Solved

How do I remove eZula in WinXP

Posted on 2004-08-03
3
1,881 Views
Last Modified: 2013-11-16
1) eZula will not die!

2) I'm running Windows XP Pro (svc pk 2) on this machine.

3) I've been repeatedly running the following two Spy/Ad-ware Scan/Removal Utilities:

a) AdAware (v.6.181)
b) SpyBot (v.1.3)

4) I've Immunized the machine with SpyBot.

5) I've implemented SpyWareBlaster (v.3.2).

6) In Internet Explorer, the following two items are UnChecked:

a) Enable Install On Demand (Internet Explorer)
b) Enable Install On Demand (Other)

7) I’ve removed all Registry entries containing any eZula reference(s) [after making sure it was ok to delete them - be very careful when "fooling" with the Registry, it can be an extremely unforgiving beast].

8) I’ve repeatedly searched for the following files to no avail (I can’t find them anywhere):

a) stub.exe
b) ezstub.exe
c) ezulaboot.dll

9) I’m running Symantec/Norton Internet Security Pro 2004, but I know that won’t/doesn’t help in some Spy/Ad-ware and Trojan situations.

10) All of the above referenced programs/utilities have the most up-to-date definition files.

No matter what I've done, eZula keeps reactivating/installing itself within seconds/minutes of "Removal".

What can be done?

I know I’m probably overlooking something relatively simple…but what?

Please help me, I know eZula may-or-may-not be "malicious"...but it's highly annoying and unnerving!

I can provide you with a HiJack-This log-file if necessary.

I thank you in advance for any and all insights you might be willing and able to provide.

Regards,

David
(excuse the "difficult" classification if this is child's play to you, frustration rules!)
0
Comment
Question by:thecybermonkey
  • 2
3 Comments
 
LVL 67

Accepted Solution

by:
sirbounty earned 250 total points
ID: 11712013
Yes, please post the hijackthis log.
Also, make sure you are running these tools in safe mode (Start-Run-MSConfig and choose Safe Boot from the BOOT.INI tab and reboot)
You might also have better luck with this tool: http://aboutyourbreakup.com/xcleaner.html
But, above all - make sure that you are updating these tools before you attempt to clean your system with them...
0
 

Author Comment

by:thecybermonkey
ID: 11712330
SirBounty,

Ah yes...good ole' Safe Mode.

What was I thinking!?

I knew it was something obvious and simple.

Thanks for reminding me.

And thanks for the heads-up regarding XCleaner. Cool utility!

I ran everything in Safe Mode (AdAware, SpyBot, and XCleaner) just to be sure, and voila!, my machine she's as clean as a baby's bottom...well, you know what I mean.

I hope this post helps others who find themselves similarly frustrated.

Writing code, applets, or programs like eZula isn't hip, cool, or professional -- it's crude, obnoxious, and insidious.

Regards,

David
0
 
LVL 67

Expert Comment

by:sirbounty
ID: 11712548
>>my machine she's as clean as a baby's bottom...well, you know what I mean.<<
Having a two-year-old that we're potty-training, yes - I know EXACTLY what you mean...LOL
Glad you got it sorted.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
reverse email lookup 8 66
Wordpress Security 29 46
Using GMail for Scanning 5 26
Home security 15 41
One of the biggest threats facing all high-value targets are APT's.  These threats include sophisticated tactics that "often starts with mapping human organization and collecting intelligence on employees, who are nowadays a weaker link than network…
In this increasingly digital world, security hacks are no longer just a threat, but a reality. As we've witnessed with Target's big identity hack 2013, Heartbleed in 2015, and now Cloudbleed, companies and their leaders need to prepare for the unthi…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

792 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question