PDA

View Full Version : Ad Aware & Spybot problem


MadGamer
27-07-2004, 18:43
Ok, i just recently did a scan with Ad Aware 6.0 and Spybot S&D and found some unusual results. I found Top Moxie which was a reg entry and VX2 which was a file. Both of these were Data Minor Files and one was located within the following directory.

Vendor: VX2 Category: Data Miner Object Type: File Size: 65536 Bytes Location: c:\windows\system32\bdlz4012.exe

The other is as follows:

Vendor: Top Moxie Category: Data Miner Object Type: Reg Key Size: - Location: Software/Microsoft/Internet Explorer/Menu EXT/Web Rebates/

I then found an entry within Spybot S&D which is in the follwoing file attached.

Ok when i try and delete this also my Firewall (ZA) Reports that an installer is trying to gain access. Cant give you the name as i have deleted the entry from the firewalls program menu.

Ramrod
27-07-2004, 19:35
Nope, can't help you there m8. Sorry :(
You need someone more knowledgeable than me :dunce:

paulyoung666
27-07-2004, 19:44
can you right click and delete the exe file ??????????

MadGamer
27-07-2004, 19:49
Thats the thing i dont know where it is. I could try doing a search for it though.

Tezcatlipoca
27-07-2004, 19:54
Erm, doesn't your first post say where it is?

c:\windows\system32\bdlz4012.exe

Or do you mean the installer?

Anyway.

Is c:\windows\system32\bdlz4012.exe running in the background? Can you kill the process & then delete it?

Try booting into Safe Mode (F8 when you turn the PC on / boot up), & then running AdAware, SpyBot, etc.

paulyoung666
27-07-2004, 19:58
Erm, doesn't your first post say where it is?



Or do you mean the installer?

Anyway.

Is c:\windows\system32\bdlz4012.exe running in the background? Can you kill the process & then delete it?

Try booting into Safe Mode (F8 when you turn the PC on / boot up), & then running AdAware, SpyBot, etc.


i was wondering that as well , safe mode has to be the place to go i reckon , or maybe a quick google about the said file might help :)

MadGamer
27-07-2004, 20:36
Ok found the file in the processes menu by the name of webrebates0.exe. It leads to a directory on the C drive as

C:\Program Files/Web_Rebates

Also a file in the directory of C:\Windows\PREFETCH

Tezcatlipoca
27-07-2004, 20:39
Try stopping it & then deleting it (& the Web Rebates directory).


Also, you can safely delete the entire contents of the Prefetch folder (but don't delete the actual folder itself).

As I said above, try scanning while in Safe Mode if you are unable to remove anything.

MadGamer
27-07-2004, 21:09
Update: I have deleted the pesky spyware but can anyone recommend a prog that deletes entries from starting up?

Tezcatlipoca
27-07-2004, 21:14
Here's something which will give you info on stuff that runs at start-up:

"Startup Inspector for Windows" - http://www.windowsstartup.com/

MadGamer
27-07-2004, 21:21
Here's something which will give you info on stuff that runs at start-up:

"Startup Inspector for Windows" - http://www.windowsstartup.com/
Thanks for that removed a lot of stuff that didnt need to startup (Looking at the key or legend as we tend to call it) Thread can be closed.

Tezcatlipoca
27-07-2004, 21:35
Glad it helped.


Thread Closed, as requested.