Annuncio

Collapse
No announcement yet.

Dialer di m***a

Collapse
X
 
  • Filter
  • Ora
  • Show
Clear All
new posts

  • Dialer di m***a

    Salve,

    ho un problema con un dannato dialer.premetto ke ho una connessione ADSL...la prima cosa ke ho fatto è stato aprire il task manager e kiudere il processo relativo..poi ho cercato il file e l'ho eliminato manualmente, ma niente da fare..mi si ripresenta.Ho provato anke cn spybot ma ancora niente...conoscete altri metodi?
    «There's no knowledge that has the power to change your fate.»

  • #2
    ma le connessioni ADSL non dovevano essere immuni dai dialer?
    sigpic
    Originariamente Scritto da ezio.auditore
    le proteine animali fanno male al corpo umano, inacidisce il sangue
    last.fm

    Comment


    • #3
      e appunto, più che un dialer, credo sia un trojan...
      quindi fai una scansione con ad-aware forse ti stai confondendo dato che l'adsl "dovrebbe" essere immune ai dialer.
      che problemi ti da?
      hey brother, welcome to hell!
      http://skaterz.altervista.org/forum

      Comment


      • #4
        ma è immune..infatti cerca di connettere ma è sempre in attesa e nn gi riesce mai la connessione..cmq mi rompe ke mi stacca la connessione cosi all'improvviso..nn è uno spyware ho gia controllato. Ho cercato il sudetto file ke si innestava nel processo ma appena lo elimino egli si ripristina cm niente...Ho installato un anti dialer ke mi blocca il file ma ke nn me lo elimina..nn si puoi eliminare definitivamente?
        «There's no knowledge that has the power to change your fate.»

        Comment


        • #5
          Prova a sondare tutti i files, sopratutto quelli nelle cartelle windows e system32. Ordinali per data e con un rapido controllo vedi quali sono quelli più recenti...non dovrebbe essere difficile stanarlo....lo elimi ed è finito li il problema.Però sta attento perchè se non sei molto esperto rischi di "sfasciare" il sistema operativo (ad esempio cancellando un file essenziale per l'avvio del sistema operativo)

          sigpic
          Max Pezzali Mania
          ---> http://www.maxpezzalimania.it

          Comment


          • #6
            la connessione adsl dovrebbe essere immune....anche a mè è successo che la connessione rimaneva in attesa.....ho riavviato...e non mi ha dato + problemi....
            Io le mie colpe le sto ancora pagando, tu che mi dici delle tue?

            Comment


            • #7
              formatta...
              anche un mio amico si era preso un dialer...
              boh nn si eliminava.
              ha dovuto formattare.
              e visto che ci sei fatti due partizioni:
              a una metti WinZozz$ e all'altra linux.
              per iniziare ti consiglio o SuSE o mandrake.
              hey brother, welcome to hell!
              http://skaterz.altervista.org/forum

              Comment


              • #8
                Prova a scaricare hijackthis e fare il log, poi lo posti qua
                sigpic

                Comment


                • #9
                  Originariamente Scritto da Marco ¬¬
                  Prova a scaricare hijackthis e fare il log, poi lo posti qua
                  il log di adesso

                  Logfile of HijackThis v1.99.1
                  Scan saved at 22.58.29, on 08/08/2006
                  Platform: Windows XP SP2 (WinNT 5.01.2600)
                  MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

                  Running processes:
                  C:\WINDOWS\System32\smss.exe
                  C:\WINDOWS\system32\winlogon.exe
                  C:\WINDOWS\system32\services.exe
                  C:\WINDOWS\system32\lsass.exe
                  C:\WINDOWS\system32\svchost.exe
                  C:\WINDOWS\System32\svchost.exe
                  C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
                  C:\Programmi\Alwil Software\Avast4\ashServ.exe
                  C:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE
                  C:\WINDOWS\system32\svchost.exe
                  C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
                  C:\WINDOWS\Explorer.EXE
                  C:\WINDOWS\system32\VTTimer.exe
                  C:\WINDOWS\system32\VTtrayp.exe
                  C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
                  C:\Programmi\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe
                  C:\Programmi\Java\jre1.5.0_06\bin\jusched.exe
                  C:\WINDOWS\system32\rundll32.exe
                  C:\Programmi\MessengerPlus! 3\MsgPlus.exe
                  C:\WINDOWS\VM_STI.EXE
                  C:\WINDOWS\system32\rundll32.exe
                  C:\WINDOWS\SOUNDMAN.EXE
                  C:\WINDOWS\system32\ctfmon.exe
                  C:\Programmi\Messenger\msmsgs.exe
                  C:\Programmi\Digisoft AntiDialer\AntiDialer.exe
                  C:\Programmi\ARESCOM\Modem Telindus Arescom ND220\dslmon.exe
                  C:\WINDOWS\system32\spoolsv.exe
                  F:\Programmi\eMule\emule.exe
                  C:\WINDOWS\system32\taskmgr.exe
                  F:\Simone\Programmi\firefox\firefox.exe
                  C:\Documents and Settings\Simone\Desktop\HijackThis.exe

