Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

DIAL_SWITCH.A - What is is?


  • Please log in to reply

#1
desertkeys

desertkeys

    New Member

  • Member
  • Pip
  • 2 posts
DIAL_SWITCH.A this was detected by our Trend AV software, infected the system32\ntopengl.exe file, but could not be cleaned or deleted. Anybody have any idea what this is.

Trend doe not have a clue. :tazz:

Thanks in advance!
  • 0

Advertisements


#2
ilago

ilago

    Visiting Staff

  • Visiting Consultant
  • 363 posts
Hi desertkeys

It will be easier to help you if you follow the basic steps here http://www.geekstogo...?showtopic=2852

Then you can post a HijackThis log and someone will be able to help you.
  • 0

#3
desertkeys

desertkeys

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
ilago,

I appreciate the response.

However, the system is in Europe, Iím in the S Western US and I have very limited access to it - unless I want to get out of bed at 03:00 AM.

Iím pretty sure I can get rid of the problem with a simple substitution of the infected file. Albeit by having one of the folks there boot the system and do a swap from a floppy. I was just wondering is any one has run up against this particular flavor of malware before since our AV provider is clueless as to what it is.

Getting access to the system is going to be a bit of a nutroll.

Regards all.
  • 0

#4
ilago

ilago

    Visiting Staff

  • Visiting Consultant
  • 363 posts
Hi desertkeys

This is not a system file that needs replacing. This is one of the files used by a Dutch Switch Dialer. It is not a system file that can simply be replaced. There are other entries in a HijackThis log that would be associated with this malware.

Without seeing a whole HijackThis log it would be very difficult to fully remove. Even just deleting that file would not remove this malware.

Would it be possible for the user to post a log direct to us here?

Edited by ilago, 05 February 2005 - 08:29 AM.

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP