|
| HOMEPAGE | INDICE FORUM | REGOLAMENTO | ::. | NEI PREFERITI | .:: | RSS Forum | RSS News | NEWS web | NEWS software | |
| PUBBLICITA' | | | ARTICOLI | WIN XP | VISTA | WIN 7 | REGISTRI | SOFTWARE | MANUALI | RECENSIONI | LINUX | HUMOR | HARDWARE | DOWNLOAD | | | CERCA nel FORUM » | |
23-01-2007, 18.02.58 | #1 |
Hero Member
Registrato: 27-07-2004
Loc.: Bologna
Messaggi: 574
|
[Email] Adware che manda email a raffica
Sembra che abbia preso un adware che invia email direttamente dal mio pc, perchè da qualche giorno quando spedisco un messaggio il destinatario lo riceve solo dopo qualche ora mentre prima in pochi minuti arrivava (e il problema ce l'ho con tutti i destinatari di posta). Il problema a detta da chi gestisce il server mail che utilizzo è che dal mio pc vengono mandati 200 e passa messeggi che vanno in coda e quindi il destinatario riceve i miei messaggi solo dopo che la coda si è liberata. Ho lanciato qualsiasi antiadware (spybots&d, adware ecc) ma non trova nulla di particolare aparte qualche cookie. A questo punto non so quale sia l'adware che ho effettivamente preso, perchè non lo riesco ad individuare, e senza il mone non posso risalire alla cura. Grazie a chi risponderà. |
23-01-2007, 20.05.29 | #2 |
Gold Member
Top Poster
Registrato: 20-08-2002
Loc.: Mestre
Messaggi: 3.563
|
Più che un adware magari è un virus.
Posta un log della scansione di hijackthis, poi vediamo come proseguire.
___________________________________
Solo gli operai sanno quanto vale il tempo; se lo fanno sempre pagare. |
24-01-2007, 11.34.23 | #3 |
Hero Member
Registrato: 27-07-2004
Loc.: Bologna
Messaggi: 574
|
Logfile of HijackThis v1.99.1
Scan saved at 10.47.29, on 24/01/2007 Platform: Windows 2000 SP4 (WinNT 5.00.2195) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINNT\System32\smss.exe C:\WINNT\system32\winlogon.exe C:\WINNT\system32\services.exe C:\WINNT\system32\lsass.exe C:\WINNT\System32\termsrv.exe C:\WINNT\system32\svchost.exe C:\WINNT\System32\svchost.exe C:\WINNT\system32\spoolsv.exe C:\PROGRA~1\APC\POWERC~1\agent\pbeagent.exe C:\PROGRA~1\APC\POWERC~1\server\PBESER~1.EXE C:\Programmi\VERITAS\Backup Exec\RANT\beremote.exe C:\Programmi\CA\SharedComponents\CA_LIC\lic98rmt.e xe C:\WINNT\System32\cisvc.exe C:\hp\hpsmh\data\cgi-bin\vcagent\vcagent.exe C:\WINNT\system32\Dfssvc.exe C:\WINNT\System32\inetsrv\inetinfo.exe C:\Programmi\CA\eTrust Antivirus\InoRpc.exe C:\Programmi\CA\eTrust Antivirus\InoRT.exe C:\Programmi\CA\eTrust Antivirus\InoTask.exe C:\WINNT\System32\llssrv.exe C:\Programmi\CA\SharedComponents\CA_LIC\LogWatNT.e xe C:\WINNT\System32\tcpsvcs.exe C:\WINNT\system32\ntfrs.exe C:\oracle\ora81\bin\dbsnmp.exe C:\oracle\ora81\bin\vppdc.exe C:\oracle\ora81\BIN\TNSLSNR.exe c:\oracle\ora81\bin\ORACLE.EXE c:\oracle\ora81\bin\ORACLE.EXE C:\WINNT\system32\spool\DRIVERS\W32X86\3\HPZipm12. exe C:\WINNT\system32\regsvc.exe C:\WINNT\System32\locator.exe c:\saprouter\saprouter.exe C:\WINNT\system32\MSTask.exe C:\WINNT\System32\snmp.exe C:\hp\hpsmh\bin\smhstart.exe C:\WINNT\System32\WBEM\WinMgmt.exe C:\WINNT\System32\wins.