Dismiss Notice
Data Loss
Hello Guest

Due to multiple hardware failure, We have lost data from 24th December 2017 to 1st January 2018. Inconvenience is deeply regraded. VIP user will be upgraded sooner

Thank You

Direct Windows Spy Blocker 4.11.0

Discussion in 'Security Tools' started by tomeCar, Mar 4, 2018.

  1. tomeCar

    tomeCar Staff Member Administrator

    759.1 GB
    35.8 GB

    Windows Spy Blocker 4.11.0


    WindowsSpyBlocker is a set of rules to block Windows spy / telemetry based on multiple tools to capture traffic. It is open for everyone and if you want to contribute, take a look at the Wiki.

    Most malicious content is delivered through the information superhighway nowadays, so it’s highly recommended to take your security measures seriously. An antivirus solution alone can barely keep up with everything going on, that’s why programs like WindowsSpyBlocker want to make things easier by blocking access to potentially harmful domains.

    Intuitive descriptions guide you along the way

    The application saves you the time and effort required to go through a setup process, so you benefit from all it has to offer from the moment download is done. This allows you to carry it on a removable thumb drive in case you want to add Firewall rules to other computers than your own.
    Management options are delivered through a command-line interface, but this gives you little to no accommodation problems, especially because of the detailed descriptions found along the way. Menus are comfortable, and you can always recall menu commands in case they’re out of sight or unsure on what to do next.

    View rule status, install, and remove

    There are a couple of default functions you can use to enhance the security of your computer. On the one hand, the application can deploy a set of Firewall rules dedicated to Windows 7, 8.1, and 10, which block access to various domains which are potentially harmful. You can view the status of the rules at any moment and even remove them.
    On the other hand, there’s the NCSI (Network Connectivity Status Indicator) function, which can deploy WindowsSpyBlocker or Microsoft NCSI rules. These can also be removed on demand, and there’s also a function with which to test your Internet connection.
    Last but not least, the dev section comes in handy for analyzing results and log files. Although devoid of any particular usage on its own, it’s dedicated for working with Proxifier, Sysmon, and Wireshark if installed on your computer. These tools can be used to extract log data, and there’s also a general differences analyzer to be used with results from all previously mentioned third-party tools.

    In conclusion

    Taking everything into consideration, we can state that WindowsSpyBlocker comes in a lightweight package, delivering a fast, reliable method to enhance the security on your computer. Even though it’s used as a command-line interface, it’s packed with intuitive descriptions, and automatically deploys necessary rules on demand.

    Whats New:

    • Update hosts for Windows 10 extra and spy
    • Update IPs for Windows 10 extra, spy and update
    • Move 13.107.5,, 64.4.23, 65.55.163, 65.55.223,,, 157.55.56, to extra for Windows 10
    • Update hosts for Windows 8.1 spy and update
    • Update IPs for Windows 8.1 extra, spy and update
    • Move,, 64.4.23 to extra for Windows 8.1
    • Move, to update for Windows 8.1
    • Update hosts for Windows 7 extra, spy and update
    • Update IPs for Windows 7 extra, spy and update
    • Move,, 64.4.23 to extra for Windows 7
    • Manage IP range for testing
    • Review IP analysis
    WindowsSpyBlocker is an application written in Go and delivered as a single executable to block spying and tracking on Windows systems ⛔️. The initial approach of this application is to capture and analyze network traffic based on a set of tools. It is open for everyone and if you want to contribute or need help, take a look at the Wiki .


    Main window of WindowsSpyBlocker

    Configuration file app.conf is generated at first launch :


    Telemetry and data collection
    To capture and analyze network traffic for the telemetry option, QEMU virtual machines are used on the server virtualization management platform Proxmox VE based on :

    • Windows 10 Pro 64bits with automatic updates enabled.
    • Windows 8.1 Pro 64bits with automatic updates enabled.
    • Windows 7 SP1 Pro 64bits with automatic updates enabled.
    Traffic dumps are clean every day and compared with the current rules to add / remove some hosts or firewall rules.

    Tools used to capture traffic :

    • qemu -net dump : capture
    • Wireshark : capture + logs
    • Sysmon : capture + logs
    • Proxifier : logs
    All traffic events are available in the logs folder :

    • *-hosts-count.csv : number of events per host
    • *-unique.csv : first trigger of an event per host / process / destination port
    The data folder contains the blocking rules based on domains or IPs detected during the capture process :

    • data/<type>/winX/spy.txt : Block Windows Spy / Telemetry
    • data/<type>/winX/update.txt : Block Windows Update
    • data/<type>/winX/extra.txt : Block third party applications
    Firewall and Hosts data are the main types. The others are generated from these as :

    • DNSCrypt : a protocol for securing communications between a client and a DNS resolver.
    • OpenWrt : an open source project used on embedded devices to route network traffic.
    • P2P : a plaintext IP data format from PeerGuardian.
    • Proxifier : an advanced proxy client on Windows with a flexible rule system.
    • simplewall : a simple tool to configure Windows Filtering Platform (WFP).
    And about data collection, you can read the Telemetry collection page for more info.

    Projects using WindowsSpyBlocker
    • pi-hole : A black hole for Internet advertisements (designed for Raspberry Pi).
    • StopAd : Service for MikroTik routers made to block "advertising" and more.
    • OpenWrt adblock package : DNS based ad/abuse domain blocking
    • Unified hosts file : Extending and consolidating hosts files from a variety of sources.
    • WPD : Customize Group Policy, Services and Tasks, responsible for data collection and sending, as you like.
    • simplewall : Simple tool to configure Windows Filtering Platform (WFP).
    • LEDE Project : A Linux operating system based on OpenWrt.
    • Mikrotik hosts parser : An application that blocks "advertising" for routers based on RouterOS.
    • void-zones-tools : A list of void zones that can be readily feed into Unbound on FreeBSD

    File Size : 4 Mb

    Please Login or Register to view links

  2. vevecta

    vevecta Verified Member

    1.5 TB
    11.7 GB
    Thank you!
  3. Anemos2006

    Anemos2006 Registered User

    3.8 GB
    9 GB
  4. Mathew Stewart

    Mathew Stewart Verified Member

    412.6 GB
    5.6 GB
    thanks @tomeCar ill give this a look later on nice one
  5. Apache

    Apache Verified Member

    17.9 TB
    81.1 GB
    thank you, i will ad this tool to DWS_Lite :rock:

Share This Page