View Full Version : Delsim dialer...aiuto
Ciao a tutti..
Ho usato il tasto cerca,ho trovato un topic su questo dialer ma non ha tolto questo dialer..
qualcuno sa darmi una mano?ho un file in c:,eliminandolo,torna perennemente quando riavvio con nomi diversi(casuali penso),anche disinstallandolo..
ho provato molti programmi ma niente...spero in un vostro aiuto...
ho anche formattato ma neinte..torna sempre...
wizard1993
06-05-2007, 16:06
log hijackthis
Logfile of HijackThis v1.99.1
Scan saved at 16.19.54, on 06/05/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\tune.exe
C:\WINDOWS\System32\wpabaln.exe
C:\WINDOWS\System32\msiexec.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\MSN Messenger\msnmsgr.exe
C:\Documents and Settings\marco dea\Desktop\HijackThis.exe
C:\Programmi\MSN Messenger\usnsvc.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programmi\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programmi\Norton AntiVirus\NavShExt.dll
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\MSN Messenger\MsnMsgr.Exe" /background
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccPwdSvc.exe
O23 - Service: Servizio Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Programmi\Norton AntiVirus\navapsvc.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FILECO~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Windows DLLISP Service - Unknown owner - C:\WINDOWS\dllisp.exe (file missing)
O23 - Service: Windows Tune service - Unknown owner - C:\WINDOWS\tune.exe
wizard1993
06-05-2007, 16:26
fixa questo coso
O23 - Service: Windows DLLISP Service - Unknown owner - C:\WINDOWS\dllisp.exe (file missing)
poi aggirona windows, disabilita il system restore (http://www.sicurezzainrete.com/disabilitare_system_restore.htm)
e fai una scan onlie con ewido (http://www.ewido.net/en/onlinescan/) e a-squared (http://www.emsisoft.it/it/software/ax/)
wizard1993
06-05-2007, 17:16
fammi sapere
niente..ce ancora..scansionato e aggiornato
wizard1993
06-05-2007, 17:25
niente..ce ancora..scansionato e aggiornato
anche ewido e asuqared non lo rilevano?
wizard1993
06-05-2007, 17:30
in caso i due nn rilevino disinstalla norton (http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2005033108162039), scaricati il kaspersky antivirus (http://www.kasperskystore.it/eval.html?change_os=ALL) in trial aggiorna e scansiona in modalità provvisoria (http://www.microsoft.com/technet/prodtechnol/windowsserver2003/it/library/ServerHelp/e14bf84d-d2f7-42c3-9fae-2af3db3f806c.mspx?mfr=true)
trovano dei programmi malevoli..ma non questo del..
mi sta facendo impazzire..boh..non capisco nemmeno come possa resistere alla formattazione..
wizard1993
06-05-2007, 17:34
trovano dei programmi malevoli..ma non questo del..
mi sta facendo impazzire..boh..non capisco nemmeno come possa resistere alla formattazione..
fai come ti ho dettosopra
Mi ha trovato 3 net-worm(a.exe,qmedia.exe)e un trojan(ff.exe)
mi si è bloccato a 99%..speriamo
niente..eliminati i 4 virus ma il dialer è ancora qui..
stranamente pero non si è aperto ancora..
wizard1993
06-05-2007, 20:31
allora
con the avanger http://www.megalab.it/articoli.php?id=946
insersci questo script
Files to delete:
%CommonProgramFiles%\tjd\tjeeze.exe
%CommonProgramFiles%\tjd\amstercam uk.exe
%CommonProgramFiles%\tjd\amstercam.exe
%SystemDrive%\Documents and Settings\All Users\Start Menu\tjeeze.lnk
%SystemDrive%\Documents and Settings\All Users\Start Menu\amstercam uk.lnk
%SystemDrive%\Documents and Settings\All Users\Start Menu\amstercam.lnk
%SystemDrive%\Documents and Settings\All Users\Desktop\amstercam uk.lnk
%SystemDrive%\Documents and Settings\All Users\Desktop\amstercam.lnk
%SystemDrive%\Documents and Settings\All Users\Desktop\tjeeze.lnk
C:\Program Files\Common Files\delsim\del.exe
Registry keys to delete:
HKEY_CURRENT_USER\Software\Trafficjam
adesso provo..cmq ti ringrazio per l'aiuto che mi stai dando..
sarei perso senza te
wizard1993
07-05-2007, 18:27
adesso provo..cmq ti ringrazio per l'aiuto che mi stai dando..
sarei perso senza te
di nulla
Rieccomi..dopo aver usato lo script mi ha dato qualche errore ma dopo il riavvio non ce piu il file in c..
grazie mille per l'aiuto..
wizard1993
07-05-2007, 19:30
Rieccomi..dopo aver usato lo script mi ha dato qualche errore ma dopo il riavvio non ce piu il file in c..
grazie mille per l'aiuto..
nella cartella C:\avenger troverai un file zippato, mandamelo all'indirzzo che ora ti spedirò via mp;
puoi postare il log di avenger?