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\CPQNiMgt\cpqnimgt.exe C:\WINNT\system32\CPQMgmt\CqMgServ\cqmgserv.exe C:\WINNT\system32\CPQMgmt\CqMgStor\cqmgstor.exe C:\hp\hpsmh\bin\hpsmhd.exe C:\WINNT\System32\dns.exe C:\WINNT\System32\ismserv.exe C:\WINNT\System32\msdtc.exe C:\WINNT\system32\sysdown.exe C:\WINNT\system32\CPQMgmt\CqMgHost\cqmghost.exe C:\WINNT\System32\rsvp.exe C:\WINNT\Explorer.EXE C:\hp\hpsmh\bin\rotatelogs.exe C:\hp\hpsmh\bin\rotatelogs.exe C:\hp\hpsmh\bin\hpsmhd.exe C:\hp\hpsmh\bin\rotatelogs.exe C:\hp\hpsmh\bin\rotatelogs.exe C:\PROGRA~1\CA\ETRUST~1\realmon.exe C:\WINNT\System32\svchost.exe C:\WINNT\System32\cidaemon.exe C:\RelayFax\app\RelayFax.exe C:\WINNT\system32\RFENGINE.EXE C:\WINNT\system32\winlogon.exe C:\WINNT\system32\rdpclip.exe C:\WINNT\Explorer.EXE C:\PROGRA~1\CA\ETRUST~1\realmon.exe C:\WINNT\System32\cidaemon.exe C:\Documents and Settings\administrator.MOMA\Desktop\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti O3 - Toolbar: @msdxmLC.dll,-1@1040,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx O4 - HKLM\..\Run: [Realtime Monitor] C:\PROGRA~1\CA\ETRUST~1\realmon.exe -s O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn...taller_gmn.cab O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://eu-housecall.trendmicro-europ...vex/hcImpl.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1153226326343 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1153227039953 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = moma.locale O17 - HKLM\System\CCS\Services\Tcpip\..\{6F403125-4104-405F-B2EE-B0050B076DB2}: NameServer = 192.168.0.200,192.168.0.82 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = moma.locale O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = moma.locale O23 - Service: APC PBE Agent (APCPBEAgent) - APC - C:\PROGRA~1\APC\POWERC~1\agent\pbeagent.exe O23 - Service: APC PBE Server (APCPBEServer) - APC - C:\PROGRA~1\APC\POWERC~1\server\PBESER~1.EXE O23 - Service: Backup Exec Remote Agent for Windows Servers (BackupExecAgentAccelerator) - Symantec Corporation - C:\Programmi\VERITAS\Backup Exec\RANT\beremote.exe O23 - Service: CA License Client (CA_LIC_CLNT) - Computer Associates International Inc. - C:\Programmi\CA\SharedComponents\CA_LIC\lic98rmt.e xe O23 - Service: CA License Server (CA_LIC_SRVR) - Computer Associates International Inc. - C:\Programmi\CA\SharedComponents\CA_LIC\lic98rmtd. exe O23 - Service: HP Insight NIC Agent (CpqNicMgmt) - Hewlett-Packard Company - C:\WINNT\system32\CPQNiMgt\cpqnimgt.exe O23 - Service: HP Version Control Agent (cpqvcagent) - Hewlett-Packard Company - C:\hp\hpsmh\data\cgi-bin\vcagent\vcagent.exe O23 - Service: HP Insight Foundation Agents (CqMgHost) - Hewlett-Packard Company - C:\WINNT\system32\CPQMgmt\CqMgHost\cqmghost.exe O23 - Service: HP Insight Server Agents (CqMgServ) - Hewlett-Packard Company - C:\WINNT\system32\CPQMgmt\CqMgServ\cqmgserv.exe O23 - Service: HP Insight Storage Agents (CqMgStor) - Hewlett-Packard Company - C:\WINNT\system32\CPQMgmt\CqMgStor\cqmgstor.exe O23 - Service: Servizio amministrativo di Gestione disco logico (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe O23 - Service: eTrust Antivirus Admin Server (InoNmSrv) - Computer Associates International, Inc. - C:\Programmi\CA\eTrust Antivirus\InoNmSrv.exe O23 - Service: eTrust Antivirus RPC Server (InoRPC) - Computer Associates International, Inc. - C:\Programmi\CA\eTrust Antivirus\InoRpc.exe O23 - Service: eTrust Antivirus Realtime Server (InoRT) - Computer Associates International, Inc. - C:\Programmi\CA\eTrust Antivirus\InoRT.exe O23 - Service: eTrust Antivirus Job Server (InoTask) - Computer Associates International, Inc. - C:\Programmi\CA\eTrust Antivirus\InoTask.exe O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\Programmi\CA\SharedComponents\CA_LIC\LogWatNT.e xe O23 - Service: OracleOraHome81Agent - Oracle Corporation - C:\oracle\ora81\bin\dbsnmp.exe O23 - Service: OracleOraHome81ClientCache - Unknown owner - C:\oracle\ora81\BIN\ONRSD.EXE O23 - Service: OracleOraHome81CMAdmin - Unknown owner - C:\oracle\ora81\BIN\CMADMIN.EXE O23 - Service: OracleOraHome81CMan - Unknown owner - C:\oracle\ora81\BIN\CMGW.EXE O23 - Service: OracleOraHome81DataGatherer - Oracle Corporation - C:\oracle\ora81\bin\vppdc.exe O23 - Service: OracleOraHome81PagingServer - Unknown owner - C:\oracle\ora81/bin/pagntsrv.exe O23 - Service: OracleOraHome81TNSListener - Unknown owner - C:\oracle\ora81\BIN\TNSLSNR.exe O23 - Service: OracleServiceP2TS - Oracle Corporation - c:\oracle\ora81\bin\ORACLE.EXE O23 - Service: OracleServicePITE - Oracle Corporation - c:\oracle\ora81\bin\ORACLE.EXE O23 - Service: Pml Driver HPZ12 - HP - C:\WINNT\system32\spool\DRIVERS\W32X86\3\HPZipm12. exe O23 - Service: RelayFax Server Engine (RelayFax) - Alt-N Technologies, Ltd. - C:\RelayFax\app\RelayFax.exe O23 - Service: SAPRouter - Unknown owner - c:\saprouter\saprouter.exe O23 - Service: HP ProLiant System Shutdown Service (sysdown) - Compaq Computer Corporation - C:\WINNT\system32\sysdown.exe O23 - Service: HP System Management Homepage (SysMgmtHp) - Hewlett-Packard Company - C:\hp\hpsmh\bin\smhstart.exe |
Utenti attualmente attivi che stanno leggendo questa discussione: 1 (0 utenti e 1 ospiti) | |
Strumenti discussione | |
|
|
Discussioni simili | ||||
Discussione | Autore discussione | Forum | Risposte | Ultimo messaggio |
Spyware che manda email coi miei indirizzi. | polly76 | Sicurezza&Privacy | 5 | 06-04-2009 21.46.12 |
Amic Email Backup 2.0 | crazy.cat | Segnalazioni Web | 4 | 26-11-2007 20.51.54 |
Account email 'usa e getta' | Sbavi | Archivio News Web | 7 | 01-05-2007 18.54.38 |
[SUSE] Qmail - Trovare IP di chi manda email | gutguy | Linux e altri Sistemi Operativi | 0 | 27-02-2007 13.46.17 |
strane email in arrivo | Pandax | Sicurezza&Privacy | 21 | 02-09-2003 05.34.24 |