Condividi:        

wilogon.exe......impossibileindividuare un componente

Se il modem non funziona, hai problemi con la scheda video o non sai che processore scegliere entra qui!!

Moderatori: m.paolo, Caffey

wilogon.exe......impossibileindividuare un componente

Postdi Danivan » 03/05/12 15:27

Buon giorno a tutti, ho un piccolo problemino con il mio pc.Spero che qualcuno di voi mi sappia aiutare......

Accendendolo dopo un po (30-40 secondi) mi compare un riquadro diviso in due. Nella prima fascia color blu ce scritto : wilogon.exe impossibile individuare un componente.
Nel parte sottostante :una grande x con sfondo rosso e scritto, impossibile avviare l applicazione specificata.sfc_os.dll non è stato trovato.Una nuova installazione dell' applicazione potrebbe risolvere il problema.
Cliccando su ok il pc si avvia normalmente ,l' unico problema riscontrato è la lentezza(troppa) nel aprire siti internet dai preferiti o anche semplicemente facendo ricerche con google.

Spero che qualcuno mi aiuti
grazie
ciao
Danivan
Utente Junior
 
Post: 77
Iscritto il: 26/08/08 19:19

Sponsor
 

Re: wilogon.exe......impossibileindividuare un componente

Postdi FrancescoFDAC » 03/05/12 18:15

Scarica ed installa Hijackthis: http://www.trendmicro.com/ftp/products/ ... ckThis.msi
● lancia Hijackthis
● clicca sul pulsante Do a system scan and save a logfile
● verrà rilasciato automaticamente un file di testo: allegalo

Scarica Malwarebytes' Anti-Malware - Free Edition: http://www.malwarebytes.org
● doppio click su mbam-setup.exe per avviare il setup
● in fase di installazione, lascia la spunta alle voci b]Aggiorna Malwarebytes' Anti-Malware[/b] e Avvia Malwarebytes' Anti-Malware

Una volta eseguiti i passaggi indicati sopra:
● collega tutte le periferiche esterne che possiedi ( Chiavette USB, HDD Esterni, Lettori MP3... )
● verrà mostrata la schermata principale del tool: al messaggio che appare, clicca sul pulsante No
● clicca sul pulsante Scansione completa, e conferma cliccando il pulsante Scansione
● verrà richiesto quali drive scansionare; selezionali tutti, e clicca nuovamente su Scansione
● attendi pazientemente il termine della scansione
● una volta terminata, clicca sul pulsante OK e Mostra Risultati per visionare il Report
● verrà rilasciato automaticamente un file di testo: salvalo sul Desktop ed allegalo
● assicurati che tutte le voci siano selezionate, e clicca sul pulsante Rimuovi selezionati, in basso a sinistra
● il log può essere visionati cliccando sul tab Log dall'interfaccia principale del programma

Nota - riguardo al programma:
● se MalwareBytes incontrasse delle difficoltà nel rimuovere alcuni file, verranno mostrate delle finestre aggiuntive: clicca sul pulsante OK, e lascia procedere il programma alla disinfezione. Se MalwareBytes chiedesse di riavviare il sistema, fallo immediatamente
FrancescoFDAC
Utente Senior
 
Post: 1048
Iscritto il: 13/08/11 09:53

Re: wilogon.exe......impossibileindividuare un componente

Postdi Danivan » 04/05/12 14:34

Ho seguito passo passo le istruzioni,ora non riesco piu ad aprire la posta elettronica outlook 2010. eccoi risultati:
Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Versione database: v2012.05.04.01

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Computer :: IVAN [amministratore]

04/05/2012 11.13.17
mbam-log-2012-05-04 (13-29-15).txt

Tipo di scansione: Scansione completa
Opzioni di scansione attive: Memoria | Esecuzione automatica | Registro | File system | Euristica/Extra | Euristica/Shuriken | PUP | PUM
Opzioni di scansione disattivate: P2P
Elementi esaminati: 379528
Tempo impiegato: 1 ore, 39 minuti, 6 secondi

Processi rilevati in memoria: 0
(non sono stati rilevati elementi nocivi)

Moduli di memoria rilevati: 0
(non sono stati rilevati elementi nocivi)

Chiavi di registro rilevate: 0
(non sono stati rilevati elementi nocivi)

Valori di registro rilevati: 0
(non sono stati rilevati elementi nocivi)

Voci rilevate nei dati di registro: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowHelp (PUM.Hijack.StartMenu) -> Cattivo: (0) Buono: (1) -> Nessuna azione intrapresa.

Cartelle rilevate: 0
(non sono stati rilevati elementi nocivi)

File rilevati: 88
C:\Programmi\keygen.exe (Malware.Packer.Gen) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP404\A0100133.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP404\A0100183.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP404\A0100222.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP404\A0100284.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP405\A0100406.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP406\A0100453.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP406\A0100489.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP406\A0100547.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP407\A0100560.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP407\A0100599.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP408\A0100635.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP409\A0100707.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP410\A0100746.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP410\A0100783.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP411\A0100801.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP412\A0100871.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP412\A0100910.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP413\A0101049.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP413\A0101122.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP415\A0103250.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.



Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13.31.58, on 04/05/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Programmi\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Programmi\VIA\VIAudioi\HDADeck\HDeck.exe
C:\Programmi\CA\eTrust EZ Armor\eTrust Anti-Spam\QSP-2.1.215.14\QOELoader.exe
C:\Programmi\File comuni\Java\Java Update\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Programmi\Alwil Software\Avast5\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\LClock\LClock.exe
C:\Programmi\Microsoft Office\Office14\MSOSYNC.EXE
C:\Programmi\Windows Desktop Search\WindowsSearch.exe
C:\Documents and Settings\Computer\Dati applicazioni\Dropbox\bin\Dropbox.exe
C:\Programmi\Spamihilator\spamihilator.exe
C:\Programmi\Internet Explorer\IEXPLORE.EXE
C:\Programmi\Internet Explorer\IEXPLORE.EXE
C:\Programmi\Trend Micro\HiJackThis\HiJackThis.exe
C:\Programmi\Malwarebytes' Anti-Malware\mbam.exe
C:\WINDOWS\system32\SearchProtocolHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: IncrediMail MediaBar Italiano 2 Toolbar - {c91fec63-9f25-400d-95e5-6cd334dd3cc1} - C:\Programmi\IncrediMail_MediaBar_Italiano_2\prxtbInc2.dll
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: SuggestMeYesBHO - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Programmi\AutocompletePro\AutocompletePro.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Dati applicazioni\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programmi\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: IncrediMail MediaBar Italiano 2 - {c91fec63-9f25-400d-95e5-6cd334dd3cc1} - C:\Programmi\IncrediMail_MediaBar_Italiano_2\prxtbInc2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: IncrediMail MediaBar Italiano 2 Toolbar - {c91fec63-9f25-400d-95e5-6cd334dd3cc1} - C:\Programmi\IncrediMail_MediaBar_Italiano_2\prxtbInc2.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programmi\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Programmi\VIA\VIAudioi\HDADeck\HDeck.exe 1
O4 - HKLM\..\Run: [QOELOADER] "C:\Programmi\CA\eTrust EZ Armor\eTrust Anti-Spam\QSP-2.1.215.14\QOELoader.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Programmi\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\File comuni\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [ASUS Update Checker] C:\Programmi\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avast] "C:\Programmi\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LClock] C:\Programmi\LClock\LClock.exe
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Programmi\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Startup: Dropbox.lnk = C:\Documents and Settings\Computer\Dati applicazioni\Dropbox\bin\Dropbox.exe
O4 - Startup: Spamihilator.lnk = C:\Programmi\Spamihilator\spamihilator.exe
O4 - Global Startup: Windows Search.lnk = C:\Programmi\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Cerca nel web - C:\Programmi\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Programmi\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
O8 - Extra context menu item: I&nvia a OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Invia a periferica &Bluetooth... - C:\Programmi\D-Link\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programmi\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programmi\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programmi\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programmi\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/select/asusTek_sys_ctrl3.cab
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/s ... DEXAXO.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{2C5CE2E1-40D6-4E6F-AAAE-FB84F38DAF17}: NameServer = 80.79.48.66,79.137.95.200
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programmi\File comuni\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Programmi\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Servizio Bonjour (Bonjour Service) - Apple Inc. - C:\Programmi\Bonjour\mDNSResponder.exe
O23 - Service: Servizio di Google Update (gupdate) (gupdate) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Programmi\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: ServiceLayer - Nokia - C:\Programmi\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 11271 bytes

C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP416\A0103295.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP416\A0103337.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP417\A0103383.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP418\A0103428.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP419\A0103475.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP419\A0103517.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP420\A0103652.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP421\A0103694.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP422\A0103795.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP422\A0103799.dll (PUP.Adware.RelevantKnowledge) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP422\A0103800.exe (PUP.Adware.RelevantKnowledge) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP422\A0103801.exe (PUP.Adware.RelevantKnowledge) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP422\A0103803.dll (PUP.Adware.RelevantKnowledge) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP422\A0103804.exe (PUP.Adware.RelevantKnowledge) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP422\A0103811.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP422\A0103893.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP422\A0103937.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP423\A0103976.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP423\A0103988.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP424\A0104031.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP425\A0104073.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP425\A0104087.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP426\A0104390.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP426\A0104406.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP427\A0105422.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP427\A0105460.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP428\A0105532.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP429\A0105646.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP429\A0105689.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP429\A0105737.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP429\A0105772.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP429\A0105785.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP429\A0105822.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP430\A0105836.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP430\A0105876.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP431\A0105971.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP432\A0106969.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP434\A0107186.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP434\A0107230.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP435\A0107253.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP435\A0107295.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP435\A0107311.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP435\A0107321.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP436\A0107395.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP436\A0107438.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP436\A0107482.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP436\A0107588.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP436\A0108585.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP437\A0109122.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP437\A0109447.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP437\A0109518.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP438\A0109572.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP439\A0109614.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP439\A0109717.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP439\A0109757.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP439\A0109814.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP440\A0109870.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP440\A0109910.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP441\A0110927.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP441\A0111927.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP442\A0111970.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP444\A0112097.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP444\A0112137.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP444\A0112160.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP444\A0112183.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\System Volume Information\_restore{1B5C15C4-F4E5-40AA-B5F0-D05213AC3D8F}\RP414\A0103233.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.
C:\WINDOWS\KMSEmulator.exe (RiskWare.Tool.CK) -> Nessuna azione intrapresa.

