spy sweeper finds that stuff in my computer.
altnet
KeenValue/PerfectNav
Anyone knows how to get rid of that shit????
altnet
KeenValue/PerfectNav
Anyone knows how to get rid of that shit????
spyware help
- Thread starter snoopol
- Start date
first thing ...don't download toolbars of any kind..
http://www.safer-networking.com/removePerfectNav.php
http://gilbertwesleypurdy.blogspot.com/2005/04/how-to-remove-keenvalue.html
http://forums.techguy.org/security/497119-spywareaxe-removal.html
http://forums.spybot.info/archive/index.php/t-2479.html
these might help, not sure..don't like recommeding people screwing around w/ registy stuff w/o me knowing the whole situation.....but might be a start..but.......be careful
http://www.safer-networking.com/removePerfectNav.php
http://gilbertwesleypurdy.blogspot.com/2005/04/how-to-remove-keenvalue.html
http://forums.techguy.org/security/497119-spywareaxe-removal.html
http://forums.spybot.info/archive/index.php/t-2479.html
these might help, not sure..don't like recommeding people screwing around w/ registy stuff w/o me knowing the whole situation.....but might be a start..but.......be careful
maybe the gal who knows her stuff really well and is a user here at madjacksports will see this thread and give you more solid advice than i could ever do....im hoping....maybe you should wait couple of hours just in case before doing anything....
Download these 3 programs. Spybot and Ad-Aware are spyware scan and removal programs. I run Spybot and Ad-Aware about once a week
AVG is an anti virus program. It will keep your computer clean and stop intruders. All are free programs..
http://www.download.com/Spybot-Search-Destroy/3000-8022_4-10122137.html
http://www.lavasoftusa.com/software/adaware/
http://free.grisoft.com/doc/1
AVG is an anti virus program. It will keep your computer clean and stop intruders. All are free programs..
http://www.download.com/Spybot-Search-Destroy/3000-8022_4-10122137.html
http://www.lavasoftusa.com/software/adaware/
http://free.grisoft.com/doc/1
I keep getting a BarginBuddy I can't seem to remove......
McAfee daily scans...auto
AD-Aware...daily scan...shows up, I delete
Spy Bot (after Ad-Aware)....Congratulations...clean
ran a free version of grisoft, clean, AD-Aware again Bargain Buddy was still there....TAC rating of 8:scared
WTF do I do.....
McAfee daily scans...auto
AD-Aware...daily scan...shows up, I delete
Spy Bot (after Ad-Aware)....Congratulations...clean
ran a free version of grisoft, clean, AD-Aware again Bargain Buddy was still there....TAC rating of 8:scared
WTF do I do.....
MANUAL REMOVAL:
Identifying the Spyware Program
Download the latest spyware pattern file and scan your system. Note all files detected as SPYW_KEENVAL.A.
Removing * Entries from the Registry
Removing * entries from the registry prevents the spyware from executing during startup.
To remove the spyware * entries:
Open Registry Editor:
To do this:
Click Start>Run, type Regedit, then press Enter.
In the left panel, double-click the following:
HKEY_LOCAL_MACHINE>Software>Microsoft>
Windows>CurrentVersion>Run
In the right panel, locate and delete the entry or entries:
"KeenValue"=" %Program Dir \Common\Files\KeenValue\KeenValue.exe"
Note: %Program Dir% is the Program Files Folder which is usually, C:\Program Files.
Close Registry Editor.
If yah aren't able to terminate the spyware process from memory as described restart your system.
If yah need more help, post here and I'll walk yah through.
Identifying the Spyware Program
Download the latest spyware pattern file and scan your system. Note all files detected as SPYW_KEENVAL.A.
Removing * Entries from the Registry
Removing * entries from the registry prevents the spyware from executing during startup.
To remove the spyware * entries:
Open Registry Editor:
To do this:
Click Start>Run, type Regedit, then press Enter.
In the left panel, double-click the following:
HKEY_LOCAL_MACHINE>Software>Microsoft>
Windows>CurrentVersion>Run
In the right panel, locate and delete the entry or entries:
"KeenValue"=" %Program Dir \Common\Files\KeenValue\KeenValue.exe"
Note: %Program Dir% is the Program Files Folder which is usually, C:\Program Files.
Close Registry Editor.