Inviato all'email//////////////////////////////////////////
Avenger Pre-Processor log
//////////////////////////////////////////
Syntax error in line --- does not appear to be a valid registry path. Line will be ignored.
Error code: 1813
Line: HKEY_CURRENT_USER\Software\Trafficjam
//////////////////////////////////////////
Logfile of The Avenger version 1, by Swandog46
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Services\btv^hihi
*******************
Script file located at: \??\C:\WINDOWS\System32\jnauskdt.txt
Script file opened successfully.
Script file read successfully
Backups directory opened successfully at C:\Avenger
*******************
Beginning to process script file:
Could not open file C:\Programmi\File comuni\tjd\tjeeze.exe for deletion
Deletion of file C:\Programmi\File comuni\tjd\tjeeze.exe failed!
Could not process line:
C:\Programmi\File comuni\tjd\tjeeze.exe
Status: 0xc000003a
Could not open file C:\Programmi\File comuni\tjd\amstercam uk.exe for deletion
Deletion of file C:\Programmi\File comuni\tjd\amstercam uk.exe failed!
Could not process line:
C:\Programmi\File comuni\tjd\amstercam uk.exe
Status: 0xc000003a
Could not open file C:\Programmi\File comuni\tjd\amstercam.exe for deletion
Deletion of file C:\Programmi\File comuni\tjd\amstercam.exe failed!
Could not process line:
C:\Programmi\File comuni\tjd\amstercam.exe
Status: 0xc000003a
Could not open file C:\Documents and Settings\All Users\Start Menu\tjeeze.lnk for deletion
Deletion of file C:\Documents and Settings\All Users\Start Menu\tjeeze.lnk failed!
Could not process line:
C:\Documents and Settings\All Users\Start Menu\tjeeze.lnk
Status: 0xc000003a
Could not open file C:\Documents and Settings\All Users\Start Menu\amstercam uk.lnk for deletion
Deletion of file C:\Documents and Settings\All Users\Start Menu\amstercam uk.lnk failed!
Could not process line:
C:\Documents and Settings\All Users\Start Menu\amstercam uk.lnk
Status: 0xc000003a
Could not open file C:\Documents and Settings\All Users\Start Menu\amstercam.lnk for deletion
Deletion of file C:\Documents and Settings\All Users\Start Menu\amstercam.lnk failed!
Could not process line:
C:\Documents and Settings\All Users\Start Menu\amstercam.lnk
Status: 0xc000003a
File C:\Documents and Settings\All Users\Desktop\amstercam uk.lnk not found!
Deletion of file C:\Documents and Settings\All Users\Desktop\amstercam uk.lnk failed!
Could not process line:
C:\Documents and Settings\All Users\Desktop\amstercam uk.lnk
Status: 0xc0000034
File C:\Documents and Settings\All Users\Desktop\amstercam.lnk not found!
Deletion of file C:\Documents and Settings\All Users\Desktop\amstercam.lnk failed!
Could not process line:
C:\Documents and Settings\All Users\Desktop\amstercam.lnk
Status: 0xc0000034
File C:\Documents and Settings\All Users\Desktop\tjeeze.lnk not found!
Deletion of file C:\Documents and Settings\All Users\Desktop\tjeeze.lnk failed!
Could not process line:
C:\Documents and Settings\All Users\Desktop\tjeeze.lnk
Status: 0xc0000034
Could not open file C:\Program Files\Common Files\delsim\del.exe for deletion
Deletion of file C:\Program Files\Common Files\delsim\del.exe failed!
Could not process line:
C:\Program Files\Common Files\delsim\del.exe
Status: 0xc000003a
Completed script processing.
*******************
Finished! Terminate.
vBulletin® v3.6.4, Copyright ©2000-2025, Jelsoft Enterprises Ltd.