Windows Thread, Malware/Adware or Spyware Computer Infected in Technical; Hello
well yesterday when I got home, switched my PC on as usual, then in XP tried to open my ...
28th May 2008, 09:28 AM #1
Malware/Adware or Spyware Computer Infected
well yesterday when I got home, switched my PC on as usual, then in XP tried to open my opera browser,, nothing happens, tried open my Firefox, nothing happens, so opened IExplorer everything looked fine, but when I did a search in Yahoo, the results were normal but all the hotlinks were pointing to completely wrong destinations, it happened I found a browser Object Helper installed on IE, DZTOOL with a nasty dll blingen.dll in system32, so moments later discovered that I could not access many security websites, could not update my ZoneAlarm, could not update my Adaware, so installed Spyboot with no joy, then Hijackthis, it found the entry for that dztool, remove it, and deleted the ofending files, restarted problem solved? nope, my antivirus had updated well the night before so I ran a full scan (6 hours!!!) nothing found, only usual cookies.
so I decided to start in windows Vista (got dual boot), I used Avast and McAfee Internet Security.... nothing found.....
and I ran out of time lastnight so the problem is still there.... cannot get rid of that DZTOOL and blingen.dll has anyone experienced this infection before??
uhmmm I can see a Windows Reinstallation coming soon
IDG Tech News
28th May 2008, 09:52 AM #2
In the first instance I would (Install &) update these 3 (they're all free)
SpyBot Download Spybot Search & Destroy 1.5.2 - FileHippo.com
A Squared Free Download a-squared Free 126.96.36.199 - FileHippo.com
AdAware SE Personal Download Ad-Aware 2008 188.8.131.52 - FileHippo.com
Turn off System Restore (if this is dual boot machine, you'll probably have to do it in both OSs) and boot in Safe Mode
Run all 3 and remove everything they find. Fingers crossed.
See where you after that.
28th May 2008, 10:29 AM #3
My favorite way of dealing with this kind of thing is using a fully up to date UBCD for Windows CD, booting the system off CD and letting it scour the drive with all of the anti malware tools. (you will need a clean pc to build it on though)
Thia way you are sure to not spread the infection and you can run the full sweep of the hard drive from a clean, safe copy of Windows qnd SFC can't get in the way. If you have a Windows HAL compatible network card you can even download the latest definitions as you need them from the net.
28th May 2008, 11:40 AM #4
Thank you I will give a try with Squared Free because I already tried with spybot and adaware.
will also give a go with that CD.
28th May 2008, 02:45 PM #5
Maybe not needed in this case but I find this Unlocker software invaluable for getting rid of crap which is in use / resident etc that cant be deleted normally
UNLOCKER 1.8.7 BY CEDRICK 'NITCH' COLLOMB
28th May 2008, 02:59 PM #6
Also handy Rootkit Revealer from SysInternals (now Microsoft) in case there's something intercepting any calls to AV software.
HiJackThis will also help show up the offending nasties
|MG| HijackThis 1.99.1
Once you know what you're infected with then hop onto Google on another PC and find removal instructions, usually takes a few tools to do the trick depending on how deep rooted the problem is. There's one or two forums that crop up with really useful tools people seem to have developed to clear the crap off your machine
Only thing with the tools above is that you do need to know what you're looking for, it's an instinct you develop with time when the offending item stands out like a sore thumb in the list even though to most people it looks perfectly normal...
Also as above SpyBot S&D is quality, AdAware good as well. I usually go with those 2 plus Windows Defender (although I doubt it's effectiveness tbh) along with AVG plus Zonealarm which keeps the system running nicely
Last edited by gshaw; 28th May 2008 at 03:04 PM.
28th May 2008, 03:18 PM #7
Others that may help are
XCleaner (30 day free trial) Trial Request
CWShredder (free) Download CWShredder 2.19 - FileHippo.com
Stinger (free) http://us.mcafee.com/virusInfo/default.asp?id=stinger
* note for observers - if you are trying get rid of nasties, turn off System Restore before you start as they often lurk there and then reinfect! Running these utilities in Safe Mode reduces the opportunity for nasties to avoid detection and removal.
29th May 2008, 12:13 AM #8
Update, it is midnight and finally got rid of it,, welll I went into my Vista boot and installed Kaspersky Internet Security , before that I uninstalled Mcafee because it did nothing. well after 2 hours scanning, Kaspersky found 2 little files, cannot remember the names, but one was a dll inside system32 folder, but another one with the extension .sys it was in a rather peculiar and unusual location (C:\WINDOWS\Installer\$PatchCache$\Managed\0CB67C9 D-5E1F-4963-93D1-F1D3B78F0313) a hidden system folder!!!
anyway, thanks for your suggestions, I learnt of new tools to add to our Strategic Missile Defence System....... well just to protect the Computer system.....
So I went to buy a copy of Kaspersky Internet Security 3 user license that will replace my ZoneAlarm Internet Security.. ,will use it after my one month trial expires.
Last edited by MyDejaVu; 29th May 2008 at 12:17 AM.
29th May 2008, 12:49 PM #9
Well done... glad you got it sorted in the end.
30th May 2008, 11:29 AM #10
Do folk still use Spybot? It used to be part of my arsenal but I stopped using it about 18 months ago. Is it still worthwhile?
Originally Posted by gshaw
As for Windows Defender; I used to question it's effectiveness until I went on a server 2008 demo. There was a chap that there worked alongside, but not for Microsoft. He pointed out that because so many users have an MS operating sytem, Microsoft receive more reports of malware etc than all the other companys combined. Add to this the fact that they poached most of the top folk from McAfee (if I recall correctly), and it suggests that Windows Defender is a worthwhile tool to have. That and the fact that it's free.
Apparently the removal tools that you may have noticed in windows update each month, quietly scan your system in the background and reports infections back to Big Bad Balmer and his gang.
Saying that, I've never actually found any infections after running Windows defender, so I'd never rely solely on it.
30th May 2008, 07:44 PM #11
By cookie_monster in forum General Chat
Last Post: 9th May 2008, 01:23 PM
By VGeek in forum Windows
Last Post: 21st September 2007, 08:10 AM
By speckytecky in forum General Chat
Last Post: 6th December 2006, 08:15 PM
By mrtechsystems in forum Windows
Last Post: 29th July 2005, 01:02 PM
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)