Hi everybody i am having a probelm removing the adavance searchbar. The location of it is HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{43F02779-6D88-4958-8AD3-83C12D86ADC7} but when i remove it, it just keeps regenerating it self. I have done a search for it and, run a couple of other spyware scans, it appears to me that i don't have it except in that one loaction. any help would be nice Thanks Jays1
What indicatons are you having....besides finding that reg entry....that the Advanced Toolbar is "regenerating it self" ?
that is the only indication i have been able to find so far. It doesn't appaer to me that it has been installed except for that one reg entry.
Hmmm....what caused you to zero in on that CLSID(43f02779-6d88-4958-8ad3-83c12d86adc7) ? You mentioned you ran some spyware scans....which ones ? Do you see a C:\Program Files\Advanced Searchbar folder on your hard drive ?
in response to buba's question i don't see that folder on my hard drive and the spyware scans i have run are spyware doctor(which picked up the clsid), spybot s&d, adaware, pest patroal and spybouncer. I did check out the site that BlueZannetti has mentioned and i don't see any of process, etc in my system.
It would be interesting to know what the value of that registry key is. If the DWORD value is 1024 this would mean you are protected against this item. Regards, Pieter
That's what I thought you were going to say but I'd still like to make doublely sure. SpywareBlaster and Spybot place entries in that registry location you mentioned in your first post but that CLSID(43f02779-6d88-4958-8ad3-83c12d86adc7) is not part of their respective databases....so....do any of the other programs you have installed have a feature that sets ActiveX kill bits ? Also....if you'll re-visit that above registry entry and click on that entry....what Data value do you see in the right hand box....0X00000400(1024) ? Edit: I'm a slow typer
It is not slow typing. Just a lot as you do a much better job at explaining things well. Regards, Pieter
Jays1, I meant to mention something earlier about SpyBouncer....it is considered a Rogue/Suspect product that is of "unknown, questionable, or dubious value as anti-spyware protection". "Spybouncer....aggressive advertising, reported hijacks, false positives work as goad to purchase" Further list of---> Rogue/Suspect Programs I suggest you also consider checking out a list of....Trustworthy Anti-Spyware Products
The only other program that would appear to have the ActiveX kill bits would be spyware doctor, and that is the Data value i am seeing in the registry.
regarding my above request: "if you'll re-visit that above registry entry and click on that entry....what Data value do you see in the right hand box....0X00000400(1024)" ?
I appologize jays1....I overlooked in your earlier post where you said.... "that is the Data value i am seeing in the registry". Sorry for having asked you twice. Ok....with that value it means a program placed that entry there with the intentions of preventing the Advanced Searchbar toolbar from being installed. That is a good thing....however....you'll have to confirm or some other user of Spyware Doctor will have to confirm if that CLSID is part of it's database because the trial version of SpywareDoctor does not give me the ability to use there ActiveX kill bit feature....unless I buy it I am going out on a limb and say this is simply a False positive by Spyware Doctor of a....what I'll call....valid ActiveX kill bit setting....given the info you have provided.
Thanks for all the help, actually i've just updated spyware doctor and done another scan and it's fixed as well another spyware problem i was having a while ago when i first posted on this forum. from Jays1
