PDA

View Full Version : Browser helper AVG antispy



giuseppe
2008-05-23, 16:10
Please help
several problems :
Pc Dell Wind XP
1/ when I run Spyboot it comes an information : Browser Helper Object Valeur Supprimé 55EA1964-F5E4-4D6A-B9B2-125B37655FCB impossible to reject , only option to agree with that and/or remember that for the future. I didn't agree

2/ When I run AVG Antispyware it shows some medium dangerous cookies and one more dangerous a red one , then system continues to analize untile come to C\Windows\$NtUninstallKB931768$\spuninst\updspapi.dll and then the system stop and i have to switch off Pc and start again

3/ I have problems in transferring incoming e -mail , when I want to send them a wording is coming mime has to close the program and everything disappears

Please help

thank you very much

Giuseppe

md usa spybot fan
2008-05-23, 16:55
giuseppe:


1/ when I run Spyboot it comes an information : Browser Helper Object Valeur Supprimé 55EA1964-F5E4-4D6A-B9B2-125B37655FCB impossible to reject , only option to agree with that and/or remember that for the future. I didn't agree
According to CastleCops the BHO associated with GUID {55EA1964-F5E4-4D6A-B9B2-125B37655FCB} is a legitimate BHO. See:
http://www.castlecops.com/tk27925-pxbho_dll.html
Since you indicate that you can not do a "Deny change" apparently the BHO is being deleted. During some changes the "Deny change" option is greyed out (not an option) in the TeaTimer dialog. This appears to be on changes such as the removal of a Browser Helper Object (Value deleted). This is speculation but I assume that the "Deny change" is grayed out because by the time TeaTimer recognizes the Registry change the underlying code for the BHO has been deleted and therefore denying the change would do no good to save the BHO from being deleted and just leave an orphaned registry entry.

What is deleting the BHO?

giuseppe
2008-05-23, 18:20
YES deny change is greyed out

how can I reintroduce the 55EA1964-F5E4-4D6A-B9B2-125B37655FCB ?? Probably some malicious program has canceleld it and cause the other problems indicated in my post

please help

md usa spybot fan
2008-05-23, 19:20
giuseppe:


... how can I reintroduce the 55EA1964-F5E4-4D6A-B9B2-125B37655FCB ??
From the CastleCops reference above, the GUID {55EA1964-F5E4-4D6A-B9B2-125B37655FCB} BHO is associated with Prevx. Here are some URLs for Prevx:
Prevx - Helping You Fix The Threats That Others Miss
http://www.prevx.com/
Prevx Downloads
http://info.prevx.com/downloadprevx2.asp

djpailo
2008-05-23, 21:59
Whats the link to the CLSID search at castle cops?

md usa spybot fan
2008-05-23, 23:23
djpailo:

CastleCops® - CLSID BHOList ToolbarList
http://www.castlecops.com/CLSID.html