+ Post New Thread
Results 1 to 11 of 11
Windows Thread, Malware/Adware or Spyware Computer Infected in Technical; Hello well yesterday when I got home, switched my PC on as usual, then in XP tried to open my ...
  1. #1
    MyDejaVu's Avatar
    Join Date
    Apr 2007
    Location
    Mexico
    Posts
    106
    Thank Post
    1
    Thanked 4 Times in 4 Posts
    Rep Power
    16

    Malware/Adware or Spyware Computer Infected

    Hello

    well yesterday when I got home, switched my PC on as usual, then in XP tried to open my opera browser,, nothing happens, tried open my Firefox, nothing happens, so opened IExplorer everything looked fine, but when I did a search in Yahoo, the results were normal but all the hotlinks were pointing to completely wrong destinations, it happened I found a browser Object Helper installed on IE, DZTOOL with a nasty dll blingen.dll in system32, so moments later discovered that I could not access many security websites, could not update my ZoneAlarm, could not update my Adaware, so installed Spyboot with no joy, then Hijackthis, it found the entry for that dztool, remove it, and deleted the ofending files, restarted problem solved? nope, my antivirus had updated well the night before so I ran a full scan (6 hours!!!) nothing found, only usual cookies.

    so I decided to start in windows Vista (got dual boot), I used Avast and McAfee Internet Security.... nothing found.....
    and I ran out of time lastnight so the problem is still there.... cannot get rid of that DZTOOL and blingen.dll has anyone experienced this infection before??


    uhmmm I can see a Windows Reinstallation coming soon


    Regards

  2. #2

    elsiegee40's Avatar
    Join Date
    Jan 2007
    Location
    Kent
    Posts
    10,226
    Thank Post
    1,926
    Thanked 2,426 Times in 1,776 Posts
    Rep Power
    842
    In the first instance I would (Install &) update these 3 (they're all free)

    SpyBot Download Spybot Search & Destroy 1.5.2 - FileHippo.com
    A Squared Free Download a-squared Free 3.5.0.15 - FileHippo.com
    AdAware SE Personal Download Ad-Aware 2008 7.1.0.8 - FileHippo.com

    Turn off System Restore (if this is dual boot machine, you'll probably have to do it in both OSs) and boot in Safe Mode

    Run all 3 and remove everything they find. Fingers crossed.

    See where you after that.

  3. #3

    SYNACK's Avatar
    Join Date
    Oct 2007
    Posts
    11,271
    Thank Post
    884
    Thanked 2,749 Times in 2,322 Posts
    Blog Entries
    11
    Rep Power
    785
    My favorite way of dealing with this kind of thing is using a fully up to date UBCD for Windows CD, booting the system off CD and letting it scour the drive with all of the anti malware tools. (you will need a clean pc to build it on though)

    Thia way you are sure to not spread the infection and you can run the full sweep of the hard drive from a clean, safe copy of Windows qnd SFC can't get in the way. If you have a Windows HAL compatible network card you can even download the latest definitions as you need them from the net.

  4. #4
    MyDejaVu's Avatar
    Join Date
    Apr 2007
    Location
    Mexico
    Posts
    106
    Thank Post
    1
    Thanked 4 Times in 4 Posts
    Rep Power
    16
    @ elsiegee40
    Thank you I will give a try with Squared Free because I already tried with spybot and adaware.

    @sinack
    will also give a go with that CD.

    Thanks

  5. #5

    RabbieBurns's Avatar
    Join Date
    Apr 2008
    Location
    Sydney
    Posts
    5,532
    Thank Post
    1,341
    Thanked 470 Times in 307 Posts
    Blog Entries
    6
    Rep Power
    200
    Maybe not needed in this case but I find this Unlocker software invaluable for getting rid of crap which is in use / resident etc that cant be deleted normally

    UNLOCKER 1.8.7 BY CEDRICK 'NITCH' COLLOMB

  6. #6
    gshaw's Avatar
    Join Date
    Sep 2007
    Location
    Essex
    Posts
    2,726
    Thank Post
    176
    Thanked 229 Times in 211 Posts
    Rep Power
    69
    Also handy Rootkit Revealer from SysInternals (now Microsoft) in case there's something intercepting any calls to AV software.

    http://www.microsoft.com/technet/sys...tRevealer.html

    HiJackThis will also help show up the offending nasties

    |MG| HijackThis 1.99.1

    Once you know what you're infected with then hop onto Google on another PC and find removal instructions, usually takes a few tools to do the trick depending on how deep rooted the problem is. There's one or two forums that crop up with really useful tools people seem to have developed to clear the crap off your machine

    Only thing with the tools above is that you do need to know what you're looking for, it's an instinct you develop with time when the offending item stands out like a sore thumb in the list even though to most people it looks perfectly normal...

