The files are generated by the registry entries you idiot. Random generated
file names don't just appear out of nowhere. Those registry entries can call
various dll's, If a call is made incorrectly meaning it calls a legit dll
and the function it asks for, because it was deleted, a General Protection
Fault (BSOD) may occur.

--

Newsgroup Trolls. Read about mine here http://www.pcbutts1.com/downloads
The list grows. Leythos the stalker http://www.leythosthestalker.com, David
H. Lipman, Max M Wachtell III aka What's in a Name?, Fitz,
Rhonda Lea Kirk, Meat Plow, F Kwatu F, George Orwell



"Dustin Cook" <spamfilterineffect.see.sig@nowhere.com> wrote in message
news:Xns9984E4F4CE40BHHI2948AJD832@69.28.186.121.. .
> "pcbutts1" <pcbutts1@leythosthestalker.com> wrote in
> news:f98h91$iav$1@blackhelicopter.databasix.com:
>
>> You have a lot to learn about malware. If I were you I'd hate myself
>> for being so stupid. These are just a few.
>> [HKEY_CLASSES_ROOT\
>> [HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers
>> [HKEY_CLASSES_ROOT\AppID\
>> [HKEY_CLASSES_ROOT\CLSID\
>> [HKEY_CLASSES_ROOT\Interface\
>> [HKEY_CLASSES_ROOT\software\microsoft\windows\curre ntversion\explorer\b
>> rowser helper objects
>> [HKEY_CLASSES_ROOT\Typelib\
>> [HKEY_CURRENT_USER\
>> [HKEY_CURRENT_USER\clsid
>
> These keys are neutered the moment you relocate/delete/rename the file
> referenced. A registry cleaning application would likely remove them once
> the associated files are no longer available. Otherwise, they waste a
> small amount of registry space, but pose NO threat.
>
>> These are good ones do you know what these do? probably not.
>> [HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\policies\e
>> xplorer\Run]
>
> Explorer has it's own run keys, which again, references a file. If the
> file is gone, guess what doesn't happen?
>
>> [HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Policies\S
>> ystem]
>
> A completely legitimate registry key. Not malware.
>
>> [HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Run]
>> [HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Shell]
>> [HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Shell
>> Extensions]
>
> All 3 of these, will do nothing without the files referenced. IE: worst
> case, your wasting a little space in the registry. You are not causing
> your system to run anything, if the files referenced are removed,
> renamed, or relocated.
>
> You want to try again? We can do this all day long. I know many common
> registry locations for things to hide. If you kill the file, the key is
> worthless. If the key points instead to a url, that's different entirely;
> the file isn't on YOUR computer. Also, cleaning up your browser settings
> should be a step you perform in safe mode, without the computer having an
> internet connection. You aren't leaving the internet connection alive
> while cleaning a machine are you?
>
>> You CANNOT completely remove Malware without removing the registry
>> entries. You know nothing about Spyware.
>
> Wrong. I can completely remove the Malware, without touching the
> registry. The keys you've specified (the top section) become neutered
> without the exe/dll files they reference. They pose absolutely NO threat
> of any kind without the executable! The other keys are legitimate keys!
> Depending on the machine in question, a parent/employer may have invoked
> some/all of those key settings. It's not BugHunter's place to alter
> security/policy settings on a machine; Other applications exist designed
> specifically for this.
>
> --
> Dustin Cook
> Author of BugHunter - MalWare Removal Tool - v2.2c
> email: bughunter.dustin@gmail.com.removethis
> web..: http://bughunter.it-mate.co.uk
> Pad..: http://bughunter.it-mate.co.uk/pad.xml
>