlocker provides filtering and proxy functions.

    SpywareBlaster, on the other hand, creates a kill bit for certain CLSIDs (numbers that identify a specific control) so that spyware Active X controls cannot run or be installed.

    Opera does not support Active X, however it couldn't hurt to use SpywareBlaster as many other programs use the IE webpage display engine.

    Regards,

    -Javacool
  9. dp
    Offline

    dp Registered Member

    I have seen some questions asked about an undo option (don't know why one would do that but..) once you check all the boxes and set the killbit, how would you reverse it?

    :) Disregard, I just saw where you just answered that over at the DSLR security forum.
  10. javacool
    Offline

    javacool BrightFort Moderator

    No need to disregared, I'll post it over here too. :)

    Regards,

    -Javacool
  11. R2
    Offline

    R2 Guest

    Javacool- I believe it was mentioned that BHO's cannot be blocked by setting the Kill Bit. I have often wondered about that, but never experimented with it.

    For example, there is a BHO called DeltaClick. It has a CLSID of {0FC817C2-3B45-11D4-8340-0050DA825906}. However, the InProc32Server file is a DLL (DeltaClick.dll) -- not an OCX file. Therefore, I assume it is not ActiveX.

    Is there any utility in setting the "Kill Bit" for this CLSID??

    THANKS!
  12. decock
    Offline

    decock Registered Member

    Hi Javacool
    Maybe this is another item for an update?
    It concerns the webdialer ActiveX-control 'VLoading'
    CLSID = {11BF0E2B-4229-4ADC-9C11-1C6968731018}

    grtz, John

    Attached Files:

  13. Andrew Clover
    Offline

    Andrew Clover Guest

    ActiveX controls (aka Windows COM objects) can be implemented by many different types of executable file, including .OCX, .DLL and .EXE. I find .DLL tends to be the most common, as many of Microsoft's example programs in Visual Studio are implemented that way. Whether the control is registered as being a BHO as well makes no difference to its killbitability.

    DeltaClick could be blocked effectively by setting the killbit on the class ID you quoted. However, I have not heard of DeltaClick being stealth-installed by people who didn't want it, and in any case their service now seems to be defunct so blocking it might be of marginal benefit.

    VLoading is something I *would* want to target though, as it's a dialler loader with severe security problems. ( http://and.doxdesk.com/parasite/ ).

    --
    Andrew Clover
    mailto:and@doxdesk.com
    http://and.doxdesk.com/
  14. Krusty
    Offline

    Krusty Registered Member

    Javacool
    Many thanx for your features !!! I found 41 ever installed objects !!! The old bastard BonzyBuddy was there too ....and who knows what were the others.....
    Thank You, you got one friend more ;)
    -Ari
  15. javacool
    Offline

    javacool BrightFort Moderator

    A quick note - it does not actually scan for spyware. The items you found in the list were the items it can protect you against. By checking those items, and pressing the "Kill all Checked" button, it protects you against those items installing and also prevents them from running if they somehow get installed (or are already installed).

    Regards,

    -Javacool
  16. Krusty
    Offline

    Krusty Registered Member

    Javacool
    It´s really cool, our puters were given a shot for spying infections !!! lol, I would need drill a hole into my skull for better brain capacity :D
    -Ari-
  17. Paul Wilders
    Offline

    Paul Wilders Administrator

    The new updated (11/09/02) covers a new variant of FriendGreetings.

    Use the built-in check for update feature to get it.

    regards.

    paul
  18. goliath
    Offline

    goliath Guest

    on a box running xp...can no longer run scan for updates at windows update.. i am curious has any else run into this problem... i'm Quessing here but could the cause be

    "kill bit" for the CLSIDs of spyware ActiveX controls, it prevents the installation of any of them from a webpage."
    thanx in advance
    G.
  19. javacool
    Offline

    javacool BrightFort Moderator

    SpywareBlaster should not the cause of the problem, in this case.

    Only spyware program CLSIDs are added to the definitions - the CLSID that WindowsUpdate uses is completely different and thus, is not blocked. :)

    I have also just tested for this issue on two Windows XP machines (one running Home, one running Pro) just to make sure, and neither exhibited the issue you are describing.

    Regards,

    -Javacool
  20. goliath
    Offline

    goliath Guest

    thank you! the broblem must be elswere..
    not my machine and am just trying to help a party out
    again thank you
    G.
  21. Pieter_Arntz
    Online

    Pieter_Arntz Spyware Veteran

    The problem could be his firewall. I have to change the settings in mine to be able to update on the Windows site.
    If I don´t do that, I get redirected to a page stating the updates are for Windows only :D

    Regards,

    Pieter
  22. Marcus
    Offline

    Marcus Guest

    ok, since i'm new to this, what i'm wondering is, since blocking some spyware will stop me from using that program, per the licensing agreement, if i check everything, how do i know what programms that i use i might be unwittingly disabling? o_O
    thanks.
  23. javacool
    Offline

    javacool BrightFort Moderator

    You probably won't be breaking any license agreements or disabling any spyware required by other software (almost all of the items that SpywareBlaster protects you against are installed by themselves, many times without your knowledge). You can always set the kill bit for all items on the list, and make sure all programs you use work - it is simple and easy to reverse the process (just uncheck the items, and click the "Kill All Checked" button - it will remove the kill bit for the unchecked items). :)

    If you do discover that a program on your system requires spyware that SpywareBlaster disables, you may be able to find an even better non-spyware alternative - just post the type of program on these forums and I'm sure someone will promptly post with many good suggestions. :cool:

    Regards,

    -Javacool

    P.S. There are also databases where you can enter program titles and you can search for if they contain spyware. http://www.spychecker.com comes to mind.
  24. Pretender
    Offline

    Pretender Registered Member

    javacool, is there a way to place new items added to the top of the list? duh on my part, but it took me awhile to catch on that they had been placed at the bottom of the targets. bob
  25. javacool
    Offline

    javacool BrightFort Moderator

    This is a planned feature for the next version of SpywareBlaster. :)

    Regards,

    -Javacool
Thread Status:
Not open for further replies.