 |
Home
Articles
Spyware Research
Support
Scan Now
Purchase
F.A.Q.
Top 25 Spyware:
Glossary Latest Detections  |
 |
Adware/Spyware/BHO/BonziBuddyAlias: BonziBuddy
Description: Adware/Spyware/BHO/BonziBuddy installs and monitors your internet surfing and delivers adds based on what you've searched for. Threat type: Adware - Adware is a software application which displays advertisements on your computer. Advertisements can be displayed through pop-up / pop-under windows, additional bars or toolbars, underlined links or buttons that appear on a computer screen. Adware applications include additional code that delivers the ads. Adware authors earn money when users click on those ads. Occasionally, adware includes code that tracks user's site visits and passes it to third parties without the user's permission or knowledge. BHO - A Browser Helper Object (BHO) is a software application that runs automatically whenever you start Internet Explorer. Browser Helper Objects are typically installed by other programs such as toolbar accessories and can track internet usage, create popup windows, display additional information on a viewed page and collect information that is transmitted by you over the internet. Malicious software that exploits this technology can replace banner advertisements with other ads, monitor your actions, change your home page, etc. Spyware - Spyware is any software application that gathers information from the user's PC and transmits it to the Spyware author (usually hackers, but sometimes corporations). The information is gathered and transmitted without the user's knowledge or consent. Spyware applications may steal sensitive corporate information and transmit it to competitors. Spyware also degrades PC performance and can consume huge amounts of bandwidth, especially on corporate servers. Toolbar - A Toolbar is a group of buttons that performs different tasks. Unwanted toolbars are usually installed by adware programs that try to send users to their paying advertisers. Advice: Remove This is a very high risk threat and should be removed immediately as to prevent harm to your computer or your privacy. Detection: SpyNoMore detects Adware/Spyware/BHO/BonziBuddy: Yes Threat risk: Medium Risk  Potentially dangerous malware. May collect sensitive user information and broadcast data back to a server with "opt-out" permission. Category includes most adware programs. Symptoms: Adware/Spyware/BHO/BonziBuddy displays commercial advertisements. Adware/Spyware/BHO/BonziBuddy changes browser settings. Adware/Spyware/BHO/BonziBuddy hides from the user and stays resident in background.
Running Process Signatures: N/A File Signatures: %STARTUP%\bonzibuddy.lnk %WINDOWS%\system32\bonzitapfilters.dll %WINDOWS%\bbshortcut.ico %PROFILE%\administrator\start menu\programs\bonzibuddy\bonzibuddy.lnk %WINDOWS%\windows\svcwms.exe %WINDOWS%\system\bonzitapfilters.dll %STARTUP%\umax vistaaccess.lnk %WINDOWS%\start menu\programs\bonzibuddy.lnk %COMMON_PROGRAMS%\bonzibuddy.lnk %DESKTOPDIRECTORY%\finish installing....lnk %WINDOWS%\desktop\bonzibuddy.lnk %DESKTOPDIRECTORY%\bonzibuddy.lnk %WINDOWS%\desktop\free bonzibuddy.lnk %STARTUP%\messenger-pro 3.lnk %STARTUP%\finish installing....lnk %DESKTOPDIRECTORY%\download bonzibuddy now - free!.lnk %COMMON_PROGRAMS%\bonzibuddy\bonzibuddy.lnk %WINDOWS%\system32\webcompass.dll %COMMON_PROGRAMS%\bonzibuddy\uninstall bonzibuddy.lnk %WINDOWS%\windows\prefetch\svcwms.exe %WINDOWS%\system\webcompass.dll Registered Dll (Dynamic Link Library) Signatures: N/A Folder Signatures: %PROGRAM_FILES%\bonzibuddy %PROFILE%\start menu\programs\bonzibuddy %PROGRAM_FILES%\bonzi.com web compass %PROGRAM_FILES%\audiogalaxy satellite Registry Signatures: HKCR\clsid\{fe56c7a2-aaf1-47f2-9b68-4057d7ff5b4a} HKCR\clsid\{57da7e73-b94f-49a2-9fef-9f4b40c8e221} HKCR\clsid\{f91f3264-454b-45be-a402-fe0e56bb9315} HKCR\interface\{916694a9-8ad6-11d2-b6fd-0060976c699f} HKCR\bonzibdy.document HKCR\clsid\{f4900f96-055f-11d4-8f9b-00104ba312d6} HKCR\clsid\{962f96f8-624c-4b0e-b055-f2f1d1deff0e} HKCR\bonzitapfilters.clsbonzicontent HKCR\clsid\{f8b44545-c2e0-46c3-b78b-11e821c9d2e1} HKCR\clsid\{50a2c2b1-5a56-4183-b1d0-3f59877bad60} HKCR\bonzitapfilters.clsfiltration HKCR\bonzitapfilters.clscommandsetiehomepage HKCR\interface\{0a45db4e-bd0d-11d2-8d14-00104b9e072a} HKCR\interface\{120c5484-09ba-4936-98b9-1b0c15c9ce5e} HKCR\clsid\{837cca31-1813-40ea-80bc-aba9d97cb64b} HKCR\bonzictbhelper.clsbonzictbhelper HKCR\bonzibuddy.clsclickthebutton HKCR\interface\{b2676d5b-8d53-4569-af2c-a55a0d90c132} HKCR\clsid\{e509d0e0-da02-4d16-ba63-70f23cac74c8} HKCR\.bbma HKCR\interface\{9fbcd665-010a-4c21-be40-9de2bdf34e50} HKCR\clsid\{cb6f59f9-fa69-4d14-9d96-4bb3190e3df5} HKCR\bonzitapfilters.clscommandspeak HKCR\clsid\{d3cd5f89-bfe3-4bad-ac10-25751a08811c} HKCR\bonzitapfilters.clscontent HKCR\typelib\{f4900f5d-055f-11d4-8f9b-00104ba312d6} HKCR\bonzimail_messagefile HKCR\interface\{86e5d751-02eb-11d3-a464-0080c858f182} HKCR\.bonzimail_message HKCR\clsid\{5d11b6dc-358a-44b3-b2ac-22b5dcbc936b} HKCR\clsid\{82ca10ae-d2f8-441e-a01d-4dfc46f37612} HKCR\interface\{cb6f59f9-fa69-4d14-9d96-4bb3190e3df5} HKCR\clsid\{d985e1b8-e314-4d36-b095-ebd4c5295f69} HKCR\clsid\{3b89ad5a-42a2-4258-9242-d67eb0c80442} HKCR\interface\{fdf3d1e0-2da2-4238-af4f-026670289749} HKCR\interface\{8cfc92fa-7057-4a98-a3be-9c34d3d255fd} HKCR\bonzitapfilters.clscommandplay HKCR\bonzitapfilters.clscommandraiseevent HKCR\bonzibuddy.clsaddressbook HKCR\bonzitapfilters.clscommandclosetoast HKCR\interface\{e91e27a2-c5ae-11d2-8d1b-00104b9e072a} HKCR\interface\{22df5084-12bc-4c98-8044-4fad06f4119a} HKCR\interface\{17b3c2cb-6697-4736-bee7-69f363f1f35e} HKCR\interface\{28e4193c-f276-4568-bcdc-dd15d88fadcc} HKCR\clsid\{53f082c5-72fe-49d5-a34f-c054cad30dd0} HKCR\interface\{f4900f95-055f-11d4-8f9b-00104ba312d6} HKCR\interface\{6a96c266-f125-4d60-8be0-c247349a7ce4} HKCR\interface\{4bbfaacc-619c-4a9d-a32c-a8b3453ce783} HKCR\interface\{565029f7-d84e-4edc-bf87-a204645da3ea} HKCR\interface\{f4043742-ac8d-4f86-88e9-f3fd3369dd8c} HKCR\bonzibuddy.ccalendarvbperiod HKCR\bonzibuddy.clsstoryreader HKCR\interface\{8db2224e-d2fa-4b2e-8402-085ea7cc826b} HKCR\typelib\{aab7faed-91f8-4591-8e4c-9291d2b7f381} HKCR\clsid\{e26dd3cd-b06c-47ba-9766-5f264b858e09} HKCR\interface\{f4900f69-055f-11d4-8f9b-00104ba312d6} HKCR\clsid\{86e5d750-02eb-11d3-a464-0080c858f182} HKCR\bonzibuddy.cperiods HKLM\software\microsoft\windows\currentversion\uninstall\bonzibuddy