Script Defender

Discussion in 'other software & services' started by shunned, Mar 14, 2004.

Thread Status:
Not open for further replies.
  1. shunned

    shunned Guest

    Script Defender

    A script blocker. Why script defender/ because un-like many script blockers script defender allows a user to add numerous scripts
    If you decide to use script defender the following is a suggested block list: enter:

    Code:
     .OCX,.COM,.SYS,.DLL,.CHM,.CMD,.CPL,.MSC,.MSI,.EML,.JS,.JSE,.PIF,.MSG,.MSG,.SCR,.INF,.INS,.ISP,.CRT,.LNK,.REG,.SCT,.WSC,.BAT,.HTM,.HTML,.VBS,.VBE,.HTA,.WSF,.WSH,.SHS,.SHB

    Note the period in front of OCX

    Some have a problem retaining the block list an may find this helpful.
    install script defender> open> CLEAR the pre-set script extensions> then enter the above block list> hit "install intercepts"> then hit the "X" in the upper right . DO NOT HIT "DONE"

    Close script defender completely. After closing...re-open to check..make certain all the above extensions were "kept" if so, again hit the "X" in upper right. Now forget its there..you wont ever see it again unless it pops-up to warn you one of the above scripts is trying to execute...an give you an option to ABORT or EXECUTE.....

    Layered security...this was given to me...maybe you can share it also


    - Trying different formats to narrow thread width LWM
     
  2. Shunned

    Shunned Guest

    SPECIAL NOTICE

    The above post IS NOT MENT TO BE A RE-PLACEMENT FOR A ANTI-VIRUS PROGRAM. WOULD BE VERY FOOLISH TO EVEN CONSIDER NOT USING AN ANTI-VIRUS PROGRAM...
     
  3. Shunned

    Shunned Guest

    WHOA!! PAGE SO BIG IT GOES OFF THE SCREEN. Got to get a new 32 inch monitor LOL
     
  4. Moore

    Moore Registered Member

    Joined:
    Mar 14, 2004
    Posts:
    82
    Location:
    land of ?z
    hey nice list though thanks .. :D
     
  5. Shunned

    Shunned Guest

    LWM

    My apalogy the scripts posted as Code....was not intention....just not use to posting.....sorry, to cause you extra work. Thank You.



    Moore....you are most welcome
     
  6. Parputt

    Parputt Registered Member

    Joined:
    Jan 26, 2004
    Posts:
    16
    I know this thread is quite old, but I just installed Script Defender and can not get the above referenced block list to stay. Anyone have success getting the extended block list to install?
     
  7. iceni60

    iceni60 ( ^o^)

    Joined:
    Jun 29, 2004
    Posts:
    5,116
    first open SD.then remove intercepts.then add your intercepts.then press done.then if SD shows you your list that you just put in,thats it they are in.regardless of how it looks when you next open it up.
     
  8. Pigman

    Pigman Registered Member

    Joined:
    May 15, 2004
    Posts:
    381
    Wrong. I tried it, and it let me open Xen - a .BAT file that should have been intercepted.
     
  9. Parputt

    Parputt Registered Member

    Joined:
    Jan 26, 2004
    Posts:
    16
    Well, I did try running a .reg file that I had and Script Defender hit on it. The .reg entry is not showing in the script extension window, but it did block it. I will agree with iceni60 that even though the added extensions are not shown they are being watched/blocked.
     
  10. Pigman

    Pigman Registered Member

    Joined:
    May 15, 2004
    Posts:
    381
    Well, my computer disagrees with that. As I said, the .BAT extension was added, and the instructions (which I am by now familiar with ;) ) were followed. ScriptDefender nonetheless failes to intercept .BAT files.
     
  11. iceni60

    iceni60 ( ^o^)

    Joined:
    Jun 29, 2004
    Posts:
    5,116
    sorry it didnt work for you pigman,all i can say is it works on my xp home.
     

    Attached Files:

    • sd1.jpg
      sd1.jpg
      File size:
      19.5 KB
      Views:
      561
  12. Parputt

    Parputt Registered Member

    Joined:
    Jan 26, 2004
    Posts:
    16
    OK, got a strange problem here and I need some help. Seems that Script Defender is preventing me from executing any scripts. I have several .vbs and .reg scripts that I know are safe and now I am being told windows can not find them. I uninstalled Script Defender, after disabling everything first, and still cannot access any .vbs or .reg scripts. Anyone know where in the registry Script Defender makes it's changes so I can manually reverse everything and see if that helps. Thanks in advance for any assistance.