    Also as above SpyBot S&D is quality, AdAware good as well. I usually go with those 2 plus Windows Defender (although I doubt it's effectiveness tbh) along with AVG plus Zonealarm which keeps the system running nicely
    Last edited by gshaw; 28th May 2008 at 04:04 PM.

  7. #7

    elsiegee40's Avatar
    Join Date
    Jan 2007
    Location
    Kent
    Posts
    10,226
    Thank Post
    1,926
    Thanked 2,426 Times in 1,776 Posts
    Rep Power
    842
    Others that may help are

    XCleaner (30 day free trial) Trial Request
    CWShredder (free) Download CWShredder 2.19 - FileHippo.com
    Stinger (free) http://us.mcafee.com/virusInfo/default.asp?id=stinger

    Good luck

    * note for observers - if you are trying get rid of nasties, turn off System Restore before you start as they often lurk there and then reinfect! Running these utilities in Safe Mode reduces the opportunity for nasties to avoid detection and removal.

  8. #8
    MyDejaVu's Avatar
    Join Date
    Apr 2007
    Location
    Mexico
    Posts
    106
    Thank Post
    1
    Thanked 4 Times in 4 Posts
    Rep Power
    16
    Update, it is midnight and finally got rid of it,, welll I went into my Vista boot and installed Kaspersky Internet Security , before that I uninstalled Mcafee because it did nothing. well after 2 hours scanning, Kaspersky found 2 little files, cannot remember the names, but one was a dll inside system32 folder, but another one with the extension .sys it was in a rather peculiar and unusual location (C:\WINDOWS\Installer\$PatchCache$\Managed\0CB67C9 D-5E1F-4963-93D1-F1D3B78F0313) a hidden system folder!!!

    anyway, thanks for your suggestions, I learnt of new tools to add to our Strategic Missile Defence System....... well just to protect the Computer system.....

    So I went to buy a copy of Kaspersky Internet Security 3 user license that will replace my ZoneAlarm Internet Security.. ,will use it after my one month trial expires.
    Last edited by MyDejaVu; 29th May 2008 at 01:17 AM.

  9. #9

    elsiegee40's Avatar
    Join Date
    Jan 2007
    Location
    Kent
    Posts
    10,226
    Thank Post
    1,926
    Thanked 2,426 Times in 1,776 Posts
    Rep Power
    842
    Well done... glad you got it sorted in the end.

  10. #10
    AyatollahPies's Avatar
    Join Date
    Jan 2008
    Location
    Earth
    Posts
    900
    Thank Post
    48
    Thanked 105 Times in 95 Posts
    Rep Power
    43
    Quote Originally Posted by gshaw View Post
    Also handy Rootkit Revealer from SysInternals (now

    Also as above SpyBot S&D is quality, AdAware good as well. I usually go with those 2 plus Windows Defender (although I doubt it's effectiveness tbh) along with AVG plus Zonealarm which keeps the system running nicely
    Do folk still use Spybot? It used to be part of my arsenal but I stopped using it about 18 months ago. Is it still worthwhile?

    As for Windows Defender; I used to question it's effectiveness until I went on a server 2008 demo. There was a chap that there worked alongside, but not for Microsoft. He pointed out that because so many users have an MS operating sytem, Microsoft receive more reports of malware etc than all the other companys combined. Add to this the fact that they poached most of the top folk from McAfee (if I recall correctly), and it suggests that Windows Defender is a worthwhile tool to have. That and the fact that it's free.

    Apparently the removal tools that you may have noticed in windows update each month, quietly scan your system in the background and reports infections back to Big Bad Balmer and his gang.

    Saying that, I've never actually found any infections after running Windows defender, so I'd never rely solely on it.


  11. #11

    mac_shinobi's Avatar
    Join Date
    Aug 2005
    Posts
    10,053
    Thank Post
    3,585
    Thanked 1,123 Times in 1,025 Posts
    Rep Power
    377



SHARE:
+ Post New Thread

Similar Threads

  1. Vista security credentials tarnished in malware survey
    By cookie_monster in forum General Chat
    Replies: 0
    Last Post: 9th May 2008, 02:23 PM
  2. Adware Winlogin.exe
    By VGeek in forum Windows
    Replies: 13
    Last Post: 21st September 2007, 09:10 AM
  3. Spyware
    By speckytecky in forum General Chat
    Replies: 5
    Last Post: 6th December 2006, 09:15 PM
  4. Spyware/Adware in Schools
    By mrtechsystems in forum Windows
    Replies: 22
    Last Post: 29th July 2005, 02:02 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •