Instant Access Dialer

**tarun** · January 2nd, 2006, 13:27 PM

Instant Dialer and Instant Dialer C. are installed on my computer.
Ad-aware does not* detect them, and spybot hangs or gives me update errors after install.
Bazooka scanner gives me this and this which I follow (manual uninstall). Instant Access reinstalls itself (usually after 1 day).

* edit - ad-aware works in smart scan mode only and detects them but they return

**Big Booger** · January 2nd, 2006, 16:15 PM

turn off system restore, perhaps it's being stored there and then reinstalls itself using system restore.

**Curio** · January 2nd, 2006, 21:10 PM

You can download and run the updates for SpyBot manually from here http://www.spybotupdates.com/updates...d_includes.exe which is an exe file that installs the updates when you run it. These programs that keep re-installing themselves do so because they make changes to your system that are not obvious or they use an undetected dll or exe file to reload the software.

If you use the manual update for SpyBot and it still does not remove the Dialler please post back and I will try to help you out evn if it means infecting one of my own machines and working out the removal method. I enjoy that stuff anyway.

**tarun** · January 3rd, 2006, 10:45 AM

when i turned the computer on today, it just kept hanging after windows had loaded.
so i was forced to start in safe mode and use system restore. if i have trouble again ill turn off system restore. thanks.
curio - it downloads the updates and then waits for some more time before giving me a bad checksum error.

**tarun** · January 3rd, 2006, 13:42 PM

These weren't there before the system restore, but Mcafee would always start up.

The computer starts up slower now. How come some of them say 'progra~1' and some say 'program files'?

**Curio** · January 3rd, 2006, 17:08 PM

Progra~1 is 8.3 format directory listing which is used by some programs for backward compatibility (with DOS presumably). I see they are all the McAfee ones which I believe is normal although I don't use McAfee.

Automatic startups are all over the place not just HKLM\software\windows\currentversion\run they are also in CurrentUser\...\..\run and DefaultUser\..\..\run for instance. To check them you really need to use something like AutoRuns.exe from Sysinternals which will also reveal all of the ShellObjectDelayLoad and AppInnitDlls other tricky entries.

There is a filtering system built into AutoRuns and I suggest you set it to hide verified Microsoft entries and Empty locations - this greatly reduces the output you need to sift through.

Any entries that you want to check out can be put into the startup list database over at CastleCops which will give you a reasonable idea as to their usefulness. This won't crack everything for you but will take you 90% of the way there for weeding out dodgy entries.

**tarun** · January 3rd, 2006, 18:49 PM

I'll try it. thanks

**Big Booger** · January 16th, 2006, 12:08 PM

Tarun did you ever get this sorted?

Aloone_Jonez · January 16th, 2006, 12:29 PM

On no someone's been using your PC to visit dodgy porn sites.

Have you tried searching the registry manually with Regedit for the filenames you posed in your link?

Also you could try searching your hard drive and renaming them to filename.bak, for example EGDial.dll to EGDial.dll.bak.

One way to help prevent this from happening again is to use a restricted account for Internet access (even more important if you let someone else use your machine) and by not using Microsoft Internet Explorer, although I doubt the latter is to blame in this case it sounds like someone clicked on an "access free porn with no credit card" link, however a restricted account should help prevent this sort of crap from installing.

**rohitk89** · January 16th, 2006, 15:25 PM

Quote:

Originally Posted by Aloone_Jonez

On no someone's been using your PC to visit dodgy porn sites.

He got you too, Tarun.

**tarun** · January 16th, 2006, 18:01 PM

Quote:

Originally Posted by Big Booger

Tarun did you ever get this sorted?

Removed it with the Bazooka Adware and Spyware Scanner manual instructions and then managed to detected and removed it completely with Ad-aware. Didn't have to disable System Restore.

It just kept adding itself back to the registry startup items but never showed up in hijackthis! and msconfig.

Spybot still gives me problems.

Quote:

On no someone's been using your PC to visit dodgy porn sites.

Oh, you have discovered my secret. Now everytime I masturbate I will remember you.

Aloone_Jonez · January 16th, 2006, 18:54 PM

Good, I'll just have to imagine you as a gorgeous sexy girl.

**rik** · January 16th, 2006, 19:11 PM

Quote:

Originally Posted by tarun

Oh, you have discovered my secret. Now everytime I masturbate I will remember you.

You ain't right

**tarun** · January 20th, 2006, 17:20 PM

Quote:

Originally Posted by Aloone_Jonez

Good, I'll just have to imagine you as a gorgeous sexy girl.

For $11000 you won't need to imagine.

January 2nd, 2006, 13:27 PM	#1
tarun Triple Platinum Member Join Date: Nov 2004 Location: India Posts: 888	Instant Access Dialer Instant Dialer and Instant Dialer C. are installed on my computer. Ad-aware does not* detect them, and spybot hangs or gives me update errors after install. Bazooka scanner gives me this and this which I follow (manual uninstall). Instant Access reinstalls itself (usually after 1 day). * edit - ad-aware works in smart scan mode only and detects them but they return Last edited by tarun; January 2nd, 2006 at 13:45 PM.

January 2nd, 2006, 16:15 PM	#2
Big Booger Happy New Year! Super Moderator Join Date: Apr 2002 Location: JAPAN Posts: 11,909	turn off system restore, perhaps it's being stored there and then reinstalls itself using system restore. __________________ Map yourself with TZ Frappr \| Booger's Blog

January 2nd, 2006, 21:10 PM	#3
Curio Triple Platinum Member Join Date: Nov 2004 Location: London Posts: 907	You can download and run the updates for SpyBot manually from here http://www.spybotupdates.com/updates...d_includes.exe which is an exe file that installs the updates when you run it. These programs that keep re-installing themselves do so because they make changes to your system that are not obvious or they use an undetected dll or exe file to reload the software. If you use the manual update for SpyBot and it still does not remove the Dialler please post back and I will try to help you out evn if it means infecting one of my own machines and working out the removal method. I enjoy that stuff anyway. __________________ I'm using Windows 7 - you got a problem with that?

January 3rd, 2006, 17:08 PM	#6
Curio Triple Platinum Member Join Date: Nov 2004 Location: London Posts: 907	Progra~1 is 8.3 format directory listing which is used by some programs for backward compatibility (with DOS presumably). I see they are all the McAfee ones which I believe is normal although I don't use McAfee. Automatic startups are all over the place not just HKLM\software\windows\currentversion\run they are also in CurrentUser\...\..\run and DefaultUser\..\..\run for instance. To check them you really need to use something like AutoRuns.exe from Sysinternals which will also reveal all of the ShellObjectDelayLoad and AppInnitDlls other tricky entries. There is a filtering system built into AutoRuns and I suggest you set it to hide verified Microsoft entries and Empty locations - this greatly reduces the output you need to sift through. Any entries that you want to check out can be put into the startup list database over at CastleCops which will give you a reasonable idea as to their usefulness. This won't crack everything for you but will take you 90% of the way there for weeding out dodgy entries. __________________ I'm using Windows 7 - you got a problem with that?

January 16th, 2006, 12:08 PM	#8
Big Booger Happy New Year! Super Moderator Join Date: Apr 2002 Location: JAPAN Posts: 11,909	Tarun did you ever get this sorted? __________________ Map yourself with TZ Frappr \| Booger's Blog

January 3rd, 2006, 10:45 AM	#4
tarun Triple Platinum Member Join Date: Nov 2004 Location: India Posts: 888	when i turned the computer on today, it just kept hanging after windows had loaded. so i was forced to start in safe mode and use system restore. if i have trouble again ill turn off system restore. thanks. curio - it downloads the updates and then waits for some more time before giving me a bad checksum error.

January 3rd, 2006, 13:42 PM	#5
tarun Triple Platinum Member Join Date: Nov 2004 Location: India Posts: 888	These weren't there before the system restore, but Mcafee would always start up. The computer starts up slower now. How come some of them say 'progra~1' and some say 'program files'?

January 3rd, 2006, 18:49 PM	#7
tarun Triple Platinum Member Join Date: Nov 2004 Location: India Posts: 888	I'll try it. thanks

January 16th, 2006, 12:29 PM	#9
Aloone_Jonez Banned Join Date: Dec 2005 Posts: 60	On no someone's been using your PC to visit dodgy porn sites. Have you tried searching the registry manually with Regedit for the filenames you posed in your link? Also you could try searching your hard drive and renaming them to filename.bak, for example EGDial.dll to EGDial.dll.bak. One way to help prevent this from happening again is to use a restricted account for Internet access (even more important if you let someone else use your machine) and by not using Microsoft Internet Explorer, although I doubt the latter is to blame in this case it sounds like someone clicked on an "access free porn with no credit card" link, however a restricted account should help prevent this sort of crap from installing.

January 16th, 2006, 18:54 PM	#12
Aloone_Jonez Banned Join Date: Dec 2005 Posts: 60	Good, I'll just have to imagine you as a gorgeous sexy girl.

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode