Dialer opens unasked

Discussion in 'privacy problems' started by r2b, Feb 26, 2005.

Thread Status:
Not open for further replies.
  1. r2b

    r2b Registered Member

    Joined:
    Dec 27, 2004
    Posts:
    14
    The problem is that when I am not connected to the internet, almost any button I push on the Desktop first causes a dialer box to open and only after I close it does the command I gave get carried out. Sometimes the dialer box opens even w/o my pushing any button. Is this a spyware problem or a Windows problem, and does anyone have any suggestions to solve it?


    I have run every common security program available including Adaware, Spybot, Spyware blaster, Spywareguard, Sysclean (Trendmicro), Norton AV 2003, Spysweeper (Webroot), Bazooka, CWshredder, IE-Spyads, plus I have hosts and proxy-auto-config. files and Sygate Personal Firewall loaded. Nothing has helped so far.

    Thanks.
     
  2. snapdragin

    snapdragin Administrator

    Joined:
    Feb 16, 2002
    Posts:
    8,415
    Location:
    Southern Ont., Canada
    Hi spanner,

    So r2b doesn't accidently delete a legitimate file as in the dialer.exe, which belongs to Microsoft's Phone Dialler application: WinTasks Process Library - dialer/dialer.exe it would be better to have him go to a site where he can post a HijackThis log for deeper analysis since the security apps he has scanned with has not revealed anything malicious. It could be a new variant of a malware dialer not yet in a scanner's detection database, or it could be as simple as a configuration settings that needs to be looked at, or a connection application reinstalled. But this way he would be absolutely sure, which is what we aim for.

    Since malicious dialers can cost a person hundreds of dollars while they are connected to the internet, the best thing to do is have a spyware removal Expert review his log and determine exactly what he could be dealing with before anything is deleted manually.

    r2b, if you haven't already, you can try going through the cleaning steps in this thread: General Cleaning Instructions, print out the instructions, disconnect from the internet and run your security scanners in safe mode.

    If nothing is detected then followup with posting a Hijackthis log at one of the sites that offer free HijackThis analysis in this link: http://www.a-sap.org/

    Two of the larger forums for HijackThis log processing, (meaning they process more log threads each day than many others) are: SpywareInfo.com and CastleCops.com.

    Whichever site you decide to go to, please be sure and follow their posting policy and guidelines before you post your hijackthis log.

    Let us know how you do.

    Regards,

    snap
     
  3. r2b

    r2b Registered Member

    Joined:
    Dec 27, 2004
    Posts:
    14
    Yes, Snapdragon, and hello,

    The only dialer I found was the microsoft dialer which I certainly do not want to delete.

    I will post a hijackthis log, and rescan again (for the umpteenth time) in safe mode with system restore disabled.

    Thanks and I will let you know if I find out anything.
     
  4. snapdragin

    snapdragin Administrator

    Joined:
    Feb 16, 2002
    Posts:
    8,415
    Location:
    Southern Ont., Canada
    Hi spanner,

    Since google searches can turn up a variety of information on a given file name - some of them being quite scarry - a person who may think they are infected could accidently react too quickly and delete the wrong file.

    I didn't believe r2b would be too quick in making such a decision either and would investigate it further before deleting anything. But for the benefit of other's that may read this thread, when it comes to ANY suggestions of deleting files, I would prefer to be on the safe side and suggest a HJT log be reviewed.

    Glad to see you feel the same way. ;)

    Regards,

    snap
     
  5. Hi, about this kind of dialers, I think they are very new, because I had one, and I think this was in a video in fact two, It activated when I opened it with videolan, and then, in the moment I went out of internet the dialer activated and a program called "checkdialer" detected it and stopped it, I use the white list in it. if I didn´t open the video it didn´t get activated.
    I deleted the video(s), and it didn´t came back anymore.
    As r2b, I tryed to find it with many programs as e-scan, bit defender, e-trust, a2, ewido, spysweeper, bazooka, ad-aware, spybot, and many others, AND I DIDN´T FOUND IT WITH THEM.
    So I tought I could be something that I download with a p2p and it was a video(s), so as I said I deleted it, and it never came back.
    Probably there is a new way to hide dialers into videos or files that can´t be detected by anti virus, anti trojans or any other programs of this kind.
    In fact it did happened two times, two videos, and that was the only way to get rid of them.
    I don´t know if that is the case for r2b. coud it be?
     
  6. kareldjag

    kareldjag Registered Member

    Joined:
    Nov 13, 2004
    Posts:
    622
    Location:
    PARIS AND ITS SUBURBS
    Hi,

    As said Snapdragin, delete only what you're sure to delete.
    Dialers are not a proble if you take a little time to configure your coonection:

    Start-Settings-Control Panel: Double-click on "Internet Options (see the image);
    select"Connections" and click on "Never dial a connection".

    After that, you'll have to enter your connection's passwoerd and to launch your browser.

    If you're quite paranoiac about this problem, there is a soft (among many others) from Swisscom which can prevent these dialers problems:

    http://www.swisscom-fixnet.ch/fx/privatkunden/dienste/dialerschutz/Index.html

    Hope this helps

    Regards
     

    Attached Files:

  7. spy1

    spy1 Registered Member

    Joined:
    Dec 29, 2002
    Posts:
    3,139
    Location:
    Clover, SC
    zorro zorrito - Email me the names of the videos (if you still remember them) and I'll try d/l'ing them and seeing what's up.

    You really need to submit stuff like that instead of just deleting it. Pete
     
  8. r2b

    r2b Registered Member

    Joined:
    Dec 27, 2004
    Posts:
    14
    Maybe I did not give enough details. I connect via ADSL and often stay connected for long periods of time, The dialer that opens is aimed at the internet, and I only see it when I am offline. However the fact that I don't see it when I am connected does not mean that nothing is being sent without my knowlege.
    As to videos, as far as I know I don't have any, at least none that were intentionally downloaded.
    The swisscom program is for dialup connections, not ADSL.
     
Thread Status:
Not open for further replies.