(fine)
Aspetto altre istruzioni...... ciao ciao
Danivan
Utente Junior
 
Post: 77
Iscritto il: 26/08/08 19:19

Re: wilogon.exe......impossibileindividuare un componente

Postdi FrancescoFDAC » 04/05/12 15:01

Hai eliminato cio che ha trovato malwarebytes?

Scarica ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
● posiziona il file scaricato sul Desktop
disattiva l'Antivirus in uso, dall'icona presente sulla Traybar (accanto all'orologio di Windows)
disattiva il Firewall eventualmente installato, dall'icona presente sulla Traybar (accanto all'orologio di Windows)

Eseguiti i passaggi indicati sopra:
● lancia ComboFix con un doppio click
● una volta avviato clicca il pulsante Accetto: conferma cliccando Ok due volte
● segui le istruzioni che verranno rilasciate per eseguire la scansione:
"Tipicamente non impiega più di 10 minuti
Su pc molto infetti il tempo di scansione può raddoppiare facilmente"
● nel caso tu abbia Windows XP, verrà richiesta l'installazione della Console di ripristino di emergenza: non la installare (clicca il pulsante No)
senza eseguire nessuna altra operazione, lascia che il tool completi il suo lavoro

Note - durante la scansione:
● potrebbero comparire alcuni file sul Desktop, e poi eliminati
● spariranno, per un attimo, tutte le icone presenti sul Desktop: nulla di cui preoccuparsi
● potrebbe venire rilasciato un messaggio in relazione all'Antivirus in uso: prosegui ignorando il messaggio
● il firewall potrebbe rilasciare un avviso circa la rimozione di alcuni driver: consenti
● potrebbe apparire sul Desktop l'icona di Internet Explorer

Quando ComboFix avrà concluso l'operazione di scansione:
● il sistema verrà riavviato automaticamente: in caso contrario, riavvialo te
● vai in Disco Locale C:, cerca il file di testo dal nome ComboFix.txt ed allegalo

Nota - riguardo al programma:
● per eseguire correttamente ComboFix su Windows Vista e Windows Seven, clicca con il tasto destro del mouse sull'icona del programma e, dal menù contestuale, scegli la voce Esegui come Amministratore
sUBs, la software house che distribuisce ComboFix, non è responsabile di qualsiasi danno causato dopo l'utilizzo del programma stesso.
Esso non dovrebbe essere utilizzato a meno che non venga espressamente richiesto da un esperto
ComboFix disabilita l'esecuzione automatica delle unità USB (Chiavette, Hard Disk Esterni, Lettori MP3...) per prevenire future minacce: quando inserisci una Pendrive, dovrai avviarla manualmente dalle Risorse del computer.
FrancescoFDAC
Utente Senior
 
Post: 1048
Iscritto il: 13/08/11 09:53

Re: wilogon.exe......impossibileindividuare un componente

Postdi Danivan » 04/05/12 17:01

Ho scaricato combofix ,messo sul desktop, disattivato antivirus,lanciando combofix,parte e dopo 10 secondi appaiono 5 riquadri con scritto in alto application error
sotto the procedure * colud not be located in the DLL sfc.dll
premendo su ok compare un ulteriore riiqaudro con scritto sopra Warning
sotto warning
sotto ancora do not run combofix in compatibility mode doing so may damage the machine

Ho provato a farlo partire con esegui come.... ma non ho la pw..
come devo fare....ciao grazie
Danivan
Utente Junior
 
Post: 77
Iscritto il: 26/08/08 19:19

Re: wilogon.exe......impossibileindividuare un componente

Postdi FrancescoFDAC » 05/05/12 12:24

La password devi avercela, è la tua personale.

Prova cosi;

accedi in modalità normale (NO provvisoria)
quindi:
Scarica TFC by OldTimer: http://oldtimer.geekstogo.com/TFC.exe
● posiziona il tool sul Desktop
termina tutti i programmi attivi, comprese le pagine Internet
● avvia il tool con un doppio click
● clicca, in basso a sinistra, sul pulsante Start
scomparirà, per qualche istante, il Desktop: nulla di cui preoccuparsi
● attendi pazientemente il termine delle operazioni
● clicca, in basso a destra, sul pulsante Exit
● una volta terminate le operazioni, chiudi il programma

Nota - riguardo al programma:
TFC by OldTimer serve ad eliminare i file temporeanei di tutti gli utenti, con facilità e velocemente

Scarica OTC by OldTimer: http://oldtimer.geekstogo.com/OTC.exe
● posiziona il tool sul Desktop
● chiudi tutti i programmi attivi
● avvia il tool con un doppio click
● clicca sul pulsante CleanUp!
● il programma chiede di riavviare il sistema: consenti, cliccando su Yes per due volte

Nota - riguardo al programma:
OTC by OldTimer serve ad eliminare i programmi che abbiamo utilizzato per la pulizia (ComboFix in particolare) in modo automatico e preciso: al riavvio non noterai più l'icona di ComboFix, è del tutto normale

Scarica ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
● posiziona il file scaricato sul Desktop
disattiva l'Antivirus in uso, dall'icona presente sulla Traybar (accanto all'orologio di Windows)
disattiva il Firewall eventualmente installato, dall'icona presente sulla Traybar (accanto all'orologio di Windows)

Eseguiti i passaggi indicati sopra:
● clicca sul pulsante Start, in basso a destra
● clicca sul pulsante Esegui (Windows XP), altrimenti scrivi Esegui nella maschera delle ricerche (Windows Vista e Seven) e cliccaci sopra, una volta trovato
● nello spazio bianco che compare, copia ed incolla questa stringa:
"%userprofile%\desktop\ComboFix.exe" /killall
● premi il pulsante Ok (alternativamente, batti Invio sulla tastiera)
● parte ora ComboFix: segui le istruzioni che verranno rilasciate per eseguire la scansione
● in caso tu abbia Windows XP, verrà richiesta l'installazione della Console di ripristino di emergenza: non la installare
senza eseguire nessuna altra operazione, lascia che il tool completi il suo lavoro

Note - durante la scansione:
● potrebbero comparire alcuni file sul Desktop, e poi eliminati
● spariranno, per un attimo, tutte le icone presenti sul Desktop: nulla di cui preoccuparsi
● potrebbe venire rilasciato un messaggio in relazione all'Antivirus in uso: prosegui ignorando il messaggio
● il firewall potrebbe rilasciare un avviso circa la rimozione di alcuni driver: consenti
● potrebbe apparire sul Desktop l'icona di Internet Explorer

Quando ComboFix avrà concluso l'operazione di scansione:
● il sistema verrà riavviato automaticamente: in caso contrario, riavvialo te
● vai in Disco Locale C:, cerca il file di testo dal nome ComboFix.txt ed allegalo

Nota - riguardo al programma:
● per eseguire correttamente ComboFix su Windows Vista e Windows Seven, clicca con il tasto destro del mouse sull'icona del programma e, dal menù contestuale, scegli la voce Esegui come Amministratore
sUBs, la software house che distribuisce ComboFix, non è responsabile di qualsiasi danno causato da te dopo l'utilizzo del software stesso.
Lo stesso vale per me; questo tool non è un giocattolo e non è destinato all'utilizzo quotidiano. Esso non dovrebbe essere utilizzato a meno che non venga espressamente richiesto da un esperto
ComboFix disabilita l'esecuzione automatica delle unità USB (Chiavette, Hard Disk Esterni, Lettori MP3...) per prevenire future minacce: quando inserisci una Pendrive, sarai costretto ad avviarla dalle Risorse del computer. Una precauzione in più, una possibile minaccia in meno
FrancescoFDAC
Utente Senior
 
Post: 1048
Iscritto il: 13/08/11 09:53

Re: wilogon.exe......impossibileindividuare un componente

Postdi Danivan » 05/05/12 13:59

Ho eseguito le istruzioni alla lettera ma combofix parte edopo un po compaiono i famosi riquadri con scritto in alto application error
sotto the procedure * colud not be located in the DLL sfc.dll
premendo su ok compare un ulteriore riiqaudro con scritto sopra Warning
sotto warning
sotto ancora do not run combofix in compatibility mode doing so may damage the machine

E piu dura di quel che pensavo.....aiuto
Danivan
Utente Junior
 
Post: 77
Iscritto il: 26/08/08 19:19

Re: wilogon.exe......impossibileindividuare un componente

Postdi FrancescoFDAC » 05/05/12 19:26

Ma sei in modalità normale o provvisoria?

Scarica OTL By OldTimer: http://oldtimer.geekstogo.com/OTL.exe
● posiziona il tool scaricato sul Desktop
● doppio click sull'icona del programma per avviarlo
● metti il segno di spunta a Scan All Users
● clicca sul bottone Quick Scan
● attendi pazientemente la fine della scansione
● alla fine della scansione, verranno generati 2 logs: allegali
OTListIt.txt (aperto)
Extra.txt (minimizzato)
FrancescoFDAC
Utente Senior
 
Post: 1048
Iscritto il: 13/08/11 09:53

Re: wilogon.exe......impossibileindividuare un componente

Postdi Danivan » 05/05/12 20:35

ecco fatto
uno
OTL logfile created on: 05/05/2012 21.40.45 - Run 1
OTL by OldTimer - Version 3.2.42.2 Folder = C:\Documents and Settings\Computer\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy

3,25 Gb Total Physical Memory | 2,56 Gb Available Physical Memory | 78,86% Memory free
7,04 Gb Paging File | 6,53 Gb Available in Paging File | 92,68% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programmi
Drive C: | 273,44 Gb Total Space | 243,44 Gb Free Space | 89,03% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 758,65 Gb Free Space | 81,44% Space Free | Partition Type: NTFS
Drive F: | 24,65 Gb Total Space | 18,65 Gb Free Space | 75,66% Space Free | Partition Type: NTFS
Drive H: | 960,34 Mb Total Space | 951,11 Mb Free Space | 99,04% Space Free | Partition Type: FAT32

Computer Name: IVAN | User Name: Computer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/05/05 21.38.49 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Computer\Desktop\OTL.exe
PRC - [2012/03/07 02.15.17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Programmi\Alwil Software\Avast5\AvastUI.exe
PRC - [2012/03/07 02.15.14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Programmi\Alwil Software\Avast5\AvastSvc.exe
PRC - [2012/02/27 01.15.42 | 000,055,144 | ---- | M] (Apple Inc.) -- C:\Programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2012/02/15 01.03.14 | 024,246,216 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\Computer\Dati applicazioni\Dropbox\bin\Dropbox.exe
PRC - [2011/06/09 13.06.06 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programmi\File comuni\Java\Java Update\jusched.exe
PRC - [2010/12/21 00.59.32 | 000,718,720 | ---- | M] (Microsoft Corporation) -- C:\Programmi\Microsoft Office\Office14\MSOSYNC.EXE
PRC - [2010/05/21 21.32.54 | 001,512,448 | ---- | M] (Michel Krämer) -- C:\Programmi\Spamihilator\spamihilator.exe
PRC - [2010/02/17 22.07.11 | 000,006,656 | ---- | M] (Qurb, Inc.) -- C:\Programmi\CA\eTrust EZ Armor\eTrust Anti-Spam\QSP-2.1.215.14\QOELoader.exe
PRC - [2010/01/09 21.37.50 | 004,640,000 | ---- | M] (Microsoft Corporation) -- C:\Programmi\File comuni\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
PRC - [2009/12/13 18.45.46 | 001,619,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004/09/19 21.27.44 | 000,065,536 | ---- | M] () -- C:\Programmi\LClock\LClock.exe


========== Modules (No Company Name) ==========

MOD - [2012/05/05 11.21.05 | 001,755,648 | ---- | M] () -- C:\Programmi\Alwil Software\Avast5\defs\12050500\algo.dll
MOD - [2012/04/04 07.53.58 | 000,301,056 | ---- | M] () -- C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\PDFShell.ITA
MOD - [2011/09/27 08.23.00 | 000,087,912 | ---- | M] () -- C:\Programmi\File comuni\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 08.22.40 | 001,242,472 | ---- | M] () -- C:\Programmi\File comuni\Apple\Apple Application Support\libxml2.dll
MOD - [2011/06/14 21.32.39 | 000,185,880 | ---- | M] () -- C:\Programmi\Lavasoft\Ad-Aware\ShellExt.dll
MOD - [2011/03/17 00.11.16 | 004,297,568 | ---- | M] () -- C:\Programmi\File comuni\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/05/21 21.32.54 | 000,279,040 | ---- | M] () -- C:\Programmi\Spamihilator\sqlite3.dll
MOD - [2010/05/21 21.32.54 | 000,060,416 | ---- | M] () -- C:\Programmi\Spamihilator\zlib1.dll
MOD - [2009/04/14 02.03.00 | 000,466,944 | ---- | M] () -- C:\WINDOWS\system32\nvshell.dll
MOD - [2008/09/16 21.18.06 | 000,133,120 | ---- | M] () -- C:\Programmi\WinRAR\RarExt.dll
MOD - [2004/09/19 21.27.44 | 000,065,536 | ---- | M] () -- C:\Programmi\LClock\LClock.exe
MOD - [2004/09/19 21.27.34 | 000,069,632 | ---- | M] () -- C:\Programmi\LClock\LC.dll
MOD - [2004/09/19 21.27.30 | 000,081,920 | ---- | M] () -- C:\Programmi\LClock\Calendar.dll


========== Win32 Services (SafeList) ==========

SRV - [2012/05/05 15.24.33 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/03/07 02.15.14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programmi\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012/02/27 01.15.42 | 000,055,144 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2011/06/14 21.32.09 | 001,355,968 | ---- | M] (Lavasoft) [Auto | Stopped] -- C:\Programmi\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2011/06/12 11.15.00 | 031,125,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programmi\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2010/12/08 15.31.06 | 000,628,736 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Programmi\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010/05/05 18.31.35 | 000,072,704 | ---- | M] (Adobe Systems) [On_Demand | Stopped] -- C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service)
SRV - [2010/01/09 21.37.50 | 004,640,000 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programmi\File comuni\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2010/01/09 21.18.00 | 000,149,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programmi\File comuni\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2008/06/24 16.05.56 | 000,537,896 | ---- | M] (Nero AG) [Disabled | Stopped] -- C:\Programmi\File comuni\Nero\Lib\NMIndexingService.exe -- (NMIndexingService)
SRV - [2006/04/12 10.29.30 | 000,266,295 | ---- | M] (Broadcom Corporation.) [Disabled | Stopped] -- C:\Programmi\D-Link\Bluetooth Software\bin\btwdins.exe -- (btwdins)
SRV - [2004/10/22 03.24.18 | 000,073,728 | ---- | M] (Macrovision Corporation) [Disabled | Stopped] -- C:\Programmi\File comuni\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2004/03/18 16.55.48 | 000,065,536 | ---- | M] (HP) [Disabled | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2003/06/20 00.25.00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Programmi\SiSoftware\SiSoftware Sandra Lite 2011.SP5\WNt500x86\Sandra.sys -- (SANDRA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\Drivers\AsrCDDrv.sys -- (AsrCDDrv)
DRV - [2012/03/07 02.03.51 | 000,612,184 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/03/07 02.03.38 | 000,337,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/03/07 02.02.00 | 000,035,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2012/03/07 02.01.53 | 000,053,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/03/07 02.01.39 | 000,095,704 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012/03/07 02.01.30 | 000,020,696 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/03/07 01.58.29 | 000,024,920 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010/07/30 15.16.46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010/07/30 15.16.44 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010/07/30 15.16.42 | 000,023,040 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010/07/30 15.16.38 | 000,018,048 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010/07/26 13.24.46 | 000,137,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2010/07/26 13.24.42 | 000,008,576 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2010/06/08 21.30.16 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\Lbd.sys -- (Lbd)
DRV - [2010/04/19 19.29.20 | 000,018,432 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\netaapl.sys -- (Netaapl)
DRV - [2010/03/11 11.17.14 | 000,025,088 | ---- | M] (TeamViewer GmbH) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\teamviewervpn.sys -- (teamviewervpn)
DRV - [2009/08/17 20.16.06 | 001,390,976 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV - [2009/06/29 01.36.36 | 000,017,920 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2009/03/10 14.17.44 | 000,103,552 | R--- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\qscvusb.sys -- (MobileAdapter)
DRV - [2009/01/22 16.43.56 | 000,046,752 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nvhda32.sys -- (NVHDA)
DRV - [2008/08/26 10.26.12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008/08/18 12.54.24 | 000,145,952 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvgts.sys -- (nvgts)
DRV - [2008/03/25 05.48.08 | 000,022,016 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2008/03/25 05.48.06 | 000,054,400 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2007/12/17 18.14.04 | 000,012,400 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AsIO.sys -- (AsIO)
DRV - [2006/04/12 10.14.50 | 000,329,837 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2006/04/12 10.11.36 | 000,023,271 | ---- | M] (Broadcom Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\btserial.sys -- (BTSERIAL)
DRV - [2006/04/12 10.09.32 | 000,854,538 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2006/04/12 10.05.48 | 000,030,427 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2006/04/12 10.04.46 | 000,065,784 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2006/04/12 10.02.14 | 000,148,932 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2006/04/12 10.00.46 | 000,047,811 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwhid.sys -- (btwhid)
DRV - [2004/08/13 11.56.20 | 000,005,810 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/

IE - HKU\S-1-5-21-842925246-179605362-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
IE - HKU\S-1-5-21-842925246-179605362-682003330-1003\..\URLSearchHook: {c91fec63-9f25-400d-95e5-6cd334dd3cc1} - C:\Programmi\IncrediMail_MediaBar_Italiano_2\prxtbInc2.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-842925246-179605362-682003330-1003\..\SearchScopes,DefaultScope = {FE719720-E048-40FE-A783-1A7A418AEBC4}
IE - HKU\S-1-5-21-842925246-179605362-682003330-1003\..\SearchScopes\{FE719720-E048-40FE-A783-1A7A418AEBC4}: "URL" = http://www.google.com/search?hl=en&q={searchTerms}&rlz=1I7ADFA_it
IE - HKU\S-1-5-21-842925246-179605362-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-842925246-179605362-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local;*.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "MyStart Search"
FF - prefs.js..browser.search.order.1: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "megaup"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "megaup"
FF - prefs.js..browser.search.selectedEngine: "MyStart Search"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://mystart.incredimail.com?a=13T2U2d4vgl"
FF - prefs.js..extensions.enabledItems: add-to-searchbox@maltekraus.de:2.0
FF - prefs.js..extensions.enabledItems: amin.eft_Shutdown@gmail.com:3.0.2A
FF - prefs.js..extensions.enabledItems: piclens@cooliris.com:1.8.2.4690
FF - prefs.js..extensions.enabledItems: it-IT@dictionaries.addons.mozilla.org:3.1
FF - prefs.js..extensions.enabledItems: dlembed@aeruder.net:0.5
FF - prefs.js..extensions.enabledItems: {F8A55C97-3DB6-4961-A81D-0DE0080E53CB}:0.9.1
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.6.3
FF - prefs.js..extensions.enabledItems: {c2d0e930-64de-11db-bd13-0800200c9a66}:2.0.4
FF - prefs.js..extensions.enabledItems: {c91fec63-9f25-400d-95e5-6cd334dd3cc1}:3.5.0.12
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: linkalert.conlan@addons.mozilla.com:0.8.2.1
FF - prefs.js..extensions.enabledItems: {9669CC8F-B388-42FE-86F4-CB5E7F5A8BDC}:6.0.1
FF - prefs.js..extensions.enabledItems: {B17C1C5A-04B1-11DB-9804-B622A1EF5492}:1.2
FF - prefs.js..extensions.enabledItems: {37E4D8EA-8BDA-4831-8EA1-89053939A250}:2.0.0.0
FF - prefs.js..extensions.enabledItems: {b548b086-6516-4d37-83f7-302f2bea93b1}:1.5.45.0
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.1
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.5.0.7896
FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.3.0.1
FF - prefs.js..extensions.enabledItems: {992791ee-61dc-7b98-a8fd-dc49b7deeee9}:3.2.0
FF - prefs.js..extensions.enabledItems: {95f24680-9e31-11da-a746-0800200c9a66}:0.1.5.4
FF - prefs.js..extensions.enabledItems: {1e334369-810a-4aca-b482-209966fdde24}:1.5.46.0
FF - prefs.js..keyword.URL: "http://search.sweetim.com/search.asp?src=2&q="
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://search.sweetim.com/search.asp?src=2&q="

