Punto informatico Network
Login Esegui login | Non sei registrato? Iscriviti ora (è gratuito!)
Username: Password:
  • Annuncio Pubblicitario

diversi problemi dopo installazione avir

Un virus si è intromesso nel tuo computer? Vuoi navigare in tutta sicurezza? Sono sicure le transazione online? Come impedire a malintenzionati di intromettersi nel tuo pc? Come proteggere i tuoi dati? Qui trovi le risposte a queste ed altre domande

Rispondi al messaggio

diversi problemi dopo installazione avir

Messaggioda noviziopasticcio » lun mar 10, 2008 7:00 pm

ciao a tutti
come da oggetto i problemi sono diversi, tutti iniziati da quando sono passato da avast ad avir...
prima di tutto la velocità della mia tiscali 6 mega oggi è mediamente questa
Immagine
l,antivirus nn ne vuole sapere di aggiornarsi causa cadute continue della linea
fino a 3 giorni fa andava tutto perfettamente.oggi faccio uno scan completo con avir con i settaggi suggeriti da hw upgrade forum (da cui ho anche scaricato il programma dal link suggerito visto che da voi non ci riuscivo), poi scan spybot e a squared; tutto pulito sembra....
riavvio e il firewall avvisa che AVIR E' CAMBIATO
Immagine
concedo il cambiamento e provo aggiornamento, ancora senza risultato.
fatto analisi con hijackthis e sottposto log all'analisi automatica ed è uscito questo
Immagine
ho fatto uno scan anche con g mer ma non ci capisco molto(eufemismo)...
allego log hijackthis e g mer per chi se la sentisse di dargli un occhio [:)]
altre stranezze, per ora, alcune applicazioni fanno fatica a chiudersi con spesso finestre di win "l'applicazione non risponde", task manager cher non ne vuole saperne di chiudersi e SO anche lui lentino in chiusura.
Logfile of HijackThis v1.99.1
Scan saved at 18.23.59, on 10/03/2008
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\csrss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\Programmi\Tall Emu\Online Armor\oasrv.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Programmi\a-squared Free\a2service.exe
C:\Programmi\File comuni\Acronis\Schedule2\schedul2.exe
C:\Programmi\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Programmi\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\nvsvc32.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe
C:\Programmi\Tall Emu\Online Armor\oaui.exe
C:\Programmi\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_03\bin\ssv.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [OnlineArmor GUI] "C:\Programmi\Tall Emu\Online Armor\oaui.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Programmi\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min /nosplash
O4 - HKLM\..\Run: [RemoteControl] C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKCU\..\Run: [PeerGuardian] C:\Programmi\PeerGuardian2\pg2.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_03\bin\ssv.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 7732742527
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 5657661338
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Programmi\a-squared Free\a2service.exe
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Programmi\File comuni\Acronis\Schedule2\schedul2.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programmi\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Programmi\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Servizio amministrativo di Gestione disco logico (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\system32\nvsvc32.exe
O23 - Service: Online Armor (SvcOnlineArmor) - Unknown owner - C:\Programmi\Tall Emu\Online Armor\oasrv.exe

---- System - GMER 1.0.14 ----

SSDT \??\C:\WINNT\system32\drivers\OADriver.sys (OA Helper Driver/Tall Emu Pty Ltd) ZwAllocateVirtualMemory [0xBD7E5070]
SSDT \??\C:\WINNT\system32\drivers\OADriver.sys (OA Helper Driver/Tall Emu Pty Ltd) ZwAssignProcessToJobObject [0xBD7E54A0]
SSDT \SystemRoot\System32\Drivers\bcftdi.SYS (Jetico Personal Firewall TDI Filter Driver/Jetico, Inc.) ZwConnectPort [0xEB5575BE]
SSDT \??\C:\WINNT\system32\drivers\OADriver.sys (OA Helper Driver/Tall Emu Pty Ltd) ZwCreateFile [0xBD7E6750]
SSDT \??\C:\WINNT\system32\drivers\OADriver.sys (OA Helper Driver/Tall Emu Pty Ltd) ZwCreateKey [0xBD7E7240]
SSDT \SystemRoot\System32\Drivers\bcftdi.SYS (Jetico Personal Firewall TDI Filter Driver/Jetico, Inc.) ZwCreatePort [0xEB55750E]
SSDT \??\C:\WINNT\system32\drivers\OADriver.sys (OA Helper Driver/Tall Emu Pty Ltd) ZwCreateProcess [0xBD7E55D0]
SSDT \??\C:\WINNT\system32\drivers\OADriver.sys (OA Helper Driver/Tall Emu Pty Ltd) ZwCreateSection [0xBD7E3360]
SSDT \??\C:\WINNT\system32\drivers\OADriver.sys (OA Helper Driver/Tall Emu Pty Ltd) ZwCreateThread [0xBD7E3BA0]
SSDT \??\C:\WINNT\system32\drivers\OADriver.sys (OA Helper Driver/Tall Emu Pty Ltd) ZwDeleteFile [0xBD7E6D00]
SSDT \??\C:\WINNT\system32\drivers\OADriver.sys (OA Helper Driver/Tall Emu Pty Ltd) ZwDeleteKey [0xBD7E61D0]
SSDT \??\C:\WINNT\system32\drivers\OADriver.sys (OA Helper Driver/Tall Emu Pty Ltd) ZwDeleteValueKey [0xBD7E7A20]
SSDT \??\C:\WINNT\system32\drivers\OADriver.sys (OA Helper Driver/Tall Emu Pty Ltd) ZwEnumerateKey [0xBD7E6730]
SSDT \??\C:\WINNT\system32\drivers\OADriver.sys (OA Helper Driver/Tall Emu Pty Ltd) ZwEnumerateValueKey [0xBD7E6740]
SSDT \??\C:\WINNT\system32\drivers\OADriver.sys (OA Helper Driver/Tall Emu Pty Ltd) ZwLoadDriver [0xBD7E4EE0]
SSDT \??\C:\WINNT\system32\drivers\OADriver.sys (OA Helper Driver/Tall Emu Pty Ltd) ZwLoadKey [0xBD7E7D90]
SSDT \??\C:\WINNT\system32\drivers\OADriver.sys (OA Helper Driver/Tall Emu Pty Ltd) ZwOpenFile [0xBD7E6A60]
SSDT \??\C:\WINNT\system32\drivers\OADriver.sys (OA Helper Driver/Tall Emu Pty Ltd) ZwOpenKey [0xBD7E6380]
SSDT \??\C:\WINNT\system32\drivers\OADriver.sys (OA Helper Driver/Tall Emu Pty Ltd) ZwOpenProcess [0xBD7E3900]
SSDT \??\C:\WINNT\system32\drivers\OADriver.sys (OA Helper Driver/Tall Emu Pty Ltd) ZwOpenSection [0xBD7E3590]
SSDT \??\C:\WINNT\system32\drivers\OADriver.sys (OA Helper Driver/Tall Emu Pty Ltd) ZwOpenThread [0xBD7E3D70]
SSDT \??\C:\WINNT\system32\drivers\OADriver.sys (OA Helper Driver/Tall Emu Pty Ltd) ZwProtectVirtualMemory [0xBD7E51E0]
SSDT \??\C:\WINNT\system32\drivers\OADriver.sys (OA Helper Driver/Tall Emu Pty Ltd) ZwQueryKey [0xBD7E6710]
SSDT \??\C:\WINNT\system32\drivers\OADriver.sys (OA Helper Driver/Tall Emu Pty Ltd) ZwQueryValueKey [0xBD7E6720]
SSDT \??\C:\WINNT\system32\drivers\OADriver.sys (OA Helper Driver/Tall Emu Pty Ltd) ZwReplaceKey [0xBD7E6390]
SSDT \??\C:\WINNT\system32\drivers\OADriver.sys (OA Helper Driver/Tall Emu Pty Ltd) ZwRequestWaitReplyPort [0xBD7E4BE0]
SSDT \??\C:\WINNT\system32\drivers\OADriver.sys (OA Helper Driver/Tall Emu Pty Ltd) ZwRestoreKey [0xBD7E6550]
SSDT \??\C:\WINNT\system32\drivers\OADriver.sys (OA Helper Driver/Tall Emu Pty Ltd) ZwResumeThread [0xBD7E45D0]
SSDT \??\C:\WINNT\system32\drivers\OADriver.sys (OA Helper Driver/Tall Emu Pty Ltd) ZwSaveKey [0xBD7E6700]
SSDT \??\C:\WINNT\system32\drivers\OADriver.sys (OA Helper Driver/Tall Emu Pty Ltd) ZwSetContextThread [0xBD7E40D0]
SSDT \??\C:\WINNT\system32\drivers\OADriver.sys (OA Helper Driver/Tall Emu Pty Ltd) ZwSetInformationFile [0xBD7E6F60]
SSDT \??\C:\WINNT\system32\drivers\OADriver.sys (OA Helper Driver/Tall Emu Pty Ltd) ZwSetValueKey [0xBD7E7540]
SSDT \??\C:\WINNT\system32\drivers\OADriver.sys (OA Helper Driver/Tall Emu Pty Ltd) ZwShutdownSystem [0xBD7E4E20]
SSDT \??\C:\WINNT\system32\drivers\OADriver.sys (OA Helper Driver/Tall Emu Pty Ltd) ZwSuspendThread [0xBD7E4470]
SSDT \??\C:\WINNT\system32\drivers\OADriver.sys (OA Helper Driver/Tall Emu Pty Ltd) ZwSystemDebugControl [0xBD7E4350]
SSDT \??\C:\WINNT\system32\drivers\OADriver.sys (OA Helper Driver/Tall Emu Pty Ltd) ZwTerminateProcess [0xBD7E3A50]
SSDT \??\C:\WINNT\system32\drivers\OADriver.sys (OA Helper Driver/Tall Emu Pty Ltd) ZwTerminateThread [0xBD7E3F60]
SSDT \??\C:\WINNT\system32\drivers\OADriver.sys (OA Helper Driver/Tall Emu Pty Ltd) ZwWriteVirtualMemory [0xBD7E5340]

---- Kernel code sections - GMER 1.0.14 ----

? C:\DOCUME~1\DEFAUL~1\IMPOST~1\Temp\mc21.tmp Impossibile trovare il file specificato. !
.text NTDLL.DLL!NtClose 784681F8 5 Bytes JMP 72049770
.text NTDLL.DLL!NtCreateFile 78468278 5 Bytes JMP 7204A570
.text NTDLL.DLL!NtCreateKey 784682A8 5 Bytes JMP 7204ADA0
.text NTDLL.DLL!NtCreateProcess 78468308 5 Bytes JMP 7204AE30
.text NTDLL.DLL!NtCreateSection 78468328 5 Bytes JMP 72049A40
.text NTDLL.DLL!NtLoadDriver 784685BC 5 Bytes JMP 7204A1E0
.text NTDLL.DLL!NtSetValueKey 78468DDC 5 Bytes JMP 7204AD10
.text NTDLL.DLL!NtWriteFile 78468F38 5 Bytes JMP 7204A3D0

---- User code sections - GMER 1.0.14 ----

.text C:\WINNT\system32\mspaint.exe[524] KERNEL32.dll!LoadLibraryExW 796D0595 6 Bytes JMP 5F070F5A
.text C:\WINNT\system32\mspaint.exe[524] KERNEL32.dll!FreeLibrary + 37 796D08CE 4 Bytes [ 6A, F7, 92, E5 ]
.text C:\WINNT\system32\mspaint.exe[524] KERNEL32.dll!CreateProcessA 796D5040 6 Bytes JMP 5F040F5A
.text C:\WINNT\system32\mspaint.exe[524] KERNEL32.dll!CreateProcessW 796D6981 6 Bytes JMP 5F0A0F5A
.text C:\WINNT\system32\mspaint.exe[524] USER32.dll!ExitWindowsEx 77E420E8 6 Bytes JMP 5F0D0F5A
.text C:\WINNT\system32\nvsvc32.exe[744] KERNEL32.dll!FreeLibrary + 37 796D08CE 4 Bytes [ 6A, F7, 92, E5 ]
.text C:\WINNT\system32\MSTask.exe[792] KERNEL32.dll!FreeLibrary + 37 796D08CE 4 Bytes [ 6A, F7, 92, E5 ]
.text C:\Programmi\Mozilla Firefox\firefox.exe[800] KERNEL32.dll!LoadLibraryExW 796D0595 6 Bytes JMP 5F070F5A
.text C:\Programmi\Mozilla Firefox\firefox.exe[800] KERNEL32.dll!FreeLibrary + 37 796D08CE 4 Bytes [ 6A, F7, 92, E5 ]
.text C:\Programmi\Mozilla Firefox\firefox.exe[800] KERNEL32.dll!CreateProcessA 796D5040 6 Bytes JMP 5F040F5A
.text C:\Programmi\Mozilla Firefox\firefox.exe[800] KERNEL32.dll!CreateProcessW 796D6981 6 Bytes JMP 5F0A0F5A
.text C:\Programmi\Mozilla Firefox\firefox.exe[800] USER32.DLL!ExitWindowsEx 77E420E8 6 Bytes JMP 5F0D0F5A
.text C:\WINNT\system32\svchost.exe[952] KERNEL32.dll!FreeLibrary + 37 796D08CE 4 Bytes [ 6A, F7, 92, E5 ]
.text C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe[1088] KERNEL32.dll!LoadLibraryExW 796D0595 6 Bytes JMP 5F070F5A
.text C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe[1088] KERNEL32.dll!FreeLibrary + 37 796D08CE 4 Bytes [ 6A, F7, 92, E5 ]
.text C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe[1088] KERNEL32.dll!CreateProcessA 796D5040 6 Bytes JMP 5F040F5A
.text C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe[1088] KERNEL32.dll!CreateProcessW 796D6981 6 Bytes JMP 5F0A0F5A
.text C:\Programmi\Java\jre1.6.0_03\bin\jusched.exe[1088] USER32.dll!ExitWindowsEx 77E420E8 6 Bytes JMP 5F0D0F5A
.text C:\Programmi\Tall Emu\Online Armor\oaui.exe[1120] kernel32.dll!FreeLibrary + 37 796D08CE 4 Bytes [ 6A, F7, 92, E5 ]
.text C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe[1152] KERNEL32.dll!LoadLibraryExW 796D0595 6 Bytes JMP 5F070F5A
.text C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe[1152] KERNEL32.dll!FreeLibrary + 37 796D08CE 4 Bytes [ 6A, F7, 92, E5 ]
.text C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe[1152] KERNEL32.dll!CreateProcessA 796D5040 6 Bytes JMP 5F040F5A
.text C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe[1152] KERNEL32.dll!CreateProcessW 796D6981 6 Bytes JMP 5F0A0F5A
.text C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe[1152] USER32.dll!ExitWindowsEx 77E420E8 6 Bytes JMP 5F0D0F5A
.text C:\WINNT\system32\mspaint.exe[1292] KERNEL32.dll!LoadLibraryExW 796D0595 6 Bytes JMP 5F070F5A
.text C:\WINNT\system32\mspaint.exe[1292] KERNEL32.dll!FreeLibrary + 37 796D08CE 4 Bytes [ 6A, F7, 92, E5 ]
.text C:\WINNT\system32\mspaint.exe[1292] KERNEL32.dll!CreateProcessA 796D5040 6 Bytes JMP 5F040F5A
.text C:\WINNT\system32\mspaint.exe[1292] KERNEL32.dll!CreateProcessW 796D6981 6 Bytes JMP 5F0A0F5A
.text C:\WINNT\system32\mspaint.exe[1292] USER32.dll!ExitWindowsEx 77E420E8 6 Bytes JMP 5F0D0F5A
.text C:\Documents and Settings\Administrator\Documenti\gmer.exe[1468] KERNEL32.dll!LoadLibraryExW 796D0595 6 Bytes JMP 5F070F5A
.text C:\Documents and Settings\Administrator\Documenti\gmer.exe[1468] KERNEL32.dll!FreeLibrary + 37 796D08CE 4 Bytes [ 6A, F7, 92, E5 ]
.text C:\Documents and Settings\Administrator\Documenti\gmer.exe[1468] KERNEL32.dll!CreateProcessA 796D5040 6 Bytes JMP 5F040F5A
.text C:\Documents and Settings\Administrator\Documenti\gmer.exe[1468] KERNEL32.dll!CreateProcessW 796D6981 6 Bytes JMP 5F0A0F5A
.text C:\Documents and Settings\Administrator\Documenti\gmer.exe[1468] user32.dll!ExitWindowsEx 77E420E8 6 Bytes JMP 5F0D0F5A

---- Kernel IAT/EAT - GMER 1.0.14 ----

IAT \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisRegisterProtocol] [EB533720] \??\C:\WINNT\system32\drivers\OAnet.sys (OA Helper Driver/Tall Emu Pty Ltd)
IAT \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisOpenAdapter] [EB533470] \??\C:\WINNT\system32\drivers\OAnet.sys (OA Helper Driver/Tall Emu Pty Ltd)
IAT \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisGetReceivedPacket] [EB7F18FA] \SystemRoot\System32\Drivers\bc_filter.SYS (Jetico Personal Firewall Network Filter Driver/Jetico, Inc.)
IAT \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisCloseAdapter] [EB533410] \??\C:\WINNT\system32\drivers\OAnet.sys (OA Helper Driver/Tall Emu Pty Ltd)
IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisDeregisterProtocol] [EB533760] \??\C:\WINNT\system32\drivers\OAnet.sys (OA Helper Driver/Tall Emu Pty Ltd)
IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisRegisterProtocol] [EB533720] \??\C:\WINNT\system32\drivers\OAnet.sys (OA Helper Driver/Tall Emu Pty Ltd)
IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisCloseAdapter] [EB533410] \??\C:\WINNT\system32\drivers\OAnet.sys (OA Helper Driver/Tall Emu Pty Ltd)
IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisOpenAdapter] [EB533470] \??\C:\WINNT\system32\drivers\OAnet.sys (OA Helper Driver/Tall Emu Pty Ltd)

---- User IAT/EAT - GMER 1.0.14 ----

IAT C:\Programmi\Tall Emu\Online Armor\oasrv.exe[484] @ C:\WINNT\system32\user32.dll [KERNEL32.dll!CreateThread] [0042CC00] C:\Programmi\Tall Emu\Online Armor\oasrv.exe
IAT C:\Programmi\Tall Emu\Online Armor\oasrv.exe[484] @ C:\WINNT\system32\advapi32.dll [KERNEL32.dll!CreateThread] [0042CC00] C:\Programmi\Tall Emu\Online Armor\oasrv.exe
IAT C:\Programmi\Tall Emu\Online Armor\oasrv.exe[484] @ C:\WINNT\system32\RPCRT4.dll [KERNEL32.dll!CreateThread] [0042CC00] C:\Programmi\Tall Emu\Online Armor\oasrv.exe
IAT C:\Programmi\Tall Emu\Online Armor\oasrv.exe[484] @ C:\WINNT\system32\ole32.dll [KERNEL32.dll!CreateThread] [0042CC00] C:\Programmi\Tall Emu\Online Armor\oasrv.exe
IAT C:\Programmi\Tall Emu\Online Armor\oasrv.exe[484] @ C:\WINNT\system32\shell32.dll [KERNEL32.dll!CreateThread] [0042CC00] C:\Programmi\Tall Emu\Online Armor\oasrv.exe
IAT C:\Programmi\Tall Emu\Online Armor\oasrv.exe[484] @ C:\WINNT\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread] [0042CC00] C:\Programmi\Tall Emu\Online Armor\oasrv.exe
IAT C:\Programmi\Tall Emu\Online Armor\oasrv.exe[484] @ C:\WINNT\system32\WS2_32.DLL [KERNEL32.DLL!CreateThread] [0042CC00] C:\Programmi\Tall Emu\Online Armor\oasrv.exe
IAT C:\Programmi\Tall Emu\Online Armor\oasrv.exe[484] @ C:\WINNT\system32\WS2HELP.DLL [KERNEL32.DLL!CreateThread] [0042CC00] C:\Programmi\Tall Emu\Online Armor\oasrv.exe
IAT C:\Programmi\Tall Emu\Online Armor\oasrv.exe[484] @ C:\WINNT\system32\crypt32.dll [KERNEL32.dll!CreateThread] [0042CC00] C:\Programmi\Tall Emu\Online Armor\oasrv.exe
IAT C:\Programmi\Tall Emu\Online Armor\oaui.exe[1120] @ C:\WINNT\system32\user32.dll [KERNEL32.dll!CreateThread] [0042D004] C:\Programmi\Tall Emu\Online Armor\oaui.exe
IAT C:\Programmi\Tall Emu\Online Armor\oaui.exe[1120] @ C:\WINNT\system32\advapi32.dll [KERNEL32.dll!CreateThread] [0042D004] C:\Programmi\Tall Emu\Online Armor\oaui.exe
IAT C:\Programmi\Tall Emu\Online Armor\oaui.exe[1120] @ C:\WINNT\system32\RPCRT4.dll [KERNEL32.dll!CreateThread] [0042D004] C:\Programmi\Tall Emu\Online Armor\oaui.exe
IAT C:\Programmi\Tall Emu\Online Armor\oaui.exe[1120] @ C:\WINNT\system32\ole32.dll [KERNEL32.dll!CreateThread] [0042D004] C:\Programmi\Tall Emu\Online Armor\oaui.exe
IAT C:\Programmi\Tall Emu\Online Armor\oaui.exe[1120] @ C:\WINNT\system32\shell32.dll [KERNEL32.dll!CreateThread] [0042D004] C:\Programmi\Tall Emu\Online Armor\oaui.exe
IAT C:\Programmi\Tall Emu\Online Armor\oaui.exe[1120] @ C:\WINNT\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread] [0042D004] C:\Programmi\Tall Emu\Online Armor\oaui.exe
IAT C:\Programmi\Tall Emu\Online Armor\oaui.exe[1120] @ C:\WINNT\system32\wininet.dll [KERNEL32.dll!CreateThread] [0042D004] C:\Programmi\Tall Emu\Online Armor\oaui.exe
IAT C:\Programmi\Tall Emu\Online Armor\oaui.exe[1120] @ C:\WINNT\system32\CRYPT32.dll [KERNEL32.dll!CreateThread] [0042D004] C:\Programmi\Tall Emu\Online Armor\oaui.exe
IAT C:\Programmi\Tall Emu\Online Armor\oaui.exe[1120] @ C:\WINNT\system32\WS2_32.DLL [KERNEL32.DLL!CreateThread] [0042D004] C:\Programmi\Tall Emu\Online Armor\oaui.exe
IAT C:\Programmi\Tall Emu\Online Armor\oaui.exe[1120] @ C:\WINNT\system32\WS2HELP.DLL [KERNEL32.DLL!CreateThread] [0042D004] C:\Programmi\Tall Emu\Online Armor\oaui.exe

---- Devices - GMER 1.0.14 ----

Device \Driver\Tcpip \Device\Ip OAmon.sys (TDI Helper Driver/Tall Emu Pty Ltd)
Device \Driver\Tcpip \Device\Tcp OAmon.sys (TDI Helper Driver/Tall Emu Pty Ltd)

AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume1 snapman.sys (Acronis Snapshot API/Acronis)
AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume2 snapman.sys (Acronis Snapshot API/Acronis)

Device \Driver\Tcpip \Device\Udp OAmon.sys (TDI Helper Driver/Tall Emu Pty Ltd)
Device \Driver\Tcpip \Device\RawIp OAmon.sys (TDI Helper Driver/Tall Emu Pty Ltd)
Device \Driver\USB_RNDIS \Device\{52DB1F24-9DD9-48B1-9A58-41D462F77E6B} RNDISMPK.SYS (Remote NDIS Miniport/Microsoft Corporation)
Device \Driver\Tcpip \Device\IPMULTICAST OAmon.sys (TDI Helper Driver/Tall Emu Pty Ltd)

AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

---- Registry - GMER 1.0.14 ----

Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders@C:\Documents and Settings\All Users\Menu Avvio\Programmi\Acronis\Acronis\xa0True\xa0Image\xa0Home\
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\4D1843403DD3EAE4D9E6ACF4BDE4BDB9@F0A903C4F48B6674DA5FFD70FE03D3B4
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2AD617F6F8933D11581E000540386890\Features@WebPublFiles ]aZF&kXsf(lf*L[_GKba}gbvW,Qmf(G'*L[H+8]b_}IuVaZtf(Cyn.Q2tAE!_{@h=i,nf(R8(L[JO9}X_}M^V8Xqf(Rp)L[_GKbahlT]jI{jf(=1&L[-81-][qFvyQP~f(8Hw.QdFt.0)VWe6E%wf(S5YX%43_cm
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2AD617F6F8933D11581E000540386890\InstallProperties@RegOwner alessandro
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2AD617F6F8933D11581E000540386890\InstallProperties@RegCompany
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2AD617F6F8933D11581E000540386890\InstallProperties@ProductID 12345-111-1111111-13553
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2AD617F6F8933D11581E000540386890\InstallProperties@LocalPackage C:\WINNT\Installer\89fc.msi
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2AD617F6F8933D11581E000540386890\InstallProperties@AuthorizedCDFPrefix
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2AD617F6F8933D11581E000540386890\InstallProperties@Comments
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2AD617F6F8933D11581E000540386890\InstallProperties@Contact
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2AD617F6F8933D11581E000540386890\InstallProperties@DisplayVersion 9.50.7522
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2AD617F6F8933D11581E000540386890\InstallProperties@HelpLink http://www.microsoft.com/windows
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2AD617F6F8933D11581E000540386890\InstallProperties@HelpTelephone
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2AD617F6F8933D11581E000540386890\InstallProperties@InstallDate 20070204
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2AD617F6F8933D11581E000540386890\InstallProperties@InstallLocation
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2AD617F6F8933D11581E000540386890\InstallProperties@InstallSource C:\WINNT\system32\
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2AD617F6F8933D11581E000540386890\InstallProperties@NoModify 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2AD617F6F8933D11581E000540386890\InstallProperties@NoRemove 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2AD617F6F8933D11581E000540386890\InstallProperties@NoRepair 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2AD617F6F8933D11581E000540386890\InstallProperties@Publisher Microsoft Corporation
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2AD617F6F8933D11581E000540386890\InstallProperties@Readme
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2AD617F6F8933D11581E000540386890\InstallProperties@Size
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2AD617F6F8933D11581E000540386890\InstallProperties@EstimatedSize 2696
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2AD617F6F8933D11581E000540386890\InstallProperties@SystemComponent 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2AD617F6F8933D11581E000540386890\InstallProperties@URLInfoAbout
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2AD617F6F8933D11581E000540386890\InstallProperties@URLUpdateInfo
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2AD617F6F8933D11581E000540386890\InstallProperties@VersionMajor 9
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2AD617F6F8933D11581E000540386890\InstallProperties@VersionMinor 50
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2AD617F6F8933D11581E000540386890\InstallProperties@WindowsInstaller 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2AD617F6F8933D11581E000540386890\InstallProperties@Version 154279266
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2AD617F6F8933D11581E000540386890\InstallProperties@Language 1040
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2AD617F6F8933D11581E000540386890\InstallProperties@DisplayName WebFldrs
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F0A903C4F48B6674DA5FFD70FE03D3B4\Features@App )R{{7qDm}?AJc+-.L+Wp
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F0A903C4F48B6674DA5FFD70FE03D3B4\InstallProperties@LocalPackage C:\WINNT\Installer\14d65.msi
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F0A903C4F48B6674DA5FFD70FE03D3B4\InstallProperties@AuthorizedCDFPrefix
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F0A903C4F48B6674DA5FFD70FE03D3B4\InstallProperties@Comments
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F0A903C4F48B6674DA5FFD70FE03D3B4\InstallProperties@Contact
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F0A903C4F48B6674DA5FFD70FE03D3B4\InstallProperties@DisplayVersion 1.0.0.1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F0A903C4F48B6674DA5FFD70FE03D3B4\InstallProperties@HelpLink http://www.xxx.com
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F0A903C4F48B6674DA5FFD70FE03D3B4\InstallProperties@HelpTelephone
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F0A903C4F48B6674DA5FFD70FE03D3B4\InstallProperties@InstallDate 20070204
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F0A903C4F48B6674DA5FFD70FE03D3B4\InstallProperties@InstallLocation
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F0A903C4F48B6674DA5FFD70FE03D3B4\InstallProperties@InstallSource C:\WINNT\Downloaded Installations\{F1252331-F51E-4298-851C-30B823D4BD44}\
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F0A903C4F48B6674DA5FFD70FE03D3B4\InstallProperties@NoModify 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F0A903C4F48B6674DA5FFD70FE03D3B4\InstallProperties@NoRemove 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F0A903C4F48B6674DA5FFD70FE03D3B4\InstallProperties@Publisher nobrand
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F0A903C4F48B6674DA5FFD70FE03D3B4\InstallProperties@Readme
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F0A903C4F48B6674DA5FFD70FE03D3B4\InstallProperties@Size
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F0A903C4F48B6674DA5FFD70FE03D3B4\InstallProperties@EstimatedSize 240
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F0A903C4F48B6674DA5FFD70FE03D3B4\InstallProperties@SystemComponent 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F0A903C4F48B6674DA5FFD70FE03D3B4\InstallProperties@URLInfoAbout http://www.xxx.com
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F0A903C4F48B6674DA5FFD70FE03D3B4\InstallProperties@URLUpdateInfo http://www.xxx.com
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F0A903C4F48B6674DA5FFD70FE03D3B4\InstallProperties@VersionMajor 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F0A903C4F48B6674DA5FFD70FE03D3B4\InstallProperties@VersionMinor 0
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F0A903C4F48B6674DA5FFD70FE03D3B4\InstallProperties@WindowsInstaller 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F0A903C4F48B6674DA5FFD70FE03D3B4\InstallProperties@Version 16777216
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F0A903C4F48B6674DA5FFD70FE03D3B4\InstallProperties@Language 1033
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F0A903C4F48B6674DA5FFD70FE03D3B4\InstallProperties@DisplayName USB Remote NDIS Network Device

