Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Auto Dialer (referred from Malware)


  • Please log in to reply

#16
George S

George S

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
The gateway PC dials out on its own when no other pcs on the network are turned on.

I can stop it from dialing by disabling the network. Once I enable the network (with the other pcs turned off) it dials.

I delete the contents of these folders C:\Documents and Settings\Spector1\Local Settings\Temporary Internet Files\Content.IE5 but left the folders empty because windows gave me a message saying they were system folders.

Thanks
  • 0

Advertisements


#17
audioboy

audioboy

    Member

  • Member
  • PipPipPip
  • 857 posts
hope you dont mind another jump into this, rockster asked me to take a look.

for the most efficient cleaning of internet temp files, plus lots of other crud, use CLEAN UP!

I'm sure the malware guys know this tool, I got it from the malware forums...its great for reclaiming disk space from some of the clutter that builds up in machines as well.

it sounds like you guys have arrived at my only other thought, which is to check the other machines, one or several of them are probably infected.

perhaps an easier way to test that- if you have zonealarm on each machine, just hit the lock internet on each machine, then unlock each one individually until you find which one is trying to dial out.
if you dont have zonealarm on each machine, power 'em down as noahdfear instructed.
  • 0

#18
noahdfear

noahdfear

    Malware Expert

  • Expert
  • 1,316 posts
  • MVP
Hi George,

I got the hosts file. It's a redirector to a [bleep] site for all of the popular search engines. Do rid your PC of it. :tazz:

I ask that you physically disconnect all PCs from the network, including the gateway PC from the switch/hub. Download the beta version of F-Secure Blacklight rootkit scanner/cleaner and run on each PC. Also run MWAV on all PCs. Let us know the results please. We'll need to clean each one separately if infected. **Reconnecting an infected machine to the network can re-infect a clean PC.

Once the gateway computer has been cleared as clean, Reconnect it to the switch/hub and enable the network. Does it initiate a dialup? Reconnect 1 network PC and test. Etc, etc.
  • 0

#19
George S

George S

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
I thought I had found it, but no.

My contention is that since the computer only dials on its own when the network is enabled, then the problem relates to the network. Well, I found a link in My Network Places to ftp:Dell.com. I thought, of course, if this is in the network neighborhood then no wonder the computer dials. Well, I removed the link, and it still dials out. I ran MWAV and there is no spyware or virus. The only thing MWAV notes are invalid objects in the registry that I think are orphaned registry items.

I'll try F-Secure Blacklight
  • 0

#20
George S

George S

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
I THINK I FIXED IT. I was sure that after ruling out malware it had to do something with the network. So, I uninstalled the TCP/IP protocol. This had an effect on ZoneAlarm as well. After reinstalling TCP/IP, ZoneAlarm recognized a new network. I then had to reset to a static IP address for my gateway, reset ZA for Internet Connection Sharing.

I then ran the virus checkers on my client pcs and reestablished the network. So far the gateway is no longer dialing. I don't know what was changed, but the result is great.

Thank you all for all your help!!!!! I very much appreciate it.
George
  • 0

#21
noahdfear

noahdfear

    Malware Expert

  • Expert
  • 1,316 posts
  • MVP
That's good news indeed. Glad you got it resolved. ;)

Thanks for posting back! :tazz:
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP