Odd file, located in Program files

Discussion in 'other security issues & news' started by YamnuskaBill, May 6, 2004.

Thread Status:
Not open for further replies.
  1. YamnuskaBill

    YamnuskaBill Registered Member

    Joined:
    May 6, 2004
    Posts:
    6
    I have a file called WWDialUp_iPC_v222.exe located @ c:\Program Files

    I cannot find any info on it any where on the net. I have renamed it WWDialUp_iPC_v222.exx for now.

    Any one with any info/advice, please respond.

    Much and Many thanks

    YB
     
  2. YamnuskaBill

    YamnuskaBill Registered Member

    Joined:
    May 6, 2004
    Posts:
    6
  3. Helpless

    Helpless Registered Member

    Joined:
    May 6, 2004
    Posts:
    6
    Location:
    at computercops.biz ; at wilderssecurity.com ; at
    its indeed hard to find some info on it.
    just give it a scan with : kaspersky , you only need to scan this specific file.

    cu
     
  4. Peaches4U

    Peaches4U Registered Member

    Joined:
    Nov 22, 2002
    Posts:
    5,070
    Location:
    At my computer
    If you have a dial up modem, you might be interested in the following article. It may well be a modem hijacker o_O ... read the following two articles [ there is no copywrite] - keep an eye on your phone bill or better still check with your phone company if there are any unusual long distance called billed to you.

    BBB [Better Business Bureau] Warns Of Modem Jacking
    Every time you go online, whether to do your banking, check in with your office by email, or just surf the web for fun, you open a gateway to your computer which can be a prime target for modem re-dialing (hijacking).

    Most of us use a local phone number when connecting to the Internet through our Internet Service Provider. But, what do you do when you find charges on your phone bill for destinations such as Guyana, Madagascar or Kenya? Connections such as these can be made through your computer modem without your knowledge or approval.

    How can this happen? The Better Business Bureau has received many calls lately from consumers who want to know how to protect themselves.

    Be aware of Internet sites that claim to be “free” or that advertise “no credit card is needed” to gain access. The site prompts you to download a “viewer” or “dial-up plug-in” program. Here’s the catch: once the program is downloaded to your computer, it disconnects the Internet and reconnects to an international long-distance phone number, at rates between $2 and $7 a minute.

    Another way that modem hijacking can occur is through pop-up ads. When you enter the site, read the Terms and Conditions carefully because once you accept them, a computer file may access the communications software on your computer and set up a “dial-up” access on your modem to redial long distance phone numbers. “People don’t realize what has happened until their phone bill arrives. In some cases the charges have been in the thousands of dollars”, said Sheila Charneski, President of the Better Business Bureau.

    The Bureau urges people to take precautionary steps such as:
    Turn off your computer regularly in order to break the connection. Some virus programs wait to start dialing numbers after the system sits idle for a long period of time.
    Install and regularly update anti-virus software.
    Install a firewall.
    If you have dial-up Internet using a second telephone line, have TELUS add full toll restrictions to the line.
    Use pop-up blocking software or a web browser that blocks pop-ups.
    Do not download programs that contain Spyware or Adware (check the Terms & Conditions of the program).
    Keep your operating system up-to-date with the latest patches and security fixes.
    >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
    DIALING FOR DOLLARS-BEWARE!

    LP04059002

    (Chatsworth, ON) A recent incident has prompted Grey County O.P.P. to warn the public about a practice commonly known as "modem hijacking" that can add hundreds if not thousands of dollars to your phone bill.

    A Chatsworth area woman was shocked to receive a telephone bill of over $1,500.00 recently. The phone bill indicated 12 calls to a 1-900 number were made on the 1st of March at a cost of $50.00 each. On the following date there were a total of 27 calls placed. Twelve of those calls went to "Sao Tome" in Africa at a cost of about $97.00 per call. Unfortunately this is a relatively common scenario, although it can be prevented.

    Generally the dialer is installed when someone surfing the net clicks "yes" on a pop up box thereby allowing the "modem hijacking" dialer to be surreptitiously placed in the "Network Connections" folder of your computer. The dialer then waits for a dial tone and dials to call up an expensive long-distance Internet Service Provider (I.S.P.) in place of your local service. This could occur several times a day until you become aware. Bottom line is an exorbitant and unexpected bill.
     
  5. snapdragin

    snapdragin Administrator

    Joined:
    Feb 16, 2002
    Posts:
    8,415
    Location:
    Southern Ont., Canada
    Hi YamnuskaBill, and welcome.

    You could zip up a copy of the file and submit it to submit@diamondcs.com.au for analysis (Include the link back to this thread in the body of the email.) in case it is a new malware file.

    Then I would suggest you follow the instructions HERE for downloading and installing Spybot S&D and/or Ad-Aware, and post a HijackThis log to ensure nothing else installed without your knowledge.

    It wouldn't hurt to do an on-line scan either. You can find free on-line scanners at this link: Free Services

    Regards,

    snap
     
  6. snapdragin

    snapdragin Administrator

    Joined:
    Feb 16, 2002
    Posts:
    8,415
    Location:
    Southern Ont., Canada
    I should have done a search first - I see you already have AdAware and have posted a HJT log
     
Loading...
Thread Status:
Not open for further replies.