---- EOF - GMER 1.0.14 ----
SOw2ksp4
grazie in anticipo
Avatar utente
noviziopasticcio
Senior Member
Senior Member
 
Messaggi: 370
Iscritto il: ven nov 04, 2005 11:41 am
Top

Messaggioda ste_95 » lun mar 10, 2008 7:06 pm

Controlla l'esistenza di questo file:

C:\DOCUME~1\DEFAUL~1\IMPOST~1\Temp\mc21.tmp
«A volte è meglio tacere e sembrare stupidi che aprir bocca e togliere ogni dubbio.» Oscar Wilde
Avatar utente
ste_95
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 17271
Iscritto il: lun ago 06, 2007 11:19 am
Top

Messaggioda noviziopasticcio » lun mar 10, 2008 7:15 pm

con la funzione trova file non esiste.devo cercarlo in un altro modo?
Avatar utente
noviziopasticcio
Senior Member
Senior Member
 
Messaggi: 370
Iscritto il: ven nov 04, 2005 11:41 am
Top
Top

Messaggioda ste_95 » lun mar 10, 2008 7:16 pm

Vai a cercare fisicamente nel percorso.
«A volte è meglio tacere e sembrare stupidi che aprir bocca e togliere ogni dubbio.» Oscar Wilde
Avatar utente
ste_95
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 17271
Iscritto il: lun ago 06, 2007 11:19 am
Top

Messaggioda noviziopasticcio » lun mar 10, 2008 7:16 pm

ma anche questa è uns stranezza o è normale che FF vada in USA se mi connetto a voi???Immagine
Avatar utente
noviziopasticcio
Senior Member
Senior Member
 
Messaggi: 370
Iscritto il: ven nov 04, 2005 11:41 am
Top

Messaggioda noviziopasticcio » lun mar 10, 2008 7:25 pm

c/documents and settings/default user/impostazioni locali/temp?
scusa l'imbranataggine [rolleyes]
se doveva essere qui non ci sta
Avatar utente
noviziopasticcio
Senior Member
Senior Member
 
Messaggi: 370
Iscritto il: ven nov 04, 2005 11:41 am
Top

Messaggioda ste_95 » lun mar 10, 2008 7:26 pm

Allora i log sono puliti.

Prova a disattivare Antivir e vedi se il problema persiste.
«A volte è meglio tacere e sembrare stupidi che aprir bocca e togliere ogni dubbio.» Oscar Wilde
Avatar utente
ste_95
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 17271
Iscritto il: lun ago 06, 2007 11:19 am
Top

Messaggioda noviziopasticcio » lun mar 10, 2008 7:28 pm

che diavolo ci fa un www.xxx.com nel log hijackthis se non mi sono mai connesso nè mi ci sono mai ritrovato automaticamente????
Avatar utente
noviziopasticcio
Senior Member
Senior Member
 
Messaggi: 370
Iscritto il: ven nov 04, 2005 11:41 am
Top

Messaggioda noviziopasticcio » lun mar 10, 2008 7:29 pm

disattivo avir guard(ombrello chiuso) o lo termino?
Avatar utente
noviziopasticcio
Senior Member
Senior Member
 
Messaggi: 370
Iscritto il: ven nov 04, 2005 11:41 am
Top

Messaggioda noviziopasticcio » lun mar 10, 2008 7:34 pm

disattivato, adesso si viaggia sui 90kb/sec [:)]
Avatar utente
noviziopasticcio
Senior Member
Senior Member
 
Messaggi: 370
Iscritto il: ven nov 04, 2005 11:41 am
Top

Messaggioda noviziopasticcio » lun mar 10, 2008 7:35 pm

avevo letto(ma non fatto [rolleyes] ) in un file readme di avir che altre guard potevano dare problemi e il firewall ce l'ha.
può essere il problema?
Avatar utente
noviziopasticcio
Senior Member
Senior Member
 
Messaggi: 370
Iscritto il: ven nov 04, 2005 11:41 am
Top

Messaggioda ste_95 » lun mar 10, 2008 7:43 pm

Non so a cosa servano quelle aree del registro.
«A volte è meglio tacere e sembrare stupidi che aprir bocca e togliere ogni dubbio.» Oscar Wilde
Avatar utente
ste_95
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 17271
Iscritto il: lun ago 06, 2007 11:19 am
Top

Messaggioda noviziopasticcio » lun mar 10, 2008 7:44 pm

stavo provando a fare aggiornamento avir(fallito)e il firewall avvisava che g-mer voleva connettersi ad un altro computer......ho negato il permesso ma
notepad.exe è uscito dalla porta 80........problemi in vista?
Avatar utente
noviziopasticcio
Senior Member
Senior Member
 
Messaggi: 370
Iscritto il: ven nov 04, 2005 11:41 am
Top

Messaggioda ste_95 » lun mar 10, 2008 7:52 pm

Imprevedibili. Fai analizzare il file notepad.exe che ha voluto uscire su www.virustotal.com
«A volte è meglio tacere e sembrare stupidi che aprir bocca e togliere ogni dubbio.» Oscar Wilde
Avatar utente
ste_95
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 17271
Iscritto il: lun ago 06, 2007 11:19 am
Top

Messaggioda noviziopasticcio » lun mar 10, 2008 7:55 pm

come faccio a trovarlo?
Avatar utente
noviziopasticcio
Senior Member
Senior Member
 
Messaggi: 370
Iscritto il: ven nov 04, 2005 11:41 am
Top

Messaggioda noviziopasticcio » lun mar 10, 2008 8:16 pm

per l'intanto ho riaperto l'ombrello e cancellato la regola creata (da chi???)per fare uscire notepad.exe dalla porta 80.
ma non è che mi senta molto sicuro in questo momento....mai visto un software di protezione(magari sbaglio a pensare male ma mai visto) che si vuole connettere ad un altro computer e subito dopo un exe che se ne va da solo in rete a farsi i fatti suoi......
Avatar utente
noviziopasticcio
Senior Member
Senior Member
 
Messaggi: 370
Iscritto il: ven nov 04, 2005 11:41 am
Top

Messaggioda ste_95 » lun mar 10, 2008 8:22 pm

Esegui una ricerca nel computer per il file notepad e vedi dove lo trovi.
«A volte è meglio tacere e sembrare stupidi che aprir bocca e togliere ogni dubbio.» Oscar Wilde
Avatar utente
ste_95
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 17271
Iscritto il: lun ago 06, 2007 11:19 am
Top

Messaggioda noviziopasticcio » lun mar 10, 2008 8:43 pm

volevo uploadare un immagine ma nn ci riesco più nemmeno se chiudo l'ombrello...
uno in C WINNT
due in C WINNT help
uno in sysyem 32
uno in system 32 dll cache
tutti vuoti
Avatar utente
noviziopasticcio
Senior Member
Senior Member
 
Messaggi: 370
Iscritto il: ven nov 04, 2005 11:41 am
Top

Messaggioda ste_95 » lun mar 10, 2008 8:46 pm

Analizza su www.virustotal.com tutti quelli che non sono in system32.
«A volte è meglio tacere e sembrare stupidi che aprir bocca e togliere ogni dubbio.» Oscar Wilde
Avatar utente
ste_95
Membro Ufficiale (Gold)
Membro Ufficiale (Gold)
 
Messaggi: 17271
Iscritto il: lun ago 06, 2007 11:19 am
Top

Messaggioda noviziopasticcio » mar mar 11, 2008 2:44 pm

Immagine
questo è il primo della serie, poi il quinto e sesto"notepad" cher ho fatto analizzare da virus total li rimanda a questo file. cercando TR/small.BT su google mi hanno rimandato al forum di avira dove ho visto altri con lo stesso problema. ho sottoposto il file a loro, aspetto risposta e poi ti faccio sapere.
ma non è ironico che tra tutti i software di virus total l'unico che trova qualcosa sia lo stesso che ho installato io e che non lo ha trovato????
spero non sia un falso positivo o sono punto e a capo....
Avatar utente
noviziopasticcio
Senior Member
Senior Member
 
Messaggi: 370
Iscritto il: ven nov 04, 2005 11:41 am
Top
Prossimo
Rispondi al messaggio

Torna a Sicurezza

Chi c’è in linea

Visitano il forum: Nessuno e 13 ospiti

Powered by phpBB © 2002, 2005, 2007, 2008 phpBB Group
Traduzione Italiana phpBB.it

megalab.it: testata telematica quotidiana registrata al Tribunale di Cosenza n. 22/09 del 13.08.2009, editore Master New Media S.r.l.; © Copyright 2008 Master New Media S.r.l. a socio unico - P.I. 02947530784. GRUPPO EDIZIONI MASTER Spa Tutti i diritti sono riservati. Per la pubblicità: Master Advertising