Deleting a Dial Up connection Icon

I have an unwanted Dial Up connection displayed when I view Control Panel / Network Connections.

As it is no longer used, is it possible to delete it? I have tried right-clicking and selecting 'Delete' which seems to work for a few days and then, for no apparent reason, the old icon and the unwanted connection are displayed yet again.


I can see all of the details in C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Connections\Pbk\rasphone.pbk

Comparing the contents before and after deleting the unwanted connection shows that all of the relevant information is in fact deleted from the rasphone.pbk file. Is there perhaps a backup copy somewhere that could be be being resurrected at times.

If so, where, and why?


TIA

 

Two Ways to Delete Almost Anything

1. Safe Mode
2. MoveOnBoot

HTH
Johanna

 

"A buffer overrun condition exists in Microsoft’s RAS phonebook (rasphone) implementation that can compromise the affected system. If an attacker logs on to an affected server and modifies a phonebook entry using specially malformed data and makes a connection using this modified phonebook entry, the attacker can run the data as code by the system under LocalSystem security privileges.

VENDOR RESPONSE

The vendor, Microsoft, has released Security Bulletin MS02-029 (Unchecked Buffer in Remote Access Service Phonebook Could Lead to Code Execution) to address this vulnerability and recommends that affected users download and apply the appropriate patch mentioned in the bulletin. " (Source.

That information along with some other stuff I found indicates either spyware or a trojan of some sort. I suspect spyware, trying to dial out on its own.

First, if you haven't already, go to the Windows Update site (Internet Explorer>Tools>Windows update) and get all the critical updates. The other update categores are optional.

Then download, install, immediately update and then run Spybot and/or Ad-Aware. Read the help files to familiarize yourself with how they work. I recommend you use them both since each tends to find things the other misses. Let them clean up any spyware found.

If you don't have an up-to-date anti-virus program installed to do a complete system scan, there are free online scans at Panda and Housecall.

 

Thanks, but I've got SP1 and the relevant files are already at the date/version level quoted in KB318138.

The problem persists. Is it possible that there is some form of System Restore involved or is there a Registry entry/entries that are reconfigured?

As I said, not desperate, but now I'm chasng it down I don't like to feel that MS have won.

 

As I said in my first post, I suspect spyware. **** dialers are real good at sneaking in even without going to any **** sites. Although unlikely, it could also be some program on your computer that's set up to update itself automatically and is trying to use it's own dialer to do it.

Regularly scanning with Spybot and Ad-Aware is part of ordinary maintenance for any computer with internet access anyway.

 

A contrary view

I don't think you should delete the dialup icon because you never know when you will need it. Check for spyware, etc., and if all that is clear just leave it be. It will never bother you. I have the same situation on my computer where I use a DSL line, but I also have other phone numbers in my house and if the DSL line goes out, I have a backup.

 

No, the problem was that the 'unwanted' icon was for an ADSL connection, which I then reconfigured as a new icon.

In effect, I have one 'good' icon which I use for my ADSL connection, and one 'old and unwanted' icon, which only went live once, for the same ADSL set up.

In addition I have an 'ordinary' dial up connection for emergencies, which is rarely used. In fact, for that connection I only connect the modem to the phone line when actually required, as, if you like, the ultimate defence against unknown, and undetect, (by Norton, heave forfend), dial outs.

 

This is now really bugging me.

Deletiion seems to be a process of trying to avoid resurrection. I have also tried just renaming the connectoid, (because there was a name error in the original, and all that happens is that yet another connectoid is produced.

I see that there are a number of references to the 'unwanted' stuff in the registry. Would it be harmful to delete all of those references and to make sure that the rasphone text only contains the required connectoid information.

Surrender is rapidly becoming an unacceptable option.

Man/woman should control the machine, and, over this issue, I think I am on the losing side.

 

Should be safe enough but I'd make a registry backup now while things are working before doing the deed.