HI,

I found your forum here by searching for more ideas on how to possibly get rid of the version of ISearchTech.YSB I've discovered in a friend's computer.

I have so far tried Ewido, Spybot, AdawareSE and Symantec and still it's not out.

The main roadblock seems to be that something is re-changing regedit so I don't have permission to directly delete or change the values of this ISearchTech in the registry. Even though I have manually added the administrator account to the permissions list, regedit refuses to let me delete the relevant entries, and this might be why Spybot and the others can't eradicate this thing.

The infected machine is a HP Paviliion 750n running XP Home. At the time it was infected it was running SP1 and about 35 Windows patches behind.

I've got rid of a huge pile of spyware, trojans, viruses and 'bots, but this one remains.

I have a day off this Saturday and intend to post the logs that illukka listed above. Maybe we can figure out how this thing is protecting itself...

---Dave

hi

do not post into someone elses topic.

i moved your post and started a new thread for you, please continue here

Due to lack of a response this topic will be archived.