[kd1966]

I am having a beast of a time w/ clients XP Home system; among other trojans, virus files, and spyware/malware/adware/junkware.............I was able to get rid of the majority of virus stuff, but this dang dialer...........

The [bleep] dialer starts of system startup and tries to autodial (Clients just close the program) I notice that dialer.exe runs in processes until the dialer prog. is closed The "obvious" places where the program installs itself are on the desktop, start menu, and in the directory \ecommerce.

There is also a process called eetu.exe which cannot be stopped/halted; all spyware and virus removers used only delete the "obvious" places the file is installed, but every reboot, it comes back. I don't have a Hijackthis log for their computer; I just want to know if anyone has any experience with this particular dialer and how to PERMANENTLY get rid of it. I am considering going to safe mode and running some antivirus/spyware progs, but not sure if that will do anything different than what is done in normal mode.
I just got off the phone with the people and it seems the dialer has been on since December 2004, so my theory of system restore is pretty shot........

[Advertisements]

Welcome to GTG.

We need that HijackThis log. But before you give us that, you have to run through some preliminaries first. Read the first link in my signature.

[greyknight17]

Welcome to GTG.

We need that HijackThis log. But before you give us that, you have to run through some preliminaries first. Read the first link in my signature.

[kd1966]

Yes, I read the steps, unfortunately, I saw those yesterday evening (I'm new here) and I actually have done most of the steps you outline. The particular computer is a generic XP Home without ANY service packs, and I did not want to make things worse by installing SP2 with the trojan still active.

I did go into the safe mode this morning and run the anti trojan, spybot, adaware SE, and a full virus scan with avast! home edition, along with searching for the phrases in the registry that matched the names of spyware and the trojan dialer. Alas, this did not get rid of the trojan dialer (eCommerce\dialer.exe) which I believe is being supported by the eetu.exe process that cannot be stopped/halted, even though MS antispy was able to stop eetu.exe from popping up the dialer the next time.

The people want a working system, so I backed up their personal documents on CD and tomorrow will wipe the HD and reinstall XP. I only wish I had seen this forum about 3 days ago, as it really looks like you all are the real experts on virus/malware/trojan removal. Until next time, thanks!!

[greyknight17]

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.