Condividi:        

il mio pc "spara" e.mail a raffica!! incredibile!!

Come rimuovere virus e spyware? Le carte di credito sono davvero sicure in rete? È possibile navigare anonimi? Con quali programmi tutelare la propria privacy? Come proteggere i file importanti? Se volete una risposta a queste e altre domande questo è il luogo giusto!

Moderatori: m.paolo, kadosh, Luke57

il mio pc "spara" e.mail a raffica!! incredibile!!

Postdi stellone » 20/02/08 14:13

salve e complimenti per la vostra competenza!!

il mio pc "spara" e.mail a raffica!!!! avast le blocca e con spybot non trovo nessuna cosa fuori posto!!!! ma che virus è? ne avete avuto già notizia? potete aiutarmi ad eleminarlo dal mio portatile?

tra l'altro la cosa singolare è che i destinatari dele e.mail NON sono della mia rubrica outlook ancje perchè non ho service di posta configurati su XP!!!!

sapreste aiutarmi??
stellone
Newbie
 
Post: 3
Iscritto il: 19/02/08 15:48

Sponsor
 

Re: il mio pc "spara" e.mail a raffica!! incredibile!!

Postdi Opensource » 21/02/08 19:31

ciao
sicuramente si tratta di qualche malware!!!!!
posta un log di hijackthis; quale anti virus hai, firewall, come ti connetti a internet? (adsl,router, analogico)
Avatar utente
Opensource
Utente Senior
 
Post: 684
Iscritto il: 02/11/06 20:45

Re: il mio pc "spara" e.mail a raffica!! incredibile!!

Postdi stellone » 23/02/08 13:44

GRAZIE 1000 DELL'INTERESSAMENTO MA SONO RIUSCITO AD ELIMINARLI CON SPYWARE DOCTOR!!! INUTILI TUTTI GLI ALTRI COMPRESI SPYBOT CHE LI RILEVAVA MA NON RIUSCIVA AD ELIMINARLI DEFINITIVAMENTE...

HO SEGUITO GLI ALTRI TOPIC ED HO INIZIATO ANCHE IO A CONTROLLARE I LOG E CHIEDENDO SU INTERNET INFORMAZIONI SU OGNI SINGOLO FILES ORA CREDE DI ESSERE PULITO.

UNA DOMANDA VOGLIO PORTI COMUNQUE: SE TRAMITE LE PROPRIETà DEI FILES CHE TROVO NEL LOG MI RISULTANO LE PROPRIETà DEI FILES ORIGINALI DI WINDOWS E QUINDI I CERTIFICATI, LE VERSIONI...ECC.. SONO VALORI SUFFICIENTI A CERTIFICARNE L'AUTENTICITà OPPURE ANCHE UN FILES "INTRUSO" RIESCE A RIPRODURRE TUTTI QUEI DATI NELLE PROPRIETà DEL FILE STESSO?

( :?: SPERO NON DEBBA APRIRE UN NUOVO TOPIC CREDO SIA ATTINENTE ALLA RIMOZIONE MALWARE ANCHE QUESTA DOMANDA.....CREDO....)
GRAZIE ANTICIPATE COMUNQUE :lol:
stellone
Newbie
 
Post: 3
Iscritto il: 19/02/08 15:48

Re: il mio pc "spara" e.mail a raffica!! incredibile!!

Postdi Opensource » 23/02/08 19:59

bè, se un file infetto vuole riprodurre anche un certificato certamente il suo creatore non avrà problemi a farlo!!!!
comunque per identificare in maniera rapida la genuinità o la nocività di un files,si ricorre principalmente alla scansione con più antivirus (on-line ci sono servizi a tale impiego come virustotal), la consultazione di librerie di identificazione dei file come (processlibrary, castlecops etc) e si controlla se combacia la loro directory.
Avatar utente
Opensource
Utente Senior
 
Post: 684
Iscritto il: 02/11/06 20:45

Re: il mio pc "spara" e.mail a raffica!! incredibile!!

Postdi stellone » 25/02/08 14:37

grazie 100000000000 proverò a seguire il tuo consiglio e vedrò se ci capisco qualche cosa... :lol: :lol:
stellone
Newbie
 
Post: 3
Iscritto il: 19/02/08 15:48

Re: il mio pc "spara" e.mail a raffica!! incredibile!!

Postdi simonoir » 01/03/08 18:38

Io credo di avere un problema con uno dei miei indirizzi di posta perché mi arrivano centinaia di reply al giorno in tutte le lingue tipo failure notice. Spybot corregge degli errori ma dopo tutto si ripresenta. :evil: Che posso fare?
Grazie!
simonoir
Utente Junior
 
Post: 72
Iscritto il: 20/11/06 20:46
Località: napoli

Re: il mio pc "spara" e.mail a raffica!! incredibile!!

Postdi Opensource » 01/03/08 20:19

ciao
posta un log di hijackthis!!!
Avatar utente
Opensource
Utente Senior
 
Post: 684
Iscritto il: 02/11/06 20:45

Re: il mio pc "spara" e.mail a raffica!! incredibile!!

Postdi simonoir » 01/03/08 22:12

Logfile of HijackThis v1.99.1
Scan saved at 22.11.33, on 01/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\D-Link\Software Bluetooth\bin\btwdins.exe
c:\windows\system32\svchost.exe
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Programmi\Eset\nod32krn.exe
C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe
C:\Programmi\Linksys Wireless-G USB Wireless Network Monitor\WUSB54Gv4.exe
C:\WINDOWS\system32\VTTimer.exe
C:\Programmi\Eset\nod32kui.exe
C:\Programmi\File comuni\Real\Update_OB\realsched.exe
C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\VTtrayp.exe
C:\Programmi\Messenger\msmsgs.exe
C:\Programmi\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Programmi\Linksys Wireless-G USB Wireless Network Monitor\InfoMyCa.exe
C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Programmi\Nokia\Nokia PC Suite 6\PCSuite.exe
C:\Programmi\D-Link\Software Bluetooth\BTTray.exe
C:\Programmi\Logitech\SetPoint\SetPoint.exe
C:\WINDOWS\TWAIN_32\A4CIS\WATCH.exe
C:\Programmi\File comuni\Logishrd\KHAL2\KHALMNPR.EXE
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
C:\Programmi\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Programmi\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Programmi\PC Connectivity Solution\Transports\NclBCBTSrv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\cmd.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\File comuni\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\DOCUME~1\XP\IMPOST~1\Temp\Rar$EX00.656\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=488
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Programmi\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar2.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programmi\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Programmi\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Programmi\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [WUSB54Gv4] C:\Programmi\Linksys Wireless-G USB Wireless Network Monitor\InvokeSvc3.exe
O4 - HKLM\..\Run: [VTtrayp] VTtrayp.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [IncrediMail] C:\Programmi\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LDM] C:\Programmi\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [swg] C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Programmi\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
O4 - Startup: Watch.lnk = C:\WINDOWS\TWAIN_32\A4CIS\WATCH.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programmi\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Programmi\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Aggiungi all'elenco di stampa Easy-WebPrint - res://C:\Programmi\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Anteprima Easy-WebPrint - res://C:\Programmi\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Invia a &Bluetooth - C:\Programmi\D-Link\Software Bluetooth\btsendto_ie_ctx.htm
O8 - Extra context menu item: Stampa ad alta velocità Easy-WebPrint - res://C:\Programmi\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Stampa Easy-WebPrint - res://C:\Programmi\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\D-Link\Software Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\D-Link\Software Bluetooth\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Programmi\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 5082111671
O17 - HKLM\System\CCS\Services\Tcpip\..\{13F60B6B-F1EC-4798-8465-6843C96234D3}: NameServer = 193.70.192.25,193.70.152.25
O18 - Protocol: bw+0 - {46808876-E4BB-4743-973E-9EC4A58AD03F} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {46808876-E4BB-4743-973E-9EC4A58AD03F} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {46808876-E4BB-4743-973E-9EC4A58AD03F} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {46808876-E4BB-4743-973E-9EC4A58AD03F} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {46808876-E4BB-4743-973E-9EC4A58AD03F} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {46808876-E4BB-4743-973E-9EC4A58AD03F} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {46808876-E4BB-4743-973E-9EC4A58AD03F} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {46808876-E4BB-4743-973E-9EC4A58AD03F} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {46808876-E4BB-4743-973E-9EC4A58AD03F} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {46808876-E4BB-4743-973E-9EC4A58AD03F} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {46808876-E4BB-4743-973E-9EC4A58AD03F} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {46808876-E4BB-4743-973E-9EC4A58AD03F} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {46808876-E4BB-4743-973E-9EC4A58AD03F} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {46808876-E4BB-4743-973E-9EC4A58AD03F} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {46808876-E4BB-4743-973E-9EC4A58AD03F} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {46808876-E4BB-4743-973E-9EC4A58AD03F} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {46808876-E4BB-4743-973E-9EC4A58AD03F} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {46808876-E4BB-4743-973E-9EC4A58AD03F} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {46808876-E4BB-4743-973E-9EC4A58AD03F} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {46808876-E4BB-4743-973E-9EC4A58AD03F} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {46808876-E4BB-4743-973E-9EC4A58AD03F} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {46808876-E4BB-4743-973E-9EC4A58AD03F} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {46808876-E4BB-4743-973E-9EC4A58AD03F} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {46808876-E4BB-4743-973E-9EC4A58AD03F} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {46808876-E4BB-4743-973E-9EC4A58AD03F} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {46808876-E4BB-4743-973E-9EC4A58AD03F} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {46808876-E4BB-4743-973E-9EC4A58AD03F} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {46808876-E4BB-4743-973E-9EC4A58AD03F} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {46808876-E4BB-4743-973E-9EC4A58AD03F} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {46808876-E4BB-4743-973E-9EC4A58AD03F} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {46808876-E4BB-4743-973E-9EC4A58AD03F} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {46808876-E4BB-4743-973E-9EC4A58AD03F} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {46808876-E4BB-4743-973E-9EC4A58AD03F} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {46808876-E4BB-4743-973E-9EC4A58AD03F} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {46808876-E4BB-4743-973E-9EC4A58AD03F} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {46808876-E4BB-4743-973E-9EC4A58AD03F} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {46808876-E4BB-4743-973E-9EC4A58AD03F} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {46808876-E4BB-4743-973E-9EC4A58AD03F} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {46808876-E4BB-4743-973E-9EC4A58AD03F} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {46808876-E4BB-4743-973E-9EC4A58AD03F} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {46808876-E4BB-4743-973E-9EC4A58AD03F} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {46808876-E4BB-4743-973E-9EC4A58AD03F} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {46808876-E4BB-4743-973E-9EC4A58AD03F} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {46808876-E4BB-4743-973E-9EC4A58AD03F} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {46808876-E4BB-4743-973E-9EC4A58AD03F} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {46808876-E4BB-4743-973E-9EC4A58AD03F} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {46808876-E4BB-4743-973E-9EC4A58AD03F} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {46808876-E4BB-4743-973E-9EC4A58AD03F} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {46808876-E4BB-4743-973E-9EC4A58AD03F} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {46808876-E4BB-4743-973E-9EC4A58AD03F} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {46808876-E4BB-4743-973E-9EC4A58AD03F} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {46808876-E4BB-4743-973E-9EC4A58AD03F} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {46808876-E4BB-4743-973E-9EC4A58AD03F} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {46808876-E4BB-4743-973E-9EC4A58AD03F} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {46808876-E4BB-4743-973E-9EC4A58AD03F} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {46808876-E4BB-4743-973E-9EC4A58AD03F} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {46808876-E4BB-4743-973E-9EC4A58AD03F} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {46808876-E4BB-4743-973E-9EC4A58AD03F} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {46808876-E4BB-4743-973E-9EC4A58AD03F} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {46808876-E4BB-4743-973E-9EC4A58AD03F} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {46808876-E4BB-4743-973E-9EC4A58AD03F} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {46808876-E4BB-4743-973E-9EC4A58AD03F} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {46808876-E4BB-4743-973E-9EC4A58AD03F} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {46808876-E4BB-4743-973E-9EC4A58AD03F} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {46808876-E4BB-4743-973E-9EC4A58AD03F} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {46808876-E4BB-4743-973E-9EC4A58AD03F} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {46808876-E4BB-4743-973E-9EC4A58AD03F} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {46808876-E4BB-4743-973E-9EC4A58AD03F} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {46808876-E4BB-4743-973E-9EC4A58AD03F} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {46808876-E4BB-4743-973E-9EC4A58AD03F} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {46808876-E4BB-4743-973E-9EC4A58AD03F} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {46808876-E4BB-4743-973E-9EC4A58AD03F} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {46808876-E4BB-4743-973E-9EC4A58AD03F} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {46808876-E4BB-4743-973E-9EC4A58AD03F} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {46808876-E4BB-4743-973E-9EC4A58AD03F} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {46808876-E4BB-4743-973E-9EC4A58AD03F} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {46808876-E4BB-4743-973E-9EC4A58AD03F} - C:\Programmi\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: LBTWlgn - c:\programmi\file comuni\logitech\bluetooth\LBTWlgn.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programmi\D-Link\Software Bluetooth\bin\btwdins.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Programmi\File comuni\Logitech\Bluetooth\LBTServ.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Programmi\Eset\nod32krn.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: WUSB54Gv4SVC - Unknown owner - C:\Programmi\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe" "WUSB54Gv4.exe (file missing)
simonoir
Utente Junior
 
Post: 72
Iscritto il: 20/11/06 20:46
Località: napoli

Re: il mio pc "spara" e.mail a raffica!! incredibile!!

Postdi Opensource » 02/03/08 13:20

ciao
il tuo log è pulito!!!!
Vi è una voce riguardante il Logitech Desktop Messenger che si ripete molte volte nel log; il file è sicuro ma se non utilizzi questo servizio potresti rimuoverlo disinstallando il programma da aggiungi/rimuovi applicazioni di wndows. Posta magari un poi un log per vedere se è stato rimosso correttamente!!!!

per il tuo problema, non saprei come aiutarti, in quanto ricevi e-mail (magari spam), e qui non puoi fare niente altro se non installare un buon anti-spam.
Per i problemi che spybot rileva e che poi si ripresentano,disattiva prima il ripristino automatico di sistema (importante per la rimozione di malware),riavvia in odalità provvisoria ed esegui la scansione, correggendo i problemi; riavvia in modalità normale ed riesegui nuovamente la scansione(disconnettendoti da internet).

aspetto notizie
Avatar utente
Opensource
Utente Senior
 
Post: 684
Iscritto il: 02/11/06 20:45

Re: il mio pc "spara" e.mail a raffica!! incredibile!!

Postdi simonoir » 03/03/08 14:17

Logfile of HijackThis v1.99.1
Scan saved at 14.14.29, on 03/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\D-Link\Software Bluetooth\bin\btwdins.exe
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\services.exe
C:\Programmi\Eset\nod32krn.exe
C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe
C:\Programmi\Linksys Wireless-G USB Wireless Network Monitor\WUSB54Gv4.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\VTTimer.exe
C:\Programmi\Eset\nod32kui.exe
C:\Programmi\File comuni\Real\Update_OB\realsched.exe
C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\VTtrayp.exe
C:\Programmi\Messenger\msmsgs.exe
C:\Programmi\Linksys Wireless-G USB Wireless Network Monitor\InfoMyCa.exe
C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Programmi\Nokia\Nokia PC Suite 6\PCSuite.exe
C:\Programmi\D-Link\Software Bluetooth\BTTray.exe
C:\Programmi\Logitech\SetPoint\SetPoint.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\WINDOWS\TWAIN_32\A4CIS\WATCH.exe
C:\Programmi\File comuni\Logishrd\KHAL2\KHALMNPR.EXE
C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
C:\Programmi\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Programmi\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Programmi\PC Connectivity Solution\Transports\NclBCBTSrv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\File comuni\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programmi\WinRAR\WinRAR.exe
C:\DOCUME~1\XP\IMPOST~1\Temp\Rar$EX00.093\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=488
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Programmi\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmi\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmi\google\googletoolbar2.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programmi\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Programmi\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Programmi\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmi\File comuni\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [WUSB54Gv4] C:\Programmi\Linksys Wireless-G USB Wireless Network Monitor\InvokeSvc3.exe
O4 - HKLM\..\Run: [VTtrayp] VTtrayp.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [IncrediMail] C:\Programmi\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Programmi\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Programmi\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
O4 - Startup: Watch.lnk = C:\WINDOWS\TWAIN_32\A4CIS\WATCH.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Logitech SetPoint.lnk = C:\Programmi\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmi\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Aggiungi all'elenco di stampa Easy-WebPrint - res://C:\Programmi\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Anteprima Easy-WebPrint - res://C:\Programmi\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Invia a &Bluetooth - C:\Programmi\D-Link\Software Bluetooth\btsendto_ie_ctx.htm
O8 - Extra context menu item: Stampa ad alta velocità Easy-WebPrint - res://C:\Programmi\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Stampa Easy-WebPrint - res://C:\Programmi\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\D-Link\Software Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\D-Link\Software Bluetooth\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Programmi\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 5082111671
O17 - HKLM\System\CCS\Services\Tcpip\..\{13F60B6B-F1EC-4798-8465-6843C96234D3}: NameServer = 193.70.192.25,193.70.152.25
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: LBTWlgn - c:\programmi\file comuni\logitech\bluetooth\LBTWlgn.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programmi\D-Link\Software Bluetooth\bin\btwdins.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Programmi\File comuni\Logitech\Bluetooth\LBTServ.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Programmi\Eset\nod32krn.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: WUSB54Gv4SVC - Unknown owner - C:\Programmi\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe" "WUSB54Gv4.exe (file missing)

Per ora ho soltanto eliminato il Logitech desktop messenger.
Però tieni presente che io non ricevo mail ma è il mio indirizzo di posta che le invia e poi mi ritornano indietro probabilmente bloccate dai vari firewall.
Oggi farò il resto di ciò che mi hai detto, nel frattempo vedi se la disinstallazione è avvenuta correttamente.
Grazie per la pazienza!
simonoir
Utente Junior
 
Post: 72
Iscritto il: 20/11/06 20:46
Località: napoli

Re: il mio pc "spara" e.mail a raffica!! incredibile!!

Postdi Opensource » 04/03/08 14:34

perfetto!!!!
Avatar utente
Opensource
Utente Senior
 
Post: 684
Iscritto il: 02/11/06 20:45


Torna a Sicurezza e Privacy


Topic correlati a "il mio pc "spara" e.mail a raffica!! incredibile!!":


Chi c’è in linea

Visitano il forum: Nessuno e 35 ospiti