SWB "Kill Bits"?

Discussion in 'SpywareBlaster & Other Forum' started by Capp, Mar 25, 2005.

Thread Status:
Not open for further replies.
  1. Capp

    Capp Registered Member

    Joined:
    Oct 16, 2004
    Posts:
    2,125
    Location:
    United States
    This is not meant to sound direspectful by any means so please don't take it that way ;)

    I know SpywareBlaster prevents spyware installation by putting "kill bits" in the registry which keeps baddies out.

    What I want to know is...what do these kill bits look like? I have combed over my registry looking for anything related to what shows up in SWB "protected against" listing and I cannot find anything. (which i'm sure is good)

    Can anyone do a screenshot or a very detailed explaination of what these actually look like and where to find one.

    I'm a very curious person and love finding out how things work so that is why I am asking instead of tearing something up :D

    I ask of anyone...please
     
  2. LowWaterMark

    LowWaterMark Administrator

    Joined:
    Aug 10, 2002
    Posts:
    17,875
    Location:
    New England
    Entries for ActiveX controls are stored in the following location in the registry:

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility

    The "kill bit" part is the setting of the value for each CLSID...

    Compatibility Flags = 0x400 (or binary: 10000000000)

    The bit where that "1" is set in the binary representation above is the "kill bit" itself. That is the flag used to block the running of the control referenced by the CLSID mentioned in the key name. Kill bits themselves were not created by Javacool (or any other programmer that provides block lists for ActiveX controls), they are simply part of the design of ActiveX.
     
  3. Bubba

    Bubba Updates Team

    Joined:
    Apr 15, 2002
    Posts:
    11,271
  4. Capp

    Capp Registered Member

    Joined:
    Oct 16, 2004
    Posts:
    2,125
    Location:
    United States
    Well Thank you very much. This is what I was looking for.

    Can this be done with things other than ActiveX? For instance..If I wanted to stop someon from using a bad program (like virutal bouncer or powerscan, etc..)??

    Thanks for the replies. I looked it up online, but didn't make much sense to me :)

    Thanks again
     
  5. Capp

    Capp Registered Member

    Joined:
    Oct 16, 2004
    Posts:
    2,125
    Location:
    United States
    Since a lot of programs create CLSID's upon installation under HKEY_LOCAL_MACHINE\SOFTWARE...could you do something similar to the compatability flag to prevent installation of other spyware programs?

    or is this something specific only to ActiveX?

    Thanks :)
     
Thread Status:
Not open for further replies.