                  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.1987324.com?301
                  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
                  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
                  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
                  O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
                  O2 - BHO: Active sync - {25E1A054-1262-459F-9F14-BF06148F4253} - C:\WINDOWS\system32\kaboom.dll
                  O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll
                  O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar1.dll
                  O2 - BHO: ComCap - {E1B2E864-8BFC-4072-AE11-924E0F8BBA96} - C:\WINDOWS\system32\comcap16.dll
                  O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
                  O2 - BHO: Dredge - {EB870508-E2B7-4169-8120-760F69703776} - C:\WINDOWS\system32\kaboom.dll
                  O2 - BHO: Intense - {FB47056B-B34D-410E-819A-E8A51CC8E2EB} - C:\WINDOWS\system32\Kaboom.dll
                  O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programmi\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
                  O3 - Toolbar: &Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
                  O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar1.dll
                  O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
                  O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
                  O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
                  O4 - HKLM\..\Run: [GhostStartTrayApp] C:\Programmi\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe
                  O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmi\Java\jre1.5.0_06\bin\jusched.exe
                  O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
                  O4 - HKLM\..\Run: [MessengerPlus3] "C:\Programmi\MessengerPlus! 3\MsgPlus.exe"
                  O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE Philips SPC 300NC PC Camera
                  O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
                  O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar
                  O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
                  O4 - HKLM\..\Run: [DAEMON Tools] "C:\Programmi\DAEMON Tools\daemon.exe" -lang 1033
                  O4 - HKLM\..\Run: [CloneCDTray] "C:\Programmi\SlySoft\CloneCD\CloneCDTray.exe" /s
                  O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
                  O4 - HKLM\..\Run: [TGPro Office] f:\Programmi\TG 6.0\IdxOffice.exe
                  O4 - HKLM\..\Run: [BearShare] "C:\Programmi\BearShare\BearShare.exe" /pause
                  O4 - HKLM\..\Run: [Systems] C:\WINDOWS\system32\spoolsvc.exe
                  O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
                  O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background
                  O4 - HKCU\..\Run: [NBJ] "C:\Programmi\Ahead\Nero BackItUp\NBJ.exe"
                  O4 - Startup: Adobe Gamma.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
                  O4 - Global Startup: Digisoft AntiDialer.lnk = C:\Programmi\Digisoft AntiDialer\AntiDialer.exe
                  O4 - Global Startup: DSLMON.lnk = ?
                  O4 - Global Startup: Traduttore in Internet.lnk = F:\Programmi\TG 6.0\TGWeb.exe
                  O4 - Global Startup: Traduttore In-Linea.lnk = F:\Programmi\TG 6.0\TGOnLine.exe
                  O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm
                  O8 - Extra context menu item: &Google Search - res://c:\programmi\google\GoogleToolbar1.dll/cmsearch.html
                  O8 - Extra context menu item: &Translate English Word - res://c:\programmi\google\GoogleToolbar1.dll/cmwordtrans.html
                  O8 - Extra context menu item: Backward Links - res://c:\programmi\google\GoogleToolbar1.dll/cmbacklinks.html
                  O8 - Extra context menu item: Cached Snapshot of Page - res://c:\programmi\google\GoogleToolbar1.dll/cmcache.html
                  O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm
                  O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
                  O8 - Extra context menu item: Similar Pages - res://c:\programmi\google\GoogleToolbar1.dll/cmsimilar.html
                  O8 - Extra context menu item: Translate Page into English - res://c:\programmi\google\GoogleToolbar1.dll/cmtrans.html
                  O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll
                  O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.5.0_06\bin\ssv.dll
                  O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
                  O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
                  O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
                  O15 - Trusted Zone: www.1987324.com
                  O15 - Trusted Zone: *.aflashcounter.com
                  O15 - Trusted Zone: http://toolbar.imageshack.us
                  O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab
                  O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
                  O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
                  O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab
                  O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab
                  O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by106fd.bay106.hotmail.msn.co...s/MsnPUpld.cab
                  O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1134725654921
                  O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zonelabs.com/bin/pro...anner37600.cab
                  O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
                  O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary...o.cab32846.cab
                  O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
                  O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary...n.cab31267.cab
                  O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
                  O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
                  O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe
                  O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
                  O23 - Service: avast! Antivirus - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashServ.exe
                  O23 - Service: avast! Mail Scanner - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
                  O23 - Service: avast! Web Scanner - Unknown owner - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
                  O23 - Service: GhostStartService - Symantec Corporation - C:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE
                  O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
                  «There's no knowledge that has the power to change your fate.»

                  Comment


                  • #10
                    O2 - BHO: Active sync - {25E1A054-1262-459F-9F14-BF06148F4253} - C:\WINDOWS\system32\kaboom.dll
                    O2 - BHO: Dredge - {EB870508-E2B7-4169-8120-760F69703776} - C:\WINDOWS\system32\kaboom.dll
                    O2 - BHO: Intense - {FB47056B-B34D-410E-819A-E8A51CC8E2EB} - C:\WINDOWS\system32\Kaboom.dll

                    fixa in modalità provvisoria

                    in alternativa prova ewido , aggiornato, e sempre in mod. provvisoria.
                    CM Centurion 532 | Intel Xeon w3540 | Gigabyte GA-X58A-UD3R | Ram 6 gb Corsair xms3 1333 | Nvidia 8800 gts | hd Hitachi sata2 250 gb | hd Hitachi sata2 500gb | Powered by Corsair 750HXEU Modulare | Router Netgear DG834G v3 | Netgear WG111 v2

                    Comment

                    Working...
                    X