If yah aren't able to terminate the spyware process from memory as described restart your system.
If yah need more help, post here and I'll walk yah through.
What is Bargain Buddy???
Bargain Buddy AKA Cashback by Bargain Buddy is a piece of adware that allows yah to receive a rebate on purchases from participating merchants. Relevant ads are displayed as popups by the Bullseye Network portion of the software while it has a BHO (browser hijacker object) component to handle 404 errors in the form of a web site called Navisearch. All of these products are part of the Bargain Buddy package run by eXact Advertising.
How Do I Remove Bargain Buddy???
First, uninstall the Bullseye Network, Cashback by Bargain Buddy, and Navisearch from Add/Remove Programs:
1) Click on Start, Settings, Control Panel
2) Choose Add/Remove Programs
3) Select the Bullseye Network and click Add/Remove. During the uninstall you are required to fill out a survey asking why yah uninstalled the product, be careful in answering the Yes/No questions during the uninstall since they are worded in such a way as to make yah keep the product!!!
4) Select Cashback by BargainBuddy and click Add/Remove
5) Select Navisearch and Click Add/Remove
During the uninstall process, you will be presented with several prompts to guide you through uninstalling the product. Read these carefully to make sure you are actually choosing to uninstall rather than keep the software.
6) Unfortunately, even after removing the above items with Add/Remove Programs, the Bullseye Network and other files remain. So, I would strongly suggest yah download and run Spybot Search and Destroy, run it and remove all the left over files that I list below:
eXact Advertising.BargainsBuddy: Library (File, nothing done)
C:\WINDOWS\SYSTEM32\nvms.dll
eXact Advertising.BargainsBuddy: Executable (File, nothing done)
C:\WINDOWS\SYSTEM32\exul.exe
eXact Advertising.BargainsBuddy: Executable (File, nothing done)
C:\WINDOWS\SYSTEM32\exdl.exe
eXact Advertising.BargainsBuddy: Executable (File, nothing done)
C:\WINDOWS\SYSTEM32\bbchk.exe
eXact Advertising.BargainsBuddy: Executable (File, nothing done)
C:\WINDOWS\bbchk.exe
eXact Advertising.BargainsBuddy: Library (File, nothing done)
C:\WINDOWS\SYSTEM32\mscb.dll
eXact Advertising.BargainsBuddy: Library (File, nothing done)
C:\WINDOWS\SYSTEM32\msbe.dll
eXact Advertising.BargainsBuddy: Autorun settings (BullsEye Network) (Registry value,nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\BullsEye Network
eXact Advertising.BargainsBuddy: Browser helper object (Registry key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AEECBFDA-12FA-4881-BDCE-8C3E1CE4B344}
eXact Advertising.BargainsBuddy: Browser helper object (Registry key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CE188402-6EE7-4022-8868-AB25173A3E14}
eXact Advertising.BargainsBuddy: Browser helper object (Registry key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4E04583-354E-4076-BE7D-ED6A80FD66DA}
eXact Advertising.BargainsBuddy: Class ID (Registry key, nothing done)
HKEY_CLASSES_ROOT\CLSID\{AEECBFDA-12FA-4881-BDCE-8C3E1CE4B344}
eXact Advertising.BargainsBuddy: Class ID (Registry key, nothing done)
HKEY_CLASSES_ROOT\CLSID\{CE188402-6EE7-4022-8868-AB25173A3E14}
eXact Advertising.BargainsBuddy: Class ID (Registry key, nothing done)
HKEY_CLASSES_ROOT\CLSID\{F4E04583-354E-4076-BE7D-ED6A80FD66DA}
eXact Advertising.BargainsBuddy: Interface (Registry key, nothing done)
HKEY_CLASSES_ROOT\Interface\{C6906A23-4717-4E1F-B6FD-F06EBED15678}
eXact Advertising.BargainsBuddy: Interface (Registry key, nothing done)
HKEY_CLASSES_ROOT\Interface\{8EEE58D5-130E-4CBD-9C83-35A0564E5678}
eXact Advertising.BargainsBuddy: Root class (Registry key, nothing done)
HKEY_CLASSES_ROOT\NLS.UrlCatcher.1
eXact Advertising.BargainsBuddy: Root class (Registry key, nothing done)
HKEY_CLASSES_ROOT\NLS.UrlCatcher
eXact Advertising.BargainsBuddy: Root class (Registry key, nothing done)
HKEY_CLASSES_ROOT\CB.UrlCatcher.1
eXact Advertising.BargainsBuddy: Root class (Registry key, nothing done)
HKEY_CLASSES_ROOT\CB.UrlCatcher
eXact Advertising.BargainsBuddy: Root class (Registry key, nothing done)
HKEY_CLASSES_ROOT\ADP.UrlCatcher.1
eXact Advertising.BargainsBuddy: Root class (Registry key, nothing done)
HKEY_CLASSES_ROOT\ADP.UrlCatcher
eXact Advertising.BargainsBuddy: Settings (Registry key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\eXactUtil
eXact Advertising.BargainsBuddy: Type library (Registry key, nothing done)
HKEY_CLASSES_ROOT\TypeLib\{4EB7BBE8-2E15-424B-9DDB-2CDB9516B2C3}
7) After removing these leftover files, Bargain Buddy, the Bullseye Network, and Navisearch should now be completely removed from your computer!!!
Good Luck!!!
Bargain Buddy AKA Cashback by Bargain Buddy is a piece of adware that allows yah to receive a rebate on purchases from participating merchants. Relevant ads are displayed as popups by the Bullseye Network portion of the software while it has a BHO (browser hijacker object) component to handle 404 errors in the form of a web site called Navisearch. All of these products are part of the Bargain Buddy package run by eXact Advertising.
How Do I Remove Bargain Buddy???
First, uninstall the Bullseye Network, Cashback by Bargain Buddy, and Navisearch from Add/Remove Programs:
1) Click on Start, Settings, Control Panel
2) Choose Add/Remove Programs
3) Select the Bullseye Network and click Add/Remove. During the uninstall you are required to fill out a survey asking why yah uninstalled the product, be careful in answering the Yes/No questions during the uninstall since they are worded in such a way as to make yah keep the product!!!
4) Select Cashback by BargainBuddy and click Add/Remove
5) Select Navisearch and Click Add/Remove
During the uninstall process, you will be presented with several prompts to guide you through uninstalling the product. Read these carefully to make sure you are actually choosing to uninstall rather than keep the software.
6) Unfortunately, even after removing the above items with Add/Remove Programs, the Bullseye Network and other files remain. So, I would strongly suggest yah download and run Spybot Search and Destroy, run it and remove all the left over files that I list below:
eXact Advertising.BargainsBuddy: Library (File, nothing done)
C:\WINDOWS\SYSTEM32\nvms.dll
eXact Advertising.BargainsBuddy: Executable (File, nothing done)
C:\WINDOWS\SYSTEM32\exul.exe
eXact Advertising.BargainsBuddy: Executable (File, nothing done)
C:\WINDOWS\SYSTEM32\exdl.exe
eXact Advertising.BargainsBuddy: Executable (File, nothing done)
C:\WINDOWS\SYSTEM32\bbchk.exe
eXact Advertising.BargainsBuddy: Executable (File, nothing done)
C:\WINDOWS\bbchk.exe
eXact Advertising.BargainsBuddy: Library (File, nothing done)
C:\WINDOWS\SYSTEM32\mscb.dll
eXact Advertising.BargainsBuddy: Library (File, nothing done)
C:\WINDOWS\SYSTEM32\msbe.dll
eXact Advertising.BargainsBuddy: Autorun settings (BullsEye Network) (Registry value,nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\BullsEye Network
eXact Advertising.BargainsBuddy: Browser helper object (Registry key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AEECBFDA-12FA-4881-BDCE-8C3E1CE4B344}
eXact Advertising.BargainsBuddy: Browser helper object (Registry key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CE188402-6EE7-4022-8868-AB25173A3E14}
eXact Advertising.BargainsBuddy: Browser helper object (Registry key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4E04583-354E-4076-BE7D-ED6A80FD66DA}
eXact Advertising.BargainsBuddy: Class ID (Registry key, nothing done)
HKEY_CLASSES_ROOT\CLSID\{AEECBFDA-12FA-4881-BDCE-8C3E1CE4B344}
eXact Advertising.BargainsBuddy: Class ID (Registry key, nothing done)
HKEY_CLASSES_ROOT\CLSID\{CE188402-6EE7-4022-8868-AB25173A3E14}
eXact Advertising.BargainsBuddy: Class ID (Registry key, nothing done)
HKEY_CLASSES_ROOT\CLSID\{F4E04583-354E-4076-BE7D-ED6A80FD66DA}
eXact Advertising.BargainsBuddy: Interface (Registry key, nothing done)
HKEY_CLASSES_ROOT\Interface\{C6906A23-4717-4E1F-B6FD-F06EBED15678}
eXact Advertising.BargainsBuddy: Interface (Registry key, nothing done)
HKEY_CLASSES_ROOT\Interface\{8EEE58D5-130E-4CBD-9C83-35A0564E5678}
eXact Advertising.BargainsBuddy: Root class (Registry key, nothing done)
HKEY_CLASSES_ROOT\NLS.UrlCatcher.1
eXact Advertising.BargainsBuddy: Root class (Registry key, nothing done)
HKEY_CLASSES_ROOT\NLS.UrlCatcher
eXact Advertising.BargainsBuddy: Root class (Registry key, nothing done)
HKEY_CLASSES_ROOT\CB.UrlCatcher.1
eXact Advertising.BargainsBuddy: Root class (Registry key, nothing done)
HKEY_CLASSES_ROOT\CB.UrlCatcher
eXact Advertising.BargainsBuddy: Root class (Registry key, nothing done)
HKEY_CLASSES_ROOT\ADP.UrlCatcher.1
eXact Advertising.BargainsBuddy: Root class (Registry key, nothing done)
HKEY_CLASSES_ROOT\ADP.UrlCatcher
eXact Advertising.BargainsBuddy: Settings (Registry key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\eXactUtil
eXact Advertising.BargainsBuddy: Type library (Registry key, nothing done)
HKEY_CLASSES_ROOT\TypeLib\{4EB7BBE8-2E15-424B-9DDB-2CDB9516B2C3}
7) After removing these leftover files, Bargain Buddy, the Bullseye Network, and Navisearch should now be completely removed from your computer!!!
Good Luck!!!
:mj03: ......I might need more help...scan is running, I work again tomorrow, I'll report here Sunday pm...thanks KMA..
this was all that appearred on the right panel'
Name Type Data
ab (Default) REG_SZ value not
set
ab, above was in red with a border around it....:mj03:
Tried the Control Panel, Add/Remove Programs feature and none of these programs
'First, uninstall the Bullseye Network, Cashback by Bargain Buddy, and Navisearch from Add/Remove Programs:'
were there.........:mj01:
Ran another Ad-Aware scan this eve., there it was again. Checked further about it in Ad-Aware, it stated some versions may not be able to be uninstalled........:mj13:
KMA
I got rid of the rat.....
advertising was the key word.....through a Miller Lite link.....
MILLER LITE....THIS BUD's for YOU and your sneaky ass Advertising Agency :mj06:
I'll check again Monday am and let you know KMA, I think you got me through it, Thank You!....I'm scanned out and calling it a night....:bed:
I got rid of the rat.....
advertising was the key word.....through a Miller Lite link.....
MILLER LITE....THIS BUD's for YOU and your sneaky ass Advertising Agency :mj06:
I'll check again Monday am and let you know KMA, I think you got me through it, Thank You!....I'm scanned out and calling it a night....:bed:
Had to be the Miller Brewing site...got rid of it..off a Miller Lite link & download, advertising agent was there in Add/Remove Programs.
Visited another Miller Brewing Co site, no download, but BargainBuddy reappears.....spent this morning digging deeper into the scans and I am able to say....
I am BarginBuddy Free.........no more Miller sites for me...
Thanks KMA for your help
Visited another Miller Brewing Co site, no download, but BargainBuddy reappears.....spent this morning digging deeper into the scans and I am able to say....
I am BarginBuddy Free.........no more Miller sites for me...
Thanks KMA for your help
LOL What the **** did I even post??? I am sorry, I guess I was more tired than I thought. I'm glad that did the trick for ya!!!
LOL I know what I posted about the tech help, I was referring to the post where I said I was so tired. It makes NO sense at all!!!
just saw your reply KMA. Is it safe to mess with the registry. Don't want to **** up something.
Thanks.
Thanks.