    *EDIT* After uninstalling and reinstalling Script Defender I can now run scripts, but I can not edit them. If I right click and select EDIT (on any .vbs, .reg, etc. I get an error that Windows can not find the file. I know this is wrong because I can run the script. Any suggestions?
     
    Last edited: Jul 18, 2004
  13. Pigman

    Pigman Registered Member

    Joined:
    May 15, 2004
    Posts:
    381
    Ahh...

    Solution to problem with installiong intercepts, for thsoe it doesn't work for: uninstal current intercepts, copy & paste list, remove .HTM and .HTML, and install intercepts.
     
  14. Parputt

    Parputt Registered Member

    Joined:
    Jan 26, 2004
    Posts:
    16
    Ok, this is really getting the best of me. I have cleared the intercepts, uninstalled ScriptDefender and now I can not run any scripts. Only way to regain functionality is to install ScriptDefender. Any ideas?

    *EDIT*
    Problem partially averted.

    Uninstalled Script Defender and installed Script Sentry. With Script Sentry you have the option to "View File in Notepad" built into the GUI. I would still like to know what Script Defender did, but at least I can view and edit scripts again.
     
    Last edited: Jul 19, 2004
  15. memyself

    memyself Guest

    Here is my Ashampoo log file, hope it will help...

    ; Legend:
    ; [-]= Deleted key/folder, [+]= New key/folder, [#]= Changed key/folder,
    ; [-]= Deleted value/file, [+]= New value/file
    ; [%]= Changed value (old value/file), [*]= Changed value (new value/file)
    ;
    [#][HKEY_LOCAL_MACHINE\Software\CLASSES\batfile\shell\open\command]
    [%]"(default)" = ""%1" %*"
    [*]"(default)" = "C:\Program Files\AnalogX\Script Defender\sdefend.exe %1 %*"
    [#][HKEY_LOCAL_MACHINE\Software\CLASSES\comfile\shell\open\command]
    [%]"(default)" = ""%1" %*"
    [*]"(default)" = "C:\Program Files\AnalogX\Script Defender\sdefend.exe %1 %*"
    [#][HKEY_LOCAL_MACHINE\Software\CLASSES\DocShortcut\shell\open\command]
    [%]"(default)" = "C:\WINDOWS\rundll32.exe shscrap.dll,OpenScrap_RunDLL /r /x %1"
    [*]"(default)" = "C:\Program Files\AnalogX\Script Defender\sdefend.exe %1 %*"
    [#][HKEY_LOCAL_MACHINE\Software\CLASSES\htafile\Shell\Open\Command]
    [%]"(default)" = "C:\WINDOWS\SYSTEM\MSHTA.EXE "%1" %*"
    [*]"(default)" = "C:\Program Files\AnalogX\Script Defender\sdefend.exe %1 %*"
    [#][HKEY_LOCAL_MACHINE\Software\CLASSES\JSEFile\Shell\Open\Command]
    [%]"(default)" = "C:\WINDOWS\WScript.exe "%1" %*"
    [*]"(default)" = "C:\Program Files\AnalogX\Script Defender\sdefend.exe %1 %*"
    [#][HKEY_LOCAL_MACHINE\Software\CLASSES\JSFile\Shell\Open\Command]
    [%]"(default)" = "C:\WINDOWS\WScript.exe "%1" %*"
    [*]"(default)" = "C:\Program Files\AnalogX\Script Defender\sdefend.exe %1 %*"
    [#][HKEY_LOCAL_MACHINE\Software\CLASSES\Msi.Package\shell\Open\command]
    [%]"(default)" = ""C:\WINDOWS\SYSTEM\msiexec.exe" /i "%1" %*"
    [*]"(default)" = "C:\Program Files\AnalogX\Script Defender\sdefend.exe %1 %*"
    [#][HKEY_LOCAL_MACHINE\Software\CLASSES\ShellScrap\shell\open\command]
    [%]"(default)" = "C:\WINDOWS\rundll32.exe shscrap.dll,OpenScrap_RunDLL %1"
    [*]"(default)" = "C:\Program Files\AnalogX\Script Defender\sdefend.exe %1 %*"
    [#][HKEY_LOCAL_MACHINE\Software\CLASSES\VBEFile\Shell\Open\Command]
