Tool to fix IE nags and restrictions

[thanatoid]

I posted this in the IE group, but not many people
go there

I wonder why.

so I'm posting here as well.

And we could not be more grateful.

Announcing: An updated version of a free tool.
The IE MD (Internet Explorer Doctor)

The IE MD has been around for years, but wasn't
formerly updated for IE 7/8 in Windows Vista/7 until
now.

Funny, no mention of it anywhere in Google. OR on the jsw site.

As much as we all enjoy spam, and attempts to send us to a
malware site, this is pretty pathetic. Most people here are
smart enough not to use IE.

Not to mention NO "doctor" will fix IE.

And the page you provide the link to claims my browser, about a
thousand times better than IE, OffByOne, is a download manager.
This is possibly because they know OB1 is immune to their evils.
AT best, even if this is not the case, it gives me an idea about
the author. WHAT could I possibly want to DL from his site? That
kind of attitude is acceptable on sites with 10,000+ files (OK,
500 files and monthly traffic limits).




--
"Well, Steve, I think there's more than one way of looking at
it. I think it's more like we both had this rich neighbor named
Xerox and I broke into his house to steal the TV set and found
out that you had already stolen it."
Bill Gates to Steve Jobs, around 1983

 

[David H. Lipman]

I posted this in the IE group, but not many people
go there, so I'm posting here as well.

Announcing: An updated version of a free tool.
The IE MD (Internet Explorer Doctor)

The IE MD has been around for years, but wasn't
formerly updated for IE 7/8 in Windows Vista/7 until
now.

IE MD is an HTA powered by VBScript. It's designed
to be a simple, one-stop method to eliminate nags,
download restrictions, etc. Most of the settings it
changes are normally hidden. Things like removing
the information bar, stopping security nags, stopping
messages that say things like, "Your current settings
don't allow downloading this file", shutting off the Local
Machine Lockdown restrictions, disabling risky behavior,
etc.

It's free, no-strings; being made available simply
because people shouldn't have to go through the
tedious work that it takes to find these settings and
change them.

http://www.jsware.net/jsware/iemd.php5

For scripters and "power users":

An HTA is basically a webpage that runs in an IE
browser window. Since the IE MD is just a scripted
webpage, if you know HTML and VBScript you can
edit, modify, or extend the utility as you like.

Why disable Distributed Component Object Model in this "IE" Doctor fix ?
Do you know what software you may inhibit in doing so ?
What does it have to do with the original intention ?

 

[thanatoid]

Why disable Distributed Component Object Model in this "IE"
Doctor fix ? Do you know what software you may inhibit in
doing so ? What does it have to do with the original
intention ?

Re: "original intention".

If you can actually FIND this marvel, scan it for malware. It
should be interesting what turns up.



--
"Well, Steve, I think there's more than one way of looking at
it. I think it's more like we both had this rich neighbor named
Xerox and I broke into his house to steal the TV set and found
out that you had already stolen it."
Bill Gates to Steve Jobs, around 1983

 

[Mayayana]

I posted this in the IE group, but not many people
go there, so I'm posting here as well.

Announcing: An updated version of a free tool.
The IE MD (Internet Explorer Doctor)

The IE MD has been around for years, but wasn't
formerly updated for IE 7/8 in Windows Vista/7 until
now.

IE MD is an HTA powered by VBScript. It's designed
to be a simple, one-stop method to eliminate nags,
download restrictions, etc. Most of the settings it
changes are normally hidden. Things like removing
the information bar, stopping security nags, stopping
messages that say things like, "Your current settings
don't allow downloading this file", shutting off the Local
Machine Lockdown restrictions, disabling risky behavior,
etc.

It's free, no-strings; being made available simply
because people shouldn't have to go through the
tedious work that it takes to find these settings and
change them.

http://www.jsware.net/jsware/iemd.php5

For scripters and "power users":

An HTA is basically a webpage that runs in an IE
browser window. Since the IE MD is just a scripted
webpage, if you know HTML and VBScript you can
edit, modify, or extend the utility as you like.

 

[philo]

I wonder why.


And we could not be more grateful.


Funny, no mention of it anywhere in Google. OR on the jsw site.

As much as we all enjoy spam, and attempts to send us to a
malware site, this is pretty pathetic. Most people here are
smart enough not to use IE.

Not to mention NO "doctor" will fix IE.

And the page you provide the link to claims my browser, about a
thousand times better than IE, OffByOne, is a download manager.
This is possibly because they know OB1 is immune to their evils.
AT best, even if this is not the case, it gives me an idea about
the author. WHAT could I possibly want to DL from his site? That
kind of attitude is acceptable on sites with 10,000+ files (OK,
500 files and monthly traffic limits).

I downloaded the utility on my Linux machine and it contains three vbs
scripts

If you want to inspect them, they are in plain text and you can just
change the extensions to .txt and inspect

 

[Mayayana]

| Why disable Distributed Component Object Model in this "IE" Doctor fix ?
| Do you know what software you may inhibit in doing so ?
| What does it have to do with the original intention ?
|

DCOM enables running software remotely. A number of remote
attacks take advatage of the DCOM ports 135 and 445. On a
corporate intranet DCOM is often used, but on a stand-alone
machine remote functionality is usually only a security risk. I've
never had DCOM enabled, since Win98. It's unlikely that you
need it, though it's possible that something like remote control
tech. support software might use it.

The point of IE MD is to save people a lot of work and research.
Many of the security problems, nags and restrictions are poorly
documented and/or have no setting in Internet Options. DCOM
(along with remote WMI functionality) is just one related issue
that's provided because most people don't know about it and it's
connected with going online.

I actually discovered DCOM in about 1999 when I was using
the AtGuard firewall. AtGuard blocked ads and had a function
whereby one could drag any ad that got through into a "rubbish
barrel" graphic. On one site I saw an ad for Visual Studio and
dragged it to the rubbish, but by mistake I used the left mouse
button instead of the right, thereby clicking the ad. AtGuard
then popped up and asked whether I wanted to allow DCOM to
go out. Apparently Microsoft was intending to check my system
configuration without my knowledge, via DCOM.

 

[Mayayana]

|
| And the page you provide the link to claims my browser, about a
| thousand times better than IE, OffByOne, is a download manager.

That's based on the userAgent string. Download managers
are blocked because most of them are very sloppy, some
are spyware, and none are necessary. It's not unusual to
see a download manager download the same file dozens of
times over, for no reason. The only way to filter them out
is by typical UA string patterns.

 

[Mayayana]

| If you can actually FIND this marvel, scan it for malware. It
| should be interesting what turns up.
|

If you'd read the original post you'd know that there
is no compiled software involved. Do you understand
what that means? There's no EXE. There's nothing to
scan. It's an HTA -- a webpage that provides functionality
via VBScript. In other words, all code in the utility is
plain text that you are free to view, study and edit
yourself, if you understand VBScript.

If you don't understand VBScript, the download
also comes with a file that lists many of the Registry
settings involved, so you can make the Registry
changes yourself without using the IE MD. The only
"sneaky intention" is to help save a few people from
having to go through a lot of work fighting with
messages that tell them things like, "your security
settings don't allow you to download this file".

This utility is not for everyone. It's for people
who are somewhat handy and who want to control
their own settings. You don't have to use it. I
agree with you about IE. I don't use it myself and
would never use it online. But a lot of people do use
it. And a lot of people don't have any choice. (I have
a blind friend who uses a screenreader named Jaws.
Jaws only works dependably with IE. Imagine the
frustration for a blind person attempting to download
audio files, while the IE Information Bar is telling them
that they've banned themselves from doing so!)

If you honestly suspect you're dealing with
sleaze, malware, or worse then the decent thing
would be to actually find out before making
nasty accusations.

 

[thanatoid]

|
| And the page you provide the link to claims my browser,
| about a thousand times better than IE, OffByOne, is a
| download manager.

That's based on the userAgent string. Download managers
are blocked because most of them are very sloppy, some
are spyware, and none are necessary. It's not unusual to
see a download manager download the same file dozens of
times over, for no reason. The only way to filter them out
is by typical UA string patterns.

This is the string:

UserAgent=Mozilla/4.7 (compatible; OffByOne; &sys)

Anything here scream "download manager" at you?


