PDA

View Full Version : Windows.Security.InternetExplorer



The Wy
2006-09-07, 04:41
Lately, the last couple of weeks or so, Spybot has detected Windows.Security.InternetExplorer. Seems that each time I "fix" it with Spybot, I lose my Run option, meaning I don't have the shortcut for the box to do a msconfig or a regedit. I have to get into the registry by another means and reinsert the 0 value in the NoRun of where the Run registry is located to get that box back. After restarting, the Run option is visible again. So, what's with this Windows.Security.InternetExplorer and why does it always make me lose my Run box everytime I "fix" it with Spybot. A bug, false positive, something else?

spybotsandra
2006-09-07, 10:47
Hello,

The key "HKEY_CURRENT_USER,"\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN" (standard value is 1 with SP2) determines the ability to perform certain actions for local websites, i.e. websites saved on harddisk.

The value is set to 0 (zero) by some malicious applications in order to deminish the security settings for the zone "local computer". (see http://msdn.microsoft.com/security/productinfo/XPSP2/securebrowsing/locallockdown.aspx for details).

If you want you can also tell Spybot-S&D to exclude those detections from further scans.

Best regards
Sandra
Team Spybot

The Wy
2006-09-07, 18:31
Hello,

The key "HKEY_CURRENT_USER,"\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN" (standard value is 1 with SP2) determines the ability to perform certain actions for local websites, i.e. websites saved on harddisk.

The value is set to 0 (zero) by some malicious applications in order to deminish the security settings for the zone "local computer". (see http://msdn.microsoft.com/security/productinfo/XPSP2/securebrowsing/locallockdown.aspx for details).

If you want you can also tell Spybot-S&D to exclude those detections from further scans.

Best regards
Sandra
Team Spybot


Yes, but this is happening on Windows 98, not XP. How can that be explained?

DonJJ53
2006-10-14, 13:47
Hello,

The key "HKEY_CURRENT_USER,"\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN" (standard value is 1 with SP2) determines the ability to perform certain actions for local websites, i.e. websites saved on harddisk.

The value is set to 0 (zero) by some malicious applications in order to deminish the security settings for the zone "local computer". (see http://msdn.microsoft.com/security/productinfo/XPSP2/securebrowsing/locallockdown.aspx for details).

If you want you can also tell Spybot-S&D to exclude those detections from further scans.

Best regards
Sandra
Team Spybot

The link "http://msdn.microsoft.com/security/p...llockdown.aspx " goes to page " Location cannot be found" on MSDN. Is it my fault or is there an error in the link?

Zenobia
2006-10-14, 14:01
I'm able to see the page,by clicking the link posted.