Domains (registry)

  • Thread starter Thread starter stevev
  • Start date Start date
S

stevev

What is the purpose of the Registry Folder:
HKCU\Software\Microsoft\Windows\Current Version\Explorer\Internet
Settings\Zone Maps\Domains
This lengthy list contains many (most) of the spyware sites I spend
considerable effort trying to prevent from accessing my computer. Why are
they in the Registry?
 
They're the sites you have placed in the various zones via

Tools > Internet Options > Security

Jon
 
stevev said:
What is the purpose of the Registry Folder:
HKCU\Software\Microsoft\Windows\Current Version\Explorer\Internet
Settings\Zone Maps\Domains
This lengthy list contains many (most) of the spyware sites I spend
considerable effort trying to prevent from accessing my computer.
Why are they in the Registry?
Click to expand...

These website URL's are the sites that are entered into the Restricted Sites
list. In Internet Explorer go to Tools/Internet Options/Security/Restricted
Sites and click the Sites button. The list there should match what you are
seeing in the registry. The spyware websites should be listed there. :)
 
SpywareBlaster installed?

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet
Settings\ZoneMap\Domains

The Domains key contains domains and protocols that have been added to
change their behavior from the default behavior. When a domain is added, a
key is added to the Domains key. Subdomains appear as keys under the domain
where they belong. Each key that lists a domain contains a DWORD with a
value name of the affected protocol. The value of the DWORD is the same as
the numeric value of the security zone where the domain is added.

If they have a Value Data of 4 they are in the Restricted Sites Zone.

This is the list of Restricted Sites from >>>

IE | Tools | Internet Options | Security tab | Restricted Sites |
Sites button | Web sites

SpywareBlaster does this.

--
Hope this helps. Let us know.

Wes
MS-MVP Windows Shell/User

In
 
Those are trusted domains. The spyware likes to do that. The way to stop
this is to remove the permissions on that key using regedt32. And I mean
ALL the permissions. Easy to get back just re-enable inherit from parent
which you first must do to remove the permissions on that key.
 
Back
Top