Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

malware dialer.instantaccess - help removing

  • 09-11-2006 9:48pm
    #1
    Registered Users, Registered Users 2 Posts: 944 ✭✭✭


    I've tried all I can think of - ewido in safe mode, BFU in safe mode, manually trying to find/delete .dlls.

    Ewido always finds dialer.instantaccess in c:\windows\system32\msclock32.dll.

    I think is some form of rootkit as that file doesn't seem to exist!

    Any ideas?


Comments

  • Closed Accounts Posts: 36,634 ✭✭✭✭Ruu_Old


    Do you have System Restore running? Disable it before you scan in safe mode, let Ewido perform its removal action and then enable it again. There are removal instructions here. Let us know how you get on.


  • Closed Accounts Posts: 4,757 ✭✭✭8T8


    A full list of file related to this can be found here if it's the same one a search for the files in question should tell you.

    But have you used Spybot & Windows Defender (no longer beta) to combat it with Hijack This to remove it's entries for loading at startup.


  • Registered Users, Registered Users 2 Posts: 1,849 ✭✭✭Redisle


    Sounds like good advice above but If you need to manually remove dll's try killbox.
    Ive used that to get rid of crap before, it unregisters the dll then deletes..... By the way u probably have already but just in case make sure u dont have a 56k modem hooked up to a phone line......;) ... And make sure to turn system restore off and restart pc then get rid of dialer then turn back on system restore


  • Registered Users, Registered Users 2 Posts: 944 ✭✭✭SwampThing


    I think I've actually gotten rid of the nasty bugger - what I'm seeing in the scan is Dialer.InstantAccess in 16 locations - all VM_xxxxxx where xxxxxx are numbers.

    I think these might be quarantined files from Norton or ewido. I'll try delete them this evening and see how I get on.


Advertisement