RogueSpear Posted February 3, 2005 Share Posted February 3, 2005 One nice freeware program that I implemented once is eDexter. This program is meant to take the place of an ad blocking HOSTS file. It's basically a small proxy. The configuration can be a little tricky at first, but this program is really fantastic for a freebie. It's configuration file works similiarly to a hosts file but you can use wildcards in the entries, explicitly allow or deny, etc.There are no registry entries with it, just it's own config files. And there isn't the overhead and slowdown that you experience with some of the 20,000 plus entry hosts files that are available. Highly recommended for those not using a software based firewall and adblocker. Link to comment Share on other sites More sharing options...
FoaMDarT Posted February 17, 2005 Share Posted February 17, 2005 EDIT: To those using IE-SPYAD.. I gave up on this product a long time ago. As comprehensive as it is, it simply broke too many web sites. This includes Yahoo and MSN, and that is unacceptable to most of my clients. Further, in reviewing the list of sites supplied by Spywareblaster, I was perfectly satisfied with that list. You should take a look at this thread over at Wilder Security Forums. I'd say that the IE-SpyAd list (about 8000 sites) is the best to use for restricted zone entries. It seems to be the most comprehensive as it updates about monthly building the .reg file from numerous sources.This Restricted sites list is based in part on info from:discussions in the SpywareInfo Forums and other forums thatspecialize in crapware removal major crapware reference sites:and.doxdesk.com ( http://www.doxdesk.com/parasite/)CounterExploitation ( http://cexx.org/adware.htm)Kephyr.com ( http://www.kephyr.com/)PestPatrol ( http://www.pestpatrol.com/)Spyware Guide ( http://www.spywareguide.com/) the latest updates to well-known anti-crapware programs such as SpyBot Search & Destroy, Ad-aware, and SpywareBlaster.You can read a "Targeting and Inclusion Policy" for IE-SPYAD here. Link to comment Share on other sites More sharing options...
RogueSpear Posted February 17, 2005 Share Posted February 17, 2005 I will agree that it is extremely comprehensive. No doubt about that. But the amount of time I had to spend editing out entries just got to be too much. And I was getting calls regularly that this web page or that web page wouldn't work because of some entry in there.It's all a balancing act. Link to comment Share on other sites More sharing options...
Martin Zugec Posted February 17, 2005 Share Posted February 17, 2005 I created small program for my company, that integrate 1.) SpyIE-AD2.) Blocklist from SpywareInfo3.) Disable few protocols like MK, ITS, MHTML etc. that R used to deliver spyware4.) Disable few objects like ADODB.Stream It is working quite well... If anyone is interested I could share... Link to comment Share on other sites More sharing options...
sixpack Posted February 17, 2005 Share Posted February 17, 2005 If anyone is interested I could share...<{POST_SNAPBACK}>yep.. i am interested Link to comment Share on other sites More sharing options...
cypher_soundz Posted February 17, 2005 Author Share Posted February 17, 2005 i second that would really like to try Regardscyph Link to comment Share on other sites More sharing options...
Martin Zugec Posted February 17, 2005 Share Posted February 17, 2005 Ufff, only one problem - it is build with AdminStudio and I found out I got only czech language Meanwhile here is what it do:Disable protocols MK, ITS, MS-ITS, MS-ITSS and MHTMLDisable objects Shell.Application, ADODB.Stream, Microsoft.XMLHTMLImport SpyIE-ADImport BlockList Link to comment Share on other sites More sharing options...
gresh Posted February 17, 2005 Share Posted February 17, 2005 Here is a host file that blocks spyware, ads, and some porn sites. Link to comment Share on other sites More sharing options...
FoaMDarT Posted February 17, 2005 Share Posted February 17, 2005 1.) SpyIE-AD2.) Blocklist from SpywareInfosoulin, your process looks great.However, check my quote from the IE-SpyAd site in the post above. I think step 1 in your process already includes step 2. Link to comment Share on other sites More sharing options...
cypher_soundz Posted February 17, 2005 Author Share Posted February 17, 2005 Another bad thing about HOST files is that if you use a proxy the host file will be bypassed, i only found this out a few days ago.Regardscyph Link to comment Share on other sites More sharing options...
sixpack Posted February 17, 2005 Share Posted February 17, 2005 Ufff, only one problem - it is build with AdminStudio and I found out I got only czech language Meanwhile here is what it do:Disable protocols MK, ITS, MS-ITS, MS-ITSS and MHTMLDisable objects Shell.Application, ADODB.Stream, Microsoft.XMLHTMLImport SpyIE-ADImport BlockList<{POST_SNAPBACK}> seems like a nice program to try, but i cant read czech Link to comment Share on other sites More sharing options...
Martin Zugec Posted February 17, 2005 Share Posted February 17, 2005 Is here anybody that is able to include english strings? Any user of installshield products? I could send the project to rebuild 2FoaMDarT:Nope, these R two different approaches. First one blocks the sites.Second one blocks the spyware products (by their identification number).2All: Any other ideas what to include to make antispyware product that will be able to prevent from infecting instead of on-demand scanning? Link to comment Share on other sites More sharing options...
FoaMDarT Posted February 17, 2005 Share Posted February 17, 2005 2FoaMDarT:Nope, these R two different approaches. First one blocks the sites.Second one blocks the spyware products (by their identification number).2All: Any other ideas what to include to make antispyware product that will be able to prevent from infecting instead of on-demand scanning?So does the Blocklist your using do the same thing as SpywareBlaster (CSLID killbits)? I can't find the Blocklist on spywareinfo.com, are you talking about a list form somewhere else?As far as a non on-demand scanning product, SpywareBlaster is the only thing I've been able to find that can update itself (for $9.95/mo per computer) that will keep my users fairly safe. It looks like there will be a server based version coming soon. Link to comment Share on other sites More sharing options...
sixpack Posted February 17, 2005 Share Posted February 17, 2005 Spyware Block List Filehttp://www.spywareguide.com/blockfile.php Link to comment Share on other sites More sharing options...
Martin Zugec Posted February 17, 2005 Share Posted February 17, 2005 Sorry, not from spywareinfo, it is the list sixpack provided Yep, it is setting the killbits flags to CLSIDs... Same as spywareblaster. If I could integrate update service and make agreement with spywareguide and uiuc.edu guys, I would provide it (of course free ) Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now