Questions about HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet
I spent part of yesterday defragging and running all my AV and spyware programs. Everything was clean until I ran PestPatrol, which found a pest named CWS.GoogleMS.3 located in: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\xxxtoolbar.com. I Googled the xxxtoolbar to try to get some info on it, but all I could find were removal instructions, which I went through, but I didn't have any of the associated files. I set a reatore point and went ahead and deleted it. Here are my questions:
When I went into that Domains Registry, I was shocked by the long list of what appeared to be porn-related entries. I'd like to know
1.) Where could these have come from?
2.) Is there anything in that folder that should not be deleted?
3.) Is the folder itself necessary?
I tried to Google that Registry folder too, to find out it's purpose, but no luck with that either.
dlh6213
Posting Maven
3,117 posts since Jul 2004
Reputation Points: 63
Solved Threads: 214
I was just looking through the list more carefully and it's not all porn-related, there's a lot of typical spyware and adware stuff too. I don't see anything in the list that looks like it would be necessary.
dlh6213
Posting Maven
3,117 posts since Jul 2004
Reputation Points: 63
Solved Threads: 214
Moved to Security section
Catweazle
Grandad
4,335 posts since Mar 2004
Reputation Points: 229
Solved Threads: 149
Is it possible this is where the stuff Spyware Blaster installed is kept?
dlh6213
Posting Maven
3,117 posts since Jul 2004
Reputation Points: 63
Solved Threads: 214
Do you have ie-spyad installed? It enters over 4000 sites to your registry so that IE cannot go there.
crunchie
Most Valuable Poster
20,095 posts since Feb 2004
Reputation Points: 1,142
Solved Threads: 985
I don't have ie-spyad (though it appears a good thing to have), and there is not 4,000 entries there, I'd guess 100-200.
Is "...\Internet Settings\ZoneMap\Domains" the place where this type of information would be stored? Or should I delete all the entries there?
dlh6213
Posting Maven
3,117 posts since Jul 2004
Reputation Points: 63
Solved Threads: 214
crunchie
Most Valuable Poster
20,095 posts since Feb 2004
Reputation Points: 1,142
Solved Threads: 985
Thanks crunchie! That site is a bit complicated (for me), but you were able to find what I wasn't. After looking at the list, I suspected it was from SpyWareBlaster, and this confirms it. I updated SpyWareBlaster, had it enable all protection and, low and behold, xxx.toolbar.com (the one I originally deleted) is back! From now on, I know that if any of my anti-pest-ware programs find anything in here, I should just ignore it.
You can mark this one as solved! Thanks again!
(I would add to your rep again, but I have to 'spread it around' first. If anyone else reads this, give crunchie some cudos for me!)
dlh6213
Posting Maven
3,117 posts since Jul 2004
Reputation Points: 63
Solved Threads: 214
