Is it a Trojan?

Printable View

June 7th, 2003, 04:52 AM
vercetti

Is it a Trojan?

Hey guys, I have a question.
I was checking my HD and found two programs: an application and a notepad file named dialler.exe and dialler.txt respectively. I scanned them with my AV and Tauscan and they're clean. When I open the .exe, It forwards me to a porn site, and the .txt file looks something like this:
Log: 3|Dial|United States of America||||19002881053|cbw_235003|19002881053|1|617
Log: 1|rasapi32.dll found|
Log: 5|Redial|19002881053
Log: AOL process ID: 1572
Log: HangupAll called: save=1
Log: HangupAll: fnRasEnumConnections=1995328863
Log: HangupAll: 0 connections
Log: HangupAll: 9 devices
Log: HangupAll: modem Actiontec MD56ORD V92 MDC Modem type modem
Log: HangupAll: 1 modems
Log: New entry: (null) PRPI

Log: New entry: dial 0 device Actiontec MD56ORD V92 MDC Modem type modem

Log: RasSetEntryProperties returned 0

Log: 0|Program started|cbw_235003
Log: HangupAll called: save=0
Log: HangupAll: fnRasEnumConnections=1995328863
Log: HangupAll: 0 connections
Log: 0|Program started|cbw_235003
Log: 0|Program started|cbw_235003
Log: 0|Program started|cbw_235003
and I have no clue what that means. I tried to delete both and I couldn't (even though Im running admin) and I got this message :
Cannot delete Dialler. Access denied
Make sure the disk is not full or write-protected and that the file is not currently in use.
Im using Xp so I went To "ADD/REMOVE PROGRAMS" and couldn't find it there. I searched the registry but still couldn't find them.
Can somebody please explain to me what's happening to me and how can I stop it and prevent it from happening again?
Thanks a lot
June 7th, 2003, 05:09 AM
lumpyporridge

I believe it is spyware , spybot or adaware should help http://security.kolla.de/ ( if you have doze and don't use spybot you are missing out ) , if not try www.cexx.org
June 7th, 2003, 05:09 AM
Kezil

been surfing porn sites, eh? first of all, update and do a complete virus scan. second, do you use dial-up? this could be a config file. where was it found. third(only if you know it shouldn't be there), do ctrl+alt+del and check if dialler is a running process, or if something is running that you *know* shouldn't be, kill if it is, and then try to delete.
June 7th, 2003, 05:22 AM
vercetti

The problem is that it's my friend's machine and she trusts me as her admin. Her
AV is outdated,I know it's screwed up but in trying to convince her to update,
I was met with indifference; and she has a DSL
Third, I ran the CTRL+ALT+DELETE and found that DIALLER.exe is in fact runnig but not using any CPU.
I also ran SPybot S&D but it didn't pick it up.
What should I do?
June 7th, 2003, 06:06 AM
lumpyporridge

try posting/searching at www.cexx.org 's forum it is low traffic but good help if you search "DIALLER EXE." you most likley will find someone else with the same prob and the answer. first line of google(didn't look at it though) ----> http://www.digifriends.com/message_b...n_horses.shtml