FF - user.js..browser.search.openintab: false

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programmi\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programmi\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programmi\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Programmi\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.669: c:\programmi\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.669: c:\programmi\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669: C:\Documents and Settings\All Users\Dati applicazioni\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669: C:\Documents and Settings\All Users\Dati applicazioni\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.669: c:\programmi\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programmi\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programmi\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\Documents and Settings\All Users\Dati applicazioni\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programmi\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Programmi\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010/12/24 23.35.08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Dati applicazioni\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/12/12 21.45.26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\wrc@avast.com: C:\Programmi\Alwil Software\Avast5\WebRep\FF [2012/03/10 19.15.05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Components: C:\Programmi\Mozilla Firefox\components [2011/12/12 21.45.19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Plugins: C:\Programmi\Mozilla Firefox\plugins [2012/04/19 21.47.25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Programmi\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010/12/24 23.35.09 | 000,000,000 | ---D | M]

[2010/09/29 12.52.57 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Extensions
[2010/09/29 12.52.57 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011/11/08 22.38.14 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Firefox\Profiles\bao8jswp.default\extensions
[2008/10/13 01.41.48 | 000,000,000 | ---D | M] (UWP Toolbar) -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Firefox\Profiles\bao8jswp.default\extensions\{1e334369-810a-4aca-b482-209966fdde24}
[2011/10/30 09.00.51 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Firefox\Profiles\bao8jswp.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2008/10/13 01.41.47 | 000,000,000 | ---D | M] (MinimizeToTray) -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Firefox\Profiles\bao8jswp.default\extensions\{31513E58-F253-47ad-86DB-D5F21E905429}
[2008/10/13 01.41.47 | 000,000,000 | ---D | M] (PDF Download) -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Firefox\Profiles\bao8jswp.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
[2008/10/13 01.41.46 | 000,000,000 | ---D | M] (Forecastbar Enhanced) -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Firefox\Profiles\bao8jswp.default\extensions\{3CE993BF-A3D9-4fd2-B3B6-768CBBC337F8}
[2008/10/13 01.41.44 | 000,000,000 | ---D | M] (Update Notifier) -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Firefox\Profiles\bao8jswp.default\extensions\{95f24680-9e31-11da-a746-0800200c9a66}
[2008/10/13 01.41.44 | 000,000,000 | ---D | M] (MR Tech Toolkit (formerly Local Install)) -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Firefox\Profiles\bao8jswp.default\extensions\{9669CC8F-B388-42FE-86F4-CB5E7F5A8BDC}
[2010/02/17 22.53.16 | 000,000,000 | ---D | M] (TryAgain) -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Firefox\Profiles\bao8jswp.default\extensions\{992791ee-61dc-7b98-a8fd-dc49b7deeee9}
[2008/10/13 01.41.43 | 000,000,000 | ---D | M] (Blue Ice 2) -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Firefox\Profiles\bao8jswp.default\extensions\{a8dd47cf-239f-48c4-8379-e6b4cbafdcfa}
[2008/10/13 01.41.43 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Firefox\Profiles\bao8jswp.default\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}
[2010/02/17 22.53.16 | 000,000,000 | ---D | M] (Password Exporter) -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Firefox\Profiles\bao8jswp.default\extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}
[2008/10/13 01.41.43 | 000,000,000 | ---D | M] (Phaze Bar Toolbar) -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Firefox\Profiles\bao8jswp.default\extensions\{b548b086-6516-4d37-83f7-302f2bea93b1}
[2008/10/13 01.41.42 | 000,000,000 | ---D | M] (FAYT) -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Firefox\Profiles\bao8jswp.default\extensions\{c2d0e930-64de-11db-bd13-0800200c9a66}
[2008/10/13 01.41.42 | 000,000,000 | ---D | M] (Fasterfox) -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Firefox\Profiles\bao8jswp.default\extensions\{c36177c0-224a-11da-8cd6-0800200c9a66}
[2011/06/29 19.51.35 | 000,000,000 | ---D | M] (IncrediMail MediaBar Italiano 2 Community Toolbar) -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Firefox\Profiles\bao8jswp.default\extensions\{c91fec63-9f25-400d-95e5-6cd334dd3cc1}
[2008/10/13 01.41.42 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Firefox\Profiles\bao8jswp.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2011/11/08 22.38.15 | 000,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Firefox\Profiles\bao8jswp.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
[2010/02/17 22.53.15 | 000,000,000 | ---D | M] (Download Manager Tweak) -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Firefox\Profiles\bao8jswp.default\extensions\{F8A55C97-3DB6-4961-A81D-0DE0080E53CB}
[2010/02/17 22.53.14 | 000,000,000 | ---D | M] (Add to Search Bar) -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Firefox\Profiles\bao8jswp.default\extensions\add-to-searchbox@maltekraus.de
[2008/10/13 01.41.53 | 000,000,000 | ---D | M] (Auto Shutdown - InBasic) -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Firefox\Profiles\bao8jswp.default\extensions\amin.eft_Shutdown@gmail.com
[2008/10/13 01.41.52 | 000,000,000 | ---D | M] (Download Embedded) -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Firefox\Profiles\bao8jswp.default\extensions\dlembed@aeruder.net
[2008/10/13 01.41.52 | 000,000,000 | ---D | M] (Dizionario italiano) -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Firefox\Profiles\bao8jswp.default\extensions\it-IT@dictionaries.addons.mozilla.org
[2008/10/13 01.41.52 | 000,000,000 | ---D | M] ("Link Alert") -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Firefox\Profiles\bao8jswp.default\extensions\linkalert.conlan@addons.mozilla.com
[2008/10/13 01.41.51 | 000,000,000 | ---D | M] (Cooliris) -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Firefox\Profiles\bao8jswp.default\extensions\piclens@cooliris.com
[2008/10/13 01.41.49 | 000,000,000 | ---D | M] (Translation Panel) -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Firefox\Profiles\bao8jswp.default\extensions\translation@nazo
[2008/10/13 01.41.48 | 000,000,000 | ---D | M] ("Undo Closed Tabs Button") -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Firefox\Profiles\bao8jswp.default\extensions\undoclosedtabsbutton@supernova00.biz
[2010/02/17 22.43.19 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Firefox\Profiles\g5e6l7wp.default\extensions
[2010/05/26 15.18.50 | 000,002,333 | ---- | M] () -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Firefox\Profiles\bao8jswp.default\searchplugins\askcom.xml
[2008/10/09 04.48.08 | 000,002,013 | ---- | M] () -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Firefox\Profiles\bao8jswp.default\searchplugins\crack-spider.xml
[2008/02/18 12.19.24 | 000,000,943 | ---- | M] () -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Firefox\Profiles\bao8jswp.default\searchplugins\filmmusicru.xml
[2008/09/08 23.17.14 | 000,000,992 | ---- | M] () -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Firefox\Profiles\bao8jswp.default\searchplugins\gamecopyworld.xml
[2008/02/18 12.18.32 | 000,005,327 | ---- | M] () -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Firefox\Profiles\bao8jswp.default\searchplugins\infinitewarez.xml
[2008/09/30 00.44.46 | 000,001,001 | ---- | M] () -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Firefox\Profiles\bao8jswp.default\searchplugins\mininova.xml
[2011/04/11 11.53.15 | 000,002,185 | ---- | M] () -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Firefox\Profiles\bao8jswp.default\searchplugins\MyStart Search.xml
[2008/10/14 23.36.03 | 000,001,954 | ---- | M] () -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Firefox\Profiles\bao8jswp.default\searchplugins\phazeddl-warez.xml
[2008/02/21 17.59.20 | 000,001,031 | ---- | M] () -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Firefox\Profiles\bao8jswp.default\searchplugins\phazemp3-albums.xml
[2008/02/18 12.16.14 | 000,000,542 | ---- | M] () -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Firefox\Profiles\bao8jswp.default\searchplugins\serials--keys.xml
[2011/11/08 22.38.08 | 000,003,915 | ---- | M] () -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Firefox\Profiles\bao8jswp.default\searchplugins\sweetim.xml
[2012/04/10 18.13.37 | 000,000,000 | ---D | M] (No name found) -- C:\Programmi\Mozilla Firefox\extensions
[2011/07/23 11.22.28 | 000,000,000 | ---D | M] (Skype extension) -- C:\Programmi\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2010/05/04 21.58.11 | 000,000,000 | ---D | M] (Java Console) -- C:\Programmi\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/10/07 20.26.46 | 000,000,000 | ---D | M] (Java Console) -- C:\Programmi\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/10/29 20.03.54 | 000,000,000 | ---D | M] (Java Console) -- C:\Programmi\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/01/07 10.33.10 | 000,000,000 | ---D | M] (Java Console) -- C:\Programmi\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/06/20 18.28.37 | 000,000,000 | ---D | M] (Java Console) -- C:\Programmi\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2012/04/15 18.34.58 | 000,000,000 | ---D | M] (No name found) -- C:\Programmi\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
[2012/04/15 18.34.54 | 000,000,000 | ---D | M] (Java Console) -- C:\Programmi\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
[2011/12/12 21.45.26 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\DATI APPLICAZIONI\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT
[2012/04/15 18.34.57 | 000,000,000 | ---D | M] (No name found) -- C:\PROGRAMMI\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/10/03 05.06.04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programmi\mozilla firefox\plugins\npdeployJava1.dll
[2006/09/26 12.03.14 | 000,098,304 | ---- | M] (Zylom) -- C:\Programmi\mozilla firefox\plugins\npzylomgamesplayer.dll
[2010/05/04 22.01.00 | 000,001,412 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\demauro.xml
[2010/05/04 22.01.00 | 000,000,744 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\eBay-it.xml
[2010/05/04 22.01.00 | 000,001,182 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\wikipedia-it.xml
[2010/05/04 22.01.00 | 000,000,649 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\yahoo-it.xml

