Results 1 to 7 of 7

Thread: FP with new localmachine_lockdown

  1. #1
    Junior Member
    Join Date
    Aug 2006
    Posts
    5

    Default FP with new localmachine_lockdown

    Just a minor correction, really: when Spybot S&D checks the localmachine_lockdown entry, it found the iexplore.exe entry on my system set to 0 in HKCU. However, the HKLM entry was set to 1 and the (handy) referenced MSDN page says "If the setting is present in both HKEY_LOCAL_MACHINE and HKEY_CURRENT_USER, the most secure setting is used."

    Also, for some reason the Bug Report panel refers to forums.net-integration.net. That might prevent potentially useful info from being presented.

    Thanks for a really useful security program!
    - Kal

  2. #2
    Spybot Advisor Team [Retired] md usa spybot fan's Avatar
    Join Date
    Oct 2005
    Posts
    5,859

    Default

    Kalimba:

    I would appear that you are correct according to the following article

    It also appears that Spybot does not detect the "iexplore.exe"=dword:00000000 in the HKLM registry hive. This entry was not detected after the 2006-08-18 updates:

    Code:
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]
    @=""
    "iexplore.exe"=dword:00000000

    Getting an answer is one thing, learning is another.


    Microsoft Windows XP Home Edition running on a 2.40GHz IntelŪ PentiumŪ 4 Processor with 512 MB of RAM and a 533 MHz System Bus.

  3. #3
    Member of Team Spybot (m/f)'s Avatar
    Join Date
    Feb 2006
    Posts
    294

    Default Correction made

    Thank you all for your interest. It is right, Spybot did not detect the statement in the HKLM hive. We have corrected this so that Spybot will detect it now in both the HKCU and HKLM hive. This is, as stated by Kalima, the most secure setting.

  4. #4
    Spybot Advisor Team [Retired] md usa spybot fan's Avatar
    Join Date
    Oct 2005
    Posts
    5,859

    Default

    (m/f):

    Thanks for looking into and fixing the problem.

    Regards,
    md usa spybot fan

    Getting an answer is one thing, learning is another.


    Microsoft Windows XP Home Edition running on a 2.40GHz IntelŪ PentiumŪ 4 Processor with 512 MB of RAM and a 533 MHz System Bus.

  5. #5
    Junior Member
    Join Date
    Aug 2006
    Posts
    5

    Default

    Quote Originally Posted by md usa spybot fan View Post
    Thanks for looking into and fixing the problem.
    I second that sentiment!
    - Kal

  6. #6
    Esteemed Member
    Join Date
    Oct 2005
    Posts
    211

    Default

    Despite what is said that the most secure setting is used, I have iexplore set to 1 in HKLM, but to 0 in HKCU. The latter was set to 0 when i checked the option to allow active content to run in files on my computer (IE options advanced tab).

    Checking that option does change IE behaviour for the current user, so presumably the iexplore=0 setting in HKCU is not altogether overridden by the 1 in HKLM.

    For example, one useful effect of checking that option I've found is if you have clicked through some links on a page at a site with ads blocked through HOSTS redirect entries, you only need to click back once, it runs through the ads URLs and returns to the page, instead of your having to click back several times or using the back button drop down box to bypass the ads URLs.
    (I hope that is understandable...)

    IE 7 RC1, XP home SP2 all updates.

  7. #7
    Junior Member
    Join Date
    Aug 2006
    Posts
    5

    Default

    Quote Originally Posted by Rosenfeld View Post
    Checking that option does change IE behaviour for the current user, so presumably the iexplore=0 setting in HKCU is not altogether overridden by the 1 in HKLM.
    Interesting! I'll have to experiment a bit.
    - Kal

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •