Avast blocca minacce relative ad una dll...

**luisa227** · 17-09-2011, 14:41

ho avast aggiornato e pc tools firewall plus come firewall.

Da alcuni giorni mi capita che avast mi blocchi delle minacce da parte di una dll e mi scrive url pericoloso, anche quando magari sono solo su facebook.

Poi alcune volte mi si blocca il task manager e mi esce fuori la voce errore

pzioni di protezione.

Ho fatto la scansione ma non è risultato nulla... che faccio? grazie

poi molto spesso i plugin di skype e flash mi si bloccano. come posso risolvere? ho win vista

**menatwork** · 17-09-2011, 15:33

ciao

scarica questo programmino e mettilo nella directory C dove avrai preparato una cartella con il suo nome.
Lanci l'eseguibile e clicchi su " do a system scan and save a log" alla fine salvi questo file con estensione *.TXT e lo alleghi ad un post sul forum.

**luisa227** · 19-09-2011, 15:18

molte volte dopo aver postato il log non ricevo risposte...speriamo bene in questa volta... GRAZIE

codice:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15.17.31, on 19/09/2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Users\Luisa\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Users\Luisa\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Luisa\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Luisa\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Luisa\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Luisa\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Luisa\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Luisa\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Luisa\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Luisa\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Luisa\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Luisa\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Luisa\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wuauclt.exe
C:\Users\Luisa\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\rundll32.exe
C:\Users\Luisa\AppData\Local\Google\Chrome\Application\chrome.exe
C:\hi\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.com/g/startpage.h...TB&M=eMachines E510
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.com/g/startpage.h...TB&M=eMachines E510
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.com/g/startpage.h...TB&M=eMachines E510
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: ProfileSong Toolbar - {981e53ba-6df4-4d99-8c33-6c398f5c139e} - C:\Program Files\ProfileSong\tbProf.dll
R3 - URLSearchHook: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O2 - BHO: DVDVideoSoftTB - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ProfileSong Toolbar - {981e53ba-6df4-4d99-8c33-6c398f5c139e} - C:\Program Files\ProfileSong\tbProf.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\windows\system32\BAE.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
O3 - Toolbar: ProfileSong Toolbar - {981e53ba-6df4-4d99-8c33-6c398f5c139e} - C:\Program Files\ProfileSong\tbProf.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Program Files\eMachines\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [00PCTFW] "C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe" -s
O4 - HKLM\..\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKCU\..\Run: [EssentialPIM Portable] "C:\Users\Luisa\Documents\utilità\essentialPIm nuovo\EssentialPIM.exe" /autorun
O4 - HKLM\..\Policies\Explorer\Run: [] 
O4 - HKUS\S-1-5-18\..\RunOnce: []  (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: []  (User 'Default user')
O4 - Startup: Sommario di OneNote.onetoc2
O4 - Startup: Windows Mail.lnk = C:\Program Files\Windows Mail\WinMail.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube Download - C:\Users\Luisa\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\Alwil Software\Avast5\afwServ.exe
O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Servizio di Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: ONDA Autorun CDROM Monitor - Unknown owner - C:\Windows\system32\SupportAppXL\onda_mon.exe (file missing)
O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - Unknown owner - C:\Program Files\PC Tools Firewall Plus\FWService.exe
O23 - Service: Vodafone Mobile Connect Service (VMCService) - Vodafone - C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

--
End of file - 11209 bytes

**menatwork** · 19-09-2011, 15:37

un po' di pazienza e risolviamo anche il tuo problema

Lancia HiJackThis
Clicca Do a scan only
Metti la spunta a fianco delle righe che ti segnalo qui sotto
Clicca su Fix Checked

O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll

O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll

O4 - HKLM\..\Policies\Explorer\Run: []

O4 - Startup: Sommario di OneNote.onetoc2

scarica questi programmi e mettili sul desktop

malwarebytes

combofix

avvia malwarebytes

Aggiornalo: clicca sulla scheda "aggiornamenti" => "controlla aggiornamenti"
Esegui una "scansione completa" (seleziona l'opzione)
A scansione completa, fai clic su OK => Mostra i Risultati.
Assicurarti che tutto sia selezionato e clicca clic su Rimuovi selezionati.
Se ti chiede di riavviare, riavvia per completare il processo di pulizia.

lancia combofix

alla richiesta se vuoi installare la recovery console clicca su NO

esegui ComboFix.exe

segui le instruzioni

finita la scansione portati in C:\ e allega nella tua prossima risposta, il contenuto del file di testo Combofix.txt

**menatwork** · 19-09-2011, 16:35

scusa ma hai legato le discussioni? io ora ti sto rispondendo su questa

**luisa227** · 19-09-2011, 17:16

se ti riferisci alla altra mia discussione, no sono 2 pc diversi... sto facendo scan con malwarebytes... posso lanciare in contemporanea combofix?

**menatwork** · 19-09-2011, 19:16

sto facendo scan con malwarebytes... posso lanciare in contemporanea combofix?

ma scherzi???

uno alla volta se non vuoi buttare via il pc

**bootzenn** · 19-09-2011, 19:46

Originariamente inviato da menatwork
uno alla volta se non vuoi buttare via il pc

addirittura

**menatwork** · 19-09-2011, 19:48

ma e' un modo di dire dai

come fai ad avviare due programmi contemporaneamente, c'e' conflitto......

**luisa227** · 19-09-2011, 20:29

ecco il log di combofix...attendo aiuto anke per le altre mie discussioni...

grazie

codice:

ComboFix 11-09-19.01 -  19/09/2011  19.54.16.1.1 - x86
Microsoft® Windows Vista™ Home Basic   6.0.6002.2.1252.39.1040.18.1013.190 [GMT 2:00]
Eseguito da: c:\users\Luisa\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: PC Tools Firewall Plus *Enabled* {175D0B73-9F8F-2CA9-8BF1-62277A276DC9}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
	/wow section - STAGE 4
Accesso negato.
Accesso negato.
SED: can't read SvcDumpFull01: Permission denied
Impossibile accedere al file. Il file è utilizzato da un altro processo.
Impossibile accedere al file. Il file è utilizzato da un altro processo.
Impossibile accedere al file. Il file è utilizzato da un altro processo.
Impossibile accedere al file. Il file è utilizzato da un altro processo.
Impossibile accedere al file. Il file è utilizzato da un altro processo.
Impossibile accedere al file. Il file è utilizzato da un altro processo.
Impossibile accedere al file. Il file è utilizzato da un altro processo.
Accesso negato.
.
	/wow section - STAGE 32A
Accesso negato.
Accesso negato.
FINDSTR: Impossibile aprire temp3100
Accesso negato.
FINDSTR: Impossibile leggere l'elenco dei file da temp3100
Accesso negato.
FINDSTR: Impossibile leggere l'elenco dei file da temp3100
Accesso negato.
Accesso negato.
Impossibile trovare il file temp3101.
Impossibile trovare il file temp3100.
Accesso negato.
.
	/wow section non completata
.
(((((((((((((((((((((((((   Files Creati Da 2011-08-19 al 2011-09-19  )))))))))))))))))))))))))))))))))))
.
.
2011-09-19 14:33 . 2011-09-19 14:33	--------	d-----w-	c:\users\Luisa\AppData\Roaming\Malwarebytes
2011-09-19 14:33 . 2011-09-19 14:33	--------	d-----w-	c:\programdata\Malwarebytes
2011-09-19 14:33 . 2011-08-31 15:00	22216	----a-w-	c:\windows\system32\drivers\mbam.sys
2011-09-19 14:33 . 2011-09-19 14:33	--------	dc----w-	c:\program files\Malwarebytes' Anti-Malware
2011-09-19 13:14 . 2011-09-19 13:14	388096	----a-r-	c:\users\Luisa\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-09-19 13:14 . 2011-09-19 13:14	--------	dc----w-	C:\hi
2011-09-16 21:01 . 2011-08-16 06:48	7152464	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{5E26F47D-FEBB-4779-A67F-D9345A657464}\mpengine.dll
2011-09-16 12:29 . 2011-09-16 12:29	0	---ha-w-	c:\users\Luisa\AppData\Local\BITE11.tmp
2011-09-15 08:57 . 2011-08-10 12:14	2409784	----a-w-	c:\program files\Windows Mail\OESpamFilter.dat
2011-09-14 17:28 . 2011-09-06 20:38	111320	----a-w-	c:\windows\system32\drivers\aswFW.sys
2011-09-14 17:25 . 2011-09-06 20:37	195416	----a-w-	c:\windows\system32\drivers\aswNdis2.sys
2011-09-14 17:25 . 2011-09-06 20:10	12112	----a-w-	c:\windows\system32\drivers\aswNdis.sys
2011-09-11 09:30 . 2011-09-11 09:30	--------	d-----w-	c:\users\Luisa\AppData\Roaming\DVDVideoSoft
2011-09-11 09:29 . 2011-09-11 09:29	--------	d-----w-	c:\users\Luisa\AppData\Local\Conduit
2011-09-11 09:26 . 2011-09-11 09:27	--------	dc----w-	c:\program files\Common Files\DVDVideoSoft
2011-09-11 09:26 . 2011-09-11 09:26	--------	dc----w-	c:\program files\DVDVideoSoft
2011-09-09 09:45 . 2011-09-09 09:46	--------	d-----w-	c:\users\Luisa\AppData\Roaming\PCToolsFirewallPlus
2011-09-09 09:37 . 2011-03-02 10:40	160576	----a-w-	c:\windows\system32\drivers\PCTAppEvent.sys
2011-09-09 09:37 . 2010-03-29 09:06	218592	----a-w-	c:\windows\system32\drivers\PCTCore.sys
2011-09-09 09:37 . 2011-03-24 10:39	105280	----a-w-	c:\windows\system32\drivers\pctwfpfilter.sys
2011-09-09 09:37 . 2011-01-17 07:10	251560	----a-w-	c:\windows\system32\drivers\pctgntdi.sys
2011-09-09 09:32 . 2011-09-09 09:37	--------	dc----w-	c:\program files\Common Files\PC Tools
2011-09-09 09:32 . 2011-01-12 08:36	89472	----a-w-	c:\windows\system32\drivers\pctNdis-PacketFilter.sys
2011-09-09 09:32 . 2010-07-08 06:49	57536	----a-w-	c:\windows\system32\drivers\pctNdis.sys
2011-09-09 09:32 . 2010-02-05 06:26	32808	----a-w-	c:\windows\system32\drivers\pctNdis-DNS.sys
2011-09-09 09:32 . 2011-01-17 06:11	125248	----a-w-	c:\windows\system32\drivers\pctplfw.sys
2011-09-09 09:32 . 2011-09-09 09:48	--------	dc----w-	c:\program files\PC Tools Firewall Plus
2011-08-31 15:54 . 2011-08-31 15:54	--------	d-----w-	c:\programdata\eMule
2011-08-29 16:34 . 2011-08-29 16:35	--------	dc----w-	c:\program files\Apple Software Update
2011-08-29 13:19 . 2011-08-29 13:19	--------	dc----w-	c:\program files\EasyFlirt_Messenger
2011-08-29 11:52 . 2011-08-29 11:52	--------	d-----w-	c:\users\Luisa\AppData\Roaming\com.zoosk.Desktop.096E6A67431258A508A2446A847B240591D2C99B.1
2011-08-29 11:51 . 2011-08-29 11:51	--------	dc----w-	c:\program files\Common Files\Adobe AIR
2011-08-27 18:29 . 2011-08-27 18:29	--------	d-----w-	c:\users\Luisa\AppData\Local\eMule
2011-08-27 18:29 . 2011-08-27 18:29	--------	dc----w-	c:\program files\eMule
2011-08-26 04:12 . 2011-08-26 04:17	--------	d-----w-	c:\users\Luisa\AppData\Roaming\Yahoo!
2011-08-26 04:12 . 2011-08-26 04:13	--------	d-----w-	c:\programdata\Yahoo! Companion
2011-08-26 04:10 . 2011-08-26 04:13	--------	d-----w-	c:\programdata\Yahoo!
2011-08-26 04:04 . 2011-08-26 04:13	--------	dc----w-	c:\program files\Yahoo!
2011-08-24 15:21 . 2011-08-24 15:21	404640	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2011-08-24 12:50 . 2011-06-17 16:03	375808	----a-w-	c:\windows\system32\winsrv.dll
2011-08-24 12:50 . 2011-07-06 15:31	214016	----a-w-	c:\windows\system32\drivers\mrxsmb10.sys
2011-08-24 12:50 . 2011-07-11 13:25	2048	----a-w-	c:\windows\system32\tzres.dll
2011-08-24 12:49 . 2011-06-17 20:13	905104	----a-w-	c:\windows\system32\drivers\tcpip.sys
2011-08-24 12:49 . 2011-06-20 08:54	3602832	----a-w-	c:\windows\system32\ntkrnlpa.exe
2011-08-24 12:49 . 2011-06-20 08:54	3550096	----a-w-	c:\windows\system32\ntoskrnl.exe
2011-08-23 14:39 . 2011-08-23 14:40	--------	dc----w-	c:\program files\Common Files\Adobe
2011-08-23 08:00 . 2011-08-27 12:14	--------	d-----w-	c:\users\Luisa\Tracing
2011-08-23 06:34 . 2011-08-24 17:05	--------	dc----w-	c:\program files\Microsoft Silverlight
2011-08-23 06:25 . 2011-08-23 06:48	--------	dc----w-	C:\b4aa277ebc77f574e1ff610fff
2011-08-23 06:18 . 2009-08-04 08:02	754688	----a-w-	c:\windows\system32\webservices.dll
2011-08-23 06:11 . 2011-08-23 06:11	7450888	-c--a-w-	c:\program files\Common Files\Windows Live\.cache\7b9740901cc615b07\bingbarsetup.exe
2011-08-23 06:10 . 2011-08-23 06:10	15712	-c--a-w-	c:\program files\Common Files\Windows Live\.cache\5efc41101cc615b06\MeshBetaRemover.exe
2011-08-23 06:10 . 2011-08-23 06:10	525656	-c--a-w-	c:\program files\Common Files\Windows Live\.cache\59b3b7101cc615b05\DXSETUP.exe
2011-08-23 06:10 . 2011-08-23 06:10	94040	-c--a-w-	c:\program files\Common Files\Windows Live\.cache\59b3b7101cc615b05\DSETUP.dll
2011-08-23 06:10 . 2011-08-23 06:10	1691480	-c--a-w-	c:\program files\Common Files\Windows Live\.cache\59b3b7101cc615b05\dsetup32.dll
2011-08-23 06:10 . 2011-08-23 06:10	525656	-c--a-w-	c:\program files\Common Files\Windows Live\.cache\48f3d7c01cc615b04\DXSETUP.exe
2011-08-23 06:10 . 2011-08-23 06:10	1691480	-c--a-w-	c:\program files\Common Files\Windows Live\.cache\48f3d7c01cc615b04\dsetup32.dll
2011-08-23 06:10 . 2011-08-23 06:10	94040	-c--a-w-	c:\program files\Common Files\Windows Live\.cache\48f3d7c01cc615b04\DSETUP.dll
2011-08-23 06:09 . 2011-08-23 06:09	6260088	-c--a-w-	c:\program files\Common Files\Windows Live\.cache\30ad8c601cc615b03\Silverlight.4.0.exe
2011-08-23 06:06 . 2011-09-06 11:23	--------	d-----w-	c:\users\Luisa\AppData\Local\Windows Live
2011-08-22 12:34 . 2011-09-06 20:38	442200	----a-w-	c:\windows\system32\drivers\aswSnx.sys
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-06 20:45 . 2010-11-20 19:54	41184	----a-w-	c:\windows\avastSS.scr
2011-09-06 20:45 . 2010-07-31 06:36	199304	----a-w-	c:\windows\system32\aswBoot.exe
2011-09-06 20:37 . 2010-07-31 06:37	320856	----a-w-	c:\windows\system32\drivers\aswSP.sys
2011-09-06 20:36 . 2010-07-31 06:37	34392	----a-w-	c:\windows\system32\drivers\aswRdr.sys
2011-09-06 20:36 . 2010-07-31 06:37	52568	----a-w-	c:\windows\system32\drivers\aswTdi.sys
2011-09-06 20:36 . 2010-07-31 06:37	54616	----a-w-	c:\windows\system32\drivers\aswMonFlt.sys
2011-09-06 20:36 . 2010-07-31 06:37	20568	----a-w-	c:\windows\system32\drivers\aswFsBlk.sys
2011-08-23 07:17 . 2011-03-28 16:36	18328	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
.
.
(((((((((((((((((((((((((((((((((((((   Punti Reg Caricati   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati. 
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{981e53ba-6df4-4d99-8c33-6c398f5c139e}"= "c:\program files\ProfileSong\tbProf.dll" [2010-12-09 3911776]
"{872b5b88-9db5-4310-bdd0-ac189557e5f5}"= "c:\program files\DVDVideoSoftTB\prxtbDVDV.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{981e53ba-6df4-4d99-8c33-6c398f5c139e}]
.
[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-12-09 11:51	3911776	-c--a-w-	c:\program files\ConduitEngine\ConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
2011-01-17 14:54	175912	-c--a-w-	c:\program files\DVDVideoSoftTB\prxtbDVDV.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{981e53ba-6df4-4d99-8c33-6c398f5c139e}]
2010-12-09 11:51	3911776	----a-w-	c:\program files\ProfileSong\tbProf.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{981e53ba-6df4-4d99-8c33-6c398f5c139e}"= "c:\program files\ProfileSong\tbProf.dll" [2010-12-09 3911776]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngine.dll" [2010-12-09 3911776]
"{872b5b88-9db5-4310-bdd0-ac189557e5f5}"= "c:\program files\DVDVideoSoftTB\prxtbDVDV.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{981e53ba-6df4-4d99-8c33-6c398f5c139e}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{981E53BA-6DF4-4D99-8C33-6C398F5C139E}"= "c:\program files\ProfileSong\tbProf.dll" [2010-12-09 3911776]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngine.dll" [2010-12-09 3911776]
"{872B5B88-9DB5-4310-BDD0-AC189557E5F5}"= "c:\program files\DVDVideoSoftTB\prxtbDVDV.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{981e53ba-6df4-4d99-8c33-6c398f5c139e}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-09-06 20:45	122512	----a-w-	c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WarReg_PopUp"="c:\program files\eMachines\WR_PopUp\WarReg_PopUp.exe" [2008-05-09 49152]
"RtHDVCpl"="RtHDVCpl.exe" [2008-04-24 6111232]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-01-22 133656]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2008-05-13 768520]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-01-22 141848]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-07-12 178712]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-01-22 166424]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2007-07-21 159744]
"00PCTFW"="c:\program files\PC Tools Firewall Plus\FirewallGUI.exe" [2011-04-07 2672600]
"avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2011-09-06 3722416]
.
c:\users\Luisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Windows Mail.lnk - c:\program files\Windows Mail\WinMail.exe [2008-1-21 397312]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.

Discussione: Avast blocca minacce relative ad una dll...

Strumenti discussione

Ricerca discussione

Visualizza

minacce...

Permessi di invio