========== Chrome ==========


O1 HOSTS File: ([2004/08/19 14.00.00 | 000,000,768 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (AC-Pro) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Programmi\AutocompletePro\AutocompletePro.dll (SimplyGen)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Dati applicazioni\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programmi\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programmi\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Guida per l'accesso a Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programmi\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (IncrediMail MediaBar Italiano 2 Toolbar) - {c91fec63-9f25-400d-95e5-6cd334dd3cc1} - C:\Programmi\IncrediMail_MediaBar_Italiano_2\prxtbInc2.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programmi\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (IncrediMail MediaBar Italiano 2 Toolbar) - {c91fec63-9f25-400d-95e5-6cd334dd3cc1} - C:\Programmi\IncrediMail_MediaBar_Italiano_2\prxtbInc2.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-842925246-179605362-682003330-1003\..\Toolbar\WebBrowser: (IncrediMail MediaBar Italiano 2 Toolbar) - {C91FEC63-9F25-400D-95E5-6CD334DD3CC1} - C:\Programmi\IncrediMail_MediaBar_Italiano_2\prxtbInc2.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Adobe ARM] C:\Programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ASUS Update Checker] C:\Programmi\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe ()
O4 - HKLM..\Run: [avast] C:\Programmi\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BCSSync] C:\Programmi\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [QOELOADER] C:\Programmi\CA\eTrust EZ Armor\eTrust Anti-Spam\QSP-2.1.215.14\QOELoader.exe (Qurb, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programmi\File comuni\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKU\S-1-5-21-842925246-179605362-682003330-1003..\Run: [LClock] C:\Programmi\LClock\LClock.exe ()
O4 - HKU\S-1-5-21-842925246-179605362-682003330-1003..\Run: [OfficeSyncProcess] C:\Programmi\Microsoft Office\Office14\MSOSYNC.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\Computer\Menu Avvio\Programmi\Esecuzione automatica\Dropbox.lnk = C:\Documents and Settings\Computer\Dati applicazioni\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Documents and Settings\Computer\Menu Avvio\Programmi\Esecuzione automatica\Spamihilator.lnk = C:\Programmi\Spamihilator\spamihilator.exe (Michel Krämer)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRemoteRecursiveEvents = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\S-1-5-21-842925246-179605362-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-842925246-179605362-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\S-1-5-21-842925246-179605362-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-21-842925246-179605362-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\S-1-5-21-842925246-179605362-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O8 - Extra context menu item: Cerca nel web - C:\Programmi\SweetIM\Toolbars\Internet Explorer\resources\menuext.html File not found
O8 - Extra context menu item: E&sporta in Microsoft Excel - C:\Programmi\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Google Sidewiki... - res://C:\Programmi\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html File not found
O8 - Extra context menu item: I&nvia a OneNote - C:\Programmi\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Invia a periferica &Bluetooth... - C:\Programmi\D-Link\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra Button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programmi\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programmi\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programmi\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programmi\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programmi\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://support.asus.com/select/asusTek_sys_ctrl3.cab (asusTek_sysctrl Class)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2.hp.com/ediags/dex/s ... DEXAXO.cab (HP Download Manager)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2C5CE2E1-40D6-4E6F-AAAE-FB84F38DAF17}: NameServer = 80.79.48.66,79.137.95.200
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E3B066AB-3D56-4A5F-8812-859E5C2DC95C}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Programmi\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programmi\File comuni\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programmi\File comuni\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programmi\File comuni\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Wallpapers & Etc)
O20 - Winlogon\Notify\WgaLogon: DllName - (WgaLogon.dll) - File not found
O24 - Desktop Components:0 (Pagina iniziale corrente) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Computer\Impostazioni locali\Dati applicazioni\Microsoft\Wallpaper1.bmp
Danivan
Utente Junior
 
Post: 77
Iscritto il: 26/08/08 19:19

Re: wilogon.exe......impossibileindividuare un componente

Postdi Danivan » 05/05/12 20:37

Scusami ma ho dovuto dividere i file in due per max caratteri



O24 - Desktop BackupWallPaper: C:\Documents and Settings\Computer\Impostazioni locali\Dati applicazioni\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Programmi\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programmi\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {EDB0E980-90BD-11D4-8599-0008C7D3B6F8} - C:\Programmi\Qualcomm\Eudora\EuShlExt.dll (Qualcomm Inc.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/02/29 16.34.58 | 000,000,654 | ---- | M] () - C:\autoAlbum.log -- [ NTFS ]
O32 - AutoRun File - [2010/02/17 19.55.34 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{4191bec8-75b3-11e0-b727-b5f343fae7d6}\Shell - "" = AutoRun
O33 - MountPoints2\{4191bec8-75b3-11e0-b727-b5f343fae7d6}\Shell\AutoRun\command - "" = G:\VDFPcAssistant.exe
O33 - MountPoints2\{4191bec9-75b3-11e0-b727-b5f343fae7d6}\Shell - "" = AutoRun
O33 - MountPoints2\{4191bec9-75b3-11e0-b727-b5f343fae7d6}\Shell\AutoRun\command - "" = G:\VDFPcAssistant.exe
O33 - MountPoints2\{4d301096-6409-11e0-b711-8f210abf15b5}\Shell - "" = AutoRun
O33 - MountPoints2\{4d301096-6409-11e0-b711-8f210abf15b5}\Shell\AutoRun\command - "" = G:\VDFPcAssistant.exe
O33 - MountPoints2\{4d301097-6409-11e0-b711-8f210abf15b5}\Shell - "" = AutoRun
O33 - MountPoints2\{4d301097-6409-11e0-b711-8f210abf15b5}\Shell\AutoRun\command - "" = G:\VDFPcAssistant.exe
O33 - MountPoints2\{4d301099-6409-11e0-b711-8f210abf15b5}\Shell - "" = AutoRun
O33 - MountPoints2\{4d301099-6409-11e0-b711-8f210abf15b5}\Shell\AutoRun\command - "" = G:\VDFPcAssistant.exe
O33 - MountPoints2\{515f4484-aad5-11df-b617-86197a81c019}\Shell - "" = AutoRun
O33 - MountPoints2\{515f4484-aad5-11df-b617-86197a81c019}\Shell\AutoRun\command - "" = G:\VDFPcAssistant.exe
O33 - MountPoints2\{515f4485-aad5-11df-b617-86197a81c019}\Shell - "" = AutoRun
O33 - MountPoints2\{515f4485-aad5-11df-b617-86197a81c019}\Shell\AutoRun\command - "" = G:\VDFPcAssistant.exe
O33 - MountPoints2\{b8e1ecde-91a9-11df-b601-e4c5d96f49b7}\Shell - "" = AutoRun
O33 - MountPoints2\{b8e1ecde-91a9-11df-b601-e4c5d96f49b7}\Shell\AutoRun\command - "" = G:\VDFPcAssistant.exe
O33 - MountPoints2\{b8e1ecdf-91a9-11df-b601-da97358f463f}\Shell - "" = AutoRun
O33 - MountPoints2\{b8e1ecdf-91a9-11df-b601-da97358f463f}\Shell\AutoRun\command - "" = G:\VDFPcAssistant.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (lsdelete)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/05/05 21.38.48 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Computer\Desktop\OTL.exe
[2012/05/05 15.37.05 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Computer\Recent
[2012/05/05 15.09.08 | 004,484,310 | R--- | C] (Swearware) -- C:\Documents and Settings\Computer\Desktop\ComboFix.exe
[2012/05/05 14.54.56 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Computer\Desktop\TFC.exe
[2012/05/04 18.02.43 | 000,000,000 | --SD | C] -- C:\32788R22FWJFW
[2012/05/04 11.08.53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Computer\Dati applicazioni\Malwarebytes
[2012/05/04 11.08.49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Malwarebytes' Anti-Malware
[2012/05/04 11.08.48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\Malwarebytes
[2012/05/04 11.08.47 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/05/04 11.08.19 | 000,000,000 | ---D | C] -- C:\Programmi\Malwarebytes' Anti-Malware
[2012/05/04 11.06.47 | 010,063,000 | ---- | C] (Malwarebytes Corporation ) -- C:\Programmi\mbam-setup-1.61.0.1400.exe
[2012/05/04 11.04.10 | 000,000,000 | ---D | C] -- C:\Programmi\Trend Micro
[2012/05/04 11.04.10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Computer\Menu Avvio\Programmi\HiJackThis
[2012/05/03 17.45.24 | 000,000,000 | R--D | C] -- D:\Documenti\Dropbox
[2012/05/03 15.48.50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Computer\Dati applicazioni\Windows Search
[2012/05/03 15.46.25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Computer\Dati applicazioni\Windows Desktop Search
[2012/05/03 15.44.58 | 000,000,000 | ---D | C] -- C:\Programmi\Windows Desktop Search
[2012/05/03 15.44.58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\GroupPolicy
[2012/04/15 18.39.17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\avast! Free Antivirus
[2012/04/15 18.34.50 | 000,000,000 | ---D | C] -- C:\Programmi\File comuni\Java
[2012/04/10 19.13.34 | 000,000,000 | ---D | C] -- C:\Programmi\File comuni\Java(2)
[2010/10/04 23.04.12 | 002,944,904 | ---- | C] (Ask) -- C:\Programmi\File comuni\AskToolbarInstaller.exe

========== Files - Modified Within 30 Days ==========

[2012/05/05 21.38.49 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Computer\Desktop\OTL.exe
[2012/05/05 21.24.00 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/05/05 20.46.00 | 000,001,130 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/05/05 19.46.00 | 000,001,126 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/05/05 18.54.07 | 000,819,200 | ---- | M] () -- D:\Documenti\Database1.accdb
[2012/05/05 17.45.39 | 000,000,202 | ---- | M] () -- C:\WINDOWS\tasks\AutoKMSDaily.job
[2012/05/05 17.45.38 | 000,000,206 | ---- | M] () -- C:\WINDOWS\tasks\AutoKMS.job
[2012/05/05 17.45.31 | 000,078,848 | ---- | M] () -- C:\WINDOWS\KMSEmulator.exe
[2012/05/05 17.44.26 | 000,212,641 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2012/05/05 17.43.45 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-842925246-179605362-682003330-1003.job
[2012/05/05 17.43.43 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/05/05 15.38.06 | 000,002,621 | ---- | M] () -- C:\Documents and Settings\Computer\Desktop\Microsoft Outlook 2010.lnk
[2012/05/05 15.09.08 | 004,484,310 | R--- | M] (Swearware) -- C:\Documents and Settings\Computer\Desktop\ComboFix.exe
[2012/05/05 15.05.52 | 003,642,720 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/05/05 14.55.01 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Computer\Desktop\TFC.exe
[2012/05/05 14.15.43 | 000,000,436 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{9646D064-3E58-45F4-A7FE-B1451095F60C}.job
[2012/05/04 21.29.38 | 000,000,492 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2012/05/04 15.36.31 | 000,002,431 | ---- | M] () -- C:\Documents and Settings\Computer\Desktop\HiJackThis.lnk
[2012/05/04 11.08.49 | 000,000,756 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/05/04 11.06.47 | 010,063,000 | ---- | M] (Malwarebytes Corporation ) -- C:\Programmi\mbam-setup-1.61.0.1400.exe
[2012/05/04 11.03.01 | 001,402,880 | ---- | M] () -- C:\Programmi\HiJackThis.msi
[2012/05/03 18.18.15 | 001,253,376 | ---- | M] () -- D:\Documenti\Attività1.accdb
[2012/05/03 18.16.30 | 002,326,528 | ---- | M] () -- D:\Documenti\Progetti di marketing1.accdb
[2012/05/03 18.03.29 | 000,761,856 | ---- | M] () -- D:\Documenti\Eventi.accdb
[2012/05/03 17.44.36 | 000,001,012 | ---- | M] () -- C:\Documents and Settings\Computer\Menu Avvio\Programmi\Esecuzione automatica\Dropbox.lnk
[2012/05/03 15.45.04 | 000,001,737 | ---- | M] () -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\Windows Search.lnk
[2012/05/03 15.45.03 | 000,580,018 | ---- | M] () -- C:\WINDOWS\System32\perfh010.dat
[2012/05/03 15.45.03 | 000,114,204 | ---- | M] () -- C:\WINDOWS\System32\perfc010.dat
[2012/05/03 10.54.56 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012/05/03 10.54.52 | 000,142,848 | ---- | M] () -- C:\Documents and Settings\Computer\Impostazioni locali\Dati applicazioni\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/05/02 20.00.30 | 000,002,278 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/04/16 20.45.00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-842925246-179605362-682003330-1003.job
[2012/04/15 18.39.17 | 000,001,664 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2012/04/15 18.39.16 | 000,002,934 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012/04/14 21.38.41 | 000,002,178 | ---- | M] () -- D:\Documenti\Nuovo database.odb
[2012/04/14 21.33.24 | 002,228,224 | ---- | M] () -- D:\Documenti\Beni.accdb
[2012/04/14 21.28.04 | 002,326,528 | ---- | M] () -- D:\Documenti\Progetti di marketing.accdb
[2012/04/14 21.27.10 | 001,191,936 | ---- | M] () -- D:\Documenti\Attività.accdb

