Results 1 to 7 of 7

Thread: Trojan Win32.Askyaya

  1. #1
    jackperth Guest

    Default Trojan Win32.Askyaya

    I keep getting this come up with Zone alarm Spyware

    Trojan Win32.Askyaya
    RegistryKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{A2B7A0F0-B697-4A71-8D91-43443F57D7BB}

    I delete it and it does not show again till .
    All the time I am off the net and have manualy deleted it it is not found but as soon as I I dial onto the net it shows up in the registry.
    Any ideas as to what this Registry Key is for?
    Should I be concerned?
    If so what is the best way to rid it from my system please.
    Also, how do I shut of ActiveX?
    Thanks and any help is appreciated.

    Jack

    Operating System:
    Windows XP Home Edition
    Product Name:
    ZoneAlarm Anti-Spyware
    Software Version:


    Message Edited by JackPerth on 10-25-200612:28 AM

  2. #2
    Join Date
    Dec 2005
    Posts
    9,057

    Default Re: Trojan Win32.Askyaya

    Hi

    It appears to be the real malware, Not a False Positive.

    http://www.castlecops.com/tk30113-estAlive_dll.html




    BHO/CLSID/Toolbar Deep Dive
    Field Value
    GUID {A2B7A0F0-B697-4A71-8D91-43443F57D7BB}
    Filename estAlive.dll
    Object Name estAliveObj Class
    Status X BHO
    Description AskYaya aka Estalive adware
    Viewed 411 times since 23 May 2005, 1840 Hours UTC-4.


    STATUS KEY:

    KEY:

    "X" - Certified spyware/foistware, or other malware
    "L" - Legitimate items
    "O" - Open to debate
    "?" - Unknown Status
    "BHO" - Browser Helper Object
    "TB" - Toolbar


    Please look at the details about AskYaya

    http://research.sunbelt-software.com...threatid=46373

    And look at the details about EstAlive


    http://www3.ca.com/securityadvisor/p...x?id=453099221


    Do a search for this using {A2B7A0F0-B697-4A71-8D91-43443F57D7BB} in the Find of the registry and delete them manually. The CLSID sections of the registry are a common hiding places for these types of malware. After deleting the estAlive.dll and the slew of the other related .dlls and any .exes, try using the CCleaner to help remove some of the leftovers...

    http://www.majorgeeks.com/
    CCleaner_Slim_No_Yahoo_Toolbar_English_d4191.html

    An excellent reg cleaner that does covers the CLSID area of the registry is the Abexo Free Registry Cleaner.


    Hope this helps

    Oldsod

    Message Edited by Oldsod on 10-25-2006 04:07 AM

    Operating System:Windows XP Home Edition
    Product Name:ZoneAlarm Anti-Spyware
    Software Version:6.1
    Best regards.
    oldsod

  3. #3
    chippert Guest

    Default Re: Trojan Win32.Askyaya

    I checked CA info you provided link to, nothing they have on their website was in my registry. I searched for all the reg hits CA defines as being part of 'win32.askyaya'.

    I've used the reg cleaner as you suggested, askyaya still pops up after deleting in ZA Pro adware remover.

    Payed good money for ZA Pro, what gives with this?

  4. #4
    Join Date
    Dec 2005
    Posts
    9,057

    Default Re: Trojan Win32.Askyaya

    Hi

    I guess you are the only person in the world to have a false positive??? What gives is no scanner is perfect or ideal.

    I suppose you have set this in the exceptions of the scanner?

    I suppose you have reported this issue to Zone Labs?

    I suppose complaining will work and not reporting this to Zone Labs instead will fix the issue?

    I suppose you realize that this is a ZA users forum only and not an official Zone Labs forum. Hey we are not employees, just users as you are.

    Oldsod
    Best regards.
    oldsod

  5. #5
    shanesl Guest

    Default Re: Trojan Win32.Askyaya

    Thanks for your help

    I tracked it down to "Advanced Window Care" as the one putting it in.

    I deleted the program and all associated with it then rebooted, did a ZA spy check, not found.
    I rebooted a couple times, switching off all power, waiting a few minutes for anything in memory to go.
    I then checked again going online and still no sign of it.

    I then Installed Advanced Windows Care Personal and Walla it was back again. I left it in and did a couple reboots, still there so have now deleted it off my system and will leave it off.
    After may checks it is not being found by ZA spyware or for that matter with a manual search.

    I have taken up your offer and d/l it for future usehttp://www.majorgeeks.com/CCleaner_Slim_No_Yahoo_Toolbar_English_d4191.html
    thanks

  6. #6
    jackperth Guest

    Default Re: Trojan Win32.Askyaya

    Sorry but the reply from shanesl is my mates log in
    He uses this computer and I must have logged with his pass
    Please read Shanesl as mine JackPerth.

  7. #7
    dcspc Guest

    Default Re: Trojan Win32.Askyaya

    I had the same recurring problem whether I was deleting the key manually
    or via the ZA scan option.
    I did notice that each time, SpyDoctor which I have running in the background, issued a popup msg abt an ActiveX control being immunised.
    I created a restore point and the uninstalled SpyDoctor and the problem seems to have been sorted out.
    Don't understand enough to know whether SpyDoctor was somehow responsible for the problem or preventing the cure, but if you're still tearing your hair out over this, consider uninstalling what other antispyware you have running, before attempting to delete the offending key.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •