1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

Dialler and bloodhound

Discussion in 'Security and Privacy' started by eddieb243, 2004/05/22.

Thread Status:
Not open for further replies.
  1. 2004/05/22
    eddieb243

    eddieb243 Inactive Thread Starter

    Joined:
    2004/03/01
    Messages:
    11
    Likes Received:
    0
    two problems folks- if any one can help would be appreciated:
    1-picked up dialler.exe somewhere-Norton discovered it and "no action taken" according to virus log- checking this out further - it is a **** dialer that dials numbers( usually overseas and expensive)- tried to quarentine( Quar.failed)-looked for it and found it on my C drive- opened it and it showed a **** page that can be used to dial- dial-a- ****-tried dto delete teh file but it wont delete- popup says in use by Windows-closed internet connection- tried to delete while offline- same popup-
    Im thinking that the only way I will be able to delete this file is in DOS and change the file ext from .exe to .bak and then delete-only thing is Im not DOS literate- anyone able to give me a step by step procedure to use DOS to accomplish this task? I am running Win 98 OS
    2-Outlook Express caught W32 Beagle in an e-mail and deleted it- only thing is that it seems to have another program called Bloodhound Packed piggy backed to it- after searching Symantec web- am not sure if bloodhound is a anti-virus program or the virus itself-any comments?-
     
  2. 2004/05/22
    PeteC

    PeteC SuperGeek Staff

    Joined:
    2002/05/10
    Messages:
    28,896
    Likes Received:
    389
    If you have not already done so download and immediately update Spybot and Ad-aware - links in my sig. Run both and delete all they find. In Spybot use the Immunise feature to block a load of baddies.

    Configure Ad-aware like this

    Any problems, post back.
     

  3. to hide this advert.

  4. 2004/05/23
    Lonny Jones

    Lonny Jones Inactive Alumni

    Joined:
    2002/12/16
    Messages:
    2,252
    Likes Received:
    0
  5. 2004/05/28
    eddieb243

    eddieb243 Inactive Thread Starter

    Joined:
    2004/03/01
    Messages:
    11
    Likes Received:
    0
    Thank you gentlemen for your suggestions- Im doing on step at a time- I DL Spybot and it found numerous problems- I have one concern- when I DL Spybot it gave me a message on install- Warning: if you remove advertising robots w/ this prog. you may not be allowed to continue using thier host programs. -I have a web site hosted by Geo-cities-will any of teh following apply?
    Link synergy
    Advertising.com
    Avenue A,Inc
    BFast
    Core Metrics
    Hit Box
    Media Plex
    Value Click
    Web Trends Live
    all the above are 1 or more tracing cookies
    The other Items found show registry keys or directories or registry changes they are:
    Double-click:registry change
    DSO Exploit; Registrychange
    Retriver; registry vlue
    Spyware Nuker 2 reg.keys and 1 dir
    C2.lop ;reg key
    Alexia related ;file replacement
    Common Hijacker; redirected host-auto search MSN
    Dialler; 10 entrys
    Wild Tangent; 4 dir-2reg. key
    XerOx; reg key setting
    Zoo; 2 reg change IE serch URL
    Are all teh above items safe to delete and not mess up my use of geocities website?-
     
  6. 2004/05/28
    Lonny Jones

    Lonny Jones Inactive Alumni

    Joined:
    2002/12/16
    Messages:
    2,252
    Likes Received:
    0
    I have no idea with web-development

    Provided you are uptodate and IE is also,, if you the fix the DSO then on subsequent scans if it keeps showing up you can exclude it

    the other please do fix them,, SpyBot and Adaware make backups so if there are any problems they can be put back. if you do remember to reboot again.
     
  7. 2004/05/28
    PeteC

    PeteC SuperGeek Staff

    Joined:
    2002/05/10
    Messages:
    28,896
    Likes Received:
    389
    Your web site is on another computer - not yours. The warning refers to programs running on your computer - and you don't want those tracking cookies!
     
  8. 2004/05/28
    noahdfear

    noahdfear Inactive

    Joined:
    2003/04/06
    Messages:
    12,178
    Likes Received:
    15
    ALL are safe to delete, and should be. Same with everything Ad-aware finds. :)
     
  9. 2004/06/04
    eddieb243

    eddieb243 Inactive Thread Starter

    Joined:
    2004/03/01
    Messages:
    11
    Likes Received:
    0
    Big Thanks

    sorry gentlemen - it has taken so long to respond- Spybot worked great-it Quarenteened all teh files with one exception-Dialler-Dialler.exe wouldnt delete until I deleted all associatd files through Spybot- then I was able to delete teh .exe file also-I checked all teh problem files that Spybot found -looked in the registry for the added keys and changes- GONE-the Adware found the bad files in Spybot but after deleting them -ran Adware again and they were gone from Spybot-I didnt wannt to delete some of the files that Adware foundas noahdfear suggested -some of them looked like regular MSN windows files-I also went to the additional virus sites that were recommended but for some reason some of the files that it wanted to create wouldnt go through- I'll try that again some other time though- -Thanks again for all your help- it was greatly appreciated


    One other item- does any one have a response Re: the second part of my original question concerning Bloodhound Packed?
     
    Last edited: 2004/06/04
  10. 2004/06/04
    noahdfear

    noahdfear Inactive

    Joined:
    2003/04/06
    Messages:
    12,178
    Likes Received:
    15
    From what I can make of it, Bloodhound is a scanning technology that identifies a potential unknown virus, in portable packed files. So basically it found what 'might be' a new virus attached to said email. Here's the link for Symantec.

    http://securityresponse.symantec.com/avcenter/venc/data/bloodhound.packed.html?Open

    Most likely MRU's, or most recently used files, used by the advertisers and spammers to see what you do and where you go so they can target you with specific ads and spam. Ad-aware will rarely, if ever, identify something that is not some type of security threat, hence the recommendation to delete everything it finds. :)
     
  11. 2004/06/04
    markp62

    markp62 Geek Member Alumni

    Joined:
    2002/05/01
    Messages:
    4,012
    Likes Received:
    16
    Yes, they employ deception to keep their nasty little programs on your system, make them sound like something you need, like SysUpd.Exe [a dialer].
     
  12. 2004/06/05
    charlesvar

    charlesvar Inactive Alumni

    Joined:
    2002/02/18
    Messages:
    7,024
    Likes Received:
    0

    That's the problem with Ad-Aware scanning "archive" files - AAW deletes SpyBot's backups.

    Regards - Charles
     
Thread Status:
Not open for further replies.

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.