S
Scott
What are the possible consequences of manually removing the following type
of registry key:
hkey_local_machine \software\microsoft\windows\currentversion\internet
settings\zonemap\domains\ (website)
If my understanding is correct, the values of this key will set the
security/privacy settings of the IE browser for the specified website. For
the case of malware, the malware would create this key and set the security
level to "Trusted" for the website. It would then direct the browser to the
website and run more malicious code from that site.
Using REGEDIT, I looked to see how many keys I had of this type and found a
huge amount. I estimate about 500. None of the websites are those that I
visit regularly, or maybe never visited at all. A lot of them seem to have
foreign domains. I want to get rid of them. It seems like the registry saves
everything.
There is also the potential embarrassment factor. A worst case scenario is
that a computer savy girlfriend inspects my registry and demands to know why
I have a key from moscowwhores.com. I don't remember ever visiting this site
and it's not really the way I roll.
These keys have two parameters: REG_SZ (value not set) and REG_DWORD =
0x00000004 (4)
Can anyone tell me what these values mean?
What could go wrong if I engage in mass deletement of these type of keys.
Thanks
Scott
Los Angeles
of registry key:
hkey_local_machine \software\microsoft\windows\currentversion\internet
settings\zonemap\domains\ (website)
If my understanding is correct, the values of this key will set the
security/privacy settings of the IE browser for the specified website. For
the case of malware, the malware would create this key and set the security
level to "Trusted" for the website. It would then direct the browser to the
website and run more malicious code from that site.
Using REGEDIT, I looked to see how many keys I had of this type and found a
huge amount. I estimate about 500. None of the websites are those that I
visit regularly, or maybe never visited at all. A lot of them seem to have
foreign domains. I want to get rid of them. It seems like the registry saves
everything.
There is also the potential embarrassment factor. A worst case scenario is
that a computer savy girlfriend inspects my registry and demands to know why
I have a key from moscowwhores.com. I don't remember ever visiting this site
and it's not really the way I roll.
These keys have two parameters: REG_SZ (value not set) and REG_DWORD =
0x00000004 (4)
Can anyone tell me what these values mean?
What could go wrong if I engage in mass deletement of these type of keys.
Thanks
Scott
Los Angeles