Dialer in system32?

Discussion in 'ewido anti-spyware beta forum' started by aigle, May 31, 2006.

Thread Status:
Not open for further replies.
  1. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    Ewido 4 beta finds the following dialer in my system 32-- seems to be false positive as it is present even in my basic RollbackRx snapshot.
    Anybody has an idea?
    Seems to be some programme preinstalled by toshiba( it,s toshiba satellite M70 laptop. Clicking the icon does try to dial a dial up connection but I don,t know it is really a malware or not?
     

    Attached Files:

    Last edited by a moderator: May 31, 2006
  2. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    Jotti,s scan and VirusTotal scan results of first file.
     

    Attached Files:

    Last edited by a moderator: May 31, 2006
  3. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    Jotti,s scan and VirusTotal scan results of 2nd file.
     

    Attached Files:

  4. btman

    btman Registered Member

    Joined:
    Feb 11, 2006
    Posts:
    576
    Could you send it in to BitDefender? www.bitdefender.com has live support and they should give you an email of where to send the file in a compressed file. I was getting mixed results about a certain file and some of jotti's scanners detected it while others didnt, Bit Defender told me it was a gaming protection file and not malware and so I contacted the other places and it was declared f/p. Also could you try a squared free 1.6.5 run update, scan and post results if you don't like bit defender or something lol...
     
  5. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    Ok thanks. I will try. to me seems false positive. It is sure a dialer but might be an ad put by toshiba and it does not dial on its own.
     
  6. karl.ewido

    karl.ewido former ewido team

    Joined:
    Dec 9, 2005
    Posts:
    236
    Location:
    Germany
  7. websnail

    websnail Registered Member

    Joined:
    Nov 4, 2005
    Posts:
    3
    The dialler it's picked up is one I've had some dealings with following some hassles with a clients machine.

    It's a legitimate application in so much as BTinternet (BT Yahoo now) install it from their ISP installation disk along with something called BT Modem Lock. The dialler and modem lock, work to stop any other diallers (including other ISP settings in WinXP) from dialling out.

    It's a neat feature but it is being seen as malware by some anti-spyware vendors including Ewido...
     
  8. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    You are right as i got it preinstalled from toshiba.
     
  9. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    As websnail said it is false positive. I wil send u a copy.
     
Thread Status:
Not open for further replies.