========== Files Created - No Company Name ==========

[2012/05/04 13.34.51 | 000,078,848 | ---- | C] () -- C:\WINDOWS\KMSEmulator.exe
[2012/05/04 11.08.49 | 000,000,756 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/05/04 11.04.10 | 000,002,431 | ---- | C] () -- C:\Documents and Settings\Computer\Desktop\HiJackThis.lnk
[2012/05/04 11.03.00 | 001,402,880 | ---- | C] () -- C:\Programmi\HiJackThis.msi
[2012/05/03 22.18.33 | 000,819,200 | ---- | C] () -- D:\Documenti\Database1.accdb
[2012/05/03 18.03.29 | 002,326,528 | ---- | C] () -- D:\Documenti\Progetti di marketing1.accdb
[2012/05/03 18.02.52 | 000,761,856 | ---- | C] () -- D:\Documenti\Eventi.accdb
[2012/05/03 18.01.27 | 001,253,376 | ---- | C] () -- D:\Documenti\Attività1.accdb
[2012/05/03 17.44.36 | 000,001,012 | ---- | C] () -- C:\Documents and Settings\Computer\Menu Avvio\Programmi\Esecuzione automatica\Dropbox.lnk
[2012/05/03 15.45.04 | 000,001,753 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Windows Search.lnk
[2012/05/03 15.45.04 | 000,001,737 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\Windows Search.lnk
[2012/04/15 18.39.17 | 000,001,664 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2012/04/14 21.34.28 | 000,002,178 | ---- | C] () -- D:\Documenti\Nuovo database.odb
[2012/04/14 21.32.14 | 002,228,224 | ---- | C] () -- D:\Documenti\Beni.accdb
[2012/04/14 21.27.09 | 002,326,528 | ---- | C] () -- D:\Documenti\Progetti di marketing.accdb
[2012/04/14 21.26.07 | 001,191,936 | ---- | C] () -- D:\Documenti\Attività.accdb
[2012/03/06 18.50.09 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/12/10 18.21.38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\Localsecmondo.ini
[2011/12/10 18.15.40 | 000,000,133 | ---- | C] () -- C:\WINDOWS\System32\prndrvr.ini
[2011/11/05 15.58.51 | 001,657,376 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2011/11/05 15.58.49 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2011/11/05 15.58.48 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2011/11/05 15.58.46 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2011/11/05 15.58.43 | 001,503,232 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2011/11/05 15.58.43 | 001,346,080 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2011/11/05 15.58.37 | 000,449,056 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2011/11/05 15.58.23 | 000,436,768 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2011/11/05 15.55.20 | 000,003,948 | R--- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin
[2011/11/04 06.34.45 | 000,001,769 | ---- | C] () -- C:\WINDOWS\Language_trs.ini
[2011/10/29 22.13.56 | 000,647,168 | ---- | C] () -- C:\WINDOWS\AutoKMS.exe
[2011/10/29 22.13.56 | 000,000,184 | ---- | C] () -- C:\WINDOWS\AutoKMS.ini
[2011/09/13 22.30.32 | 000,982,720 | ---- | C] () -- C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\WPFFontCache_v0400-S-1-5-21-842925246-179605362-682003330-1003-0.dat
[2011/09/13 22.30.32 | 000,450,146 | ---- | C] () -- C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\WPFFontCache_v0400-System.dat
[2011/09/13 09.00.11 | 000,234,800 | ---- | C] () -- C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\FontCache3.0.0.0.dat
[2011/05/20 18.01.50 | 000,066,908 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/12/18 18.43.29 | 000,000,000 | ---- | C] () -- C:\Programmi\vlc-1.1.5-win32.exe
[2010/11/02 22.33.58 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll
[2010/09/03 13.27.43 | 000,015,880 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2010/07/25 11.50.52 | 000,006,414 | ---- | C] () -- C:\WINDOWS\System32\content.ini
[2010/06/23 20.44.36 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2010/05/28 14.14.42 | 000,000,130 | ---- | C] () -- C:\WINDOWS\ra.ini
[2010/05/08 17.08.54 | 000,484,352 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2010/05/07 22.55.39 | 000,104,249 | ---- | C] () -- C:\WINDOWS\hpoins04.dat.temp
[2010/05/07 22.55.39 | 000,017,176 | ---- | C] () -- C:\WINDOWS\hpomdl04.dat.temp
[2010/05/07 20.11.39 | 000,104,249 | ---- | C] () -- C:\WINDOWS\hpoins04.dat
[2010/05/07 20.11.39 | 000,017,176 | ---- | C] () -- C:\WINDOWS\hpomdl04.dat
[2010/05/07 18.26.34 | 000,000,133 | ---- | C] () -- C:\Documents and Settings\Computer\Dati applicazioni\default.pls

========== LOP Check ==========

[2010/05/04 21.31.49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Alwil Software
[2010/06/23 20.33.09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Babylon
[2011/10/02 17.25.12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Cabela's® Big Game Hunter III Saves
[2011/05/28 16.17.15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Cisco Systems
[2011/03/03 21.01.19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\FarmFrenzy2
[2010/05/11 17.53.47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\IM
[2010/05/11 17.51.59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\IncrediMail
[2010/11/02 22.41.14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\MAGIX
[2010/12/24 22.09.06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\NokiaInstallerCache
[2010/12/24 23.36.46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\PC Suite
[2011/04/11 11.54.43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Photo Notifier and Animation Creator
[2010/07/09 17.10.49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\PhotoMail
[2010/09/02 17.08.50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\regid.1986-12.com.adobe
[2010/05/21 21.35.03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Spamihilator
[2010/09/29 12.52.26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\SweetIM
[2010/06/19 16.42.53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\TEMP
[2010/06/23 17.42.52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\TuneUp Software
[2011/12/10 18.13.56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\WinMagaPlus5
[2011/05/15 12.19.08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Zylom
[2011/05/19 18.35.05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/05/04 21.27.36 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
[2010/06/23 17.42.36 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Dati applicazioni\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2011/10/30 11.41.49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Computer\Dati applicazioni\Auslogics
[2010/06/23 20.33.09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Computer\Dati applicazioni\Babylon
[2010/06/19 20.30.09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Computer\Dati applicazioni\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012/02/29 20.43.09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Computer\Dati applicazioni\Desktopicon
[2012/05/05 17.45.34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Computer\Dati applicazioni\Dropbox
[2010/05/24 11.29.15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Computer\Dati applicazioni\eMule
[2010/02/17 21.25.27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Computer\Dati applicazioni\Faxalo
[2010/05/08 17.08.57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Computer\Dati applicazioni\FreeAudioPack
[2010/05/08 17.16.42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Computer\Dati applicazioni\FreeCDRipper
[2010/05/04 21.54.43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Computer\Dati applicazioni\ImgBurn
[2011/08/13 17.22.57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Computer\Dati applicazioni\it.vodafone.desktopwidget.75C5D0AC8E830B80BD4FBC0B32A23F0123E8C097.1
[2012/02/29 16.57.31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Computer\Dati applicazioni\KC Softwares
[2010/11/02 22.36.52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Computer\Dati applicazioni\MAGIX
[2010/12/17 10.41.32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Computer\Dati applicazioni\Notepad++
[2010/10/17 10.19.32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Computer\Dati applicazioni\OfferBox
[2010/05/04 21.38.52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Computer\Dati applicazioni\OpenOffice.org
[2010/05/21 21.22.13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Computer\Dati applicazioni\Opera
[2010/12/27 18.54.46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Computer\Dati
applicazioni\PC Suite
[2012/05/05 21.38.34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Computer\Dati applicazioni\PriceGong
[2010/09/29 12.25.12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Computer\Dati applicazioni\Qualcomm
[2010/02/17 21.23.19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Computer\Dati applicazioni\Scooter Software
[2010/05/07 20.15.25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Computer\Dati applicazioni\Softland
[2012/05/05 17.45.08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Computer\Dati applicazioni\Spamihilator
[2011/06/20 18.10.45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Computer\Dati applicazioni\TeamViewer
[2010/09/29 12.52.42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Computer\Dati applicazioni\Thunderbird
[2010/06/23 17.43.00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Computer\Dati applicazioni\TuneUp Software
[2012/01/03 11.49.48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Computer\Dati applicazioni\uTorrent
[2012/05/03 15.46.26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Computer\Dati applicazioni\Windows Desktop Search
[2012/05/03 15.48.50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Computer\Dati applicazioni\Windows Search
[2011/05/15 12.19.20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Computer\Dati applicazioni\Zylom
[2010/05/07 20.15.25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Dati applicazioni\Softland
[2012/05/04 21.29.38 | 000,000,492 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2012/05/05 17.45.38 | 000,000,206 | ---- | M] () -- C:\WINDOWS\Tasks\AutoKMS.job
[2012/05/05 17.45.39 | 000,000,202 | ---- | M] () -- C:\WINDOWS\Tasks\AutoKMSDaily.job
[2012/05/05 14.15.43 | 000,000,436 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{9646D064-3E58-45F4-A7FE-B1451095F60C}.job

