Threat Explorer

The Threat Explorer is a comprehensive resource consumers can turn to for daily, accurate, up-to-date information on the latest threats, risks and vulnerabilities.

Dialer.Vesta

Dialer.Vesta

Updated:
13 February 2007
Risk Impact:
High
File Names:
wsd.ocx
Systems Affected:
Windows

Behavior


Dialer.Vesta registers itself as a Browser Helper Object (BHO) and downloads a dialer from the Internet.

Symptoms


The files are detected as Dialer.Vesta.

Behavior


This program must be manually installed, or installed as a component of another program.

Antivirus Protection Dates

  • Initial Rapid Release version 02 October 2014 revision 022
  • Latest Rapid Release version 01 February 2015 revision 020
  • Initial Daily Certified version 18 June 2004
  • Latest Daily Certified version 17 January 2008 revision 033
  • Initial Weekly Certified release date 23 June 2004
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.

When Dialer.Vesta is executed, it registers itself as a Browser Helper Object (BHO) and downloads a dialer from the Internet.

The following instructions pertain to all Symantec antivirus products that support Security Risk detection.
  1. Update the definitions.
  2. Close modem connections
  3. Run a full system scan and write down the path and file names of all the files detected as Dialer.Vesta.
  4. Unregister the detected .ocx files.
  5. To scan for and delete the detected files.
For specific details on each of these steps, read the following instructions.

1. To update the definitions
To obtain the most recent definitions, start your Symantec program and run LiveUpdate.

2. To close modem connections
This risk uses available modems to create an Internet connection, sometimes without any visible signs. In order to successfully remove this threat, ensure that all modem-based Internet connections are disconnected before proceeding. For instructions on how to do this, consult the appropriate Internet service provider, computer manufacturer, or operating system documentation.

3. To scan for and note the files
  1. Start your Symantec antivirus program, and then run a full system scan.
  2. If any files are detected as Dialer.Vesta, note their paths and file names.

4. To unregister the .ocx files
  1. Click Start > Run. (The Run dialog box appears.)
  2. Type the following text:

    regsvr32 /u "path\file name.ocx"

    then click OK.

  3. If a dialog box confirming this action appears, click OK.
5. To scan for and delete the files
  1. Start your Symantec antivirus program, and then run a full system scan.
  2. If any files are detected as Dialer.Vesta, click Delete.

    Note:
    If your Symantec antivirus product reports that it cannot delete a detected file, write down the path and file name. Then use Windows Explorer to locate and delete the file