guys is there any way to block hotspot shiled program and online web proxy from Mikrotik ?

block? what exactly do you mean?

he probably means this thing: http://www.hotspotshield.com/ which is essentially a VPN tunnel to some server.

Never tried this before, but this works. My laptop has been trying to connect for 5 minutes now and wont.

/ip firewall mangle
add action=mark-connection chain=prerouting comment="" content="Nebo Group" disabled=no new-connection-mark=hssconn passthrough=yes
add action=mark-packet chain=prerouting comment="" connection-mark=hssconn disabled=no new-packet-mark=hsspack passthrough=yes
/ip firewall filter
add action=drop chain=forward comment="" disabled=no packet-mark=hsspack

It seems that every one of the sites has a certificate by Nebo Group. Might be able to do it better with l7, but Id have to look into it more. You could probably make the content more specific, but I dont have time.

holy moly. at least specify in-interface, tcp, flags=PSH, etc when using content=... you dont want to search EVERY single packet for "Nebo Group" do you, including pings? that could kill your performance instantly with too much traffic.

LOL. Yah. I didnt really care as I was just deleting the rule right away.