--
"Well, Steve, I think there's more than one way of looking at
it. I think it's more like we both had this rich neighbor named
Xerox and I broke into his house to steal the TV set and found
out that you had already stolen it."
Bill Gates to Steve Jobs, around 1983

 

[thanatoid]

On 11/01/2011 10:43 PM, thanatoid wrote:

I downloaded the utility on my Linux machine and it
contains three vbs scripts

If you want to inspect them, they are in plain text and you
can just change the extensions to .txt and inspect

I really don't care, because I haven't used IE since 2001. And
WHAT exactly did you download? There is nothing called "Internet
Explorer Doctor" anywhere to be found on the net. Or I am
getting REALLY senile?



--
"Well, Steve, I think there's more than one way of looking at
it. I think it's more like we both had this rich neighbor named
Xerox and I broke into his house to steal the TV set and found
out that you had already stolen it."
Bill Gates to Steve Jobs, around 1983

 

[thanatoid]

| If you can actually FIND this marvel, scan it for malware. It
| should be interesting what turns up.
|

If you'd read the original post you'd know that there
is no compiled software involved.

I didn't pay much attention to the last paragraph - I did not
know what a HTA is, but I do not go to any pages (let alone
running scripts) on anything but OB1 anyway to start with - and
I told you what happened.

This utility is not for everyone. It's for people
who are somewhat handy and who want to control
their own settings.

No one fitting that description would willingly use IE.

You don't have to use it. I
agree with you about IE. I don't use it myself and
would never use it online. But a lot of people do use
it. And a lot of people don't have any choice. (I have
a blind friend who uses a screenreader named Jaws.
Jaws only works dependably with IE. Imagine the
frustration for a blind person attempting to download
audio files, while the IE Information Bar is telling them
that they've banned themselves from doing so!)

Yes, there are always exceptions.

If you honestly suspect you're dealing with
sleaze, malware, or worse then the decent thing
would be to actually find out before making
nasty accusations.

I tried to find out, and I told you what happened.

Let's drop it and wait for comments from grateful users of IE in
this NG.


--
"Well, Steve, I think there's more than one way of looking at
it. I think it's more like we both had this rich neighbor named
Xerox and I broke into his house to steal the TV set and found
out that you had already stolen it."
Bill Gates to Steve Jobs, around 1983

 

[Jeff Layman]

Re: "original intention".

If you can actually FIND this marvel, scan it for malware. It
should be interesting what turns up.

Well, I don't use IE, but thought I'd take up your suggestion to
download it and scan for malware (Win7HPx64).

NIS 2011 found absolutely nothing. Maybe users of other AVs can post
what they found.

 

[Lostgallifreyan]

IE MD is an HTA powered by VBScript.

The doctor is ill.

I guess it's that combination of IE and VB that gives me the running heebies.

 

[98 Guy]

I posted this in the IE group, but not many people go there, so
I'm posting here as well.

Why has it all of a sudden become a common practice of cross-posting
between a win-98 group and XP / Windows7 groups?

Announcing: An updated version of a free tool.
The IE MD (Internet Explorer Doctor)

Will this tool run on windows 98?

What possible valid reason do you have for cross-posting this to a
windows 98 group?

 

[philo]

I really don't care, because I haven't used IE since 2001. And
WHAT exactly did you download? There is nothing called "Internet
Explorer Doctor" anywhere to be found on the net. Or I am
getting REALLY senile?

I just went to the link the OP posted

I may fool with it if I ever have the time

I downloaded the developer's version of Windows 8
and have fooled with it a few times...

 

[Dave \Crash\ Dummy]

I posted this in the IE group, but not many people go there, so I'm
posting here as well.

Announcing: An updated version of a free tool. The IE MD (Internet
Explorer Doctor)

The IE MD has been around for years, but wasn't formerly updated for
IE 7/8 in Windows Vista/7 until now.

IE MD is an HTA powered by VBScript. It's designed to be a simple,
one-stop method to eliminate nags, download restrictions, etc. Most
of the settings it changes are normally hidden. Things like removing
the information bar, stopping security nags, stopping messages that
say things like, "Your current settings don't allow downloading this
file", shutting off the Local Machine Lockdown restrictions,
disabling risky behavior, etc.

It's free, no-strings; being made available simply because people
shouldn't have to go through the tedious work that it takes to find
these settings and change them.

http://www.jsware.net/jsware/iemd.php5

For scripters and "power users":

An HTA is basically a webpage that runs in an IE browser window.
Since the IE MD is just a scripted webpage, if you know HTML and
VBScript you can edit, modify, or extend the utility as you like.

Thank you. I use IE8 and write my own HTA scripts frequently. Since I
installed my own OS and browser, I don't have any of the restrictions
that a preinstalled or business network computer might have, but I will
add IE MD to my collection.

One option that I don't see immediately available is making Zone 0
settings visible. Do you have any clues?

 

[Mayayana]

| UserAgent=Mozilla/4.7 (compatible; OffByOne; &sys)
|
| Anything here scream "download manager" at you?
|

&sys? I assume by that you mean that it reports the
OS version, like "Windows XP", "Windows 98", "Windows 7".
That's a problem because it's actually very rare, except
when used as a spoof UA by download managers. Firefox
and Opera both end their UAs with a version number, and
while the IE UA used to end with the Windows version at
one time (thus the download manager spoofs), these days
Microsoft encrusts the IE UA with all sorts of things.

I'm sorry about the inconvenience. All I can suggest it that
you use another browser of adjust your UA.

 

[Lostgallifreyan]

Ironically, if the tool were an EXE you would have
little way of knowing what's in it.

True. I disable VBS in mine, I'd like to do that to JavaScript too but I use
that myself, and it's worth the risk. I used to like the BASIC language,
still do in its influence on Lua and Psion OPL, but so many of the recent
forms popularised means to write bad code, bloated code, and I found
disabling it the easiest choice to make. I also disable Java because that IS
pretty much a sealed executable. Flash too, I distrust, same reason, plus
it's very definitely exploited to do dodgy things. A system can crash by
flash just because too much of it is on a page, it doesn't have to be
malicious to do more harm than most genuinely malicious code can do.

 

[Lostgallifreyan]

I'm sorry about the inconvenience. All I can suggest it that
you use another browser of adjust your UA.

USER-AGENT can help, but I think many sites watch for behaviour, using
timers, filters, etc. As the difference is like that between asking for a
caller to show a printed name card when cold calling at a door, and having a
simple burglar alarm that uses more than one of a group of basic triggers,
the second method is entirely more capable of not being fooled. It doesn't
have to be very smart either, it just needs wise choice of triggers,
thresholds, durations... Google Maps use this to spot grabs on map tiles in
bulk. I doubt they care about U-A but they're VERY sharp at spotting anything
that moves in ways they're not happy with.

 

[Mayayana]

| Small ding here, but *every* browser is just a fancy DOWLOAD MANAGER
| itself.
|

I'm talking about actual download manager software.
That's not the same thing as a browser. (An email program
downloads files. That doesn't make it a download manager.)
In general download managers are not necessary in the first
place.

I find that the typical download manager behavior is
to download 2 or 3 full copies of everything. It doesn't make
any sense. The programs are supposed to help speed up
downloads and ensure they don't get cut off. But they
jump in on 1 MB downloads and download 3 copies!
Then there are the "scraper" variety. People go to a website
and auto-download everything in sight. They're busy
hoarding website content that they could never possibly
use. In fact, they don't even take the time to figure out
what the downloads are before grabbing them. (I'm not talking
about personal opinion here. I can see how the software
works in my own server logs.)

Some download managers are much worse than either of
those two cases. I first decided to start blocking them when
I saw in my website server logs that someone had downloaded
36 MB worth of a 300 KB file. I'm not certain, but I think the
program used was GetRight. It just kept calling for the same file,
over and over again every 6 seconds, 100+ times in all.

It's a lot like browser toolbars: Very little value. Potentially
spyware. And often badly written. But download managers look
techy and sophisticated to the uninformed.

Unfortunately, blocking such software is not 100% reliable
because while some identify themselves, some others use
spoof UA strings. So occasionally someone like thanatoid causes
a "false positive".