Page 4 of 4 FirstFirst 1234
Results 31 to 37 of 37

Thread: trojan.win32.dialer.hc

  1. #31
    Junior Member
    Join Date
    Mar 2006
    Posts
    8

    Default

    Actually "Imunizing" reinstalls the "Win32.Trojan.Dialer.hz".

  2. #32
    Spybot Advisor Team [Retired] md usa spybot fan's Avatar
    Join Date
    Oct 2005
    Posts
    5,859

    Default

    The "*=dword:00000004" is the code to place something into Internet Explorer's restricted sites zone.

    Reference:


    Internet Explorer 4.0 and later
    Internet Explorer security zones settings are stored under the following registry keys:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings

    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings
    These registry keys contain the following keys:
    • TemplatePolicies
    • ZoneMap
    • Zones

    ....


    ZoneMap
    The ZoneMap key contains the following keys: • Domains
    • ProtocolDefaults
    • Ranges

    ....


    Zones
    The Zones key contains keys that represent each security zone that is defined for the computer. By default, the following five zones are defined (numbered zero through four): Value Setting
    ------------------------------
    0 My Computer
    1 Local Intranet Zone
    2 Trusted sites Zone
    3 Internet Zone
    4 Restricted Sites Zone
    No BS nor speculation.

    Try the following:
    Go into Spybot > Immunize > click the "Check again" button and see if you get a warning.

    Even if not click the "Immunize" button (big green plus sign) at the top of the right pane to immunize again. Then run another ZoneAlarm Anit-Spyware scan and see if the Win32.Trojan.Dialer.hc detection returns.

    Added with edit:
    ps: I see that you already tried to re-immunize while I was typing.

    Getting an answer is one thing, learning is another.


    Microsoft Windows XP Home Edition running on a 2.40GHz IntelŪ PentiumŪ 4 Processor with 512 MB of RAM and a 533 MHz System Bus.

  3. #33
    Spybot Advisor Team [Retired] md usa spybot fan's Avatar
    Join Date
    Oct 2005
    Posts
    5,859

    Default

    miadlor:

    Prove it to yourself:

    Go into Internet Explorer > Tools > Internet options... > "Security" tab > click the "Restricted sites" button > then the "Sites" button > the Web sites listings will show what sites are in the restricted zone.

    Look for the following both before and after immunizing with Spybot and removing the entry with ZoneAlarm (note the entries are in alphabetical order by the second and third nodes of the name):
    • *.archiviosex.net

    Getting an answer is one thing, learning is another.


    Microsoft Windows XP Home Edition running on a 2.40GHz IntelŪ PentiumŪ 4 Processor with 512 MB of RAM and a 533 MHz System Bus.

  4. #34
    Junior Member
    Join Date
    Mar 2006
    Posts
    8

    Default

    Exactly what you said!

    So Zone Alarm is in error.....because it's not coming up with all the others as infections.

  5. #35
    Spybot Advisor Team [Retired] md usa spybot fan's Avatar
    Join Date
    Oct 2005
    Posts
    5,859

    Default

    miadlor:

    Since you seem convinced, maybe you could do yourself and other users of ZoneAlarm Anti-Spyware a favor and report the false positive in the Zone Labs User Forum:

    Here:

    Perhaps they will recognize their error and correct the problem.

    Getting an answer is one thing, learning is another.


    Microsoft Windows XP Home Edition running on a 2.40GHz IntelŪ PentiumŪ 4 Processor with 512 MB of RAM and a 533 MHz System Bus.

  6. #36
    Junior Member
    Join Date
    Mar 2006
    Posts
    8

    Default

    Made a post on Zone's site.

  7. #37
    Junior Member
    Join Date
    Mar 2006
    Posts
    8

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •