Dial-up download 'virus'

  • Thread starter Thread starter Chris Lloyd-Staples
  • Start date Start date
C

Chris Lloyd-Staples

Can anyone please help? When surfing the internet, a malicious download
installed something on my computer, so that when I turn on the computer, the
dial-up screen starts up, without being requested by a click on the icon. I
found that the download had installed various extra 'accounts' on the
dial-up, and I've got rid of them. However, the dial-up screeen still
initiates without being requested. Is there any place that I should look to
delete the download? Can I return the computer to a previous setting? ( I
thought there was some sort of a restore function someplace?).

In my windows file, there are several icons that seem 'new', and when I
ordered icons by date, they indicate that they are new. The new files are
called Mrlloyd-.pwl, Sti_Trace.log and Win386.swp

Any idea what these are?

Chris
 
Chris Lloyd-Staples said:
Can anyone please help? When surfing the internet, a malicious download
installed something on my computer, so that when I turn on the computer, the
dial-up screen starts up, without being requested by a click on the icon. I
found that the download had installed various extra 'accounts' on the
dial-up, and I've got rid of them. However, the dial-up screeen still
initiates without being requested. Is there any place that I should look to
delete the download? Can I return the computer to a previous setting? ( I
thought there was some sort of a restore function someplace?).

In my windows file, there are several icons that seem 'new', and when I
ordered icons by date, they indicate that they are new. The new files are
called Mrlloyd-.pwl, Sti_Trace.log and Win386.swp

Any idea what these are?

Chris
Click to expand...

Download Ad-aware and/or Spybot Search and Destroy. They are both free, and
will find and remove the dialler(s).
Then download SpywareBlaster (again free) to keep them out in the first
place.

Google for them.
DD
 
First of all I would be installing/updating and running AdAware and/or
Spybot. The problem you're indicating sounds very much like an Adware
dial-up trojan. If this doesn't find anything you need to have a look at
the services starting on Windows Startup and/or the services running in
general. Have a look for anything suspicious. If for example you don't
know the difference between explorer.exe and ILoveYou.scr then google
search for HiJack This and post the log in one of the forums.
Goodluck
sh4d03
P.S. If you do find something out of place in the startups or services -
Start|Run|msconfig|startup and Start|Run|services.msc respectively -
you should disable it and see if your problem is aleviated. If it is,
then you can have a look at where the executable is and kill it.
Have fun.
 
Can anyone please help? When surfing the internet, a malicious download
installed something on my computer, so that when I turn on the computer, the
dial-up screen starts up, without being requested by a click on the icon. I
found that the download had installed various extra 'accounts' on the
dial-up, and I've got rid of them. However, the dial-up screeen still
initiates without being requested. Is there any place that I should look to
delete the download? Can I return the computer to a previous setting? ( I
thought there was some sort of a restore function someplace?).

In my windows file, there are several icons that seem 'new', and when I
ordered icons by date, they indicate that they are new. The new files are
called Mrlloyd-.pwl, Sti_Trace.log and Win386.swp

Any idea what these are?

Chris
Click to expand...

Hello Chris

Mrlloyd-.pwl --> password list maintained my malware ?
Sti_Trace.log --> ?
Win386.swp --> definitely the windows swap file - do not delete!

Find out what malware is on your system.

Online Virus Scans:
http://www.bitdefender.com/scan/license.php
http://www.ravantivirus.com/scan/
http://www.pandasoftware.com/activescan/

If it's new, try to send the malware file to an av company
for analysis.

/After/ you've removed the malware (spyware?), you need to
change your passwords because they might have been sent
to a remote attacker.

good luck and safe computing
 
Chris Lloyd-Staples said:
Can anyone please help? When surfing the internet, a malicious download
installed something on my computer, so that when I turn on the computer, the
dial-up screen starts up, without being requested by a click on the icon. I
found that the download had installed various extra 'accounts' on the
dial-up, and I've got rid of them. However, the dial-up screeen still
initiates without being requested. Is there any place that I should look to
delete the download? Can I return the computer to a previous setting? ( I
thought there was some sort of a restore function someplace?).

In my windows file, there are several icons that seem 'new', and when I
ordered icons by date, they indicate that they are new. The new files are
called Mrlloyd-.pwl, Sti_Trace.log and Win386.swp

Any idea what these are?
Click to expand...

First, like everyone else said. Additionally, install a firewall. Get
ZoneAlarm from www.zonelabs.com This will heep whatever it is from
actually connectiong to the outside world even if it does dial up.
ZoneAlarm will (should) also help you identify what is trying to
connect through your dial-up connection.

From Randy....  AKA "-ED" at the....
Feather River Canyon News
http://www.quiknet.com/~frcn
 
Back
Top