Dialer Virus

[Fenix]

Could you guys helped me with something? It looks I have a trojan virus on my computer and AVG doesn't find it. Ad-Aware does find various files named iddXX*.tmp.exe, which seem to be the cause of dialing, but removing them doesn't solve the problem. It seems that something is generating these files and neither AVG or Ad-Aware finds that source.

*=XX is different every time.

[Fitzy]

if its a .tmp file it must be a temporary file, get crap cleaner (ccleaner) and use that to clean up the temporary files, reboot and see what happens

[Fenix]

Like I said, deleting those files isn't the problem, finding the source which is generating them is. But thanks anyway, that's a very useful program .

[Fitzy]

shit yeah, the first time i used it it got rid of one gig of temp files and stuff
try finding a virus program like avast that can do scans in dos and try that

[Fenix]

Doesn't work. I also tried Spybot Search&Destroy and several other programs, but none of them seems to find the goddamn thing.

[Laker Socks]

Try ewido.

[Fenix]

It's the same thing. Ewido finds the thing, deletes it, but it happens all over again a few minutes later.

[Laker Socks]

I had the same problem in the past with a different trojan.

I just kept on trying to remove it everyday and eventually it disappeared.

[hipn]

Go on google and seach something like: Remove (Blank) or Delete (Blank).

I used to do it because my Anti-V could not remove it, so i did it manually.

[Sac-1]

Isn't a trojan virus a virus you get from watching porn?

[BIG GREEN]

Um...no it isn't. You can get them tons of ways....research it in google.

[Axel]

Like hipn, I usually do a google search on trojans. If you know the name of the process that causes the problems, you can just search for a way to remove it on a search engine. Every trojan that I've had brings up an ad for how to remove it (usually some sort of spyware removal software). If you're getting something like that, search for a way to remove that program because it's what is causes the problem.

Edit:

after researching this a little bit, I came across this article

Where Do Diallers Come From?

The dialler is generally downloaded inadvertently while visiting pornographic, gaming (gambling), "warez" (file sharing and software "cracks") or illegal MP3 sites - what could be termed "dodgy" sites.

[Joe']

I think it's a malware program that generates those dialer connections... try using Ewido Anti-Malware if you didn't yet.

[Silas]

You could always reformat your PC

[Joe']

He will lose all the files and stuff he has in his PC formating it.

[Silas]

not if he backs up and saves everything he wants to first

[MetalHead]

not if he backs up and saves everything he wants to first

Or instead you can do this. Go to your start menu, and click on your profile picture. (Should be your user name). Then click on the "Home" tab. Create a new account, and when your finished, copy all your important stuff (Docs, Movies, Music...) onto your second account. Then, proceed and DELETE your spyware/adware profile. Your secondary account will contain all your installed applications, and they will still work. This may not work for all viruses, but its worked for most.

[Joe']

It won't work because the WINDOWS folder is the same for all the accounts, and most of the viruses and stuff are located in the WINDOWS folder.

[Axel]

They're usually embedded in the registry.

[Fenix]

That's true, that's why Ewido and other antivirus/anti spyware software will only delete the dialer itself, but not the generator. It's probably hidden somewhere in the register. I don't want to reformat everything just because of one lousy virus (I'm a lazy bastard and an idea of installing all those programs and drivers again makes me go sick and I did it like two weeks ago), so if there's another way, let me know.

And it was a keygen that did it. I fucking knew it was a virus, but I decided to trust AVG instead, that bastard.

[Andrew]

I'd try to keep on hitting it with two or three spyware programs until it's stopped at the source. Failing that, you'll probably have to back everything up and format.

[#12]

try avast antivirus

[Andreas Dahl]

Download a program called SmitfraudFix. Restart the computer in safe mode. Run a scan with SmitfraudFix (smitfraudfix.cmd -> 'Clean' -> (and then yes to any possible questions afterwards)). Look at the scan report and manually delete as many of the bad files that it lists as possible. Then run CCleaner and eWido just to be safe, and then SmitfraudFix one more time. Then restart the computer (into regular mode) and run SmitfraudFix one last time and see if you still got anything..

This took care of my problems, might not work for you, but I recon it's worth a shot..

[Joe']

Yeah, I've used that SmitfraudFix program to remove an annoying message popping out on my Windows bar saying "Your computer has been infected! Click here to remove it!". I think it was a malware so I had to run Ewido later...
It was the only thing able to remove it since I wasn't able to delete the files because the process was active and SmitfraudFix is the only program to stop the processes (I couldn't stop it with the Task Manager).

[Fenix]

Doesn't help . But thanks anyway.