HELP i have Trojan.win32.dialer hc

Discussion in 'malware problems & news' started by cheater87, Nov 9, 2005.

Thread Status:
Not open for further replies.
  1. cheater87

    cheater87 Registered Member

    Joined:
    Apr 22, 2005
    Posts:
    3,125
    Location:
    Pennsylvania.
    spybot,adaware, msas, AOL anti spyware, or mcafee can't find it or get rid of it. PLEASE HELP
     
  2. TNT

    TNT Registered Member

    Joined:
    Sep 4, 2005
    Posts:
    948
    Try with an online Scan at Kaspersky & try with Ewido.
     
  3. cheater87

    cheater87 Registered Member

    Joined:
    Apr 22, 2005
    Posts:
    3,125
    Location:
    Pennsylvania.
    any other programs that can get rid of it? my trial to spyware sweeper just ran out so i can't scan with it *cries*
     
  4. Bubba

    Bubba Updates Team

    Joined:
    Apr 15, 2002
    Posts:
    11,271
    What program is giving you the indication you have that malware....Pest Patrol ?

    Also....if Pest Patrol....did it give a location ?

    software\microsoft\windows\current version\internet settings\zonemap\domains\sgrunt.biz ?
     
    Last edited: Nov 9, 2005
  5. don'tworry

    don'tworry Guest

    That's a FP. I have Pest Patrol and got that same FP. It's a false positive due to IESpyad. Try to disable IESpyad's protection and scan again and you'll see PP won't detect it anymore.
     
  6. cheater87

    cheater87 Registered Member

    Joined:
    Apr 22, 2005
    Posts:
    3,125
    Location:
    Pennsylvania.
    it was found by AOL anti spyware and i don't have the IEspyad thing
     
  7. Don Pelotas

    Don Pelotas Registered Member

    Joined:
    Jun 29, 2004
    Posts:
    2,257
    Try the free online scanners in my signature.:)
     
  8. Bubba

    Bubba Updates Team

    Joined:
    Apr 15, 2002
    Posts:
    11,271
    If I am not mistaken AOL uses the Pest Patrol engine. Also....that is not just an entry found in IE-Spyad if you are referring to the above registry entry.

    After the scan does not AOL present you with what it found as far as the location ?
     
  9. Primrose

    Primrose Registered Member

    Joined:
    Sep 21, 2002
    Posts:
    2,743

    Don't cry..you are not missing much..:) They still can't get it right..;)

    http://www.dslreports.com/forum/remark,14557500
     
  10. Don Pelotas

    Don Pelotas Registered Member

    Joined:
    Jun 29, 2004
    Posts:
    2,257
    Can any of them, Primrose. Spy Sweeper, CounterSpy SpywareDoctor or PestPatrol. They all seem to issue's with their real-time protection or quite few of FP's.;) :)
     
  11. Primrose

    Primrose Registered Member

    Joined:
    Sep 21, 2002
    Posts:
    2,743

    So true Don..:(
     
  12. cheater87

    cheater87 Registered Member

    Joined:
    Apr 22, 2005
    Posts:
    3,125
    Location:
    Pennsylvania.
    aol does no give you the location it just tells you what it found but its blocking it now so thats good if its not a false positive
     
  13. Rico

    Rico Registered Member

    Joined:
    Aug 19, 2004
    Posts:
    1,701
    Location:
    Texas
    Hi All,

    Heres what I found. AOL Spyware is made by Aluria, they also make "Spyware Elminator" & Spyware Elminator is a licensed copy of PestPatrol.

    I've use PP for quite awhile & have had a number of FP's with it. Jeff Levy a radio ( 1070 AM ) guru, boasts constantly (commerical) for "SpywareElminator." When I downloaded the trial version of Spyware Elminator." It was exactly the same as PP. The folks at StompSoft ( they make BackUPMyPC ) were the tech folks for Spyware Elminator. While on call regarding BackUpMyPC, I posed the question. What's the diff between PP & Spyware Elminator, & was told about the license to market Spyware Elminator as a PP clone.

    Now it looks like Aluria bought StompSoft, & StompSoft had the license for the PP clone, which AOL uses in part.

    Long convoluted story, eh!

    Take Care
    Rico

    P.S. I've chatted with PP tech. a new update will be out soon & I'll bet this will solve our problem, for both of us. I've excluded Trojan.win32.dialer hc in PP.
     
  14. Rico

    Rico Registered Member

    Joined:
    Aug 19, 2004
    Posts:
    1,701
    Location:
    Texas
    Hi All,

    The new PestPatrol update no longer finds "Trojan.win32.dialer.hc" aka "sgrunt.biz" which is protected by IESpyad. Anyway removed the trojan from PP's exclusion list ran the scan (with new update) & the trojan was not flagged.

    Rico
     
  15. safeTsurfa

    safeTsurfa Guest

    Interesting, I just ran PestPatrol and it sees this same trojan, using the latest updates (December 8, 2005). I do not use AOL or IESpyad. So I guess they have not cleared up this problem after all? Meanwhile I will let it quarantine this, then if anything looks like it is broken, I can always release it again.
     
  16. Bubba

    Bubba Updates Team

    Joined:
    Apr 15, 2002
    Posts:
    11,271
    Do you use Spybot's immunization feature ?
     
  17. FanJ

    FanJ Guest

    Yep, my older version of PP gives that FP too (together with several other FP's...):

    =====
    Pest: Trojan.Win32.Dialer.hc
    Pest Info: Category: Dialer Release Date: 10/24/2005 0:00:00
    Background Info: Click here
    File Info: In Registry: HKEY_CURRENT_USER\software\microsoft\windows\currentversion\internet settings\zonemap\domains\sgrunt.biz
    Certainty: Confirmed Threatens: Liability Risk: Low. Advice: Delete or ignore
    Action: Ignored
    =====

    The DWORD is 4

    I don't use Spybot's immunization feature but use some other tools.
     
  18. hitbit

    hitbit Registered Member

    Joined:
    Nov 25, 2005
    Posts:
    35
    Location:
    Dublin Ireland
    Hmmm,
    Aluria are involved. Remember their little deceit with Spyware Elimator and its deliberate failure to identify rubbish from When U, thanks to a cosy arrangement. I wonder did anyone else who objected to there lies and sought a refund ever get their money, I didn't.

    hitbit
     
  19. cheater87

    cheater87 Registered Member

    Joined:
    Apr 22, 2005
    Posts:
    3,125
    Location:
    Pennsylvania.
    yes i have used Spybot's immunization feature.
     
Loading...
Thread Status:
Not open for further replies.