Hello.
I am having a very annoying situation with dialer.bzb . I have tried everything (ewido,ad-aware,spybot,avg, ms antispyware) but nothing yet. I am posting my hijackthis log to take a look.
View attachment 8401
I believe that a solution can be found here.
Thanks in advance.
Sorry for posting right after my own post but i believe i fixed it.
In the hijack log there is an entry:
020 - Winlogon Notify: winmyy32 - c:\windows\system32\winmyy32.dll
I fixed it and deleted the file with killbox after reboot.
It all seems to be going well now.
After seeing some other posts for dialer.bzb i think i found the way the trojan works and a general solution.
Once it infects the system it creates a file named winxxx32.dll. Where xxx 3 random letters. (Mine was winmyy32, another one i found was winzzc32). I found this after i checked all the files in winlogon notify process and this was the only one to be created yesterday at the time the trojan infected my system.
Then it injects itself in the winlogon process with this name and this path
c:\windows\system32\winxxx32.dll
I believe that fixing this entry with hijack and deleting the file with killbox after full scanning your system can remove the dialer.bzb threat.
I am waiting for the fix to be confirmed and i hope i helped.
I am having a very annoying situation with dialer.bzb . I have tried everything (ewido,ad-aware,spybot,avg, ms antispyware) but nothing yet. I am posting my hijackthis log to take a look.
View attachment 8401
I believe that a solution can be found here.
Thanks in advance.
Sorry for posting right after my own post but i believe i fixed it.
In the hijack log there is an entry:
020 - Winlogon Notify: winmyy32 - c:\windows\system32\winmyy32.dll
I fixed it and deleted the file with killbox after reboot.
It all seems to be going well now.
After seeing some other posts for dialer.bzb i think i found the way the trojan works and a general solution.
Once it infects the system it creates a file named winxxx32.dll. Where xxx 3 random letters. (Mine was winmyy32, another one i found was winzzc32). I found this after i checked all the files in winlogon notify process and this was the only one to be created yesterday at the time the trojan infected my system.
Then it injects itself in the winlogon process with this name and this path
c:\windows\system32\winxxx32.dll
I believe that fixing this entry with hijack and deleting the file with killbox after full scanning your system can remove the dialer.bzb threat.
I am waiting for the fix to be confirmed and i hope i helped.
