Modem sound

I just got hit by a VERY nasty web virus. Well not exactly a virus. I clicked a web link, and the next thing I know, this program called 1on1.exe is running on my system. There is now a hidden file 1on1.exe in C:\Windows, and my network connection has been terminated and redialed to one of those ridiculously expensive sex download numbers for which it has added a new connection. It has also put an entry in my registry to automatically run 1on1.exe on start up, but most sneakily, it has turned the modem sound off. The intent is clear. Every time I start my computer, it automatically, and with no sign of anything happening, dials up a really expensive phone number.

If I wasn't so clued up computer-wise, I could be seriously in trouble (financially speaking) in no time at all. So much for Kaspersky anti-virus. Personally speaking, I didn't even think it was possible!!

I have deleted all the files and shortcuts and registry entries, so it won't happen, but I cannot figure out how to turn the modem sound back on. I have found the modem volume control, but it isn't that.

I am running Win98 SE, and if anyone can help me turn the modem sound back on so I can hear when my modem is dialing out, I would be seriously grateful!

you should boot into safe mode, and remove the program from c:\windows

only remove 1on1.exe

do a search for it too, make sure you find all the copys of it, dont delete any other files though. after you are done with that you should try gettin adaware 6 and spybot search and destroy and scanning your harddrives :)

once you read this id suggest disconnectiong your modem

if they TRY to claim a bill on you id call your lawyer :)

Or, speak to MAD_DOG (on these forums).. i think his company runs all of those 900 numbers ;-).

I have the same problem: the modem sound has been removed ((I have removed the virus). Did you work out how to fix it? I've tried removing the modem connection. I'm running Windows XP.

I'm not sure about this... but what about a reinstall of the modem?

Control Panel>Modem>Properties>Modem Speaker---Turn it on or off. I like it off cause my modem is a bit noisy, but to make sure your computer isnt dialing in the background turn it on. Hope this helped :)

Hi Ive had mega trouble getting rid of this dialer too.i've updated spybot, adaware, mcafee virus, deleted registry keys, deleted 1on1.exe in safe mode, deleted sysdaemg.exe, and another one called uk5.exe. I have cleared all temp files. All to no avail. Would you mind telling me how you managed it?

Many Thanks
Andy

Can anyone please provide an idiots guide as to how to get rid of this please. I can't even seem to start my computer in safe mode but the F8 or Control key holddown.
Any help would greatly be appreciated.
Cheers,
Rhys

Hi

I tried a full system restore to a previous time and no problems since. Touch wood. Mind you if youre not using xp or me Id have no other advice. Hope you get things sorted.

kToi

Can anyone please provide an idiots guide as to how to get rid of this please. I can't even seem to start my computer in safe mode but the F8 or Control key holddown.
Any help would greatly be appreciated.
Cheers,
Rhys

Hi Ive had mega trouble getting rid of this dialer too.i've updated spybot, adaware, mcafee virus, deleted registry keys, deleted 1on1.exe in safe mode, deleted sysdaemg.exe, and another one called uk5.exe. I have cleared all temp files. All to no avail. Would you mind telling me how you managed it?

I removed the following..

1on1.exe (tho I wasn't in safe mode)
uk5 (as an exe and temp file)
uk7 (as an exe and temp file)
sysdaemg

Is this all that needs removing? Haven't touched registry keys yet as don't know what I'm doing. What do I need to remove exactly in the registry?

Jason

what ive done on previous occasions, and what appears to have worked is to open up notepad, make a text file, call it '1on1.exe' then save it with "all files and folders" selected in file type box, in C:/WINDOWS/. It tells me if i want to replace existing file, and i say 'yes' so now the exe file is just a blank text file, so the startup trys to boot up nothing. Not really the ortadox method, but it works for me. Sorry if thats unclear....

I removed the following..

1on1.exe (tho I wasn't in safe mode)
uk5 (as an exe and temp file)
uk7 (as an exe and temp file)
sysdaemg

Is this all that needs removing? Haven't touched registry keys yet as don't know what I'm doing. What do I need to remove exactly in the registry?

Jason

I am investigating this problem. Can anyone email a sample of the offending files to me?? Can you please zip it up and email them to emaildailer@yahoo.co.uk.

Also if you know where that dailer comes from, please email me the web site address.

Many Thanks.

H.

hi,
Go to Control Panel, Modems

1) Click on Properties
2) In the modem properties window click on Connection tab
3) Click on Advanced button, where in you should see Extra settings.
4) Check if any modem commands are entered eg:atm0 etc, if yes delete it.

Hope this should help,

Mahesh