MyTechSupport.ca :: Your Computer Technical Resource Headquarters! MyTechSupport.ca :: Your Computer Technical Resource Headquarters!
HOME FORUMS RESOURCES & TOOLS ARTICLES ONLINE STORE ABOUT US
Computer Support Forums arrow Software Support arrow Operating Systems : Microsoft arrow Topic: Domains in the Registry
October 20, 2019, 07:22:46 PM
 

Home Forum Rules Help Search Mobile Version Login Register

Welcome, Guest. Please login or register.
Did you miss your activation email?
October 20, 2019, 07:22:46 PM

Login with username, password and session length
 Featured Sites:
News
New  New Poll on our main page!
"My experience with Vista..."
  0 Members and 1 Guest are viewing this topic.
Pages: [1] Go Down Print
Author Topic: Domains in the Registry  (Read 1000 times)
MJL54
Jr. Member
**

Karma: +0/-0
Offline Offline

Posts: 37


Bookmark and Share

View Profile
« on: October 06, 2004, 06:23:52 AM »


Operating System Version: Windows XP
Problem Application Name & Version: XP Registry
Problem Hardware Make & Model: Dell Dimension
Error Messages: none



under KHEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Internet Settings\Zone Map, I have a whole bunch of Domains I don't want on my system, a great majority of these are p*rn sites.  I don't how I got so many on my system, but it might have been because I uninstalled my Sygate fiewall.  Anyhow, none of these Domains have any data except the same DWORD, etc, so I'm not touching that, but the left-hand side seems ripe for plucking.  It's just tedious deleting these one at a time.  (a) Is it okay to delete these? (I already made a backup of my registry off-line. (b) How do web pages use this data?  I assume some of that has to do with the adware stuff - I currently don't appear to have any bugs on my system.

Thanks for any help.Undecided
Logged

 
jvic
Visiting Administrator
Hero Member
*****

Karma: +0/-0
Offline Offline

Gender: Male
Posts: 1238


Bookmark and Share

View Profile
« Reply #1 on: October 06, 2004, 12:55:04 PM »

if you download Hijack This we can analyze your log and help you get rid of all those domains

http://www.tomcoyote.org/hjt/

Make sure you unzip hijack this to its own folder such as C:\Program files as this is where the backups will be created.Run Hijack this but do NOT fix anything.Click save log and a log will open in notepad.Copy and paste your log in our security forum
Logged

John Vickers
MJL54
Jr. Member
**

Karma: +0/-0
Offline Offline

Posts: 37


Bookmark and Share

View Profile
« Reply #2 on: October 06, 2004, 02:44:28 PM »

Thanks.  I'm attaching my logfile.  I'm no expert with Hijack This but I can't see anything in there that would help.  Only one thing that puzzles me right now and that's that SEARCH HOOK MISSING entry.   So, once again, thanks for taking the time.  

Logfile of HijackThis v1.98.0
Scan saved at 10:22:50 AM, on 10/6/2004
Platform: Windows XP  (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\MIKE\My Documents\System Info\Logs\Hijack This\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
F0 - system.ini: Shell=
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: &Linkman - {5C9DCA26-CEC4-4280-A831-D622D4DBF113} - C:\PROGRA~1\Linkman\LINKMA~1.DLL
O4 - HKCU\..\Run: [Clean Temp] C:\Program Files\CleanTemp 1.1\CleanTemp.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O17 - HKLM\System\CCS\Services\Tcpip\..\{3CED5BD2-CB67-4F10-8C16-03EE1CFBA9A9}: NameServer = 207.181.101.4 207.181.101.5
O17 - HKLM\System\CS1\Services\Tcpip\..\{3CED5BD2-CB67-4F10-8C16-03EE1CFBA9A9}: NameServer = 207.181.101.4 207.181.101.5

Logged

 
jvic
Visiting Administrator
Hero Member
*****

Karma: +0/-0
Offline Offline

Gender: Male
Posts: 1238


Bookmark and Share

View Profile
« Reply #3 on: October 06, 2004, 06:36:54 PM »

Run Hijack this and fix the following:

R3 - Default URLSearchHook is missing
F0 - system.ini: Shell=

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm

I am attatching a file called the hoster
Unzip it to a folder, Open it, Press "Restore Original Hosts" and press "OK". Exit Program. Note: if you were using a custom Hosts file you will need to replace any of those entries yourself


Download Attachment: hoster.zip 151.04 KB
Right click and select Save Target As... then rename the file as shown here and save.
Logged

John Vickers
Pages: [1] Go Up Print 
 
Jump to:  

Powered by MySQL Powered by PHP

Powered by SMF 1.1.21 | SMF © 2015, Simple Machines

Valid XHTML 1.0! Valid CSS!

Disclaimer
This site is NOT responsible for any damage that the information on this site may cause to your system. Everything you try, whether inspired by the response given from this site or not, is entirely at your own risk. All product names and company names used herein are for identification purpose only and may be trademarks or registered trademarks of their respective owners. We are in no way affiliated or representing any of the companies on this site unless specified.
Back to Top
Stop Spam Harvesters, Join Project Honey Pot Fight Back Against Spammers! Get Firefox! Get Thunderbird! View Sylvain Amyots profile on LinkedIn
Back to Top
Google visited last this page June 21, 2018, 01:59:55 PM