    [%]"(default)" = "C:\WINDOWS\WScript.exe "%1" %*"
    [*]"(default)" = "C:\Program Files\AnalogX\Script Defender\sdefend.exe %1 %*"
    [#][HKEY_LOCAL_MACHINE\Software\CLASSES\VBSFile\Shell\Open\Command]
    [%]"(default)" = "C:\WINDOWS\WScript.exe "%1" %*"
    [*]"(default)" = "C:\Program Files\AnalogX\Script Defender\sdefend.exe %1 %*"
    [#][HKEY_LOCAL_MACHINE\Software\CLASSES\WSFFile\Shell\Open\Command]
    [%]"(default)" = "C:\WINDOWS\WScript.exe "%1" %*"
    [*]"(default)" = "C:\Program Files\AnalogX\Script Defender\sdefend.exe %1 %*"
    [#][HKEY_LOCAL_MACHINE\Software\CLASSES\WSHFile\Shell\Open\Command]
    [%]"(default)" = "C:\WINDOWS\WScript.exe "%1" %*"
    [*]"(default)" = "C:\Program Files\AnalogX\Script Defender\sdefend.exe %1 %*"
    [+][HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\AnalogX Script Defender]
    [+]"DisplayName" = "AnalogX Script Defender"
    [+]"UninstallString" = "C:\Program Files\AnalogX\Script Defender\sdefendu.exe"
    [+][HKEY_USERS\.DEFAULT\Software\AnalogX\Script Defender\Associations]
    [+]".BAT" = ""%1" %*"
    [+]".COM" = ""%1" %*"
    [+]".HTA" = "C:\WINDOWS\SYSTEM\MSHTA.EXE "%1" %*"
    [+]".JS" = "C:\WINDOWS\WScript.exe "%1" %*"
    [+]".JSE" = "C:\WINDOWS\WScript.exe "%1" %*"
    [+]".MSI" = ""C:\WINDOWS\SYSTEM\msiexec.exe" /i "%1" %*"
    [+]".PIF" = ""%1" %*"
    [+]".SCR" = ""%1" /S"
    [+]".SHB" = "C:\WINDOWS\rundll32.exe shscrap.dll,OpenScrap_RunDLL /r /x %1"
    [+]".SHS" = "C:\WINDOWS\rundll32.exe shscrap.dll,OpenScrap_RunDLL %1"
    [+]".VBE" = "C:\WINDOWS\WScript.exe "%1" %*"
    [+]".VBS" = "C:\WINDOWS\WScript.exe "%1" %*"
    [+]".WSF" = "C:\WINDOWS\WScript.exe "%1" %*"
    [+]".WSH" = "C:\WINDOWS\WScript.exe "%1" %*"
    [+][HKEY_USERS\.DEFAULT\Software\AnalogX\Script Defender]
    [+]"Dialog H" = $00000000 (0)
    [+]"Dialog W" = $00000000 (0)
    [+]"Dialog X" = $00000014 (20)
    [+]"Dialog Y" = $00000014 (20)
    [+]"Extensions" = ".VBS,.VBE,.JS,.JSE,.HTA,.WSF,.WSH,.SHS,.SHB,.COM,.BAT,.PIF,.SCR,.MSI"
    [+]"Install Path" = "C:\Program Files\AnalogX\Script Defender\"
    [+]"Tray Minimize" = $00000000 (0)
    [+][HKEY_USERS\.DEFAULT\Software\AnalogX]
     
  16. Robyn

    Robyn Registered Member

    Joined:
    Feb 1, 2004
    Posts:
    1,189
    When uninstalling Script Defender - Remove intercepts (OK) but after this do I click Done or just close the program and then use the uninstaller and I presume clean the registry. I fear that it has mixed my computer up when adding the extra defences :'( I uninstalled but have since re-installed as I wasn't quite sure which bit to click after 'remove intercepts o_O

    Edit: I have just managed to fix the issue with IESpyad on my laptop with a bit of tweaking but I will be very cautious now.
     
    Last edited: Jul 19, 2004
  17. Parputt

    Parputt Registered Member

    Joined:
    Jan 26, 2004
    Posts:
    16
    Doug Knox is a life saver!!!!!!!!!!!!!!!!!!!!!!!!!!!

    Long story short. I recently noticed I could not run any .msc files. Did some digging and stumbled on this page: http://www.dougknox.com/xp/file_assoc.htm

    Ran both the .vbs and .msc association fixes and all my previous problems are gone. Lesson: Be careful when trying new software.
     
Loading...
Thread Status:
Not open for further replies.