========== Purity Check ==========



< End of report >

e 2


OTL Extras logfile created on: 05/05/2012 21.40.45 - Run 1
OTL by OldTimer - Version 3.2.42.2 Folder = C:\Documents and Settings\Computer\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy

3,25 Gb Total Physical Memory | 2,56 Gb Available Physical Memory | 78,86% Memory free
7,04 Gb Paging File | 6,53 Gb Available in Paging File | 92,68% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programmi
Drive C: | 273,44 Gb Total Space | 243,44 Gb Free Space | 89,03% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 758,65 Gb Free Space | 81,44% Space Free | Partition Type: NTFS
Drive F: | 24,65 Gb Total Space | 18,65 Gb Free Space | 75,66% Space Free | Partition Type: NTFS
Drive H: | 960,34 Mb Total Space | 951,11 Mb Free Space | 99,04% Space Free | Partition Type: FAT32

Computer Name: IVAN | User Name: Computer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Programmi\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Programmi\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programmi\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /k cd "%L" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Find.Target] -- "explorer.exe" /select,"%1" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programmi\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\Programmi\eMule\emule.exe" = C:\Programmi\eMule\emule.exe:*:Enabled:eMule -- (http://www.emule-project.net)
"C:\Programmi\VideoLAN\VLC\vlc.exe" = C:\Programmi\VideoLAN\VLC\vlc.exe:*:Disabled:VLC media player -- ()
"C:\Programmi\IncrediMail\Bin\IncMail.exe" = C:\Programmi\IncrediMail\Bin\IncMail.exe:*:Enabled:IncrediMail -- (IncrediMail, Ltd.)
"C:\Programmi\IncrediMail\Bin\ImApp.exe" = C:\Programmi\IncrediMail\Bin\ImApp.exe:*:Enabled:IncrediMail -- (IncrediMail, Ltd.)
"C:\Programmi\IncrediMail\Bin\ImpCnt.exe" = C:\Programmi\IncrediMail\Bin\ImpCnt.exe:*:Enabled:IncrediMail -- (IncrediMail, Ltd.)
"C:\Programmi\uTorrent\uTorrent.exe" = C:\Programmi\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Programmi\Spamihilator\spamihilator.exe" = C:\Programmi\Spamihilator\spamihilator.exe:*:Enabled:Spamihilator -- (Michel Krämer)
"C:\Programmi\Spamihilator\cdcc.exe" = C:\Programmi\Spamihilator\cdcc.exe:*:Enabled:Spamihilator DCC Filter Configuration -- ()
"C:\Programmi\Spamihilator\dccproc.exe" = C:\Programmi\Spamihilator\dccproc.exe:*:Enabled:Spamihilator DCC Filter -- ()
"C:\Programmi\Google\Google Earth\plugin\geplugin.exe" = C:\Programmi\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth -- (Google)
"C:\Programmi\Google\Google Earth\client\googleearth.exe" = C:\Programmi\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- (Google)
"C:\Programmi\TeamViewer\Version6\TeamViewer.exe" = C:\Programmi\TeamViewer\Version6\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Programmi\TeamViewer\Version6\TeamViewer_Service.exe" = C:\Programmi\TeamViewer\Version6\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service -- (TeamViewer GmbH)
"C:\Programmi\Microsoft Office\Office14\GROOVE.EXE" = C:\Programmi\Microsoft Office\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace -- (Microsoft Corporation)
"C:\Programmi\Microsoft Office\Office14\ONENOTE.EXE" = C:\Programmi\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote -- (Microsoft Corporation)
"C:\Programmi\Microsoft Office\Office14\OUTLOOK.EXE" = C:\Programmi\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Programmi\Skype\Plugin Manager\skypePM.exe" = C:\Programmi\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager
"C:\Documents and Settings\Computer\Dati applicazioni\Dropbox\bin\Dropbox.exe" = C:\Documents and Settings\Computer\Dati applicazioni\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox -- (Dropbox, Inc.)
"C:\WINDOWS\KMSEmulator.exe" = C:\WINDOWS\KMSEmulator.exe:*:Enabled:Local KMS Host -- ()
"C:\Programmi\SiSoftware\SiSoftware Sandra Lite 2011.SP5\WNt500x86\RpcSandraSrv.exe" = C:\Programmi\SiSoftware\SiSoftware Sandra Lite 2011.SP5\WNt500x86\RpcSandraSrv.exe:*:Enabled:SiSoftware Sandra Agent Service
"D:\Documenti\Ivan\varie\SweetImSetup.exe" = D:\Documenti\Ivan\varie\SweetImSetup.exe:*:Enabled:SweetIM Installer -- (SweetIM Technologies, Ltd.)
"C:\Programmi\File comuni\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Programmi\File comuni\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{082EC8DE-8C4E-453B-8623-87E24642426E}" = Google SketchUp 8
"{08600005-5228-4BF6-845E-E9A957AFDCB4}" = OviMPlatform
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51}" = HP USB Disk Storage Format Tool
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{13F00518-807A-4B3A-83B0-A7CD90F3A398}" = MarketResearch
"{14544CE3-0AA3-48C3-93C2-758578EA9F99}" = Photo Notifier and Animation Creator
"{1A6A04AB-7FA8-420B-A198-63DBCCA6F64C}_is1" = uTorrent v1.8.1
"{1F63ED0B-EDD2-4037-B6AB-1358C624AF48}" = Scan
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Strumento di caricamento di Windows Live
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{21E75254-410E-49C4-8981-2E1A2A2221F2}" = HP Diagnostic Assistant
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{236BB7C4-4419-42FD-0410-1E257A25E34D}" = Adobe Photoshop CS2
"{2405665A-16C9-4D3A-B70E-F006220E1472}" = Overland
"{267868CE-6DFF-40F7-9C58-C01119B7B117}" = Fax
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 29
"{2767DEDE-EA9D-4FCE-A06A-40F4DD293330}" = hppusgP1000
"{2BBC9458-07CA-4843-848B-5C8146E5EFA8}" = CreativeProjects
"{2F71F2BA-B513-4113-969C-18A84D238E27}" = 1310
"{2F7E5F47-40EC-403E-844C-0874E07F5358}" = RealSpeak Solo per l'Italiano, Silvia
"{32714140-CBC5-3FAF-BFC2-3A7376C3EECF}" = Microsoft .NET Framework 4 Client Profile ITA Language Pack
"{338F08AB-C262-42C7-B000-34DE1A475273}" = Ad-Aware Email Scanner for Outlook
"{34A59AC3-6C5C-4A09-A7F5-369A37176C8A}" = AiOSoftware
"{350C9410-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3553E875-F00E-4031-BDEC-75FB1DFEB093}" = Nokia Ovi Suite Software Updater
"{36ABE32F-D7D4-4A5E-AADD-589F506B1B50}" = Nokia Ovi Suite
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{3AE681E0-4E8D-453F-950A-48534D3C0724}" = Copy
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3CF78481-FB7B-4B51-99A2-D5E0CD0B3AAF}" = HPSystemDiagnostics
"{3F4EC965-28EF-45C3-B063-04B25D4E9679}" = D-Link DBT-122 Bluetooth Software
"{41254D7B-EADF-4078-AE4A-BD73B300EE86}" = Unload
"{4216D328-0FE8-48B8-85B8-BD300E6F080F}" = Nokia Connectivity Cable Driver
"{4344E211-F621-3870-9A08-2F56C71BA0A7}" = Microsoft .NET Framework 4 Extended ITA Language Pack
"{43A650AA-D1DC-4C52-8819-D7848B3A08DA}" = OpenOffice.org 3.1
"{457791C5-D702-4143-A7B2-2744BE9573F2}" = HP Software Update
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{49C77D21-F91F-4296-B7DF-19C5FF51AF4D}" = Windows Live Call
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{587178E7-B1DF-494E-9838-FA4DD36E873C}" = ASUSUpdate
"{58ECE031-9AAD-4011-B34A-BC78E77527E2}" = hppMSRedist
"{597D73A8-5FDB-4bc1-9893-40B54459F1BC}" = ProductContext
"{59EC5F32-D8D7-3909-B0CB-255AD09F5993}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - ITA
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5D95AD35-368F-47D5-B63A-A082DDF00119}" = Microsoft Digital Image 2006 Suite Edition Editor
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{691F4068-81BF-49E3-B32E-FE3E16400119}" = Microsoft Digital Image 2006 Suite Edition Library
"{69916AD2-3710-4C86-895E-8F475290AA64}" = Ovi Desktop Sync Engine
"{6D14916C-EC29-40FC-8FFB-08A66576BE78}" = Spamihilator 0.9.9.53 (32 bit)
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6D7BDA00-A4DA-49F9-BAE4-7FB71FAA4737}" = Windows Live Essentials
"{6F695BCF-9BDC-48AB-8D46-D57CFAD7A248}" = Assistente per l'accesso a Windows Live
"{710BF966-43C8-4216-A8EC-BC4E169FF7C1}" = MobileMe Control Panel
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71CB2612-627C-3D58-8D82-B77444B27B6A}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - ITA
"{75AE8014-1184-4BC0-B279-C879540719EE}" = PhotoMail Maker
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{786C5747-1437-443D-B06E-79A00FE45110}" = Adobe Stock Photos 1.0
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{80413011-029C-4D6B-B3AD-725DDE60B81C}" = 1310Trb
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B92D97D-DB3D-4926-A8F7-718FE7C5EE18}" = iTunes
"{8EDBA74D-0686-4C99-BFDD-F894678E5102}" = Adobe Common File Installer
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-008A-0410-0000-0000000FF1CE}" = Gadget Documenti recenti di Microsoft Office 2007
"{90140000-0010-0410-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Italian) 14
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0410-0000-0000000FF1CE}" = Microsoft Office Access MUI (Italian) 2010
"{90140000-0015-0410-0000-0000000FF1CE}_Office14.PROPLUS_{269F607C-E754-459B-AD70-F15D73EB8D10}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0410-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Italian) 2010
"{90140000-0016-0410-0000-0000000FF1CE}_Office14.PROPLUS_{269F607C-E754-459B-AD70-F15D73EB8D10}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0410-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Italian) 2010
