KoolyNoody Ping Pong

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by hugheylooey, Aug 10, 2008.

  1. hugheylooey

    hugheylooey Private E-2

    Hi folks,

    maybe you can help .....

    I keep seeing KoolyNoody reported in CA AntiSpy, after I've immunised with Spybot. Then, when I delete KoolyNoody in CA-AS, I notice some of the immunise items in Spybot are unchecked. Ping pong and so on.

    The question for me is, is CA-AS seeing it because it's in the Spybot list as protection and therefore should not be deleted from CA-AS, or is something more underhand.

    Thx .. Hugheylooey
     
    hugheylooey, Aug 10, 2008
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Welcome to Major Geeks!

    It would have been more helpful if you told us exactly what CA as deleting. Yes Spybot puts a KoolyNoody entry into the Restricted Zone (RZ) in the registry to block the URL. Thus if what CA is delete is one of the ZoneMap\Domains keys with KoolNoody then CA is incorrect if the value is a 4 which puts it into the RZ.
     
    chaslang, Aug 10, 2008
    #2
  3. hugheylooey

    hugheylooey Private E-2

    Thx all,

    I checked the registry value and it is 4 so it is a false positive.

    Many many thx, I'm calm again!!

    :-D .. Hugheylooey.
     
    hugheylooey, Aug 11, 2008
    #3
  4. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You're welcome. Surf safely!
     
    chaslang, Aug 12, 2008
    #4

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds