[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now



Posted on 2004-10-27
Medium Priority
Last Modified: 2011-08-18
My spyware software popped up and said I needed to delete about 20 entries from my registry; all of them in this location:

After looking through the entries (there are thousands), what if I just deleted them all?  This just looks like some internet tracking locations.  I've randomly deleted (after backing up) about 30 of these locations with no ill effects.  Can someone tell me what this registry entry does?

Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
LVL 65

Expert Comment

ID: 12422525

Its the registry location which stores the Trusted domains in the Loca Internet Zone !!
Mostly this is created by some junks, like comincursor.com and blazefind.com etc etc
that's may be the reason that ur spyware tool(i think its SPybot) is asking to delete the offending keys !! :)

Author Comment

ID: 12422542
So, really, I should just delete them all.  I use ZoneAlarm.  Any problems with deleting them all?
LVL 65

Accepted Solution

SheharyaarSaahil earned 2000 total points
ID: 12422582
u mean its asking to delete the whole "HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\ZONEMAP\DOMAINS" os it telling an offending folder inside the DOMAINS folder..... i have this key and it has only MSN added inside it.... what folders are u having in this DOMAINS folder ??

I think the folders inside this key can be harmful, likethis one >> "HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\blazefind.com\"

so are u having any such folder key ??
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.


Expert Comment

ID: 12422624
If u are not sure about deleting them, just take backup of that registry key... and delete them...

So in future, if u see any problems you can revert back...

Ideally no Internet Sites should be placed there, unless you are very very sure about the source...

So, I would recommend, backup and delete...


Author Comment

ID: 12422937
You only have 1 domain!?!?  That's it, I'm killing them all!
LVL 65

Expert Comment

ID: 12422960
Yes u can if u dont feel u need them or u put them there urself... :)
But its always a good practise to make a backup of keys u delete just in case if u will later feel to UNDO !! =)
Cheers ^_^

Author Comment

ID: 12423123
One last question:  I also have hundreds of entries in HKLM\SYSTEM\LASTKNOWNGOODRECOVERY\LASTGOOD

My scanner says there is something evil in there, but I don't see anything.  What do you have in yours?
LVL 65

Expert Comment

ID: 12423197
I have this folder and it has so many of those .inf and .pnf files in the right pane !!

Expert Comment

ID: 12606751
Use anti-spyware spyware programs to delete blazefind....
Try SpySweeper, Ad-Aware, S&D SpyBot, NoAdware, XoftSpy...

You dont need to delete nothing from the registry =)
*Let the wizard do the job :P

Expert Comment

ID: 12745431
Quite right, your HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\ZONEMAP\DOMAINS may mostly contain a list of the restricted sites, as set by spyware removers like SpyBot, plus a few trusted sites.  Check the trusted sites tab in Control Panel - Internet Options - Security - Trusted Sites first, and then the list under Restricted Sites.  In the registry the value for Trusted is 2 and Restricted is 4.  Of course, be careful because some spyware may include their own sponsored sites or IP addresses into the list of Trusted sites...

Featured Post

[Webinar] Lessons on Recovering from Petya

Skyport is working hard to help customers recover from recent attacks, like the Petya worm. This work has brought to light some important lessons. New malware attacks like this can take down your entire environment. Learn from others mistakes on how to prevent Petya like worms.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I don't know if many of you have made the great mistake of using the Cisco Thin Client model with the management software VXC. If you have then you are probably more then familiar with the incredibly clunky interface, the numerous work arounds, and …
In this article we will discuss all things related to StageFright bug, the most vulnerable bug of android devices.
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…
Hi friends,  in this video  I'll show you how new windows 10 user can learn the using of windows 10. Thank you.

656 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question