Valutazione 4.87/ 5 (100.00%) 5838 voti

Condividi:        

Notebook và a rallenty

Se il modem non funziona, hai problemi con la scheda video o non sai che processore scegliere entra qui!!

Moderatore: Caffey

Notebook và a rallenty

Postdi ciby » 19/02/12 19:41

Salve a tutti,
il mio ormai vecchio portatile,da ieri và un pò a rallenty stile film Matrix,anche il puntatore del mouse s'impalla per poi riprendere a funzionare momentaneamente...Il fattaccio è avvenuto all'improvviso dopo un riavvio,unica nota,prima di spegnerlo avevo clickato per eseguire la procedura d'installazione aggiornamenti per Xp,senza controllare quali fossero tali aggioenamenti...mea culpa...Sapete darmi qualche consiglio?

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19.32.07, on 19/02/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Intel\Wireless\Bin\EvtEng.exe
C:\Programmi\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Avira\AntiVir Desktop\avguard.exe
C:\Programmi\File comuni\InterVideo\DeviceService\DevSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\WINDOWS\runservice.exe
C:\Programmi\File comuni\LightScribe\LSSrvc.exe
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Programmi\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\vssvc.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ATK0100\HControl.exe
C:\Programmi\ASUSTeK\ASUSDVD\PDVDServ.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
C:\Programmi\Intel\Wireless\bin\ZCfgSvc.exe
C:\Programmi\Intel\Wireless\Bin\ifrmewrk.exe
C:\Programmi\Intel\Wireless\Bin\EOUWiz.exe
C:\Programmi\Windows Defender\MSASCui.exe
C:\Programmi\Avira\AntiVir Desktop\avgnt.exe
C:\Programmi\Unlocker\UnlockerAssistant.exe
C:\Programmi\File comuni\Nokia\MPlatform\NokiaMServer.exe
C:\PROGRA~1\WI9130~1\Datamngr\DATAMN~1.EXE
C:\Programmi\FileServe Manager\FSStarter.exe
C:\Programmi\File comuni\Java\Java Update\jusched.exe
C:\Programmi\Microsoft ActiveSync\wcescomm.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Programmi\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\rundll32.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.findeer.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Programmi\Ask.com\GenericAskToolbar.dll (file missing)
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: FileServeManager - {00000001-AB3B-4334-9DA2-EC6B2A02AFC6} - C:\Programmi\FileServe Manager\FileServeBHO.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - (no file)
O2 - BHO: RewardsArcade - {597A9974-8CB0-4f41-B61F-ED065738A397} - C:\Programmi\RewardsArcade\RewardsArcade.dll
O2 - BHO: Searchqu Toolbar - {7FF99715-3016-4381-84CE-E4E4C9673020} - C:\PROGRA~1\WI9130~1\ToolBar\SearchquDx.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Programmi\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programmi\Ask.com\GenericAskToolbar.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Bandoo IE Plugin - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - (no file)
O3 - Toolbar: Searchqu Toolbar - {7FF99715-3016-4381-84CE-E4E4C9673020} - C:\PROGRA~1\WI9130~1\ToolBar\SearchquDx.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programmi\Ask.com\GenericAskToolbar.dll (file missing)
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ABLKSR] C:\WINDOWS\ABLKSR\ABLKSR.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Programmi\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [avgnt] "C:\Programmi\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Programmi\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [NokiaMServer] C:\Programmi\File comuni\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM\..\Run: [NokiaMusic FastStart] "C:\Programmi\Nokia\Ovi Player\NokiaOviPlayer.exe" /command:faststart
O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~1\WI9130~1\Datamngr\DATAMN~1.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\system32\qttask.exe" -atboottime
O4 - HKLM\..\Run: [FileServe Manager Task] "C:\Programmi\FileServe Manager\FSStarter.exe"
O4 - HKLM\..\Run: [GoogleCrashHandler] C:\Documents and Settings\utente\Impostazioni locali\Dati applicazioni\Google\CrashHandler.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\File comuni\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [CorelDRAW Graphics Suite 11b] C:\Programmi\Corel\Corel Graphics 12\Languages\IT\Programs\Registration.exe /title="CorelDRAW Graphics Suite 12" /date=021912 serial=DR12WRS-1238008-HUY lang=IT
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Programmi\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SynTPEnh] C:\Documents and Settings\utente\Dati applicazioni\Microsoft\taskhost.exe
O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\WINDOWS\system32\Adobe\Shockwave 11\SwHelper_1150600.exe -Update -1150600 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; InfoPath.1)" -"http://arena.fueps.com/t/v/client/info?action=gameClient&tournamentSessionId=30227028&pwd=KXMYDWBONHNX"
O8 - Extra context menu item: Download with FileServe Manager - C:\Programmi\FileServe Manager\GetUrl.htm
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Crea preferiti portatile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: 4APoker - {47DDC1F4-8611-4f89-806E-3CBD8B7F924F} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: 4APoker - {47DDC1F4-8611-4f89-806E-3CBD8B7F924F} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: PartyPoker.it - {4B21E152-BA59-4ebf-B522-8C55B265EE1A} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: PartyPoker.it - {4B21E152-BA59-4ebf-B522-8C55B265EE1A} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: PokerStars.it - {C4046502-6524-4d87-896C-878F57D1FF07} - C:\Programmi\PokerStars.IT\PokerStarsUpdate.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Programmi\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (file missing)
O9 - Extra 'Tools' menuitem: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Programmi\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {1A781DED-C22D-4153-3213-A3211E29DF13} (GameDesire Card Games) - http://194.244.16.123/g_bin/eng/cards_2_0_0_77.cab
O16 - DPF: {32C3FEAE-0877-4767-8C20-62A5829A0945} (FBootloaderAX) - http://static.ak.facebook.com/fbplugin/ ... loader.cab
O16 - DPF: {41ACD49D-1974-791A-0981-AA9872721044} (Ganymede Board Games) - http://194.244.16.123/g_bin/eng/boards_2_0_0_35.cab
O16 - DPF: {4BFD075D-C36E-4F28-BB0A-5D472795197A} (PowerLoader Class) - http://www.powerchallenge.com/applet/PowerLoader.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resour ... se8942.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... ader55.cab
O16 - DPF: {A1FE3DE0-CF77-11D4-8340-0080C8D7ED4A} (GameDesire Pinball Demon) - http://194.244.16.123/g_bin/eng/demon_2_0_0_30.cab
O16 - DPF: {A1FE3DEF-CF77-11D4-8340-0080C8D7ED4A} (GameDesire Pinball Pirate) - http://194.244.16.123/g_bin/eng/pirate_2_0_0_30.cab
O16 - DPF: {A7196C8E-35A5-4FF0-9E46-E28918B5CAF6} (GameDesire Domino) - http://194.244.16.123/g_bin/eng/domino_2_0_0_33.cab
O16 - DPF: {AC120B1D-9411-4111-AF52-118052D85D45} (GameDesire Darts Games) - http://194.244.16.123/g_bin/eng/darts_2_0_0_42.cab
O16 - DPF: {AD7013FF-1D9A-4F36-94A6-3CD408A663F9} (GameDesire BreakOut) - http://194.244.16.123/g_bin/eng/breakout_2_0_0_29.cab
O16 - DPF: {E23FABEE-12E3-33DA-DA12-195DAC123984} (GameDesire Mahjong) - http://194.244.16.117/g_bin/eng/mahjong_2_0_0_31.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E95CF138-A587-4C54-8175-3AD80997CB14} (GameDesire Soccer) - http://194.244.16.123/g_bin/eng/soccer_2_0_0_20.cab
O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C1} (GameDesire Pool 8) - http://194.244.16.123/g_bin/eng/billard8_2_0_0_35.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{551A7EAF-B286-4CA9-AA11-68761837EF89}: NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{9C0BAD72-5A0A-498D-9E17-44995BD884E0}: NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{B17FD737-CA2C-41B0-9616-3C337E3EDC75}: NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{BFDA8734-87FF-43CF-BCC5-BE267AA60C6E}: NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{C1F61BC7-0E2A-4713-A65F-23148C8B20C3}: NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{D6288A30-D351-4F08-B966-5D6004A4047B}: NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CS1\Services\Tcpip\..\{39571517-8CB7-4A35-A03F-BA5FD5DE060B}: NameServer = 176.31.229.24,176.31.229.25
O20 - AppInit_DLLs: c:\progra~1\wi9130~1\datamngr\datamngr.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Programmi\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: Avira AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programmi\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programmi\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Programmi\File comuni\InterVideo\DeviceService\DevSvc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Unknown owner - C:\Programmi\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Programmi\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - C:\WINDOWS\runservice.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programmi\File comuni\LightScribe\LSSrvc.exe
O23 - Service: MAGIX StartUp Analyze Service - MAGIX AG - C:\Programmi\MAGIX\PC_Check_Tuning_2011_Download-Version\MXSAS.exe
O23 - Service: ServiceLayer - Nokia - C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Serv Updater (ServUpdater) - ServiceUpd - C:\Documents and Settings\utente\Impostazioni locali\Dati applicazioni\ServUpdater\ServiceUpd.exe

--
End of file - 13380 bytes
Immagine
Avatar utente
ciby
Utente Junior
 
Post: 62
Iscritto il: 04/07/07 19:02
Località: cagliari

Sponsor
 

Re: Notebook và a rallenty

Postdi FrancescoFDAC » 20/02/12 13:48

Scarica ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
● posiziona il file scaricato sul Desktop
disattiva l'Antivirus in uso, dall'icona presente sulla Traybar (accanto all'orologio di Windows)
disattiva il Firewall eventualmente installato, dall'icona presente sulla Traybar (accanto all'orologio di Windows)

Script personalizzato di ComboFix

Avviso: non eseguire ComboFix di tua iniziativa; questo tool non è un giocattolo e non è adatto ad un uso quotidiano.

Apri il Block Note: Start> Tutti i programmi> Accessori> Blocco note
● all'interno del nuovo documento di testo, copia ed incolla le seguenti righe:

File::
c:\documents and settings\Alfonso\Impostazioni locali\Dati applicazioni\ServUpdater\ServiceUpd.exe

Folder::
c:\documents and settings\Alfonso\Impostazioni locali\Dati applicazioni\ServUpdater

Driver::
ServUpdater


● chiama questo file CFScript.txt, e posizionalo sul Desktop

Molto importante! Disabilita temporaneamente il tuo antivirus e firewall prima di seguire la procedura indicata. Potrebbero infatti interferire con ComboFix o rimuovere alcuni dei suoi file incorporati che possono portare a risultati imprevedibili.
Facendo riferimento all'immagine presente qui sotto, trascina con il puntatore del mouse CFScript.txt sull'icona di ComboFix
ComboFix ora eseguirà una scansione del tuo sistema. Una volta terminata, potrebbe riavviare automaticamente il sistema: in caso contrario, procedi tu manualmente.
A questo punto, il programma produrrà un Report. Copia ed incolla il log nel tuo prossimo post.

Immagine

Nota - riguardo alla procedura:
● non toccare assolutamente il mouse e la tastiera durante la scansione: potrebbe interrompersi
FrancescoFDAC
Utente Senior
 
Post: 1048
Iscritto il: 13/08/11 09:53

Re: Notebook và a rallenty

Postdi ciby » 23/02/12 18:22

Scusa il ritardo,sono rimasto senza linea per qualche giorno...ora eseguo tutto passo per passo...
Immagine
Avatar utente
ciby
Utente Junior
 
Post: 62
Iscritto il: 04/07/07 19:02
Località: cagliari

Re: Notebook và a rallenty

Postdi ciby » 23/02/12 19:11

ComboFix 12-02-22.01 - utente 23/02/2012 18.49.57.2.2 - FAT32x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.39.1040.18.1535.848 [GMT 1:00]
Eseguito da: c:\documents and settings\utente\Desktop\ComboFix.exe
Opzioni usate :: c:\documents and settings\utente\Desktop\CFScript.txt.txt
AV: AntiVir Desktop *Disabled/Outdated* {00000002-0002-0000-6C25-9E7C08000A00}
AV: AntiVir Desktop *Enabled/Updated* {00000002-0002-0000-7C25-9E7C08000A00}
.
ATTENZIONE - QUESTO PC NON HA LA CONSOLE DI RIPRISTINO DI EMERGENZA INSTALLATA !!
.
FILE ::
"c:\documents and settings\Alfonso\Impostazioni locali\Dati applicazioni\ServUpdater\ServiceUpd.exe"
.
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Dati applicazioni\DragToDiscUserNameE.txt
c:\documents and settings\All Users\Dati applicazioni\DragToDiscUserNameH.txt
c:\documents and settings\All Users\Dati applicazioni\TEMP
c:\documents and settings\Default User\WINDOWS
c:\documents and settings\utente\Dati applicazioni\facemoods.com
c:\documents and settings\utente\Dati applicazioni\Mozilla\Firefox\Profiles\rrwhwr47.default\searchqutb
c:\documents and settings\utente\Dati applicazioni\PriceGong
c:\documents and settings\utente\Dati applicazioni\PriceGong\Data\1.xml
c:\documents and settings\utente\Dati applicazioni\PriceGong\Data\a.xml
c:\documents and settings\utente\Dati applicazioni\PriceGong\Data\b.xml
c:\documents and settings\utente\Dati applicazioni\PriceGong\Data\c.xml
c:\documents and settings\utente\Dati applicazioni\PriceGong\Data\d.xml
c:\documents and settings\utente\Dati applicazioni\PriceGong\Data\e.xml
c:\documents and settings\utente\Dati applicazioni\PriceGong\Data\f.xml
c:\documents and settings\utente\Dati applicazioni\PriceGong\Data\g.xml
c:\documents and settings\utente\Dati applicazioni\PriceGong\Data\h.xml
c:\documents and settings\utente\Dati applicazioni\PriceGong\Data\i.xml
c:\documents and settings\utente\Dati applicazioni\PriceGong\Data\J.xml
c:\documents and settings\utente\Dati applicazioni\PriceGong\Data\k.xml
c:\documents and settings\utente\Dati applicazioni\PriceGong\Data\l.xml
c:\documents and settings\utente\Dati applicazioni\PriceGong\Data\m.xml
c:\documents and settings\utente\Dati applicazioni\PriceGong\Data\mru.xml
c:\documents and settings\utente\Dati applicazioni\PriceGong\Data\n.xml
c:\documents and settings\utente\Dati applicazioni\PriceGong\Data\o.xml
c:\documents and settings\utente\Dati applicazioni\PriceGong\Data\p.xml
c:\documents and settings\utente\Dati applicazioni\PriceGong\Data\q.xml
c:\documents and settings\utente\Dati applicazioni\PriceGong\Data\r.xml
c:\documents and settings\utente\Dati applicazioni\PriceGong\Data\s.xml
c:\documents and settings\utente\Dati applicazioni\PriceGong\Data\t.xml
c:\documents and settings\utente\Dati applicazioni\PriceGong\Data\u.xml
c:\documents and settings\utente\Dati applicazioni\PriceGong\Data\v.xml
c:\documents and settings\utente\Dati applicazioni\PriceGong\Data\w.xml
c:\documents and settings\utente\Dati applicazioni\PriceGong\Data\x.xml
c:\documents and settings\utente\Dati applicazioni\PriceGong\Data\y.xml
c:\documents and settings\utente\Dati applicazioni\PriceGong\Data\z.xml
c:\documents and settings\utente\Dati applicazioni\searchqutb
c:\documents and settings\utente\Dati applicazioni\searchqutb\dtx.ini
c:\documents and settings\utente\Dati applicazioni\searchqutb\games\00d2dfc64c07a4f32824abac1d6f735b
c:\documents and settings\utente\Dati applicazioni\searchqutb\games\3e4265e00cbc4a9cf22a105046a46d8a
c:\documents and settings\utente\Dati applicazioni\searchqutb\games\44a5d79f5451d3036ba3986425e234c8
c:\documents and settings\utente\Dati applicazioni\searchqutb\games\GameCategories.xml
c:\documents and settings\utente\Dati applicazioni\searchqutb\games\GameTypes.xml
c:\documents and settings\utente\Dati applicazioni\searchqutb\guid.dat
c:\documents and settings\utente\Dati applicazioni\searchqutb\preferences.dat
c:\documents and settings\utente\Dati applicazioni\searchqutb\stats.dat
c:\documents and settings\utente\Dati applicazioni\searchqutb\uninstallIE.dat
c:\documents and settings\utente\Dati applicazioni\searchqutb\weather\a1e0996a251053c3312c5af07bbf5c21
c:\documents and settings\utente\Dati applicazioni\searchqutb\weather\f8e5a9550c2109955c6fc1f770810030
c:\documents and settings\utente\Dati applicazioni\searchqutb\weather\forecasts_cache.xml
c:\documents and settings\utente\Dati applicazioni\searchqutb\weather\observations_cache.xml
c:\documents and settings\utente\Dati applicazioni\searchqutb\weatherbutton_prefs.xml
c:\documents and settings\utente\Dati applicazioni\searchqutb\widgets_cache\84b70525cff6359fdeca553342c23e4c
c:\documents and settings\utente\Dati applicazioni\searchqutb\widgets_cache\bf5b6317ae07da699882fc948f22eda4
c:\documents and settings\utente\Dati applicazioni\searchqutb\widgets_cache\category_cache.xml
c:\documents and settings\utente\Dati applicazioni\searchqutb\widgets_cache\widget_cache.xml
c:\documents and settings\utente\WINDOWS
c:\programmi\RewardsArcade
c:\programmi\RewardsArcade\appAPIinternalWrapper.js
c:\programmi\RewardsArcade\fb.js
c:\programmi\RewardsArcade\jquery.js
c:\programmi\RewardsArcade\json.js
c:\programmi\RewardsArcade\RewardsArcade.dll
c:\programmi\RewardsArcade\RewardsArcade.exe
c:\programmi\RewardsArcade\Uninstall.exe
c:\programmi\RewardsArcade\UserConfirmation.exe
c:\programmi\Windows Searchqu Toolbar
c:\programmi\Windows Searchqu Toolbar\Datamngr\datamngr.dll
c:\programmi\Windows Searchqu Toolbar\Datamngr\datamngrUI.exe
c:\programmi\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\chrome.manifest
c:\programmi\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlp.dll
c:\programmi\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlp.xpt
c:\programmi\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\overlay.js
c:\programmi\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\overlay.xul
c:\programmi\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\install.rdf
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\.#searchqutb.js.1.3
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\data\search\engines.xml
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\data\search\search.xsl
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\lib\about.xml
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\lib\dtxpanelwin.xul
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\lib\dtxprefwin.xul
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\lib\dtxwin.xul
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\lib\emailnotifierproviders.xml
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\lib\external.js
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\lib\neterror.xhtml
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\lib\wmpstreamer.html
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\modules\datastore.jsm
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\preferences.xml
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\searchqutb.js
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\toolbar.htm
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\toolbar.xul
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\bg-scalable-mdl.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\bg-scalable-tl.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\bg-scalable-tr.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-dragresize.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-close-down.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-close-over.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-close.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-maximize-down.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-maximize-over.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-maximize.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-minimize-down.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-minimize-over.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btn-wide-minimize.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btnarrow-next-off.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btnarrow-next.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btnarrow-previous-off.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\btnarrow-previous.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\navico-home.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\panel.html
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\powered-mystart.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\tb_icon.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\widget.js
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1227\widget.xml
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\bg-scalable-mdl.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\bg-scalable-tl.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\bg-scalable-tr.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-dragresize.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-wide-close-down.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-wide-close-over.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-wide-close.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-wide-maximize-down.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-wide-maximize-over.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-wide-maximize.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-wide-minimize-down.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-wide-minimize-over.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btn-wide-minimize.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btnarrow-next-off.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btnarrow-next.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btnarrow-previous-off.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\btnarrow-previous.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\navico-home.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\panel.html
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\powered-mystart.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\tb_icon.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\widget.js
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1255\widget.xml
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\bg-scalable-mdl.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\bg-scalable-tl.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\bg-scalable-tr.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-dragresize.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-wide-close-down.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-wide-close-over.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-wide-close.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-wide-maximize-down.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-wide-maximize-over.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-wide-maximize.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-wide-minimize-down.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-wide-minimize-over.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btn-wide-minimize.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btnarrow-next-off.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btnarrow-next.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btnarrow-previous-off.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\btnarrow-previous.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\navico-home.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\panel.html
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\powered-mystart.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\tb_icon.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\widget.js
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.Twitter.1257\widget.xml
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217.zip
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\bg-scalable-mdl.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\bg-scalable-tl.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\bg-scalable-tr.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-dragresize.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-close-down.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-close-over.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-close.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-maximize-down.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-maximize-over.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-maximize.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-minimize-down.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-minimize-over.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btn-wide-minimize.PNG
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btnarrow-next-off.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btnarrow-next.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btnarrow-previous-off.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\btnarrow-previous.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\navico-home.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\panel.html
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\powered-mystart.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\tb_icon.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\widget.js
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.3.YouTube.1217\widget.xml
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\bluelite.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\bluesky.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\btn-search-over.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\btn-search.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\btn-settings-over.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\btn-settings.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\btn-widgets-over.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\btn-widgets.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\btn_settings.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-down-back-ff.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-down-back.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-down-left.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-down-right.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-down-splitter.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-drop-back.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-drop-left.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-drop-right.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-drop-splitter.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-hover-back-ff.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-hover-back.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-hover-left.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-hover-right.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\button-hover-splitter.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\ca.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\dictionary.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\divider.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\downloadcom.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\email.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\email_on.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\games.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\graphred0.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\graphred0_5.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\grey.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\headsup.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\ico-shield.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\images.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\add.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\aol.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\arrow-dn.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\arrow-right.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\arrow-up.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\bg-btn-end.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\bg-btn-mdl.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\bg-btn-mdl_ff.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\bg-btn-start.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\bg-btnover-end.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\bg-btnover-mdl.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\bg-btnover-mdl_ff.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\bg-btnover-start.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\blank.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\btnback-down-vista.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\btnback-vista.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\btnleft-down-vista.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\btnleft-vista.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\btnright-down-vista.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\btnright-vista.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\button-splitter-down-vista.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\button-splitter-vista.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\checkmark.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\chevron.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\collapse.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\comcast.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\dtx.css
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\edit-back-hot.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\edit-back.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\expand.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\found.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\gmail.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\highlight.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\highlight_blue.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\highlight_cyan.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\highlight_lime.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\highlight_magenta.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\highlight_yellow.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\hotmail.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\imap.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\lastsearch-thumb-back.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\loadingMid.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\lock.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\mailcom.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\menu_bg-basic.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\menu_separator_bar.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\menuitem-splitter.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\menuitemback-down-vista.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\menuitemback-vista.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\menuitemleft-down-vista.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\menuitemleft-vista.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\menuitemright-down-vista.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\menuitemright-vista.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\move.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\movetarget.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\css\popupAbout.css
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\css\popupGames.css
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\css\popupWidgets.css
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\footer.htm
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\gamecategory.xsl
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\gameData.js
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\gameList.xsl
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\gametype.xsl
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\arrow-sml-drop.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\arrow-sml.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\arrowr-bluew5.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\bg-aboutbox.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\bg-btnover.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\bg-pnl520x390.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\btn-close-grey.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\btn-close-greyover.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\btn-drag.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\btn-next-over.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\btn-next.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\btn-previous-over.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\btn-previous.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\btn-search-pnlbtm-over.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\btn-search-pnlbtm.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\gamethumb-on.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\gamethumb2-over.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\ico-calendar.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\ico-download.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\ico-joystick24.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\ico-play.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\ico-tags.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\icon-Add.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\icon-download.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\icon-Info.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\icon-play.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\icon-shop.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\menul-bgon.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\menul-bgover.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\panel-botm-noscroll.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\scroll-bg-206.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\scroll-bg.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\scroll-topwin.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\scrollb-disable.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\scrollb-down.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\scrollb-over.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\scrollb.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\scrollt-disable.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\scrollt-down.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\scrollt-over.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\scrollt.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\searchbox-pnlbtm.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\star_x_grey.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\star_x_orange.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\TRUSTe_about.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\view-detailed-on.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\view-detailed-over.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\view-thumb-on.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\view-thumb-over.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\widgets-square-16px.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\images\widgets-square-24px.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\popupGames.html
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\panels\popupWidgets.html
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\pop.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\css\manager.css
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\css\slider.css
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\bg-pnl.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\btn-close-grey.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\btn-close-greyover.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\collapsed_button.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\expanded_button.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\ico-playstation-down.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\ico-playstation-over.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\ico-playstation.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\ico-radio.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\music-note.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-btn-pause-on.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-btn-pause.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-btn-play-on.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-btn-play.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-eq-bg.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-eq-busy.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-eq-off.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-eq-on.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-eq-warning.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-options-design-on.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-options-design.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-options-on.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-options.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-volume-0.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-volume-1.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-volume-2.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-volume-3.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\radio-volume-mute.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\scrollbar-handle.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\scrollbar-track.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\slider.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\slideron.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\images\track.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\managerpanel.html
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\radio\volumeslider.html
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\remove.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\rename.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\resize-box.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\rss.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\rsschannelback.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\RSSLogo.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\rsstabdivider.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\scroll-left.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\scroll-right.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\search-go.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\search.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\text-ellipsis.xml
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\throbber.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\toolbarsplitter.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\transparent_1px.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_02.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_03.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_04.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_06.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_07.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_08.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_09.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_10.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_11.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_12.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_13.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_14.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_15.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_16.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_18.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_19.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_20.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\border_21.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\btn-close-grey.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\btn-close-greyover.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\close-hot.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\close-normal.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\loadingMid.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\proxy.html
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\template.html
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\template.xml
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\templateFF.html
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\uwa\throbber.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\icons\cond999.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\icons\icons.xml
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\icons\na-s.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\icons\na.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\icons\weather.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\add.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\arrowr-bluew5.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue-whitebg.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\box-check.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\box-uncheck.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-close-grey.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-close-greyover.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-delete.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-search-pnlbtm.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next-off.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous-off.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-check.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid-s.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\options-weather.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\over-blue.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\over-orange.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug2.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\radio-checked.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\radio-unchecked.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\searchbox-pnlbtm.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\images\weather-contour.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\popupWeather.css
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\weatherbutton\panels\popupWeather.html
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lib\yahoo.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\lichen.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\logo-about.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\logo.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\maps.bmp
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\menuseparatorback.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\modify-save.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\modify.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\modifyhot.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\music.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\news.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\options\options-main.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\options\options-search.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\options\options-weather.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\options\options-widgets.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\orange.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\pixsy.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\relatedlinks.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\rss-collapse.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\rss-delete.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\rss-expand.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\rss-feed.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\rss-folder-remove.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\rss-folder-rename.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\rss-folder.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\rss-found.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\rss-reload.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\rss-subscribe.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\rss.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\rssback.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\rsstopback.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\search-over.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\search.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\searchbar\searchbar-background-left.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\searchbar\searchbar-background-middle.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\searchbar\searchbar-background-right.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\searchqutb.css
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\settings.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\shopping.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\siteinfo.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\skin-bluelite.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\skin-bluesky.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\skin-grey.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\skin-lichen.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\skin-orange.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\skin-yellow.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\technorati.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\throbber.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\toolbarsplitter.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\video.bmp
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\weather.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\web.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\widget_allocine.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\widget_bliptv.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\widget_calcal.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\widget_calculator.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\widget_gservices.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\widget_sudoku.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\widget_todo.jpg
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\widget_todo.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\widget_trio.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\widget_uconverter.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\widgets-square-16px.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\widgets.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\wikipedia.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\yahoosearch.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\yellow.gif
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\youtube.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\chrome\skin\zoom.png
c:\programmi\Windows Searchqu Toolbar\ToolBar\components\windowmediator.js
c:\programmi\Windows Searchqu Toolbar\ToolBar\manifest.xml
c:\programmi\Windows Searchqu Toolbar\ToolBar\SearchquDx.dll
c:\programmi\Windows Searchqu Toolbar\ToolBar\SearchquTb.dll
c:\programmi\Windows Searchqu Toolbar\ToolBar\uninstall.exe
c:\programmi\Windows Searchqu Toolbar\uninstall.exe
c:\windows\IsUn0410.exe
c:\windows\system32\config\systemprofile\WINDOWS
c:\windows\UA000079.DLL
.
.
((((((((((((((((((((((((((((((((((((((( Driver/Servizi )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_SERVUPDATER
-------\Service_ServUpdater
.
.
((((((((((((((((((((((((( Files Creati Da 2012-01-23 al 2012-02-23 )))))))))))))))))))))))))))))))))))
.
.
2012-02-21 19:58 . 2012-02-08 06:03 6552120 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Microsoft\Windows Defender\Definition Updates\{E50D636E-87B4-4C2F-BC82-C4B7A8DF9B8B}\mpengine.dll
2012-02-18 23:26 . 2012-02-18 23:26 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\SecTaskMan
2012-02-18 23:26 . 2012-02-18 23:26 -------- d-----w- c:\programmi\Security Task Manager
2012-02-18 14:24 . 2012-02-18 14:24 -------- d-----w- C:\FOUND.015
2012-02-15 14:00 . 2012-02-15 14:00 -------- d-----w- c:\documents and settings\utente\.gimp-2.6
2012-02-15 05:46 . 2011-12-17 19:43 916992 ----a-w- c:\windows\system32\wininet.dll
2012-02-15 05:44 . 2012-01-11 19:06 3072 ------w- c:\windows\system32\iacenc.dll
2012-02-15 05:44 . 2012-01-11 19:06 3072 ------w- c:\windows\system32\dllcache\iacenc.dll
2012-02-13 18:05 . 2003-01-26 14:48 147456 ----a-w- c:\windows\system32\vbzip11.dll
2012-02-13 18:05 . 2004-03-09 04:00 212240 ----a-w- c:\windows\system32\richtx32.ocx
2012-02-13 18:05 . 2003-04-01 05:56 65536 ----a-w- c:\windows\system32\vbalIcoM6.dll
2012-02-13 18:05 . 2003-04-01 05:36 94208 ----a-w- c:\windows\system32\vbalIml6.ocx
2012-02-13 18:05 . 2002-07-03 07:22 233472 ----a-w- c:\windows\system32\XDockFloat.dll
2012-02-13 18:05 . 1999-10-30 00:00 167936 ----a-w- c:\windows\system32\ccrpftv6.ocx
2012-02-13 18:05 . 1998-12-02 08:11 143360 ----a-w- c:\windows\system32\vbuzip10.dll
2012-02-13 18:05 . 2003-01-26 11:41 40960 ----a-w- c:\windows\system32\SSubTmr6.dll
2012-02-13 18:05 . 2012-02-13 18:05 -------- d-----w- c:\programmi\Veign
2012-02-07 08:20 . 2012-02-07 08:20 -------- d-----w- c:\documents and settings\utente\Dati applicazioni\vlc
2012-02-07 08:20 . 2012-02-07 08:20 -------- d-----w- c:\programmi\VideoLAN
2012-02-04 21:33 . 2012-02-04 21:33 -------- d-----w- c:\programmi\File comuni\Corel
.
Immagine
Avatar utente
ciby
Utente Junior
 
Post: 62
Iscritto il: 04/07/07 19:02
Località: cagliari

Re: Notebook và a rallenty

Postdi ciby » 23/02/12 19:17

(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-18 16:03 . 2011-06-08 21:44 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-01-29 04:10 . 2009-10-03 11:48 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-01-12 17:20 . 2004-09-16 14:31 1859968 ----a-w- c:\windows\system32\win32k.sys
2012-01-06 04:19 . 2009-07-03 23:35 6557240 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2011-12-17 19:43 . 2004-09-16 14:31 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-12-17 19:43 . 2004-09-16 14:31 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-12-16 12:22 . 2004-09-16 14:31 385024 ----a-w- c:\windows\system32\html.iec
2011-11-25 21:57 . 2004-09-16 14:31 293888 ----a-w- c:\windows\system32\winsrv.dll
2011-07-08 08:44 . 2011-07-28 08:16 142296 ----a-w- c:\programmi\mozilla firefox\components\browsercomps.dll
2006-05-03 11:06 163328 --sha-w- c:\windows\system32\flvDX.dll
2005-06-22 06:37 45568 --sha-r- c:\windows\system32\cygz.dll
.
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"H/PC Connection Agent"="c:\programmi\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\programmi\File comuni\Nokia\MPlatform\NokiaMServer" [X]
"HControl"="c:\windows\ATK0100\HControl.exe" [2006-02-22 106496]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-11-21 7335936]
"nwiz"="nwiz.exe" [2005-11-21 1519616]
"RemoteControl"="c:\programmi\ASUSTeK\ASUSDVD\PDVDServ.exe" [2004-11-02 32768]
"SynTPEnh"="c:\programmi\Synaptics\SynTP\SynTPEnh.exe" [2005-10-21 761945]
"Wireless Console 2"="c:\programmi\Wireless Console 2\wcourier.exe" [2005-10-17 987136]
"IntelZeroConfig"="c:\programmi\Intel\Wireless\bin\ZCfgSvc.exe" [2006-04-14 667718]
"IntelWireless"="c:\programmi\Intel\Wireless\Bin\ifrmewrk.exe" [2006-04-14 602182]
"EOUApp"="c:\programmi\Intel\Wireless\Bin\EOUWiz.exe" [2006-04-14 569413]
"Power_Gear"="c:\programmi\ASUS\Power4 Gear\BatteryLife.exe" [2006-03-06 86016]
"ABLKSR"="c:\windows\ABLKSR\ABLKSR.exe" [2006-01-02 61440]
"Collegamento alla pagina delle proprietà di High Definition Audio"="HDAShCut.exe" [2005-01-07 61952]
"avgnt"="c:\programmi\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"UnlockerAssistant"="c:\programmi\Unlocker\UnlockerAssistant.exe" [2009-10-26 15872]
"NokiaMusic FastStart"="c:\programmi\Nokia\Ovi Player\NokiaOviPlayer.exe" [2010-03-04 2192672]
"QuickTime Task"="c:\windows\system32\qttask.exe" [2010-10-24 417792]
"FileServe Manager Task"="c:\programmi\FileServe Manager\FSStarter.exe" [2011-09-21 954648]
"SunJavaUpdateSched"="c:\programmi\File comuni\Java\Java Update\jusched.exe" [2011-06-09 254696]
"CorelDRAW Graphics Suite 11b"="c:\programmi\Corel\Corel Graphics 12\Languages\IT\Programs\Registration.exe" [2003-11-28 733184]
.
c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Bluetooth Manager.lnk - c:\programmi\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe [2005-6-16 49152]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\programmi\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 23:21 548352 ----a-w- c:\programmi\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\eMule\\emule.exe"=
"c:\\Programmi\\Messenger\\MSMSGS.EXE"=
"c:\\Documents and Settings\\UTENTE\\Desktop\\Mirc\\mIRC 6.2 in Italiano by TuttoIRC +addon nuovi\\TuttoIRC.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Documents and Settings\\UTENTE\\Dati applicazioni\\PowerChallenge\\PowerSoccer\\PowerSoccer.exe"=
"c:\programmi\Microsoft ActiveSync\rapimgr.exe"= c:\programmi\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\programmi\Microsoft ActiveSync\wcescomm.exe"= c:\programmi\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\programmi\Microsoft ActiveSync\WCESMgr.exe"= c:\programmi\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Programmi\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Programmi\\TVUPlayer\\TVUPlayer.exe"=
"c:\\Programmi\\SopCast\\adv\\SopAdver.exe"=
"c:\\Programmi\\SopCast\\SopCast.exe"=
"c:\\Programmi\\uTorrent\\uTorrent.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmi\\Megaupload\\Mega Manager\\MegaManager.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"11682:TCP"= 11682:TCP:bit1
"11682:UDP"= 11682:UDP:bit2
"3000:TCP"= 3000:TCP:DCC1
"3001:TCP"= 3001:TCP:DCC2
"3002:TCP"= 3002:TCP:DCC3
"3003:TCP"= 3003:TCP:DCC4
"3004:TCP"= 3004:TCP:DCC5
"3005:TCP"= 3005:TCP:DCC6
"3006:TCP"= 3006:TCP:DCC7
"3007:TCP"= 3007:TCP:DCC8
"3008:TCP"= 3008:TCP:DCC9
"3009:TCP"= 3009:TCP:DCC10
"3010:TCP"= 3010:TCP:DCC11
"113:TCP"= 113:TCP:IDENTD
"6669:TCP"= 6669:TCP:PORTAMIRC
"59:UDP"= 59:UDP:PORTAMIRC2
"1780:TCP"= 1780:TCP:utorrent1
"1780:UDP"= 1780:UDP:utorrent2
"1755:TCP"= 1755:TCP:mulot
"1775:UDP"= 1775:UDP:mulou
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
"AllowInboundTimestampRequest"= 1 (0x1)
"AllowInboundMaskRequest"= 1 (0x1)
"AllowInboundRouterRequest"= 1 (0x1)
"AllowOutboundDestinationUnreachable"= 1 (0x1)
"AllowOutboundSourceQuench"= 1 (0x1)
"AllowOutboundParameterProblem"= 1 (0x1)
"AllowOutboundTimeExceeded"= 1 (0x1)
"AllowRedirect"= 1 (0x1)
"AllowOutboundPacketTooBig"= 1 (0x1)
.
R1 c2scsi;c2scsi;c:\windows\system32\drivers\c2scsi.sys [03/03/2009 19.18.31 241664]
R1 SASDIFSV;SASDIFSV;c:\programmi\SUPERAntiSpyware\sasdifsv.sys [17/02/2010 20.25.48 12872]
R1 SASKUTIL;SASKUTIL;c:\programmi\SUPERAntiSpyware\SASKUTIL.SYS [10/05/2010 20.41.30 67656]
R2 io.sys;IO.DLL Driver;c:\windows\system32\drivers\io.sys [02/12/2008 3.10.22 5152]
R2 LicCtrlService;LicCtrl Service;c:\windows\Runservice.exe [14/08/2009 3.51.22 2560]
R2 MAGIX StartUp Analyze Service;MAGIX StartUp Analyze Service;c:\programmi\MAGIX\PC_Check_Tuning_2011_Download-Version\MXSAS.EXE [12/10/2010 15.16.28 186368]
R2 WinDefend;Windows Defender;c:\programmi\Windows Defender\MsMpEng.exe [03/11/2006 19.19.58 13592]
R3 SynMini;USB2.0 1.3M Web Cam;c:\windows\system32\drivers\SynMini.sys [29/09/2006 12.35.37 720470]
R3 SynScan;USB2.0 1.3M Web Cam Still Image;c:\windows\system32\drivers\SynScan.sys [29/09/2006 12.35.37 8278]
S0 sptd;sptd;c:\windows\system32\Drivers\sptd.sys --> c:\windows\system32\Drivers\sptd.sys [?]
S2 gupdate;Google Update Service (gupdate);"c:\programmi\Google\Update\GoogleUpdate.exe" /svc --> c:\programmi\Google\Update\GoogleUpdate.exe [?]
S3 gupdatem;Servizio Google Update (gupdatem);"c:\programmi\Google\Update\GoogleUpdate.exe" /medsvc --> c:\programmi\Google\Update\GoogleUpdate.exe [?]
S3 Pcouffin;Low level access layer for CD devices;c:\windows\system32\Drivers\Pcouffin.sys --> c:\windows\system32\Drivers\Pcouffin.sys [?]
S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\drivers\teamviewervpn.sys [25/01/2008 10.12.34 25088]
S3 vaxscsi;vaxscsi;c:\windows\system32\Drivers\vaxscsi.sys --> c:\windows\system32\Drivers\vaxscsi.sys [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2011-06-20 14:05 451872 ----a-w- c:\programmi\File comuni\LightScribe\LSRunOnce.exe
.
Contenuto della cartella 'Scheduled Tasks'
.
2012-02-23 c:\windows\Tasks\MP Scheduled Scan.job
- c:\programmi\Windows Defender\MpCmdRun.exe [2006-11-03 18:20]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mStart Page = hxxp://search.findeer.com
mWindow Title =
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Download with FileServe Manager - c:\programmi\FileServe Manager\GetUrl.htm
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: {{47DDC1F4-8611-4f89-806E-3CBD8B7F924F}
IE: {{4B21E152-BA59-4ebf-B522-8C55B265EE1A}
IE: {{C4046502-6524-4d87-896C-878F57D1FF07} - c:\programmi\PokerStars.IT\PokerStarsUpdate.exe
TCP: Interfaces\{551A7EAF-B286-4CA9-AA11-68761837EF89}: NameServer = 176.31.229.24,176.31.229.25
TCP: Interfaces\{9C0BAD72-5A0A-498D-9E17-44995BD884E0}: NameServer = 176.31.229.24,176.31.229.25
TCP: Interfaces\{B17FD737-CA2C-41B0-9616-3C337E3EDC75}: NameServer = 176.31.229.24,176.31.229.25
TCP: Interfaces\{BFDA8734-87FF-43CF-BCC5-BE267AA60C6E}: NameServer = 176.31.229.24,176.31.229.25
TCP: Interfaces\{C1F61BC7-0E2A-4713-A65F-23148C8B20C3}: NameServer = 176.31.229.24,176.31.229.25
TCP: Interfaces\{D6288A30-D351-4F08-B966-5D6004A4047B}: NameServer = 176.31.229.24,176.31.229.25
DPF: {112857FE-03FF-11D5-9A3F-0080C8D85044} - hxxp://194.244.16.123/g_bin/eng/solitaire_2_0_0_28.cab
DPF: {18506D80-9B80-11D4-82C2-0080C8D7ED4A} - hxxp://194.244.16.123/g_bin/eng/roulette_2_0_0_27.cab
DPF: {4539348E-01D7-11D5-9A39-0080C8D85044} - hxxp://194.244.16.123/g_bin/eng/slots90_2_0_0_35.cab
DPF: {4BFD075D-C36E-4F28-BB0A-5D472795197A} - hxxp://www.powerchallenge.com/applet/PowerLoader.cab
DPF: {9085316E-42BA-11D4-BAA3-0080C8D7ED4A} - hxxp://194.244.16.123/g_bin/eng/hunter_2_0_0_27.cab
DPF: {A1FE3DE0-CF77-11D4-8340-0080C8D7ED4A} - hxxp://194.244.16.123/g_bin/eng/demon_2_0_0_30.cab
DPF: {A1FE3DEF-CF77-11D4-8340-0080C8D7ED4A} - hxxp://194.244.16.123/g_bin/eng/pirate_2_0_0_30.cab
DPF: {A6212120-01D4-11D5-9A39-0080C8D85044} - hxxp://194.244.16.123/g_bin/eng/slots70_2_0_0_35.cab
DPF: {A854AD6D-6DB5-41FB-8044-0BD38092A007} - hxxp://194.244.16.123/g_bin/eng/sudoku_2_0_0_15.cab
DPF: {A9ED6AA2-D9D4-4D71-9586-E293E2E3580B} - hxxp://194.244.16.123/g_bin/eng/marbles_2_0_0_32.cab
DPF: {AC120B1D-9411-4111-AF52-118052D85D45} - hxxp://194.244.16.123/g_bin/eng/darts_2_0_0_42.cab
DPF: {AD7013FF-1D9A-4F36-94A6-3CD408A663F9} - hxxp://194.244.16.123/g_bin/eng/breakout_2_0_0_29.cab
DPF: {BFA1F11D-3121-AFE1-4112-894323212DAC} - hxxp://194.244.16.123/g_bin/eng/words_2_0_0_51.cab
DPF: {BFA1F11D-3121-AFE1-4112-983219421AEF} - hxxp://194.244.16.123/g_bin/eng/wordssi ... 0_0_48.cab
DPF: {E23FABEE-12E3-33DA-DA12-195DAC123984} - hxxp://194.244.16.117/g_bin/eng/mahjong_2_0_0_31.cab
DPF: {E95CF138-A587-4C54-8175-3AD80997CB14} - hxxp://194.244.16.123/g_bin/eng/soccer_2_0_0_20.cab
DPF: {ECEAD8AE-01D6-11D5-9A39-0080C8D85044} - hxxp://194.244.16.123/g_bin/eng/slots80_2_0_0_35.cab
DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C4} - hxxp://194.244.16.123/g_bin/eng/billardt_2_0_0_35.cab
FF - ProfilePath - c:\documents and settings\utente\Dati applicazioni\Mozilla\Firefox\Profiles\rrwhwr47.default\
FF - prefs.js: browser.startup.homepage - hxxp://search.findeer.com/
FF - prefs.js: browser.startup.homepage - hxxp://search.findeer.com/
FF - prefs.js: keyword.URL - hxxp://www.searchqu.com/web?src=ffb&systemid=101&q=
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
.
URLSearchHooks-{00000000-6E41-4FD3-8538-502F5495E5FC} - c:\programmi\Ask.com\GenericAskToolbar.dll
BHO-{D4027C7F-154A-4066-A1AD-4243D8127440} - c:\programmi\Ask.com\GenericAskToolbar.dll
Toolbar-{D4027C7F-154A-4066-A1AD-4243D8127440} - c:\programmi\Ask.com\GenericAskToolbar.dll
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - c:\programmi\Ask.com\GenericAskToolbar.dll
HKCU-Run-SynTPEnh - c:\documents and settings\utente\Dati applicazioni\Microsoft\taskhost.exe
HKLM-Run-DATAMNGR - c:\progra~1\WI9130~1\Datamngr\DATAMN~1.EXE
HKLM-Run-GoogleCrashHandler - c:\documents and settings\utente\Impostazioni locali\Dati applicazioni\Google\CrashHandler.exe
SafeBoot-WudfPf
SafeBoot-WudfRd
AddRemove-Free Audio CD Burner_is1 - c:\programmi\DVDVideoSoft\Free Audio CD Burner\unins000.exe
AddRemove-Free YouTube to MP3 Converter_is1 - c:\programmi\File comuni\DVDVideoSoft\Uninstall.exe
AddRemove-Microsoft Interactive Training - c:\windows\IsUn0410.exe
AddRemove-Uninstall_is1 - c:\programmi\File comuni\DVDVideoSoft\unins000.exe
AddRemove-RewardsArcade - c:\programmi\RewardsArcade\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-02-23 19:00
Windows 5.1.2600 Service Pack 3 FAT NTAPI
.
scansione processi nascosti ...
.
scansione entrate autostart nascoste ...
.
Scansione files nascosti ...
.
Scansione completata con successo
Files nascosti: 0
.
**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):0a,19,8e,c4,f6,1e,79,4c,d6,d5,db,da,0d,9c,77,ae,f5,03,c4,16,a0,
1e,1e,11,7d,0f,57,6d,3c,3d,11,e4,f3,5d,4b,c1,e6,23,ed,3b,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{902fe99c-8c08-4c63-af78-705f8f438ee3}]
@Denied: (Full) (Everyone)
"Model"=dword:00000143
"Therad"=dword:0000001e
"MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26,
38,95,44,46,e5,2c,02,46,78,24,c3,42,d7,b7,a9,aa,e4,ec,99,0f,60,18,61,c5,86,\
.
[HKEY_LOCAL_MACHINE\software\LicCtrl\LicCtrl\LicCtrl\LicCtrl*lkzs$i&#&y@^t! #^$ g9^$&pgb SDB36o \D25BC253F035D347]
"1"=hex:6a,0b,56,13,c1,93,dc,9c,fb,61,a2,a0,e4,ff,91,20,60,bf,2f,c2,35,91,ae,
25
"2"=hex:fb,e6,50,7f,41,f4,51,a7,7f,ec,2d,f9,42,45,3a,02,3a,b7,45,15,3f,9d,8b,
c3
"3"=hex:6a,0b,56,13,c1,93,dc,9c,fb,61,a2,a0,e4,ff,91,20,5d,f5,58,d1,21,e0,48,
8b,38,57,44,9c,4e,8d,78,88,fd,f1,01,9d,86,d8,b5,cb,d9,bf,23,55,4a,bb,31,1f
.
[HKEY_LOCAL_MACHINE\software\LicCtrl\LicCtrl\LicCtrl\LicCtrl*lkzs$i&#&y@^t! #^$ g9^$&pgb SDB36o \D25BC253F035D347\B7F5EA513569EA3E98352E3A3D1D6A3D]
"1"=hex:df,c7,3a,96,ab,66,13,d2,36,78,6c,b8,10,1c,c4,b0,a6,93,a9,25,23,fb,66,
2c,77,d8,5d,6a,fe,59,6e,ef
"2"=hex:14,ce,87,8d,79,74,ee,b2
"3"=hex:81,20,8f,ab,28,6a,52,9c
"4"=hex:2f,ad,a2,e7,8a,bf,05,5e
"5"=hex:bf,e5,23,7b,b0,66,d6,fc,b8,e8,6b,a0,96,52,f7,32,80,09,8f,24,b7,b3,55,
1a,98,d1,47,16,02,43,61,1c,b9,d5,8f,2a,7b,81,b1,fb,95,22,f8,b3,2c,53,9d,ae,\
"6"=hex:bf,e5,23,7b,b0,66,d6,fc,bc,64,22,fb,7e,d3,39,3e,a3,00,33,13,c0,21,f4,
51,6c,4e,0c,96,e2,dd,ad,8a,b6,c4,05,e8,5a,bd,9a,e9,d4,1a,3d,68,9d,00,32,20
"7"=hex:58,eb,3b,8d,af,31,32,62,22,1b,23,79,6d,f4,12,c1,db,b4,20,3e,7f,80,2a,
0f,6a,a6,22,9f,10,4c,a5,77,df,44,a4,37,10,4b,bc,75,d7,98,0e,82,a4,8d,85,b3,\
"8"=hex:9d,9e,b2,b9,a7,a5,f4,ae,53,0a,a4,47,47,f9,fb,53,c1,3b,50,30,cf,b5,2b,
a2,b5,c0,40,d8,1b,d8,5d,e6,82,b2,50,6b,1d,24,d1,8e,f4,33,92,91,28,ba,97,d6,\
"9"=hex:81,20,8f,ab,28,6a,52,9c
"18"=hex:b6,dd,00,4d,9d,38,11,d1
"10"=hex:81,20,8f,ab,28,6a,52,9c
"11"=hex:81,20,8f,ab,28,6a,52,9c
"12"=hex:81,20,8f,ab,28,6a,52,9c
"13"=hex:81,20,8f,ab,28,6a,52,9c
"14"=hex:81,20,8f,ab,28,6a,52,9c
"24"=hex:81,20,8f,ab,28,6a,52,9c
"26"=hex:81,20,8f,ab,28,6a,52,9c
"27"=hex:81,20,8f,ab,28,6a,52,9c
"19"=hex:81,20,8f,ab,28,6a,52,9c
"22"=hex:81,20,8f,ab,28,6a,52,9c
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\ð•€|ÿÿÿÿ.•€|ù•9~*]
"0140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------
.
- - - - - - - > 'winlogon.exe'(896)
c:\programmi\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\WININET.dll
.
- - - - - - - > 'explorer.exe'(3152)
c:\windows\system32\WININET.dll
c:\programmi\Unlocker\UnlockerHook.dll
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\programmi\Intel\Wireless\Bin\EvtEng.exe
c:\programmi\Intel\Wireless\Bin\S24EvMon.exe
c:\programmi\Avira\AntiVir Desktop\sched.exe
c:\programmi\Avira\AntiVir Desktop\avguard.exe
c:\programmi\File comuni\InterVideo\DeviceService\DevSvc.exe
c:\programmi\Java\jre6\bin\jqs.exe
c:\programmi\File comuni\LightScribe\LSSrvc.exe
c:\programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\nvsvc32.exe
c:\programmi\Intel\Wireless\Bin\RegSrvc.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\programmi\File comuni\Nokia\MPlatform\NokiaMServer.exe
c:\windows\ATK0100\ATKOSD.exe
c:\progra~1\MI3AA1~1\rapimgr.exe
c:\programmi\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
c:\programmi\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
c:\programmi\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
c:\programmi\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
c:\programmi\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
c:\programmi\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
.
**************************************************************************
.
Ora fine scansione: 2012-02-23 19:04:54 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2012-02-23 18:04
.
Pre-Run: 7.274.758.144 byte disponibili
Post-Run: 9.003.532.288 byte disponibili
.
- - End Of File - - 3C0838F7FCD43668D4DBE4DB17F8F950
Immagine
Avatar utente
ciby
Utente Junior
 
Post: 62
Iscritto il: 04/07/07 19:02
Località: cagliari

Re: Notebook và a rallenty

Postdi FrancescoFDAC » 24/02/12 14:10

Disinstalla Security Task Manager e SuperAntiSpyware.
Scarica Kaspersky TDSS Killer: http://support.kaspersky.com/downloads/ ... killer.exe
● posiziona il file scaricato sul Desktop
● clicca due volte sul file TDSSKiller.exe per avviare l'applicazione
● successivamente premi il pulsante Start scan

Nota - riguardo al programma:
● non cliccare sul pulsante Stop scan per nessun motivo, la scansione si interromperebbe

Giunti a questo punto, inizia la scansione del sistema alla ricerca di software malevolo:
● se viene trovato un file infetto, l'azione di default sarà Cure: clicca quindi su Continua
● se viene trovato un file sospetto, l'azione di default sarà Skip: clicca quindi su Continua
● se non viene rilevato nulla, chiudi semplicemente il programma al termine della scansione

Una volta terminata la scansione, si presenterà una di queste due opzioni:
non è necessario il riavvio del sistema: allega il Report situato nel Disco Locale C:\, di nome TDSSKiller.[Version]_[Date]_[Time]_log.txt
● è necessario riavviare il sistema: clicca su Riavvia ora, infine allega il risultato della scansione (si trova nello stesso percorso menzionato poco fa')
FrancescoFDAC
Utente Senior
 
Post: 1048
Iscritto il: 13/08/11 09:53

Re: Notebook và a rallenty

Postdi ciby » 24/02/12 15:14

15:15:40.0421 4076 TDSS rootkit removing tool 2.7.14.0 Feb 22 2012 16:54:49
15:15:40.0625 4076 ============================================================
15:15:40.0625 4076 Current date / time: 2012/02/24 15:15:40.0625
15:15:40.0625 4076 SystemInfo:
15:15:40.0625 4076
15:15:40.0625 4076 OS Version: 5.1.2600 ServicePack: 3.0
15:15:40.0625 4076 Product type: Workstation
15:15:40.0625 4076 ComputerName: NOME-FCD603E448
15:15:40.0625 4076 UserName: utente
15:15:40.0625 4076 Windows directory: C:\WINDOWS
15:15:40.0625 4076 System windows directory: C:\WINDOWS
15:15:40.0625 4076 Processor architecture: Intel x86
15:15:40.0625 4076 Number of processors: 2
15:15:40.0625 4076 Page size: 0x1000
15:15:40.0625 4076 Boot type: Normal boot
15:15:40.0625 4076 ============================================================
15:15:42.0359 4076 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
15:15:42.0359 4076 Drive \Device\Harddisk1\DR5 - Size: 0x5D27216000 (372.61 Gb), SectorSize: 0x200, Cylinders: 0xBE01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:15:42.0781 4076 \Device\Harddisk0\DR0:
15:15:42.0781 4076 MBR used
15:15:42.0781 4076 \Device\Harddisk0\DR0\Partition0: MBR, Type 0xC, StartLBA 0x3B9133, BlocksNum 0x574C3C2
15:15:42.0796 4076 \Device\Harddisk0\DR0\Partition1: MBR, Type 0xB, StartLBA 0x5B05534, BlocksNum 0x25797CF
15:15:42.0828 4076 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x807ED42, BlocksNum 0x148F77F
15:15:42.0828 4076 \Device\Harddisk1\DR5:
15:15:42.0828 4076 MBR used
15:15:42.0828 4076 \Device\Harddisk1\DR5\Partition0: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x2E937C82
15:15:42.0875 4076 Initialize success
15:15:42.0875 4076 ============================================================
15:15:47.0015 3232 ============================================================
15:15:47.0015 3232 Scan started
15:15:47.0015 3232 Mode: Manual;
15:15:47.0015 3232 ============================================================
15:15:47.0781 3232 Abiosdsk - ok
15:15:48.0000 3232 abp480n5 - ok
15:15:48.0187 3232 ACPI (d766e636187b8f240bbfbabcd51eb2c6) C:\WINDOWS\system32\DRIVERS\ACPI.sys
15:15:48.0187 3232 ACPI - ok
15:15:48.0234 3232 ACPIEC (49ac5cd87fbdda62f3e25190019e7627) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
15:15:48.0234 3232 ACPIEC - ok
15:15:48.0453 3232 adpu160m - ok
15:15:48.0625 3232 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
15:15:48.0640 3232 aec - ok
15:15:48.0859 3232 AegisP (91f3df93f40a74d222cd166fe95db633) C:\WINDOWS\system32\DRIVERS\AegisP.sys
15:15:48.0859 3232 AegisP - ok
15:15:49.0031 3232 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
15:15:49.0031 3232 AFD - ok
15:15:49.0250 3232 Aha154x - ok
15:15:49.0468 3232 aic78u2 - ok
15:15:49.0687 3232 aic78xx - ok
15:15:49.0937 3232 AliIde - ok
15:15:50.0187 3232 amsint - ok
15:15:50.0296 3232 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
15:15:50.0312 3232 Arp1394 - ok
15:15:50.0546 3232 asc - ok
15:15:50.0796 3232 asc3350p - ok
15:15:51.0046 3232 asc3550 - ok
15:15:51.0328 3232 ASPI32 (b979979ab8027f7f53fb16ec4229b7db) C:\WINDOWS\system32\drivers\ASPI32.sys
15:15:51.0328 3232 ASPI32 - ok
15:15:51.0500 3232 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
15:15:51.0500 3232 AsyncMac - ok
15:15:51.0593 3232 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
15:15:51.0593 3232 atapi - ok
15:15:51.0843 3232 Atdisk - ok
15:15:51.0937 3232 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
15:15:51.0953 3232 Atmarpc - ok
15:15:52.0093 3232 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
15:15:52.0093 3232 audstub - ok
15:15:52.0250 3232 avgio (594d25ef73f381fd508b8ee04883f90f) C:\Programmi\Avira\AntiVir Desktop\avgio.sys
15:15:52.0265 3232 avgio - ok
15:15:52.0390 3232 avgntflt (14fe36d8f2c6a2435275338d061a0b66) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
15:15:52.0390 3232 avgntflt - ok
15:15:52.0515 3232 avipbb (33e08f43071e4a4ff6fcfb6758f85a27) C:\WINDOWS\system32\DRIVERS\avipbb.sys
15:15:52.0531 3232 avipbb - ok
15:15:52.0578 3232 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
15:15:52.0578 3232 Beep - ok
15:15:52.0812 3232 c2scsi (f6eee887352eddcffcf83d1801f8d853) C:\WINDOWS\system32\drivers\c2scsi.sys
15:15:52.0828 3232 c2scsi - ok
15:15:52.0875 3232 catchme - ok
15:15:52.0937 3232 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
15:15:52.0937 3232 cbidf2k - ok
15:15:53.0046 3232 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
15:15:53.0046 3232 CCDECODE - ok
15:15:53.0296 3232 cd20xrnt - ok
15:15:53.0312 3232 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
15:15:53.0328 3232 Cdaudio - ok
15:15:53.0406 3232 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
15:15:53.0406 3232 Cdfs - ok
15:15:53.0484 3232 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
15:15:53.0484 3232 Cdrom - ok
15:15:53.0734 3232 Changer - ok
15:15:53.0859 3232 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
15:15:53.0859 3232 CmBatt - ok
15:15:54.0109 3232 CmdIde - ok
15:15:54.0203 3232 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
15:15:54.0203 3232 Compbatt - ok
15:15:54.0453 3232 Cpqarray - ok
15:15:54.0546 3232 cpuz132 - ok
15:15:54.0812 3232 dac2w2k - ok
15:15:55.0046 3232 dac960nt - ok
15:15:55.0140 3232 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
15:15:55.0140 3232 Disk - ok
15:15:55.0281 3232 dmboot (82bc125a8ed33f5f0e75f2aac1065323) C:\WINDOWS\system32\drivers\dmboot.sys
15:15:55.0312 3232 dmboot - ok
15:15:55.0453 3232 dmio (e959ddc0ea7ac11ee5e5602e2a364310) C:\WINDOWS\system32\drivers\dmio.sys
15:15:55.0468 3232 dmio - ok
15:15:55.0593 3232 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
15:15:55.0593 3232 dmload - ok
15:15:55.0765 3232 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
15:15:55.0765 3232 DMusic - ok
15:15:56.0015 3232 dpti2o - ok
15:15:56.0125 3232 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
15:15:56.0125 3232 drmkaud - ok
15:15:56.0203 3232 exFat (3ef58f2eae3aecab45d682152db2f67d) C:\WINDOWS\system32\drivers\exFat.sys
15:15:56.0203 3232 exFat - ok
15:15:56.0296 3232 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
15:15:56.0296 3232 Fastfat - ok
15:15:56.0343 3232 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
15:15:56.0343 3232 Fdc - ok
15:15:56.0421 3232 Fips (2cfea3326981a18c6baf2bd9be76225b) C:\WINDOWS\system32\drivers\Fips.sys
15:15:56.0437 3232 Fips - ok
15:15:56.0562 3232 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
15:15:56.0578 3232 Flpydisk - ok
15:15:56.0796 3232 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
15:15:56.0796 3232 FltMgr - ok
15:15:56.0937 3232 Fs_Rec (c865b83411d7347627a4beec22543fb1) C:\WINDOWS\system32\drivers\Fs_Rec.sys
15:15:56.0953 3232 Fs_Rec - ok
15:15:56.0968 3232 Ftdisk (f3269a6ee547ea87b949a1cea4816b38) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
15:15:56.0968 3232 Ftdisk - ok
15:15:57.0109 3232 gameenum (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys
15:15:57.0109 3232 gameenum - ok
15:15:57.0281 3232 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
15:15:57.0281 3232 Gpc - ok
15:15:57.0390 3232 hardlock (57b831c0cd8e0dac47e58a4085ca531a) C:\WINDOWS\system32\drivers\hardlock.sys
15:15:57.0406 3232 hardlock - ok
15:15:57.0578 3232 Haspnt (784e06905391774d88d5d52adb37f19e) C:\WINDOWS\system32\drivers\Haspnt.sys
15:15:57.0578 3232 Haspnt - ok
15:15:58.0000 3232 HdAudAddService (2a013e7530beab6e569faa83f517e836) C:\WINDOWS\system32\drivers\HdAudio.sys
15:15:58.0015 3232 HdAudAddService - ok
15:15:58.0218 3232 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
15:15:58.0218 3232 HDAudBus - ok
15:15:58.0343 3232 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
15:15:58.0343 3232 HidUsb - ok
15:15:58.0593 3232 hpn - ok
15:15:58.0859 3232 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
15:15:58.0875 3232 HTTP - ok
15:15:59.0125 3232 hwdatacard - ok
15:15:59.0375 3232 i2omgmt - ok
15:15:59.0625 3232 i2omp - ok
15:15:59.0718 3232 i8042prt (610726e28af55b95043c5c35a727e320) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
15:15:59.0734 3232 i8042prt - ok
15:15:59.0968 3232 imagedrv (25edd75e23c5ef6b33d0fbcce125a601) C:\WINDOWS\system32\Drivers\imagedrv.sys
15:15:59.0968 3232 imagedrv - ok
15:16:00.0218 3232 imagesrv (9c4bbacf4e9b9543c3ce23f1fe556941) C:\WINDOWS\system32\DRIVERS\imagesrv.sys
15:16:00.0218 3232 imagesrv - ok
15:16:00.0312 3232 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
15:16:00.0312 3232 Imapi - ok
15:16:00.0781 3232 InCDFs - ok
15:16:01.0031 3232 InCDPass - ok
15:16:01.0281 3232 InCDRm - ok
15:16:01.0531 3232 ini910u - ok
15:16:01.0781 3232 IntcAzAudAddService - ok
15:16:02.0031 3232 IntelIde - ok
15:16:02.0140 3232 intelppm (ebd830a0970c438047006a49c23e287f) C:\WINDOWS\system32\DRIVERS\intelppm.sys
15:16:02.0140 3232 intelppm - ok
15:16:02.0281 3232 io.sys (5e333b8c20fb4a48c8ca3cf3489cd235) C:\WINDOWS\system32\drivers\io.sys
15:16:02.0296 3232 io.sys - ok
15:16:02.0500 3232 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
15:16:02.0515 3232 Ip6Fw - ok
15:16:02.0578 3232 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
15:16:02.0593 3232 IpFilterDriver - ok
15:16:02.0812 3232 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
15:16:02.0812 3232 IpInIp - ok
15:16:02.0937 3232 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
15:16:02.0953 3232 IpNat - ok
15:16:03.0062 3232 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
15:16:03.0078 3232 IPSec - ok
15:16:03.0234 3232 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
15:16:03.0234 3232 IRENUM - ok
15:16:03.0359 3232 isapnp (0953594beb81cc72fcc62d37921b25a6) C:\WINDOWS\system32\DRIVERS\isapnp.sys
15:16:03.0359 3232 isapnp - ok
15:16:03.0484 3232 ISODrive (0ae61463adda697a6291155ce6b08aaf) C:\Programmi\UltraISO\drivers\ISODrive.sys
15:16:03.0500 3232 ISODrive - ok
15:16:03.0656 3232 Kbdclass (28b6eace513ca7eaba3b809ad4bc274d) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
15:16:03.0671 3232 Kbdclass - ok
15:16:03.0828 3232 kbdhid (4c61c226bdda2ef1672b2c5f4e56625e) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
15:16:03.0828 3232 kbdhid - ok
15:16:04.0000 3232 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
15:16:04.0015 3232 kmixer - ok
15:16:04.0156 3232 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
15:16:04.0156 3232 KSecDD - ok
15:16:04.0406 3232 lbrtfdc - ok
15:16:04.0484 3232 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
15:16:04.0484 3232 mnmdd - ok
15:16:04.0625 3232 Modem (8cb6636806d76b85fafaee94d75f5129) C:\WINDOWS\system32\drivers\Modem.sys
15:16:04.0625 3232 Modem - ok
15:16:04.0703 3232 Mouclass (e904ebed608055a2bfb824c07f59766c) C:\WINDOWS\system32\DRIVERS\mouclass.sys
15:16:04.0718 3232 Mouclass - ok
15:16:04.0953 3232 mouhid (d7662f0cf5b77bbbe3202716f5bd5318) C:\WINDOWS\system32\DRIVERS\mouhid.sys
15:16:04.0968 3232 mouhid - ok
15:16:05.0031 3232 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
15:16:05.0031 3232 MountMgr - ok
15:16:05.0265 3232 mraid35x - ok
15:16:05.0453 3232 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
15:16:05.0453 3232 MRxDAV - ok
15:16:05.0687 3232 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
15:16:05.0687 3232 MRxSmb - ok
15:16:05.0812 3232 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
15:16:05.0812 3232 Msfs - ok
15:16:06.0000 3232 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
15:16:06.0015 3232 MSKSSRV - ok
15:16:06.0171 3232 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
15:16:06.0171 3232 MSPCLOCK - ok
15:16:06.0328 3232 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
15:16:06.0328 3232 MSPQM - ok
15:16:06.0531 3232 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
15:16:06.0531 3232 mssmbios - ok
15:16:06.0593 3232 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
15:16:06.0593 3232 MSTEE - ok
15:16:06.0734 3232 MTsensor (e333010a50bf603acc350f6019e9ce02) C:\WINDOWS\system32\DRIVERS\ATKACPI.sys
15:16:06.0734 3232 MTsensor - ok
15:16:06.0890 3232 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
15:16:06.0906 3232 Mup - ok
15:16:06.0984 3232 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
15:16:06.0984 3232 NABTSFEC - ok
15:16:07.0031 3232 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
15:16:07.0031 3232 NDIS - ok
15:16:07.0250 3232 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
15:16:07.0250 3232 NdisIP - ok
15:16:07.0406 3232 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
15:16:07.0406 3232 NdisTapi - ok
15:16:07.0500 3232 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
15:16:07.0500 3232 Ndisuio - ok
15:16:07.0562 3232 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
15:16:07.0578 3232 NdisWan - ok
15:16:07.0734 3232 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
15:16:07.0734 3232 NDProxy - ok
15:16:07.0812 3232 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
15:16:07.0812 3232 NetBIOS - ok
15:16:07.0921 3232 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
15:16:07.0937 3232 NetBT - ok
15:16:08.0093 3232 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
15:16:08.0093 3232 NIC1394 - ok
15:16:08.0265 3232 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
15:16:08.0265 3232 Npfs - ok
15:16:08.0390 3232 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
15:16:08.0406 3232 Ntfs - ok
15:16:08.0437 3232 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
15:16:08.0453 3232 Null - ok
15:16:08.0828 3232 nv (723f13c0ede32339338dac8ecaeb9979) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
15:16:08.0921 3232 nv - ok
15:16:09.0062 3232 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
15:16:09.0062 3232 NwlnkFlt - ok
15:16:09.0109 3232 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
15:16:09.0125 3232 NwlnkFwd - ok
15:16:09.0234 3232 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
15:16:09.0234 3232 ohci1394 - ok
15:16:09.0312 3232 Parport (4e9408a178b2d955871c2cdd278de3c3) C:\WINDOWS\system32\drivers\Parport.sys
15:16:09.0312 3232 Parport - ok
15:16:09.0468 3232 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
15:16:09.0468 3232 PartMgr - ok
15:16:09.0515 3232 ParVdm (0dabef655a444cb1e193626fb1d24b9f) C:\WINDOWS\system32\drivers\ParVdm.sys
15:16:09.0531 3232 ParVdm - ok
15:16:09.0593 3232 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
15:16:09.0609 3232 pccsmcfd - ok
15:16:09.0765 3232 PCI (f40a46892afebb0314536b849d57c11e) C:\WINDOWS\system32\DRIVERS\pci.sys
15:16:09.0765 3232 PCI - ok
15:16:10.0015 3232 PCIDump - ok
15:16:10.0156 3232 PCIIde (b2df00d650fd6c4ee781740ed3c8e67f) C:\WINDOWS\system32\DRIVERS\pciide.sys
15:16:10.0156 3232 PCIIde - ok
15:16:10.0312 3232 Pcmcia (815c50f2b1d1562800bdce8be895000e) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
15:16:10.0312 3232 Pcmcia - ok
15:16:10.0562 3232 Pcouffin - ok
15:16:10.0812 3232 PDCOMP - ok
15:16:11.0062 3232 PDFRAME - ok
15:16:11.0312 3232 PDRELI - ok
15:16:11.0562 3232 PDRFRAME - ok
15:16:11.0812 3232 perc2 - ok
15:16:12.0046 3232 perc2hib - ok
15:16:12.0250 3232 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
15:16:12.0250 3232 PptpMiniport - ok
15:16:12.0406 3232 PQNTDrv (c73c8fb27a852a8832f5eae2c59c23c5) C:\WINDOWS\system32\drivers\PQNTDrv.sys
15:16:12.0406 3232 PQNTDrv - ok
15:16:12.0515 3232 prodrv06 (6d3b2fc5dec2f59b28fe5fa17250a7b0) C:\WINDOWS\System32\drivers\prodrv06.sys
15:16:12.0546 3232 prodrv06 - ok
15:16:12.0656 3232 prohlp02 (c5f47b7ec2ec906847d5f80ba779a5bd) C:\WINDOWS\system32\drivers\prohlp02.sys
15:16:12.0656 3232 prohlp02 - ok
15:16:12.0750 3232 prosync1 (f3471e7971ee62420451d958da635064) C:\WINDOWS\system32\drivers\prosync1.sys
15:16:12.0750 3232 prosync1 - ok
15:16:12.0828 3232 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
15:16:12.0828 3232 PSched - ok
15:16:12.0859 3232 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
15:16:12.0859 3232 Ptilink - ok
15:16:12.0968 3232 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\WINDOWS\system32\Drivers\PxHelp20.sys
15:16:12.0968 3232 PxHelp20 - ok
15:16:13.0218 3232 ql1080 - ok
15:16:13.0468 3232 Ql10wnt - ok
15:16:13.0718 3232 ql12160 - ok
15:16:13.0968 3232 ql1240 - ok
15:16:14.0218 3232 ql1280 - ok
15:16:14.0265 3232 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
15:16:14.0265 3232 RasAcd - ok
15:16:14.0359 3232 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
15:16:14.0359 3232 Rasl2tp - ok
15:16:14.0437 3232 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
15:16:14.0437 3232 RasPppoe - ok
15:16:14.0468 3232 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
15:16:14.0468 3232 Raspti - ok
15:16:14.0625 3232 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
15:16:14.0625 3232 Rdbss - ok
15:16:14.0671 3232 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
15:16:14.0687 3232 RDPCDD - ok
15:16:14.0781 3232 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
15:16:14.0781 3232 RDPWD - ok
15:16:14.0953 3232 redbook (393fc252593323b624b230eca6b85e63) C:\WINDOWS\system32\DRIVERS\redbook.sys
15:16:14.0968 3232 redbook - ok
15:16:15.0203 3232 rimsptsk (1bdba2d2d402415a78a4ba766dfe0f7b) C:\WINDOWS\system32\DRIVERS\rimsptsk.sys
15:16:15.0203 3232 rimsptsk - ok
15:16:15.0421 3232 risdptsk (ace2ce73d7b04eac48fb80482e05e770) C:\WINDOWS\system32\DRIVERS\risdptsk.sys
15:16:15.0437 3232 risdptsk - ok
15:16:15.0484 3232 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
15:16:15.0484 3232 ROOTMODEM - ok
15:16:15.0750 3232 RTL8023xp (d6e1b1bd04fad422af17fc4b810cb9af) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
15:16:15.0750 3232 RTL8023xp - ok
15:16:16.0031 3232 s24trans (73ed6b5cac92f23f4610667b8eb8e8d6) C:\WINDOWS\system32\DRIVERS\s24trans.sys
15:16:16.0031 3232 s24trans - ok
15:16:16.0156 3232 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
15:16:16.0171 3232 Secdrv - ok
15:16:16.0265 3232 Serial (fdbd9d64e2e03270021d424f0dccf79d) C:\WINDOWS\system32\drivers\Serial.sys
15:16:16.0281 3232 Serial - ok
15:16:16.0390 3232 sfhlp01 (462aee0ea0481ea8bd45cac876a4ccc4) C:\WINDOWS\system32\drivers\sfhlp01.sys
15:16:16.0390 3232 sfhlp01 - ok
15:16:16.0562 3232 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
15:16:16.0562 3232 Sfloppy - ok
15:16:16.0812 3232 Simbad - ok
15:16:16.0921 3232 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
15:16:16.0921 3232 SLIP - ok
15:16:17.0171 3232 smserial - ok
15:16:17.0421 3232 Sparrow - ok
15:16:17.0578 3232 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
15:16:17.0578 3232 splitter - ok
15:16:17.0843 3232 sptd - ok
15:16:18.0015 3232 sr (618718cae288bf7cbd8fcbab2577d932) C:\WINDOWS\system32\DRIVERS\sr.sys
15:16:18.0015 3232 sr - ok
15:16:18.0171 3232 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
15:16:18.0187 3232 Srv - ok
15:16:18.0296 3232 sscdbus (2d4027c46b4c6e45875e3c4ba3f67492) C:\WINDOWS\system32\DRIVERS\sscdbus.sys
15:16:18.0296 3232 sscdbus - ok
15:16:18.0390 3232 sscdmdfl (f548f1eba107bc19e91189e6a460bd0e) C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys
15:16:18.0390 3232 sscdmdfl - ok
15:16:18.0468 3232 sscdmdm (71d348d53597379dfe1de255d70af13c) C:\WINDOWS\system32\DRIVERS\sscdmdm.sys
15:16:18.0484 3232 sscdmdm - ok
15:16:18.0562 3232 ssmdrv (7b69466075b4da427c5ecd10e1eab72a) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
15:16:18.0562 3232 ssmdrv - ok
15:16:18.0703 3232 StarOpen (306521935042fc0a6988d528643619b3) C:\WINDOWS\system32\drivers\StarOpen.sys
15:16:18.0703 3232 StarOpen - ok
15:16:18.0875 3232 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
15:16:18.0875 3232 streamip - ok
15:16:19.0031 3232 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
15:16:19.0046 3232 swenum - ok
15:16:19.0234 3232 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
15:16:19.0234 3232 swmidi - ok
15:16:19.0484 3232 symc810 - ok
15:16:19.0734 3232 symc8xx - ok
15:16:19.0984 3232 SymIM - ok
15:16:20.0234 3232 SymIMMP - ok
15:16:20.0484 3232 sym_hi - ok
15:16:20.0734 3232 sym_u3 - ok
15:16:21.0015 3232 SynMini (431a1871e820b1b354c46953cfac470c) C:\WINDOWS\system32\Drivers\SynMini.sys
15:16:21.0031 3232 SynMini - ok
15:16:21.0296 3232 SynScan (5c139675c92f9254b0ac08fc53840321) C:\WINDOWS\system32\Drivers\SynScan.sys
15:16:21.0312 3232 SynScan - ok
15:16:21.0578 3232 SynTP (9c29e8e9c1c48e9c8bc38f031df4720f) C:\WINDOWS\system32\DRIVERS\SynTP.sys
15:16:21.0578 3232 SynTP - ok
15:16:21.0734 3232 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
15:16:21.0734 3232 sysaudio - ok
15:16:21.0828 3232 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
15:16:21.0843 3232 Tcpip - ok
15:16:22.0031 3232 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
15:16:22.0031 3232 TDPIPE - ok
15:16:22.0171 3232 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
15:16:22.0171 3232 TDTCP - ok
15:16:22.0343 3232 teamviewervpn (9101fffcfccd1a30e870a5b8a9091b10) C:\WINDOWS\system32\DRIVERS\teamviewervpn.sys
15:16:22.0359 3232 teamviewervpn - ok
15:16:22.0484 3232 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
15:16:22.0484 3232 TermDD - ok
15:16:22.0734 3232 TosIde - ok
15:16:22.0984 3232 tosporte (d626e0af9232d8799d3a449530f3c220) C:\WINDOWS\system32\DRIVERS\tosporte.sys
15:16:23.0000 3232 tosporte - ok
15:16:23.0250 3232 Tosrfbd (0ec5206059d97a8dc785be73fb457ec7) C:\WINDOWS\system32\Drivers\tosrfbd.sys
15:16:23.0265 3232 Tosrfbd - ok
15:16:23.0515 3232 Tosrfbnp (33498b8f0b2ca549c2b7ffc1b3c0f1bc) C:\WINDOWS\system32\Drivers\tosrfbnp.sys
15:16:23.0515 3232 Tosrfbnp - ok
15:16:23.0796 3232 Tosrfcom (5ba1ca3b3cddb1ddc67df473f05d1ec2) C:\WINDOWS\system32\Drivers\tosrfcom.sys
15:16:23.0796 3232 Tosrfcom - ok
15:16:24.0046 3232 Tosrfhid (5dbf390aab62dd0d4d43a9278614e001) C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys
15:16:24.0046 3232 Tosrfhid - ok
15:16:24.0328 3232 tosrfnds (c52fd27b9adf3a1f22cb90e6bcf9b0cb) C:\WINDOWS\system32\DRIVERS\tosrfnds.sys
15:16:24.0328 3232 tosrfnds - ok
15:16:24.0593 3232 TosRfSnd (0d86d15caff2b3203c785d604ec7c942) C:\WINDOWS\system32\drivers\TosRfSnd.sys
15:16:24.0609 3232 TosRfSnd - ok
15:16:24.0875 3232 Tosrfusb (c582b7716f0be7e65505365f4f941587) C:\WINDOWS\system32\Drivers\tosrfusb.sys
15:16:24.0875 3232 Tosrfusb - ok
15:16:25.0140 3232 U81xbus (8452977e2331af70652c3a4c28d2706d) C:\WINDOWS\system32\DRIVERS\U81xbus.sys
15:16:25.0156 3232 U81xbus - ok
15:16:25.0421 3232 U81xmdfl (e39c410fcd87570e36dcc34f6d2502b7) C:\WINDOWS\system32\DRIVERS\U81xmdfl.sys
15:16:25.0421 3232 U81xmdfl - ok
15:16:25.0734 3232 U81xmdm (eb0bbf5d8c53f1abe7911907b276a0b6) C:\WINDOWS\system32\DRIVERS\U81xmdm.sys
15:16:25.0750 3232 U81xmdm - ok
15:16:26.0000 3232 U81xmgmt (f0eea020cc5986260b87cb92050af160) C:\WINDOWS\system32\DRIVERS\U81xmgmt.sys
15:16:26.0015 3232 U81xmgmt - ok
15:16:26.0265 3232 U81xobex (aa1eb6bfd8176c25c04b803542bcd7ac) C:\WINDOWS\system32\DRIVERS\U81xobex.sys
15:16:26.0281 3232 U81xobex - ok
15:16:26.0359 3232 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
15:16:26.0359 3232 Udfs - ok
15:16:26.0609 3232 ultra - ok
15:16:26.0750 3232 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
15:16:26.0781 3232 Update - ok
15:16:27.0031 3232 USBAAPL - ok
15:16:27.0156 3232 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
15:16:27.0171 3232 usbccgp - ok
15:16:27.0343 3232 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
15:16:27.0359 3232 usbehci - ok
15:16:27.0500 3232 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
15:16:27.0515 3232 usbhub - ok
15:16:27.0687 3232 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
15:16:27.0703 3232 usbscan - ok
15:16:27.0890 3232 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
15:16:27.0890 3232 USBSTOR - ok
15:16:27.0984 3232 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
15:16:27.0984 3232 usbuhci - ok
15:16:28.0234 3232 vaxscsi - ok
15:16:28.0312 3232 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
15:16:28.0312 3232 VgaSave - ok
15:16:28.0593 3232 ViaIde - ok
15:16:28.0703 3232 VolSnap (e46c1b5a56da7da603d09dfcc79ec59e) C:\WINDOWS\system32\drivers\VolSnap.sys
15:16:28.0703 3232 VolSnap - ok
15:16:29.0000 3232 w39n51 (c79918a5bd269035f3a34d157401b9df) C:\WINDOWS\system32\DRIVERS\w39n51.sys
15:16:29.0062 3232 w39n51 - ok
15:16:29.0218 3232 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
15:16:29.0234 3232 Wanarp - ok
15:16:29.0406 3232 wceusbsh (46a247f6617526afe38b6f12f5512120) C:\WINDOWS\system32\DRIVERS\wceusbsh.sys
15:16:29.0406 3232 wceusbsh - ok
15:16:29.0671 3232 WDICA - ok
15:16:29.0843 3232 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
15:16:29.0843 3232 wdmaud - ok
15:16:30.0156 3232 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
15:16:30.0171 3232 WpdUsb - ok
15:16:30.0265 3232 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
15:16:30.0265 3232 WS2IFSL - ok
15:16:30.0437 3232 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
15:16:30.0437 3232 WSTCODEC - ok
15:16:30.0625 3232 WudfPf (eaa6324f51214d2f6718977ec9ce0def) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
15:16:30.0625 3232 WudfPf - ok
15:16:30.0812 3232 WudfRd (f91ff1e51fca30b3c3981db7d5924252) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
15:16:30.0812 3232 WudfRd - ok
15:16:30.0859 3232 MBR (0x1B8) (828e02d5c4a4fbe53441ee9dbee51f43) \Device\Harddisk0\DR0
15:16:31.0000 3232 \Device\Harddisk0\DR0 - ok
15:16:31.0000 3232 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR5
15:16:31.0000 3232 \Device\Harddisk1\DR5 - ok
15:16:31.0015 3232 Boot (0x1200) (1b01986bcec7df91e52b88f5a0c557b3) \Device\Harddisk0\DR0\Partition0
15:16:31.0015 3232 \Device\Harddisk0\DR0\Partition0 - ok
15:16:31.0031 3232 Boot (0x1200) (26d39aa60080cec2c5db2b34e808ce6a) \Device\Harddisk0\DR0\Partition1
15:16:31.0031 3232 \Device\Harddisk0\DR0\Partition1 - ok
15:16:31.0046 3232 Boot (0x1200) (ea141a8ea0c84cdb23cda4f103d6f228) \Device\Harddisk0\DR0\Partition2
15:16:31.0046 3232 \Device\Harddisk0\DR0\Partition2 - ok
15:16:31.0062 3232 Boot (0x1200) (a4929551f3081674cce4887ab80501e8) \Device\Harddisk1\DR5\Partition0
15:16:31.0062 3232 \Device\Harddisk1\DR5\Partition0 - ok
15:16:31.0062 3232 ============================================================
15:16:31.0062 3232 Scan finished
15:16:31.0062 3232 ============================================================
15:16:31.0062 2528 Detected object count: 0
15:16:31.0062 2528 Actual detected object count: 0
Immagine
Avatar utente
ciby
Utente Junior
 
Post: 62
Iscritto il: 04/07/07 19:02
Località: cagliari

Re: Notebook và a rallenty

Postdi FrancescoFDAC » 24/02/12 15:17

Esegui la procedura descritta, rigorosamente nel suo ordine, al fine di:
guadagnare spazio su disco
ottimizzare le prestazioni del sistema
mantenere il corretto funzionamento di Windows

Ottimizzazione - post rimozione malware

Il mio consiglio è quello di stampare questa procedura, perché tornerà senz'altro utile in futuro, a te ed ai tuoi conoscenti: condividila pure con loro, non ha controindicazioni di alcun genere ed andrebbe eseguita dopo aver rimosso tutte le infezione presenti nel sistema.
Queste operazioni infatti, andrebbero eseguite almeno una volta al mese (per utilizzatori di Computer assidui il tempo è ridotto a due settimane, eccetto per lo Scandisk, punto 13. della procedura).

Tieni presente che la maggior parte delle chiavi di registro corrotte e danneggiate non si possono ripristinare e riparare correttamente, e l'installazione e la disinstallazione continua dei programmi può causare crash di sistema e fastidiose schermate blu.

Una formattazione consente di ottenere dei massimi benefici, in termini di velocità, stabilità e prestazioni: questa procedura si avvicina maggiormente ai risultati ottenuti tramite una formattazione del disco fisso.

1. Rimuovi le voci di avvio non necessarie

Questa procedura è puramente facoltativa: questi sono programmi che si avviano quando accendi il computer, ma puoi eseguirli una volta caricato il sistema operativo.
Togliendo questi software dall'esecuzione automatica, l'avvio sarà più veloce ed il computer funzionerà meglio.

Avvia HiJackThis e:
● clicca sul pulsante Do a system scan only/Scan
metti la spunta accanto ad ogni singola voce indicata sotto
● spuntate le voci, termina tutti i programmi attivi, comprese le pagine Internet
● clicca, in basso a sinistra, sul pulsante Fix checked; potrebbe comparire un'ulteriore finestra durante il fix delle voci: clicca su
Queste sono le voci da fixare:
Codice: Seleziona tutto
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.findeer.com
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Programmi\Ask.com\GenericAskToolbar.dll (file missing)
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - (no file)
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programmi\Ask.com\GenericAskToolbar.dll (file missing)
O2 - BHO: Bandoo IE Plugin - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - (no file)
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programmi\Ask.com\GenericAskToolbar.dll (file missing)
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ABLKSR] C:\WINDOWS\ABLKSR\ABLKSR.exe
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Programmi\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [NokiaMServer] C:\Programmi\File comuni\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM\..\Run: [NokiaMusic FastStart] "C:\Programmi\Nokia\Ovi Player\NokiaOviPlayer.exe" /command:faststart
O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~1\WI9130~1\Datamngr\DATAMN~1.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\system32\qttask.exe" -atboottime
O4 - HKLM\..\Run: [FileServe Manager Task] "C:\Programmi\FileServe Manager\FSStarter.exe"
O4 - HKLM\..\Run: [GoogleCrashHandler] C:\Documents and Settings\utente\Impostazioni locali\Dati applicazioni\Google\CrashHandler.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\File comuni\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [CorelDRAW Graphics Suite 11b] C:\Programmi\Corel\Corel Graphics 12\Languages\IT\Programs\Registration.exe /title="CorelDRAW Graphics Suite 12" /date=021912 serial=DR12WRS-1238008-HUY lang=IT
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Programmi\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SynTPEnh] C:\Documents and Settings\utente\Dati applicazioni\Microsoft\taskhost.exe
O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\WINDOWS\system32\Adobe\Shockwave 11\SwHelper_1150600.exe -Update -1150600 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; InfoPath.1)" -"http://arena.fueps.com/t/v/client/info?action=gameClient&tournamentSessionId=30227028&pwd=KXMYDWBONHNX"


Nota: per lanciare HiJackThis su Windows Vista e Windows 7, clicca con il tasto destro del mouse sulla icona di HiJackThis (rappresentata da un omino vestito di rosso con una lente di ingrandimento, nota il file eseguibile in grassetto sotto) e, dal menù contestuale, scegli la voce Esegui come Amministratore: conferma la richiesta proposta

Il percorso da seguire per trovare l'eseguibile del programma è: Start/ Computer/ Programmi/ Trend Micro/ HiJackThis/ HiJackThis.exe

******************************

2. Disinstalla i programmi inutilizzati, e tutte le Toolbar

Procedura per Windows XP:
● clicca sul pulsante Start
● apri il Pannello di controllo
● clicca su Installazione applicazioni
● seleziona il programma da disinstallare, e clicca sul tasto Cambia/Rimuovi: partirà la procedura di disinstallazione

Procedura per Windows Vista e Windows Seven:
● clicca sul pulsante Start
● apri il Pannello di controllo
● clicca su Programmi, e su Programmi e funzionalità
● seleziona il programma da disinstallare, e clicca sul tasto Cambia/Disinstalla: partirà la procedura di disinstallazione

******************************

3. Disinstalla dal Pannello di controllo, in particolare, le seguenti applicazioni:
Adobe Flash Player
Adobe Reader
Java (tutte le versioni installate)

Scarica ed installa, dai siti proposti, le versioni aggiornate dei programmi appena disinstallati:
Adobe Flash Player: http://get.adobe.com/it/flashplayer
Adobe Reader : http://get.adobe.com/it/reader
Java: http://java.com/it/download/index.jsp

Note - riguardo alla procedura:
non consentire l'installazione di componenti aggiuntivi (Toolbar in particolare): non installarne alcuno, quindi togli la spunta alla relativa voce
● alternativamente ad Abobe Reader, software pesante e soprattutto soggetto a vulnerabilità sfruttabili dai malware presenti nella rete per infettare il sistema, puoi scaricare il veloce e leggerissimo Sumatra PDF Reader, che nulla ha da invidiare al prodotto di casa Adobe: http://blog.kowalczyk.info/software/sum ... eader.html

******************************

4. Disattiva il Ripristino Configurazione di Sistema

Procedura per Windows XP:
● clicca sul pulsante Start
● tasto destro del mouse sull'icona Risorse del computer
● seleziona, dal menù a tendina, la voce Proprietà
● apri la scheda Ripristino configurazione di sistema
● metti la spunta alla voce Disattiva Ripristino configurazione di sistema su tutte le unità
● conferma la modifica, con Applica e OK

Procedura per Windows Vista e Windows Seven:
● clicca sul pulsante Start
● tasto destro del mouse sull'icona Computer
● seleziona, dal menù a tendina, la voce Proprietà
● clicca, nel menù a sinistra, su Protezione sistema; compare un avviso relativo al Controllo Account Utente: clicca su Continua
● deseleziona la casella di controllo visualizzata accanto al Disco Locale C:
● clicca sul pulsante OK
● conferma la modifica apportata, cliccando sul pulsante Applica e OK

******************************

5. Svuota del suo contenuto la cartella Prefetch

Procedura per Windows XP:
● clicca sul pulsante Start
● clicca su Risorse del computer
● apri il Disco locale C:
● individua ed apri la cartella Windows
● individua ed apri la cartella Prefetch
elimina tutte le voci conservate al suo interno: fai attenzione però, a non eliminare la cartella

Procedura per Windows Vista e Windows Seven:
● clicca sul pulsante Start
● clicca su Computer
● apri il Disco locale C:
● individua ed apri la cartella Windows
● individua ed apri la cartella Prefetch
elimina tutte le voci conservate al suo interno, tranne il file Layout.ini: fai attenzione però, a non eliminare la cartella

Nota - riguardo alla procedura:
● la cartella Prefetch contiene i file che il sistema operativo esegue; un'operazione di prefetch consiste nel rendere immediatamente disponibili, nella memoria cache, i file utilizzati più spesso e quelli necessari per il processo di avvio del personal computer.
Il riavvio successivo sarà un po' lento, ma quelli seguenti saranno senza dubbio più veloci

******************************

6. Svuota del suo contenuto la cartella Download

Procedura per Windows XP:
● clicca sul pulsante Start
● clicca su Risorse del computer
● apri il Disco locale C:
● individua ed apri la cartella Windows
● individua ed apri la cartella SoftwareDistribution
● individua ed apri la cartella Download
elimina tutte le voci conservate al suo interno: fai attenzione però, a non eliminare la cartella

Procedura per Windows Vista e Windows Seven:
● clicca sul pulsante Start
● clicca su Computer
● apri il Disco locale C:
● individua ed apri la cartella Windows
● individua ed apri la cartella SoftwareDistribution
● individua ed apri la cartella Download
elimina tutte le voci conservate al suo interno: fai attenzione però, a non eliminare la cartella

Nota - riguardo alla procedura:
● la cartella Download contiene i file di installazione degli aggiornamenti di Windows, che possono essere eliminati senza problemi per recuperare spazio su disco e risolvere fastidiosi problemi di aggiornamenti

******************************

7. Scarica TFC by OldTimer: http://oldtimer.geekstogo.com/TFC.exe
● posiziona il tool sul Desktop
termina tutti i programmi attivi, comprese le pagine Internet
● avvia il tool con un doppio click
● clicca, in basso a sinistra, sul pulsante Start
scomparirà, per qualche istante, il Desktop: nulla di cui preoccuparsi
● attendi pazientemente il termine delle operazioni
● clicca, in basso a destra, sul pulsante Exit
● una volta terminate le operazioni, chiudi il programma

Nota: per eseguire correttamente TFC by OldTimer su Windows Vista e Windows Seven, clicca con il tasto destro del mouse sull'icona del programma e, dal menù contestuale, scegli la voce Esegui come Amministratore: conferma la richiesta proposta

******************************

8. Scarica ed installa CCleaner: http://www.piriform.com/ccleaner/download
Nota - durante l'installazione: non consentire l'installazione di componenti aggiuntivi (Toolbar in particolare): non installarne alcuno, quindi togli la spunta alla relativa voce

Una volta installato ed avviato, esegui queste operazioni:
● nel menù di sinistra, clicca su Opzioni
● nella finestra successiva, clicca su Impostazioni
● spunta la voce Tipo cancellazione: Sicura (lenta) e nel menù a tendina seleziona la voce DOD 5220.22-M (3 passaggi)
● clicca su Avanzate
● togli la spunta alla voce Cancella file in Windows Temp solo se più vecchi di 24 ore e alla voce Chiedi se salvare un backup dei problemi del registro
● clicca, nel menù a sinistra, su Pulizia: nella sezione Avanzate, metti la spunta alle voci Vecchi dati Prefetch, Disinstallatori Aggiornamenti di Windows e File Log IIS
● apri, in alto, il tab Applicazioni: spunta tutte le voci presenti
termina tutti i programmi attivi, comprese le pagine Internet
● clicca, in basso a sinistra, sul bottone Analizza, per cercare i file temporanei
● clicca, in basso a destra, sul bottone Avvia Pulizia, per avviare la pulizia dei file temporanei
● nella finestra che compare, metti la spunta alla voce Non mostrare più questo messaggio, e conferma cliccando sul pulsante OK
● terminata la pulizia, nel menù a sinistra, clicca sulla voce Registro
● clicca sul bottone Trova Problemi, per avviare la ricerca delle voci di registro corrotte e danneggiate
● clicca sul bottone Ripara selezionati... e prosegui con la riparazione: la pulizia del registro ripetila più volte, fino a quando non verranno più rilevati problemi da correggere
● una volta terminate le operazioni, chiudi il programma

******************************

9. Lancia Hijackthis e pulisci gli ADS (esclusivamente su partizioni formattate in NTFS):
● clicca sulla voce Open the Misc Tools section
● clicca su Open ADS Spy..., nel tab System tools
● in alto, togli la spunta alla voce Quick scan (Windows base folder only)
● clicca, in basso, sul pulsante Scan
● attendi pazientemente il termine della scansione
● se venissero rilevati molti ADS, clicca con il tasto destro sulla prima casellina, e scegli la voce Select all
● clicca, in basso, sul pulsante Remove selected: conferma con
● una volta terminate le operazioni, chiudi il programma

Nota - riguardo al programma:
● in caso avessi un sistema operativo a 64 Bit, tralascia la procedura. Fai click qui per scoprire se il tuo sistema operativo è a 32 o 64 Bit: http://support.microsoft.com/kb/827218/it

******************************

10. Scarica OTC by OldTimer: http://oldtimer.geekstogo.com/OTC.exe
● posiziona il tool sul Desktop
● chiudi tutti i programmi attivi
● avvia il tool con un doppio click
● clicca sul pulsante CleanUp!
● il programma chiede di riavviare il sistema: consenti, cliccando su Yes per due volte

Note - riguardo al programma:
OTC by OldTimer va eseguito solamente nel caso tu abbia utilizzato in precedenza particolari programmi che richiedono una particolare procedura di disinstallazione, come ComboFix, FindAWF, GMER, RSIT e TDSS Killer.
● per eseguire correttamente OTC by OldTimer su Windows Vista e Windows Seven, clicca con il tasto destro del mouse sull'icona del programma e, dal menù contestuale, scegli la voce Esegui come Amministratore: conferma la richiesta proposta

******************************

11. Riabilita il Ripristino Configurazione di Sistema, seguendo la procedura inversa al punto 4

******************************

12. Scarica ed installa Defraggler: http://www.piriform.com/defraggler/download

Nota - durante l'installazione:
non consentire l'installazione di componenti aggiuntivi (Toolbar in particolare): non installarne alcuno, quindi togli la spunta alla relativa voce

Una volta installato, esegui queste operazioni:
● avvia il programma con un doppio click
● seleziona con il tasto sinistro del mouse l'unità Disco Locale C:
● clicca, in basso a sinistra, sul bottone Deframmenta
● attendi pazientemente il termine delle operazioni

******************************

13. Controlla l'Hard Disk per eventuali errori

Procedura per Windows XP:
● clicca sul pulsante Start
● clicca su Esegui
● nello spazio bianco, copia ed incolla questa riga:
cmd /c chkdsk c: |find /v "percent" >> "%userprofile%\desktop\checkhd.txt"
● clicca sul pulsante OK
● attendi pazientemente il termine delle operazioni
● una finestra DOS vuota si aprirà sul Desktop, per poi chiudersi automaticamente: nulla di cui preoccuparsi
● allega il file checkhd.txt presente sul Desktop per un controllo

Procedura per Windows Vista e Windows Seven:
● clicca sul pulsante Start
● scegli la voce Tutti i programmi
● clicca su Accessori
● clicca su Esegui
● nello spazio bianco, copia ed incolla questa riga:
cmd /c chkdsk c: |find /v "percent" >> "%userprofile%\desktop\checkhd.txt"
● clicca sul pulsante OK
● attendi pazientemente il termine delle operazioni
● una finestra DOS vuota si aprirà sul Desktop, per poi chiudersi automaticamente: nulla di cui preoccuparsi
● allega il file checkhd.txt presente sul Desktop per un controllo

******************************

Note - al termine della procedura:
riavvia il sistema
allega un nuovo log di HijackThis
● comunica come funziona il sistema, e quali problemi riscontri attualmente
FrancescoFDAC
Utente Senior
 
Post: 1048
Iscritto il: 13/08/11 09:53

Re: Notebook và a rallenty

Postdi ciby » 24/02/12 15:27

Ok,mi ci vorrà un pò...una curiosità,eccetto un gran caos per tanti(troppi) programmi utilizzati e/o rimossi,ed il poco spazio nell'hard disk,per il resto fin'ora hai notato qualcosa di particolare?
Comunque ti ringrazio per l'aiuto e la pazienza ;)
Immagine
Avatar utente
ciby
Utente Junior
 
Post: 62
Iscritto il: 04/07/07 19:02
Località: cagliari

Re: Notebook và a rallenty

Postdi FrancescoFDAC » 24/02/12 15:50

Ciao, no, niente di particolare.

Francesco
FrancescoFDAC
Utente Senior
 
Post: 1048
Iscritto il: 13/08/11 09:53

Re: Notebook và a rallenty

Postdi ciby » 24/02/12 21:28

Il file system Š di tipo FAT32.
Numero di serie del volume: 1CE1-3532
Verifica dei file e delle cartelle in corso...
Il controllo del disco Š stato effettuato senza il parametro /F.
\WINDOWS\Prefetch\AVWSC.EXE-02281408.pf la prima unit… di allocazione non Š valida. La voce sar… troncata.
\WINDOWS\Prefetch\CMD.EXE-034B0549.pf la prima unit… di allocazione non Š valida. La voce sar… troncata.
\WINDOWS\Prefetch\CHKDSK.EXE-0C6DCB55.pf la prima unit… di allocazione non Š valida. La voce sar… troncata.
\WINDOWS\Prefetch\FIND.EXE-0EEAD1A7.pf la prima unit… di allocazione non Š valida. La voce sar… troncata.
Immagine
Avatar utente
ciby
Utente Junior
 
Post: 62
Iscritto il: 04/07/07 19:02
Località: cagliari

Re: Notebook và a rallenty

Postdi ciby » 24/02/12 21:47

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21.46.25, on 24/02/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Intel\Wireless\Bin\EvtEng.exe
C:\Programmi\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Avira\AntiVir Desktop\avguard.exe
C:\Programmi\File comuni\InterVideo\DeviceService\DevSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\WINDOWS\runservice.exe
C:\Programmi\File comuni\LightScribe\LSSrvc.exe
C:\Programmi\MAGIX\PC_Check_Tuning_2011_Download-Version\MXSAS.exe
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Programmi\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programmi\ASUSTeK\ASUSDVD\PDVDServ.exe
C:\Programmi\Intel\Wireless\bin\ZCfgSvc.exe
C:\Programmi\Intel\Wireless\Bin\ifrmewrk.exe
C:\Programmi\Intel\Wireless\Bin\EOUWiz.exe
C:\Programmi\Avira\AntiVir Desktop\avgnt.exe
C:\Programmi\File comuni\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Programmi\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre6\bin\ssv.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [avgnt] "C:\Programmi\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [CorelDRAW Graphics Suite 11b] C:\Programmi\Corel\Corel Graphics 12\Languages\IT\Programs\Registration.exe /title="CorelDRAW Graphics Suite 12" /date=030612 serial=DR12WRS-1238008-HUY lang=IT
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\File comuni\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: Download with FileServe Manager - C:\Programmi\FileServe Manager\GetUrl.htm
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Crea preferiti portatile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: 4APoker - {47DDC1F4-8611-4f89-806E-3CBD8B7F924F} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: 4APoker - {47DDC1F4-8611-4f89-806E-3CBD8B7F924F} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: PartyPoker.it - {4B21E152-BA59-4ebf-B522-8C55B265EE1A} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: PartyPoker.it - {4B21E152-BA59-4ebf-B522-8C55B265EE1A} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: PokerStars.it - {C4046502-6524-4d87-896C-878F57D1FF07} - C:\Programmi\PokerStars.IT\PokerStarsUpdate.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Programmi\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (file missing)
O9 - Extra 'Tools' menuitem: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Programmi\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {1A781DED-C22D-4153-3213-A3211E29DF13} (GameDesire Card Games) - http://194.244.16.123/g_bin/eng/cards_2_0_0_77.cab
O16 - DPF: {32C3FEAE-0877-4767-8C20-62A5829A0945} (FBootloaderAX) - http://static.ak.facebook.com/fbplugin/ ... loader.cab
O16 - DPF: {41ACD49D-1974-791A-0981-AA9872721044} (Ganymede Board Games) - http://194.244.16.123/g_bin/eng/boards_2_0_0_35.cab
O16 - DPF: {4BFD075D-C36E-4F28-BB0A-5D472795197A} (PowerLoader Class) - http://www.powerchallenge.com/applet/PowerLoader.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resour ... se8942.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... ader55.cab
O16 - DPF: {A1FE3DE0-CF77-11D4-8340-0080C8D7ED4A} (GameDesire Pinball Demon) - http://194.244.16.123/g_bin/eng/demon_2_0_0_30.cab
O16 - DPF: {A1FE3DEF-CF77-11D4-8340-0080C8D7ED4A} (GameDesire Pinball Pirate) - http://194.244.16.123/g_bin/eng/pirate_2_0_0_30.cab
O16 - DPF: {A7196C8E-35A5-4FF0-9E46-E28918B5CAF6} (GameDesire Domino) - http://194.244.16.123/g_bin/eng/domino_2_0_0_33.cab
O16 - DPF: {AC120B1D-9411-4111-AF52-118052D85D45} (GameDesire Darts Games) - http://194.244.16.123/g_bin/eng/darts_2_0_0_42.cab
O16 - DPF: {AD7013FF-1D9A-4F36-94A6-3CD408A663F9} (GameDesire BreakOut) - http://194.244.16.123/g_bin/eng/breakout_2_0_0_29.cab
O16 - DPF: {E23FABEE-12E3-33DA-DA12-195DAC123984} (GameDesire Mahjong) - http://194.244.16.117/g_bin/eng/mahjong_2_0_0_31.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E95CF138-A587-4C54-8175-3AD80997CB14} (GameDesire Soccer) - http://194.244.16.123/g_bin/eng/soccer_2_0_0_20.cab
O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C1} (GameDesire Pool 8) - http://194.244.16.123/g_bin/eng/billard8_2_0_0_35.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{551A7EAF-B286-4CA9-AA11-68761837EF89}: NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{9C0BAD72-5A0A-498D-9E17-44995BD884E0}: NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{B17FD737-CA2C-41B0-9616-3C337E3EDC75}: NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{BFDA8734-87FF-43CF-BCC5-BE267AA60C6E}: NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{C1F61BC7-0E2A-4713-A65F-23148C8B20C3}: NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{D6288A30-D351-4F08-B966-5D6004A4047B}: NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CS1\Services\Tcpip\..\{39571517-8CB7-4A35-A03F-BA5FD5DE060B}: NameServer = 176.31.229.24,176.31.229.25
O23 - Service: Avira AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programmi\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programmi\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Programmi\File comuni\InterVideo\DeviceService\DevSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - C:\WINDOWS\runservice.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programmi\File comuni\LightScribe\LSSrvc.exe
O23 - Service: MAGIX StartUp Analyze Service - MAGIX AG - C:\Programmi\MAGIX\PC_Check_Tuning_2011_Download-Version\MXSAS.exe
O23 - Service: ServiceLayer - Nokia - C:\Programmi\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 9446 bytes
Immagine
Avatar utente
ciby
Utente Junior
 
Post: 62
Iscritto il: 04/07/07 19:02
Località: cagliari

Re: Notebook và a rallenty

Postdi ciby » 24/02/12 21:53

"...comunica come funziona il sistema, e quali problemi riscontri attualmente..."

Sembra sia tornata la calma! inoltre grazie alla "pulizia" ho guadagnato 7Gb,risultato ottimo considerando che il mio disco C: in totale ha 43,6Gb! :D
Immagine
Avatar utente
ciby
Utente Junior
 
Post: 62
Iscritto il: 04/07/07 19:02
Località: cagliari

Re: Notebook và a rallenty

Postdi FrancescoFDAC » 25/02/12 13:27

Avvia HiJackThis e:
● clicca sul pulsante Do a system scan only/Scan
● a sinistra, metti la spunta accanto ad ogni singola voce che ti indicherò sotto (non spuntare tutte le voce , solo quelle riportate sotto, mi raccomando)
● spuntate le voci, termina tutti i programmi attivi, comprese le pagine Internet
● clicca, in basso a sinistra, sul pulsante Fix checked; potrebbe comparire un'ulteriore finestra durante il fix delle voci: clicca su
Queste sono le voci da fixare:

O4 - HKLM\..\Run: [CorelDRAW Graphics Suite 11b] C:\Programmi\Corel\Corel Graphics 12\Languages\IT\Programs\Registration.exe /title="CorelDRAW Graphics Suite 12" /date=030612 serial=DR12WRS-1238008-HUY lang=IT
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\File comuni\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O16 - DPF: {1A781DED-C22D-4153-3213-A3211E29DF13} (GameDesire Card Games) - http://194.244.16.123/g_bin/eng/cards_2_0_0_77.cab
O16 - DPF: {32C3FEAE-0877-4767-8C20-62A5829A0945} (FBootloaderAX) - http://static.ak.facebook.com/fbplugin/ ... loader.cab
O16 - DPF: {41ACD49D-1974-791A-0981-AA9872721044} (Ganymede Board Games) - http://194.244.16.123/g_bin/eng/boards_2_0_0_35.cab
O16 - DPF: {4BFD075D-C36E-4F28-BB0A-5D472795197A} (PowerLoader Class) - http://www.powerchallenge.com/applet/PowerLoader.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resour ... se8942.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... ader55.cab
O16 - DPF: {A1FE3DE0-CF77-11D4-8340-0080C8D7ED4A} (GameDesire Pinball Demon) - http://194.244.16.123/g_bin/eng/demon_2_0_0_30.cab
O16 - DPF: {A1FE3DEF-CF77-11D4-8340-0080C8D7ED4A} (GameDesire Pinball Pirate) - http://194.244.16.123/g_bin/eng/pirate_2_0_0_30.cab
O16 - DPF: {A7196C8E-35A5-4FF0-9E46-E28918B5CAF6} (GameDesire Domino) - http://194.244.16.123/g_bin/eng/domino_2_0_0_33.cab
O16 - DPF: {AC120B1D-9411-4111-AF52-118052D85D45} (GameDesire Darts Games) - http://194.244.16.123/g_bin/eng/darts_2_0_0_42.cab
O16 - DPF: {AD7013FF-1D9A-4F36-94A6-3CD408A663F9} (GameDesire BreakOut) - http://194.244.16.123/g_bin/eng/breakout_2_0_0_29.cab
O16 - DPF: {E23FABEE-12E3-33DA-DA12-195DAC123984} (GameDesire Mahjong) - http://194.244.16.117/g_bin/eng/mahjong_2_0_0_31.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E95CF138-A587-4C54-8175-3AD80997CB14} (GameDesire Soccer) - http://194.244.16.123/g_bin/eng/soccer_2_0_0_20.cab
O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C1} (GameDesire Pool 8) - http://194.244.16.123/g_bin/eng/billard8_2_0_0_35.cab
FrancescoFDAC
Utente Senior
 
Post: 1048
Iscritto il: 13/08/11 09:53

Re: Notebook và a rallenty

Postdi ciby » 29/02/12 13:55

Il problema è stato risolto...
Francesco ti ringrazio per l'aiuto,per la pazienza e costanza nel darmi supporto,ti ringrazio anche da parte di amici a cui ho consigliato la procedura de "i 13 comandamenti"! :D
Se per caso avrai tempo e modo per dare un'occhiata qui:
viewtopic.php?f=1&t=85584

Magari non è risolvibile,ma,come si dice,tentar non nuoce :)
E' un problema che si verifica meno frequentemente confronto ad allora ma comunque è ancora presente...
Immagine
Avatar utente
ciby
Utente Junior
 
Post: 62
Iscritto il: 04/07/07 19:02
Località: cagliari

Re: Notebook và a rallenty

Postdi FrancescoFDAC » 29/02/12 14:16

Ciao ciby.
Di nulla. Vado a dare un occhiata.

Per intanto, hai un Messaggio Personale.

Ciao!

Francesco
FrancescoFDAC
Utente Senior
 
Post: 1048
Iscritto il: 13/08/11 09:53

Re: Notebook và a rallenty

Postdi ciby » 12/08/12 18:28

Salve...stessa situazione di inizio topic...
questi i file dei vari software:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19.26.27, on 12/08/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Intel\Wireless\Bin\EvtEng.exe
C:\Programmi\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Avira\AntiVir Desktop\sched.exe
C:\Programmi\Avira\AntiVir Desktop\avguard.exe
C:\Programmi\File comuni\InterVideo\DeviceService\DevSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Java\jre6\bin\jqs.exe
C:\WINDOWS\runservice.exe
C:\Programmi\File comuni\LightScribe\LSSrvc.exe
C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Programmi\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\ASUSTeK\ASUSDVD\PDVDServ.exe
C:\Programmi\Intel\Wireless\bin\ZCfgSvc.exe
C:\Programmi\Intel\Wireless\Bin\ifrmewrk.exe
C:\Programmi\Intel\Wireless\Bin\EOUWiz.exe
C:\Programmi\Avira\AntiVir Desktop\avgnt.exe
C:\Programmi\DivX\DivX Update\DivXUpdate.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\utente\Impostazioni locali\Dati applicazioni\Google\Update\GoogleUpdate.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\utente\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\utente\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\utente\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\utente\Impostazioni locali\Dati applicazioni\Google\Chrome\Application\chrome.exe
C:\Programmi\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [avgnt] "C:\Programmi\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [CorelDRAW Graphics Suite 11b] C:\Programmi\Corel\Corel Graphics 12\Languages\IT\Programs\Registration.exe /title="CorelDRAW Graphics Suite 12" /date=081712 serial=DR12WRS-1238008-HUY lang=IT
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\system32\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Programmi\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Programmi\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\utente\Impostazioni locali\Dati applicazioni\Google\Update\GoogleUpdate.exe" /c
O4 - Global Startup: OfferBox.lnk = C:\Programmi\OfferBox\OfferBox.exe
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Crea preferiti portatile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: 4APoker - {47DDC1F4-8611-4f89-806E-3CBD8B7F924F} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: 4APoker - {47DDC1F4-8611-4f89-806E-3CBD8B7F924F} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: PartyPoker.it - {4B21E152-BA59-4ebf-B522-8C55B265EE1A} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: PartyPoker.it - {4B21E152-BA59-4ebf-B522-8C55B265EE1A} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: PokerStars.it - {C4046502-6524-4d87-896C-878F57D1FF07} - C:\Programmi\PokerStars.IT\PokerStarsUpdate.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Programmi\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (file missing)
O9 - Extra 'Tools' menuitem: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Programmi\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{39571517-8CB7-4A35-A03F-BA5FD5DE060B}: NameServer = 213.230.130.222 217.200.200.42
O17 - HKLM\System\CCS\Services\Tcpip\..\{551A7EAF-B286-4CA9-AA11-68761837EF89}: NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{9C0BAD72-5A0A-498D-9E17-44995BD884E0}: NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{B17FD737-CA2C-41B0-9616-3C337E3EDC75}: NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{BFDA8734-87FF-43CF-BCC5-BE267AA60C6E}: NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{C1F61BC7-0E2A-4713-A65F-23148C8B20C3}: NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{D6288A30-D351-4F08-B966-5D6004A4047B}: NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CS1\Services\Tcpip\..\{39571517-8CB7-4A35-A03F-BA5FD5DE060B}: NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CS2\Services\Tcpip\..\{39571517-8CB7-4A35-A03F-BA5FD5DE060B}: NameServer = 213.230.130.222 217.200.200.42
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programmi\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programmi\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Programmi\File comuni\InterVideo\DeviceService\DevSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmi\File comuni\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - C:\WINDOWS\runservice.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programmi\File comuni\LightScribe\LSSrvc.exe

--
End of file - 8400 bytes
-----------------------------------------------------------------------------------------------------------------------------------------
TFC log:
Il file system Š di tipo FAT32.
Numero di serie del volume: 1CE1-3532
Verifica dei file e delle cartelle in corso...
Il controllo del disco Š stato effettuato senza il parametro /F.
\WINDOWS\Prefetch\GOOGLEUPDATE.EXE-281A962A.pf la prima unit… di allocazione non Š valida. La voce sar… troncata.
\WINDOWS\Prefetch\CMD.EXE-034B0549.pf la prima unit… di allocazione non Š valida. La voce sar… troncata.
\WINDOWS\Prefetch\CHKDSK.EXE-0C6DCB55.pf la prima unit… di allocazione non Š valida. La voce sar… troncata.
\WINDOWS\Prefetch\FIND.EXE-0EEAD1A7.pf la prima unit… di allocazione non Š valida. La voce sar… troncata.
-------------------------------------------------------------------------------------------------------------------------------------
Se può servire,questo è l'errore riscontrato dopo una schermata blu:
Immagine
Immagine
Avatar utente
ciby
Utente Junior
 
Post: 62
Iscritto il: 04/07/07 19:02
Località: cagliari

Re: Notebook và a rallenty

Postdi FrancescoFDAC » 13/08/12 09:00

Apri una nuova discussione, non accodarti a questa, peraltro già conclusa.
Francesco
FrancescoFDAC
Utente Senior
 
Post: 1048
Iscritto il: 13/08/11 09:53


Torna a Assistenza Hardware


Topic correlati a "Notebook và a rallenty":


Chi c’è in linea

Visitano il forum: Nessuno e 5 ospiti