Hi i am using bitdefender total sec. 2008 at windows xp sp2.I run ca antispyware from yahoo toolbar and it says that i am infected with KoolyNoody downloader.I have spybot search & destroy 1.6 but doesn't find anything.Then i run bitdefender and finds nothing.What should i do?That downloader appears every 5-7 days.
(All programs have the newest updates)
Please help!!!
Full Version: What To Do?
Hello,
Could you post the location of the infected file?
Cris.
Could you post the location of the infected file?
Cris.
QUOTE (Cris @ Nov 14 2008, 01:28 AM) 
Hello,
Could you post the location of the infected file?
Cris.
Could you post the location of the infected file?
Cris.
If i find it again i will post.It hasn't appeared yet
I have it right now.Here is what ca yahoo antispy says: key:hkey_current_user \software\microsoft\windows\currentversion\internet settings\zonemap\domains\koolynoody.net
I searched registry and I found it .
I searched registry and I found it .
Hello,
SpyBot Search and Destroy has a feature called Imunization.
This feature works like this: it creates in the registry some bogus entries (which, by name, belong to known malware infections). The idea behind this "fake" infections made by SpyBot is exactly like a vaccine for humans: offer the computer a small dose of the virus, so it won't get infected
In other words, if a real infection should arise, the real malware will find the registry entries in the registry and it will "believe" that the system is already infected, so it won't proceed with infecting the system (thus it will remain clean).
So, practically, YahooAntispy (which I'd remove, if I were you, since I never heard that it has a good detection rate) detects a real, but totally harmless, thing.
Because it's not a real infection, BitDefender will not add a signature for this, so it will remain undetected.
It's your choice what you do next:
Personally, I'd go with the first choice: remove Y!ASpy.
Cris.
SpyBot Search and Destroy has a feature called Imunization.
This feature works like this: it creates in the registry some bogus entries (which, by name, belong to known malware infections). The idea behind this "fake" infections made by SpyBot is exactly like a vaccine for humans: offer the computer a small dose of the virus, so it won't get infected
In other words, if a real infection should arise, the real malware will find the registry entries in the registry and it will "believe" that the system is already infected, so it won't proceed with infecting the system (thus it will remain clean).
So, practically, YahooAntispy (which I'd remove, if I were you, since I never heard that it has a good detection rate) detects a real, but totally harmless, thing.
Because it's not a real infection, BitDefender will not add a signature for this, so it will remain undetected.
It's your choice what you do next:
- either keep using SpyBot's Imunization, and remove YahooAntispy from your system
- either quit using SpyBot Imunization
Personally, I'd go with the first choice: remove Y!ASpy.
Cris.
Thank you Cris!
QUOTE (Cris @ Nov 18 2008, 04:07 PM)
Hello,
SpyBot Search and Destroy has a feature called Imunization.
This feature works like this: it creates in the registry some bogus entries (which, by name, belong to known malware infections). The idea behind this "fake" infections made by SpyBot is exactly like a vaccine for humans: offer the computer a small dose of the virus, so it won't get infected
In other words, if a real infection should arise, the real malware will find the registry entries in the registry and it will "believe" that the system is already infected, so it won't proceed with infecting the system (thus it will remain clean).
So, practically, YahooAntispy (which I'd remove, if I were you, since I never heard that it has a good detection rate) detects a real, but totally harmless, thing.
Because it's not a real infection, BitDefender will not add a signature for this, so it will remain undetected.
It's your choice what you do next:
Personally, I'd go with the first choice: remove Y!ASpy.
Cris.
SpyBot Search and Destroy has a feature called Imunization.
This feature works like this: it creates in the registry some bogus entries (which, by name, belong to known malware infections). The idea behind this "fake" infections made by SpyBot is exactly like a vaccine for humans: offer the computer a small dose of the virus, so it won't get infected
In other words, if a real infection should arise, the real malware will find the registry entries in the registry and it will "believe" that the system is already infected, so it won't proceed with infecting the system (thus it will remain clean).
So, practically, YahooAntispy (which I'd remove, if I were you, since I never heard that it has a good detection rate) detects a real, but totally harmless, thing.
Because it's not a real infection, BitDefender will not add a signature for this, so it will remain undetected.
It's your choice what you do next:
- either keep using SpyBot's Imunization, and remove YahooAntispy from your system
- either quit using SpyBot Imunization
Personally, I'd go with the first choice: remove Y!ASpy.
Cris.
Hi,
And thank you, I had to subscribe just to be able to thank you on that one. I've been having CA major problem with all their software a while back, and I'm having it again since the yahoo toolbar is install(there were a lot of other install done that same day, so it was hard to guess which was wrong). I knew of spy-bot's way to work, but never thought it would be the responsable for this(way to speak). No wonder avast and all other scan were all saying my PC was safe. CA was the real "party-downer"
Thanks again
Peace
Ghis
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.