 Zev0Old SargePremium
join:2001-08-21
Harlingen, TX
| reply to R2
Re: Completely prevent spyware from being installe said by R2:
1) SpyBlocker costs money ($20)
You get what you pay for.
2) SpyBlocker uses resources
SpyBlocker Protects more resources then it uses.
3) Almost everything SpyBlocker can do, you can do for free without using any resources.
Who are you referring to?
Unlike all other anti spyware apps, spyblocker BLOCKS and not just removes or modifies afterwards. Take spyware blaster, it doesn't block activex from installing on your machine, it tries to render the activex useless only after it's had a chance to do it's job.
Don't be lulled into a false sense of security, the best methods are prevention.
[text was edited by author 2002-10-29 15:23:33]
|
|
 R2R NotPremium,MVM
join:2000-09-18
Long Beach, CA
kudos:1
| I am missing the point. I don't use any third-party tool, I don't use any resources -- and I can BLOCK everything. I get NO ActiveX installed on my machine.
It is really very easy. Just say NO!
I never get any spyware or advertisements or anything. And I still have the $20 in my pocket! 
[text was edited by author 2002-10-31 13:04:38] |
|
| said by R2:
I am missing the point. I don't use any third-party tool, I don't use any resources -- and I can BLOCK everything. I get NO ActiveX installed on my machine.
It is really very easy. Just say NO!
I never get any spyware or advertisements or anything. And I still have the $20 in my pocket!
Or even better, use a browser that doesn't even have ActiveHaxx, like Opera or Mozilla. |
|
| reply to Zev0
said by Zev0:
Unlike all other anti spyware apps, spyblocker BLOCKS and not just removes or modifies afterwards. Take spyware blaster, it doesn't block activex from installing on your machine, it tries to render the activex useless only after it's had a chance to do it's job.
Don't be lulled into a false sense of security, the best methods are prevention.
That is incorrect - SpywareBlaster DOES block spyware Active X controls from installing on your machine (that is one of the things the killbit does). It also renders the spyware ActiveX controls useless.
Regards,
-Javacool
[text was edited by author 2002-10-31 14:48:36] |
|
|
|
 MikeCPremium
join:2001-09-24
Des Plaines, IL | Thanks again JavaCool!! My company needs ActiveX to run special apps. I'm deploying this on all the pc's in our network.
--
MikeC |
|
| reply to bobince
Re: Completely prevent spyware from being installed... said by bobince:
Note, though, that some spyware installs more than just an ActiveX control - you are likely to see tasks run at startup, which might try to update the software and stuff like that, even if the ActiveX part of the spyware isn't working. You still want to clear this sort of thing up! Oh, and of course there's a lot of adware doesn't use ActiveX objects at all, so is immune to javacool's killswitch as well as my detector script. Curses!
--
Andrew Clover
mailto:and@doxdesk.com
»and.doxdesk.com/
[text was edited by author 2002-10-29 17:26:51]
Sure looks like I'm getting a lot of false positives from your web script. It's giving me 15 or so "parastites" that are supposed to be installed on my system. Ad-aware doesn't detect any of them. I do see several of them are the same as listed in SpywareBlaster. Since I have the kill bit set on all of those, I am wondering if your script is interpreting the kill bit being set from SpywareBlaster as the spyware actually being installed.
--
What can possibly go wrong? |
|
| said by Komputerguy:
Sure looks like I'm getting a lot of false positives from your web script. It's giving me 15 or so "parastites" that are supposed to be installed on my system. Ad-aware doesn't detect any of them. I do see several of them are the same as listed in SpywareBlaster. Since I have the kill bit set on all of those, I am wondering if your script is interpreting the kill bit being set from SpywareBlaster as the spyware actually being installed.
The killbit causes the false-positives (it's a quirk in Microsoft's Active X setup). I don't believe there is anything that can be done to prevent the script from making those false detections. (On the other hand, you are protected from those items.  )
Regards,
-Javacool |
|
R2R NotPremium,MVM
join:2000-09-18
Long Beach, CA
kudos:1 | Is that with Spybot S&D? That means the program is looking into the ActiveX Compatibility Flags to determine that your program has a parasite?
That seems to be an illogical design in the Spybot program. Perhaps we could contact the creator of the program and get this modified? |
|
| said by R2:
Is that with Spybot S&D? That means the program is looking into the ActiveX Compatibility Flags to determine that your program has a parasite?
That seems to be an illogical design in the Spybot program. Perhaps we could contact the creator of the program and get this modified?
It is not with Spybot S & D, or AdAware, but with the spyware detection script at the webpages here: »and.doxdesk.com/parasite/
Regards,
-Javacool |
|
R2R NotPremium,MVM
join:2000-09-18
Long Beach, CA
kudos:1 | Aye. Perhaps we could contact them? I don't see why they should identify these entries as parasites... |
|
| said by R2:
Aye. Perhaps we could contact them? I don't see why they should identify these entries as parasites...
Well, I don't believe the error lies with the script, but how IE reports what ActiveX controls are installed.
I'll look into it further.
Regards,
-Javacool |
|
R2R NotPremium,MVM
join:2000-09-18
Long Beach, CA
kudos:1 | Well, how are you measuring what IE reports as installed? I would guess the "Downloaded Programs Files" folder is what IE reports as installed.
Certainly, the ActiveX Compatibility Flags should NOT be used as a guide to what is installed. |
|
| reply to javacool
quote:
Well, I don't believe the error lies with the script, but how IE reports what ActiveX controls are installed.
Crud, you're right! Trying to instantiate an object with the killbit set results in something different to the result if you try to instantiate something that just isn't installed. You get a usable <object> in the DOM even though the object doesn't work! And the alternative content inside the <object> isn't used at all, which is just really weird behaviour. But I guess I've come to expect that sort of thing from IE.
The only obvious way I can find to stop the script generating these false positives is to check the object's readyState property, which seems to be 0 in the case of killed objects, as opposed to 4 for installed and no-alt-content objects. (readyState is supposed to be a string not an integer, but isn't in the case of <object>s, for no documented reason. Good old IE, eh?)
I'll put a ( ... && el.readyState!=0 ) test in the next version of the script to avoid the false positives with SpywareBlaster. Unless you can think of a better approach, Javacool?
Non-P:
quote:
I would guess the "Downloaded Programs Files" folder is what IE reports as installed
Yes, that's what you'd *guess*, but unfortunately Windows rarely works as sensibly as one would think.
All the 'Downloaded Program Files' interface shows is what components have registered themselves in the 'Distribution Units' key in the registry. A well-behaved download could register itself and all the files it uses here, so that it has a nice listing in DPF and 'removing' the entry there actually removed the software. But very few programmers bother to do this.
It's especially annoying that this interface obscures the actual DPF folder, which can contain any number of random files regardless of what you see in Explorer. If you open a DOS prompt, cd to the directory and get a directory listing, you can then see what files are actually there.
In any case, a COM object can easily be registered without going anywhere near DPF. Which makes the whole DPF interface a pretty pointless alternative interface offering no obvious advantage over Add/Remove Programs. Yay Microsoft!
--
Andrew Clover
mailto:and@doxdesk.com
»and.doxdesk.com/ |
|
| reply to javacool
*bump*
I'm a bit late, but just wanted to get this back in the spotlight, I just installed it and it's awesome 
Many thanks Javacool! |
|
