Hi,
Last Tuesday, I ran Adware SE and it found at attempted browser hijack attempt (1 registry key entry and two registry keys). I eliminated them after the scan and since then, MediaPlayer won't open a URL from the file menu (error "no web session has been established"). Also, Help center hyper links to Microsoft Knowledge Base articles won't display the articles. It has also caused a connection problem with Quicken online banking services.
Any idea what happened and how to repair it? I have been on the phone with Microsoft for multiple sessions and housr, and nothing they have suggested has fixed it yet. I have tried to find the Adware log file to see what exact keys and entries were removed, but can't find it. any help would be certainly appreciated. I am running XP Home and tend to run Adware, Spybot, and Mcaffee virus scan almost daily.
thanks,
Jeff Sauser

Have you tried this to reset the default programs?

Start Internet Explorer, select tools then select Internet Options, click on the Programs tab then press the "Reset Web Settings..." button.

When the dialog window opens you can uncheck the option "Also Reset Home Page" to keep your existing home page.

Microsoft had me try that yesterday, with negative result.
Here is the section of the Adware log which details the registry keys removed:

Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

BPS SpywareRemover Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{47a738f1-7faf-11d0-b148-00a0c922e820}

BPS SpywareRemover Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{67397aa2-7fb1-11d0-b148-00a0c922e820}

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 2
Objects found so far: 2

Was this a false positive that I should not have removed? I have seen some other posts regarding false positives with this update, which I guess was fixed with the 8.25 update?
Jeff

Hi Jeff Sauser, Sorry to 'jump into' Ad Astra's help.

It would appear so - please see the various posts in this section of the forum:
Lavasoft Support Forums > Lavasoft - General Support > False Positives

In particular, LS CalamityJane's advice: The re-released Def file SE1R120 25.08.2006 on 25 Aug still does not appear to have fixed all false positives.

Regards,

Spike

Thanks,
Now that I already removed them (my bad, should of quarantined!!), does anybody know how to reverse it? sure would like to have the functionality back. Should I remove and re-install IE, or can I recreate the deleted registry keys with a registry editor?

Hi

Which version of Winodws are you running? If XP or ME have you tried using System Restore to go back to a point before the problem occurred?

The log item shows the key involved but not the values stored within the key. Alas I have no such registry keys on my system so can not check what kind of values are stored there.

Fingers crossed that you can use System Restore.

See if Step #5 here allows you to restore the items Ad-Aware put into quarantine: http://www.bleepingcomputer.com/tutorials/tutorial48.html

Thanks for the tip, Winchester73.
I restored the registry keys out of the quarantine file, and they are now back in there (checked with Regedit). But, still no function on Help Center or MediaPlayer10 file open url. I wonder if I have to register the keys with regserv? anyway, a great tip, as I did not know I could restore deleted keys out of the Adware quarantine file. That is handy, but just did not solve my problem. Maybe I was jumping to cause on the key removal causing the issue?
Thanks,
Jeff

You're welcome mate.

Have you tried re-installing WMP? That might be easier than trying to mess with registry entries.

Personally, I use WinAmp instead of WMP.