SPYWARE reboots XP-machine (HJ-log inc.)

Hi Chris,

If you want to try one more time

Download RegSearch.zip and extract the contents of the zip file to it's own folder.
Open and double-click the icon for RegSearch.exe to launch the program.
Enter 59A61955-C9FE-41C7-238A-6949A77ACF5E in the top window, 82817A13-CCB0-C237-5BA1-596CB3A00A77 directly below it, and D8523B64-55B4-58E2-6FD1-3D811ED8E8ED beneath that, and click "OK ".
After completion Notepad will be opened with all the found instances.

Download and install Reglite. Open and copy/paste the one of the found strings (eg:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D8523B64-55B4-58E2-6FD1-3D811ED8E8ED}) in the address window then click go (or navigate to the key manually in the left pane). Locate and hightlight the key in the left pane, then click Security>Take Ownership on the toolbar. Click Security>Edit Permissions, give full control to all groups. Click Advanced and uncheck the inherit permissions box, click apply. You can individually view/edit each group's settings here.
Be sure all groups have full control, on this key and subkeys. Apply and OK out of permission properties, right click the key in the left pane and delete. Close RegLite when done.

Hope it works.

 

RegSearch & RegLite

Hello "Master Noahdfear ",

As per your advice, I have downloaded Regsearch & RegLite and followed your clean & concise instructions. And after a reboot (for good measure ), the BHO's (no name - no file) are still there in HJT-log and viewable in RegLite.

and I repeated the above exercises several times, less I missed anything in the previous attempts (all followed by a reboot), and the little knack-BHO-with-no-name are still there....

It's OK...I have learned quite a few good things out of these exercises & and I can really live with these BHO-no-name-knacks.

Once again, MANY THANKS for your patience/persistence & efforts,

Three Cheers for "Master Noahdfear ",

Chris

 

Rats!