SpywareBlaster Disables Wanted Application

Discussion in 'SpywareBlaster & Other Forum' started by mrmike77, Dec 1, 2008.

Thread Status:
Not open for further replies.
  1. mrmike77

    mrmike77 Registered Member

    Joined:
    Dec 1, 2008
    Posts:
    3
    Our business has a website where an executable application is launched from the c:\temp directory by clicking a link while logged on to our secure service. We have recently been informed that this software launch is being disabled when 'enable all protection' is selected for Internet Explorer. We have been able to verify that it works with 'disable all protection' selected, and then breaks again when 'enable all protection' is re-enabled.

    The program is launched by an ActiveX script...so I am sure it is one of the ActiveX settings within SpyWare blaster. There are so many listed, how do I begin narrowing down which one is in play? Our current option is to instruct our customers to disable SpywareBlaster on their PC's to use our web application. That is not our preferred solution, as I would not be happy receiving the same instructions from one of our vendors. Any thoughts or advice?

    Thanks.
     
  2. javacool

    javacool BrightFort Moderator

    Joined:
    Feb 10, 2002
    Posts:
    3,997
    Hi,

    Would it be possible to post (or PM me) the HTML source code of the page that attempts to load the ActiveX control?

    Specifically, keep an eye out for any <object></object> tags, or any Javascript that may be used to dynamically create/insert them.

    With that information, it shouldn't be too hard to narrow down any potential conflicts.

    (Also, please feel free to PM me any additional details. It would be extremely useful if you could provide some way for us to test this.)

    Best regards and thanks,

    -Javacool
     
  3. mrmike77

    mrmike77 Registered Member

    Joined:
    Dec 1, 2008
    Posts:
    3
    Thanks for the response. I have the source code for the page that launches this application. I would prefer to PM but am getting a 'system unavailable' message when trying to create a new PM. I will try again later.

    Thanks,
    Mike
     
  4. mrmike77

    mrmike77 Registered Member

    Joined:
    Dec 1, 2008
    Posts:
    3
    Your guidance on looking for the ActiveX control in the source code for the launch page was very helpful. I was able to locate the object launching the app, and then find it's CLSID in the registry. From that, I found a matching entry in SpywareBlaster, and disabled on my machine. The app now launches correctly.

    My question now is, the entry I disabled in SpywareBlaster was this:
    "Internet Explorer Exploit (2) - {72C24DD5-D70A-438B-8A42-98424B88AFB8}"

    Can I universally instruct users who encounter this problem to search for this ID, or will it vary by machine?

    Thanks,
    Mike
     
  5. javacool

    javacool BrightFort Moderator

    Joined:
    Feb 10, 2002
    Posts:
    3,997
    Hi,

    If sending a PM doesn't work, you can send the page's source code via e-mail to bugreports@javacoolsoftware.com .

    What you suggested should be the case, but I'd be happy to take a look to confirm. :)

    Also a note: There is technically no guarantee that the particular object you mentioned above will be available on a user's machine, or that other security settings will permit it to be used to execute an application on the user's computer, through their browser. There are good reasons to explicitly disable web pages from using it, and I would strongly recommend looking into an alternative method for launching your application from a web page. (On Windows there are many, and some require relatively little coding to implement, with security benefits.)

    Best regards and thanks,

    -Javacool
     
    Last edited: Dec 2, 2008
Loading...
Thread Status:
Not open for further replies.