RE: KeySnatch & BonziBuddy ??? Please help
From: MAP (MAP_at_discussions.microsoft.com)
Date: 10/21/04
- Next message: Fede: "hide c W2K3 Terminal Server users"
- Previous message: Shenan Stanley: "Re: Security"
- In reply to: <*((((><{: "KeySnatch & BonziBuddy ??? Please help"
- Next in thread: <*((((><{: "Re: RE: KeySnatch & BonziBuddy ??? Please help"
- Reply: <*((((><{: "Re: RE: KeySnatch & BonziBuddy ??? Please help"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 21 Oct 2004 00:15:04 -0700
"<*((((><{" wrote:
> I ran Pest Patrol (late updated in July). It found Keysnatch and
> Bonzi Buddy. I can't figure out how I got them. I have the
> evaluation version, so it won't remove anything. It says to remove
> keys
> 065e6fd6-1bf9-11d2-bae8-00104b9e0792 and
> 8c3d4aa6-2599-11d2-baf1-00104b9e0792
>
> It references files named sssplitter and such.
>
> Question: How do I find out where these pests came from? Do I have
> something on my machine that is causing them to load up? Did they
> load up just from surfing the net?
>
> Question: How do I get rid of them? Am I safe in deleting all
> references to the above keys? Or only references in certain areas of
> the registry?
>
> Question: Is there a free program that will delete them for me?
> (Since my Pest Patrol is old and only evaluates, doesn't remove)?
>
> Thanks for the help.
>
> <*((((><{
> Fishy@Ocean.Net
>
Hi, These keys you mention are Broswer helper objects (BHO's)
You can disable them with BHODemon or with the advanced interface of Spybot
S&D
Sometimes,when you remove malware it will stop your TCP/IP
stack from working (Internet connection).
Winsock or LSP-fix will correct the problem,Download first.
Note to anyone using NOD32 Anti-Virus software,Do Not delete the
"imon.dll" this fix reports,That is your e/mail scanning engine.
YES-You need more than 1 malware program,the one's below are all free
and work well.
LSP-fix- http://www.cexx.org/lspfix.htm
Spybot S&D - http://www.safer-networking.org/en/index.html
CWS Smart Killer- http://www.safer-networking.org/minifiles.html
About Buster- http://www.spychecker.com/program/aboutbuster.html
Ad-Aware SE - http://www.lavasoftusa.com/software/adaware/
CWShredder - http://www.majorgeeks.com/download4086.html
Hijack this - http://www.majorgeeks.com/download3155.html\
Hijacjthis tutorial -http://forums.maddoktor2.com/index.php?showtopic=165
SpywareBlaster - http://www.javacoolsoftware.com/spywareblaster.html
SpywareGuard - http://www.javacoolsoftware.com/spywareguard.html
WinPatrol - http://winpatrol.com
Win Patrol is NOT a malware program,but it will inform you if anything writes
to your registry or changes your home/search page,a nice little program.
BHODemon - http://pcworld.com/downloads/file_download.asp?fid=23611&fileidx=1
Bazooka -http://www.kephyr.com/spywarescanner/index.html
asquared2 "Trojan Remover" - http://www.emsisoft.com/en/
Socklock- http://nsclean.com/socklock.html
NOD32Anti-Virus Free 30 day trial
http://nod32.com/download/trial.htm
A link for free online virus and trojan scanners.
http://virusall.com/downscan.html
A listing of BHO's
http://www.spywaredata.com/bho.php?current_page=0
To see if that freeware program you are about to inststall
is infested with spyware check it out first at this link.
http://www.spychecker.com/
To help stop unauthorized downloads via your activex controls change your
default settings.
These settings are good for XP. The wording should be close for other systems
as well.
Go to control panel and open "internet options.
Click on the security tab then custom level.
make sure these settings are as follows.
Download signed active x controls>set to prompt
Download unsigned active x controls>set to disable
Initialize and script active x controls not marked as safe>set to disable
Run active x controls and pluggins>set to enable
Script active x controls marked safe for scripting>set to enable
Java permissions>set to high
Launching programs and files in a IFRAME" > Prompt
Installation of Desktop items"> Prompt
Navigate sub-frames across different domains>prompt
Recovery Console Password- Do this BEFORE you need it! Like maybe now.
On many XP installations you can't start the Recovery Console because it
won't recognize your password. This registry edit causes the Recovery Console
not to ask for a password. This works for both XP Home and XP Professional.
Start | Run | Regedit
Navigate to
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Setup\RecoveryConsole
Set the DWORD SecurityLevel value to 1
Exit Registry and Reboot
Free Firewalls
ZoneAlarm (Free and up)
http://snipurl.com/6ohg
Kerio Personal Firewall (KPF) (Free and up)
http://www.kerio.com/kpf_download.html
Outpost Firewall from Agnitum (Free and up)
http://www.agnitum.com/download/
Sygate Personal Firewall (Free and up)
http://smb.sygate.com/buy/download_buy.htm
NTbackup link
http://www.onecomputerguy.com/software/ntbackup.msi
Erunt- http://home.t-online.de/home/lars.hederer/erunt/index.htm
- Next message: Fede: "hide c W2K3 Terminal Server users"
- Previous message: Shenan Stanley: "Re: Security"
- In reply to: <*((((><{: "KeySnatch & BonziBuddy ??? Please help"
- Next in thread: <*((((><{: "Re: RE: KeySnatch & BonziBuddy ??? Please help"
- Reply: <*((((><{: "Re: RE: KeySnatch & BonziBuddy ??? Please help"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
