Annoying Auto Dialer
- Thread starter tleslie
- Start date
- Status
Scan Results
I have run mbam and superantispyware and hijackthis. The first 2 did not find any infections and the logs were clean, Hijackthis found 19 files missing and I cannot delete them. I tried 3 times including safe mode but the missing files still show up as does the autodialer.
I have run mbam and superantispyware and hijackthis. The first 2 did not find any infections and the logs were clean, Hijackthis found 19 files missing and I cannot delete them. I tried 3 times including safe mode but the missing files still show up as does the autodialer.
almcneil
Posts: 1,236 +1
Go into MS System Configuration Utility and examine the Startup list of programs and look for anything suspicious.
Start -> Run -> msconfig -> Startup
If you see something that looks like spyware, deselect it. If you're not sure, post it here. In fact, post the whole list and we'll tell you.
-- Andy
Start -> Run -> msconfig -> Startup
If you see something that looks like spyware, deselect it. If you're not sure, post it here. In fact, post the whole list and we'll tell you.
-- Andy
captaincranky
Posts: 19,690 +8,832
I would google those "system root" entries in your HJT log, and/or download the "rootkit revealer from M$ and run that.
The only thing I (barely) recognize, is the spool server. I think.
http://technet.microsoft.com/en-us/sysinternals/bb897445.aspx There is tech forum support available for these logs also.
The only thing I (barely) recognize, is the spool server. I think.
http://technet.microsoft.com/en-us/sysinternals/bb897445.aspx There is tech forum support available for these logs also.
almcneil
Posts: 1,236 +1
I don't see anything tha looks like spyware in your MS System Configuration startup list. It could be one of the background programs is tripping off the dialer instead of using the network card connection because it's configured wrong.
At this point, I'd have to play with the computer to figure out what's tripping off the dialer.
-- Andy
At this point, I'd have to play with the computer to figure out what's tripping off the dialer.
-- Andy
almcneil
Posts: 1,236 +1
Yes, I know what the problem is now. Do the following:
Start -> Control Panel -> Internet Options -> Connections
You have some choices here. You can delete the dialup connection or reset it to never dial a connection or never dial when a network connection is present.
I got thrown off because almost no one uses dialup anymore! I didn't think to check the Connetions dialog.
-- Andy
Start -> Control Panel -> Internet Options -> Connections
You have some choices here. You can delete the dialup connection or reset it to never dial a connection or never dial when a network connection is present.
I got thrown off because almost no one uses dialup anymore! I didn't think to check the Connetions dialog.
-- Andy
Bobbye
Posts: 16,313 +36
'File missing' doesn't always mean the file is missing. This is not a reason to assume all those entries need to be removed.
This is a Vista system and looks to be 64 bit. IF you read some background on HijackThis, you will find particulars for this system.
The random dialer could be something as simple as a program connecting to the internet looking for an update. To resolve that, stop all your auto updates except for Windows Updates.
See if that makes a difference.
This is a Vista system and looks to be 64 bit. IF you read some background on HijackThis, you will find particulars for this system.
The random dialer could be something as simple as a program connecting to the internet looking for an update. To resolve that, stop all your auto updates except for Windows Updates.
See if that makes a difference.
Tmagic650
Posts: 17,233 +234
"File missing doesn't always mean the file is missing. This is not a reason to assume all those entries need to be removed"...
This makes a lot of sense Bobbye. This is like saying "dead isn't really dead" or "gravity isn't really gravity". Those missing files are missing from a system folder other than where they may be now in the operating system. This could be caused by incomplete deletes, hardware or software issues and malware infections, don't you "experts" think that this could also be correct?
This makes a lot of sense Bobbye. This is like saying "dead isn't really dead" or "gravity isn't really gravity". Those missing files are missing from a system folder other than where they may be now in the operating system. This could be caused by incomplete deletes, hardware or software issues and malware infections, don't you "experts" think that this could also be correct?
Bobbye
Posts: 16,313 +36
No Tmagic. HJT doesn't play well with the Vista 64 bit as far as scans go. You'll find other software that doesn't do well with 64 bit. Whether it's a bug in the program or a compatibility issue, many logs are seen with the 'missing' designation. Many help forums have left HJT in favor of other software.
So I'll leave you to the interpretation of these entries. Remember, the log is only showing you what the program 'sees'. If it doesn't 'see' the file because an issue with the program prevents it from actually reading the file, it's going to tell you the files isn't there.
Doesn't that make sense?
momok
Posts: 2,127 +6
HijackThis does have certain issues in displaying certain files. So in some occasional cases, the "file missing" attribute is an error display, whilst generally it is genuine. It is usually upto experience to determine if it is genuine or not. Let's not argue about this.
For O23 entries, often times they remain unremovable by HJT even when the files are gone as O23 entries refer to services running on the system, and HJT does a poor job of removing services. The best way is to manually disable the service.
Even then, some cases are clear cut HJT errors as the files are legit system files, for eg,
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
Most of the time, these files are not causing any problems to the system.
tleslie: I would suggest posting a screenshot so everyone can have a clear idea of what is exactly happening. It doesnt seem to be a malware problem, but a screenshot would clarify things just in case.
For O23 entries, often times they remain unremovable by HJT even when the files are gone as O23 entries refer to services running on the system, and HJT does a poor job of removing services. The best way is to manually disable the service.
Even then, some cases are clear cut HJT errors as the files are legit system files, for eg,
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
Most of the time, these files are not causing any problems to the system.
tleslie: I would suggest posting a screenshot so everyone can have a clear idea of what is exactly happening. It doesnt seem to be a malware problem, but a screenshot would clarify things just in case.
- Status
Similar threads
Latest posts
-
"CPUs Don't Matter For 4K Gaming"... Wrong!- hwertz replied