HKCR\bonzibuddy.clsbbplayer HKCR\interface\{f4900f66-055f-11d4-8f9b-00104ba312d6} HKCR\clsid\{f4900f6a-055f-11d4-8f9b-00104ba312d6} HKCR\bonzibuddy.clsregistration HKCR\clsid\{f4900f8d-055f-11d4-8f9b-00104ba312d6} HKCU\software\vb and vba program settings\bonzibuddy HKCR\bonzitapfilters.clscommanddownloadfile HKCR\interface\{6dc6a7a5-0862-406e-8fd9-e4d5adb93aed} HKCR\interface\{d7ba20a4-7049-416f-a7e4-97530442d62f} HKCR\clsid\{22eb59ae-1cb8-4153-9dfc-b5ce048357cf} HKCR\clsid\{f77a2b0f-476c-4536-beb1-2cb17ca6bcbc} HKCR\interface\{0a45db4d-bd0d-11d2-8d14-00104b9e072a} HKCR\software\microsoft\windows\currentversion\explorer\browser helper objects\{a28c2a31-3ab0-4118-922f-f6b3184f5495} HKCR\bonzitapfilters.clstapevent HKCR\bonzibuddy.ccalendarvbperiods HKCR\interface\{f4900f6b-055f-11d4-8f9b-00104ba312d6} HKCR\interface\{159c2806-4a71-45b4-8d4e-74c181cd6842} HKCR\bonzibuddy.cperiod HKCR\clsid\{f2394898-748d-4415-8ce8-65e429445b33} HKLM\software\bonzi software HKCR\interface\{bd6f0855-7792-4131-a06f-aa2a991e0549} HKCR\interface\{3d08842d-983e-4226-8d6e-612965eb32d9} HKCR\bonzitapfilters.clscommandmsgboxonno HKCR\clsid\{7c3845b5-4b34-43ce-99de-3bfad5308e68} HKCR\clsid\{a28c2a31-3ab0-4118-922f-f6b3184f5495} HKCR\bonzibuddy.clsdownloadmanager HKCR\interface\{7679e16d-9af0-439d-be07-7bff15459c59} HKCR\bonzitapfilters.clscommandmsgbox HKCR\clsid\{856b6cbe-b0c1-4b4d-8586-2d6e9df3e4f2} HKCR\interface\{dacb7a39-cc0d-4b85-908b-10d2451761a5} HKCR\interface\{f4900f68-055f-11d4-8f9b-00104ba312d6} HKCR\clsid\{6a96c266-f125-4d60-8be0-c247349a7ce4} HKCR\clsid\{f5a31f2f-122f-4615-a9b7-90841538ec7c} HKLM\software\microsoft\windows\currentversion\explorer\browser helper objects\{a28c2a31-3ab0-4118-922f-f6b3184f5495} HKCR\clsid\{7b6b6079-a483-43f4-9376-1cc374ba3600} HKCR\registrycontrol.regicon HKCR\clsid\{aab7faed-91f8-4591-8e4c-9291d2b7f381} HKCR\interface\{0570bf7b-e1bf-4ef3-bc37-7ae3f54bd605} HKCR\clsid\{f4900f67-055f-11d4-8f9b-00104ba312d6} HKCR\interface\{86e5d74f-02eb-11d3-a464-0080c858f182} HKCR\bonzitapfilters.clssubscription HKCR\bonzitapfilters.clscommandhttppost HKCR\clsid\{aaa403c6-03b3-11d3-a465-0080c858f182} HKCR\interface\{44279f35-8ed3-4234-9d61-069ae93efbec} HKCR\interface\{f4900f8c-055f-11d4-8f9b-00104ba312d6} HKCR\clsid\{210787c2-92b0-4776-8e80-14c02174893d} HKCR\clsid\{a7aa73e0-f6f9-4967-b209-aa1b11c47dcf} HKCR\interface\{a4e0988e-24be-4570-b4d8-982f1386e0c6} HKCR\typelib\{86e5d740-02eb-11d3-a464-0080c858f182} HKCR\bonzitapfilters.clscommandopenweb HKCR\clsid\{a031fbf6-81a7-4440-9e20-51abb2289e4b} HKCR\interface\{8e71a3f9-cecf-4dc4-accf-3dd01c843a45} HKCR\clsid\{f4900f5d-055f-11d4-8f9b-00104ba312d6} HKCR\bonzitapfilters.clscommandshowtoast HKCR\typelib\{50a2c2b1-5a56-4183-b1d0-3f59877bad60} HKCR\interface\{89e800de-5c96-4802-8da6-2cf50c9d19af} HKCR\interface\{916694a8-8ad6-11d2-b6fd-0060976c699f} HKCR\interface\{a56be8e7-6b37-43dd-88f4-6d42e57ca1d7} HKCR\bonzitapfilters.clscommandmsgboxonyes HKCR\interface\{993d6cac-49a8-40d9-bd97-405281136e78} HKCR\interface\{6549f504-c43a-43f3-b8cd-d077af0427c8} HKCR\mime\database\content type\application/bonzi-mail-message SpyNoMore Collected Residual File Signatures: N/A
| | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| ||||
|
||||
 |
|
 | ||