Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Delsim Dialer Is On Computer


  • Please log in to reply
24 replies to this topic

#1 johnvcn

johnvcn

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:18 PM

Posted 09 March 2007 - 12:03 AM

delsim keeps trying to dial out and crashes my network. I know it is malware but how do I get rid of it, Using Win 2003 pro. Uninstalled it in add/remove programs. Removed all registry entries, All OK until I reboot computer then delsim comes back. Thank you in advance for any help.

BC AdBot (Login to Remove)

 


#2 DASOS

DASOS

    Malware hunter


  • Security Colleague
  • 1,662 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greece loutraki 6 km from korinth canal
  • Local time:11:18 PM

Posted 09 March 2007 - 12:39 AM

Hi johnvcn

Welcome to BleepingComputer!

You should print out these instructions, or copy them to a NotePad file for reading while in Safe Mode, because you will not be able to connect to the Internet to read from this site.

Please download, install and update Avg Anti-Spyware 7.5.<--link DO NOT perform a scan yet..

Print out the Avg Install and Scan Instructions<--link

Please download ATF Cleaner<--link by Atribune.DO NOT use yet..

Reboot your computer in SAFE MODE"<--link using the F8 method. To do this, restart your computer and after hearing your computer beep once during startup [but before the Windows icon appears] press the F8 key repeatedly. A menu will appear with several options. Use the arrow keys to navigate and select the option to run Windows in "Safe Mode".Double-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.
If you use Firefox browserClick Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
If you use Opera browserClick Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
Click Exit on the Main menu to close the program.For Technical Support, double-click the e-mail address located at the bottom of each menu.]

now Scan with Avg per the "Safe Mode" instructions you printed out.
IMPORTANT: Do not open any other windows or programs while Avg is scanning, it may interfere with the scanning proccess.

Reboot back to normal mode .

If you are still having problems.. Come back and we'll advise you further.

Stelios :thumbsup:

#3 johnvcn

johnvcn
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:18 PM

Posted 11 March 2007 - 11:38 AM

:thumbsup: :flowers: :trumpet:

THANK YOU

Had to run many times but finally got rid of delsim.

#4 DASOS

DASOS

    Malware hunter


  • Security Colleague
  • 1,662 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greece loutraki 6 km from korinth canal
  • Local time:11:18 PM

Posted 11 March 2007 - 11:53 AM

You’re Welcome :thumbsup:




Stelios :flowers:

#5 ccmht

ccmht

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:12:48 AM

Posted 19 June 2007 - 09:05 AM

Delsim Dialer has come to our network and it affected the main "group policy". We have formatted the main 2003 servers several times and got rid of it with different anti viruses but it keeps coming back. It would not let the administrator login to the server. Please, Please, Please help me on this matter. Should I use the previous method that you have mentioned? I am waiting for your fast and quick response.

#6 DASOS

DASOS

    Malware hunter


  • Security Colleague
  • 1,662 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greece loutraki 6 km from korinth canal
  • Local time:11:18 PM

Posted 19 June 2007 - 10:42 AM

Hi ccmht

Welcome to BC!

Please try the above and let us know the results!



Stelios :thumbsup:

#7 ccmht

ccmht

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:12:48 AM

Posted 21 June 2007 - 02:40 AM

Hi

Thank you for your help.
I could not get " ATF Cleaner" for wnidows 2003, But Instead I worked with McAfee itself.
The Safe mode part was the main step, You were a great help, Thank you.

CCMHT

#8 j0nath4n

j0nath4n

  • Members
  • 81 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Someplace where it rains.
  • Local time:05:18 AM

Posted 21 June 2007 - 09:08 PM

Try turning off System Restore.

#9 DASOS

DASOS

    Malware hunter


  • Security Colleague
  • 1,662 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greece loutraki 6 km from korinth canal
  • Local time:11:18 PM

Posted 22 June 2007 - 04:04 PM

Hi ccmht

You are welcome!

I’m glad I was able to help!



Stelios :thumbsup:

#10 Haakon

Haakon

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:05:18 PM

Posted 23 June 2007 - 03:35 PM

Hello DASOS!

Thank you for your previous instructions on how to remove the Delsim Dialer.

I work in a lab with over several computers, and unfortunatly, they have all been infected. We downloaded the softwares as you states in your previous post, we dissconnected the networking cable to the computer, then ran the safe mode and so on.

We just finished, and AVG did find a dialer, and it was removed.

The problem now is that when we Start>Run>Regedit it still shows a bunch of Delsim Registry files.

Are these important? Will they be in the way? Shall we delete them? Our computers are still isolated from the network.

Thanks again DASOS, and your knowledge is greatly appreciated.

Thank you,
Haakon

#11 DASOS

DASOS

    Malware hunter


  • Security Colleague
  • 1,662 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greece loutraki 6 km from korinth canal
  • Local time:11:18 PM

Posted 23 June 2007 - 04:50 PM

Hi Haakon

Are these important? Will they be in the way?



I don’t think, but if you want to remove them you must back up the registry first! Important!!!!
To export the registry to a ".reg" file, please follow these steps:
  • Close all programs so that you have nothing open and are at the Desktop.
  • Go to Start > Run.
  • In the Run field copy/paste the entire contents inside the QUOTE box below and press the OK button.

regedit /e registry.reg



Now a secure backup copy has been made in your C:\ it should look like this: Posted Image
So if something goes ‘wrong’
Double click on it and when it asks you if you want to merge the contents to the registry, click yes/ok.

Stelios

#12 brad12345

brad12345

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:04:18 PM

Posted 24 June 2007 - 07:07 AM

Hi,

I tried the steps above about 5 times and it keeps returning upon restart. I run XP if that will help you. Do you have any further thoughts or ideas on how to get rid of delsim?
Thanks in advance.

#13 Haakon

Haakon

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:05:18 PM

Posted 24 June 2007 - 07:14 AM

You run Windows Xp and you got the Delsim Dialer? That weird, all of our computers that run Xp were not infected. Only the Windows 2000 ones. Today we are going to clean of the rest of the computers, and then leave everything dissconnected. After we're done, we're going to plug in 1 computer at a time, to see how it works with the network, if it got the virus back, and/or if it works well with the network again.

I wonder why you got it, since you have Windows Xp?

Haakon

***UPDATE***
So we cleaned of every computer, plugged the networking plug back in, and AVG spotted the Dialer again. It took care of it. But is there a software that we could have on all the time to protect us from this? I'm thinking about telling the boss to get Norton Antivirus 2007 Corporate.

Any suggestions?

Edited by Haakon, 24 June 2007 - 02:32 PM.


#14 killerflea

killerflea

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:18 PM

Posted 29 June 2007 - 01:56 PM

Yikes!
This Delsim is madding! Have cleared it off about 20 computers. However, reoccurs on 5. The last one I kept here in the shop purposely a week and a half to make sure it didn't come back. Two hours at the customers home and there it was again!!!!!!!!
I've run all the fixes everyone else have and even manually cleaned the registery......emptied the users IE.content folders....deleted the delsim folder in common files......removed the installx.exe and other del.exe files on the root. Ran sdfix.....avg.....norton......hijackthis......atf.......cleanup.......prevx 2.0........all this in safe mode. BAM!!!!! BACK AGAIN!
I hate it......I Hate IT. Wiping out the drive isn't helping either. Anybody have a clue where it's coming from?
BTW All machines running win 2000 SP4. (possible microsoft update file????)

#15 DASOS

DASOS

    Malware hunter


  • Security Colleague
  • 1,662 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greece loutraki 6 km from korinth canal
  • Local time:11:18 PM

Posted 29 June 2007 - 02:31 PM

Hi killerflea

Welcome to BC!


Try this: Unplug the comp from the internet and run ATF-AVG in safe mode.

Please let us know.



Stelios




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users