"{90140000-0018-0410-0000-0000000FF1CE}_Office14.PROPLUS_{269F607C-E754-459B-AD70-F15D73EB8D10}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0410-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Italian) 2010
"{90140000-0019-0410-0000-0000000FF1CE}_Office14.PROPLUS_{269F607C-E754-459B-AD70-F15D73EB8D10}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0410-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Italian) 2010
"{90140000-001A-0410-0000-0000000FF1CE}_Office14.PROPLUS_{269F607C-E754-459B-AD70-F15D73EB8D10}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0410-0000-0000000FF1CE}" = Microsoft Office Word MUI (Italian) 2010
"{90140000-001B-0410-0000-0000000FF1CE}_Office14.PROPLUS_{269F607C-E754-459B-AD70-F15D73EB8D10}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.PROPLUS_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0410-0000-0000000FF1CE}" = Microsoft Office Proofing (Italian) 2010
"{90140000-002C-0410-0000-0000000FF1CE}_Office14.PROPLUS_{711BC808-AC64-48E2-82B2-6B53BB802142}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0410-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Italian) 2010
"{90140000-0044-0410-0000-0000000FF1CE}_Office14.PROPLUS_{269F607C-E754-459B-AD70-F15D73EB8D10}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0410-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Italian) 2010
"{90140000-006E-0410-0000-0000000FF1CE}_Office14.PROPLUS_{C9172EE7-BDCA-4E57-9217-4C589947298B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0410-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Italian) 2010
"{90140000-00A1-0410-0000-0000000FF1CE}_Office14.PROPLUS_{269F607C-E754-459B-AD70-F15D73EB8D10}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0410-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Italian) 2010
"{90140000-00BA-0410-0000-0000000FF1CE}_Office14.PROPLUS_{269F607C-E754-459B-AD70-F15D73EB8D10}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92DA8743-42CF-45E1-AF40-34F8D9066989}" = IncrediMail
"{9311A75A-D83D-37B5-8D49-88E7F5AB2762}" = Microsoft .NET Framework 3.5 Language Pack - ita
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{981FB376-8418-4EA8-BBED-9DE5AA63E7D5}" = SkinsHP1
"{9A3EABC0-CA06-11D4-BF77-00104B130C19}" = EPSON TWAIN 5
"{9CB2512B-3EC4-43DF-8002-46BDAB5EDD1B}" = QuickProjects
"{9EEBF8D5-8712-4D1D-88F4-4CDC2D270BC3}" = PrintScreen
"{9F7FC79B-3059-4264-9450-39EB368E3225}" = Microsoft Digital Image Library 9 - Blocker
"{A08BAD08-9AA3-410F-98F3-C92C8EE37218}" = Safari
"{A1062847-0846-427A-92A1-BB8251A91E91}" = HP PSC & OfficeJet 4.2
"{A1DCC235-DACC-4E1F-8D11-D630634B4AEF}" = PhotoGallery
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A201AB41-F4B1-42BD-AF91-316C88477744}" = Cabela's Big Game Hunter
"{A2500497-FD32-493e-B8E5-28D6728DBEF5}" = Readme
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A4EA3AB4-E78C-4286-96DF-26035507CE55}" = AiO_Scan
"{A7BC02AF-1128-4A31-BCF8-1A3EE803D3B3}" = SweetIM Toolbar for Internet Explorer 4.2
"{A81A974F-8A22-43E6-9243-5198FF758DA1}" = SweetIM for Messenger 3.6
"{A82D052A-0806-42DF-80CD-1730A1AC0ED3}" = MrvlUsgTracking
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1040-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Italiano
"{ACEB2BAF-96DF-48FD-ADD5-43842D4C443D}" = Adobe AIR
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B32C75F2-7495-4D01-9431-C11E97D66F8C}" = DocProc
"{B3D5D4E0-E965-41C4-ABFD-A7B1AD0663C2}" = Director
"{B45D9FEE-1AF4-46F3-9A83-2545F81547F5}" = CreativeProjectsTemplates
"{B56D5B09-C4FB-4EA0-8EAD-7BC3E2715A2D}" = DocumentViewer
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{B74D4E10-6884-0000-0000-000000000101}" = Adobe Bridge 1.0
"{BB05D173-9681-4812-A7FA-BD4042A3DA00}" = Alky for Applications (Windows XP)
"{BCC992E5-5C81-4066-9B55-03DC10B24D21}" = InstantShare
"{BF018D2F-C788-4AB1-AB95-1280EAB8F13E}" = TrayApp
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX
"{C82185E8-C27B-4EF4-2007-3333BC2C2B6D}" = Microsoft AutoRoute 2007
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D4AEC53C-1720-41D9-B6D7-6A60DE62D444}" = PC Connectivity Solution
"{D6C9AF27-9414-46C8-B9D8-D878BA041040}" = Nero 8
"{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}" = Skype™ 5.3
"{D738A9EC-E4BB-4050-BD85-A01E50CBDD1F}" = WinXP Manager
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{E0ABA486-A39B-4B96-BD80-757396151079}" = Windows Live Messenger
"{E21658D0-8C83-4ADD-937B-6ED07F335ABA}" = 1310Tour
"{E90BEB5B-CFA0-418E-9ABB-4C4A7B0D9483}" = 1310_Help
"{E9787678-551D-4478-9682-DBB587257110}" = Adobe Help Center 1.0
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EC8673DA-F96B-497E-B2DB-BC7B029FD680}" = BufferChm
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{EFC04D3F-A152-47E7-8517-EE0F6201AFEF}" = Apple Mobile Device Support
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F2D2B58B-B2FD-46D1-8319-DCE564079934}" = Microsoft .NET Framework 1.1 Italian Language Pack
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F4F47155-5B4D-42AA-97F8-490BC52EA7F3}" = Destinations
"{F65787F3-B356-45EC-8DD0-0E6758EDBCEE}" = WebReg
"{F6F05110-E070-7045-A598-AD12B7D83F9C}" = WinMagaPlus5
"{FF26F7EA-BCEE-478C-9A1B-6B4F88717D73}" = CueTour
"504244733D18C8F63FF584AEB290E3904E791693" = Pacchetto driver Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Ad-Aware" = Ad-Aware
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0410-1E257A25E34D}" = Adobe Photoshop CS2
"AMDAway INF" = AMDAway INF
"AutocompletePro3_is1" = AutocompletePro
"avast" = avast! Free Antivirus
"BullZip PDF Printer_is1" = BullZip PDF Printer 1.0.0.20
"CCleaner" = CCleaner
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"CPLBonus" = Kels' CPL Bonus Pack!
"doPDF 7 printer_is1" = doPDF 7.1 printer
"eMule" = eMule
"Farm Frenzy" = Farm Frenzy
"Foxit Reader" = Foxit Reader
"Free Mp3 Wma Converter_is1" = Free Mp3 Wma Converter V 1.9
"GJ aMAZEing Pacman Demo" = GJ aMAZEing Pacman Demo
"GPL Ghostscript 8.60" = GPL Ghostscript 8.60
"GPL Ghostscript Fonts" = GPL Ghostscript Fonts
"HP Photo & Imaging" = HP Image Zone 4.2
"ie8" = Windows Internet Explorer 8
"ImgBurn" = ImgBurn
"IncrediMail" = IncrediMail 2.0
"IncrediMail_MediaBar_Italiano_2 Toolbar" = IncrediMail MediaBar Italiano 2 Toolbar
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Manager Piattaforma
"KC Softwares IDPhotoStudio_is1" = KC Softwares IDPhotoStudio
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.1.7 (Full)
"LClock" = LClock
"MAGIX Screenshare I" = MAGIX Screenshare
"MAGIX Speed burnR I" = MAGIX Speed burnR
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versione 1.61.0.1400
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack - ita" = Microsoft .NET Framework 3.5 - Language Pack (italiano)
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile ITA Language Pack" = Microsoft .NET Framework 4 Client Profile - Language Pack (ITA)
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended ITA Language Pack" = Microsoft .NET Framework 4 Extended - Language Pack (ITA)
"Mozilla Firefox (3.0.19)" = Mozilla Firefox (3.0.19)
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Nokia Ovi Suite" = Nokia Ovi Suite
"Notepad++" = Notepad++
"NVIDIA Drivers" = NVIDIA Drivers
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Photo Notifier and Animation Creator" = Photo Notifier and Animation Creator
"PhotoMail" = PhotoMail Maker
"PictureItSuite_v11" = Microsoft Digital Image 2006 Suite Edition
"pyt_FotoService" = FotoService 1.5.94
"Qurb {EFF974CB-6711-42E4-BDD4-5DBF53002F05}" = eTrust Anti-Spam
"RealPlayer 12.0" = RealPlayer
"TeamViewer 6" = TeamViewer 6
"TetrisXP!" = TetrisXP!
"uTorrent" = µTorrent
"Visual ToolTip_is1" = Visual ToolTip v2.21
"VLC media player" = VLC media player 1.0.5
"VMidi" = vanBasco's Karaoke Player
"Vodafone PC Suite" = Vodafone PC Suite
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Windows Sidebar" = Windows Sidebar
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR gestione archivi
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-842925246-179605362-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"uTorrent" = µTorrent

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 03/05/2012 10.08.04 | Computer Name = IVAN | Source = JavaQuickStarterService | ID = 1
Description =

Error - 03/05/2012 10.24.17 | Computer Name = IVAN | Source = JavaQuickStarterService | ID = 1
Description =

Error - 03/05/2012 13.29.53 | Computer Name = IVAN | Source = JavaQuickStarterService | ID = 1
Description =

Error - 04/05/2012 4.56.05 | Computer Name = IVAN | Source = JavaQuickStarterService | ID = 1
Description =

Error - 04/05/2012 7.33.52 | Computer Name = IVAN | Source = JavaQuickStarterService | ID = 1
Description =

Error - 04/05/2012 9.21.03 | Computer Name = IVAN | Source = JavaQuickStarterService | ID = 1
Description =

Error - 05/05/2012 8.14.05 | Computer Name = IVAN | Source = JavaQuickStarterService | ID = 1
Description =

Error - 05/05/2012 9.00.46 | Computer Name = IVAN | Source = JavaQuickStarterService | ID = 1
Description =

Error - 05/05/2012 9.04.30 | Computer Name = IVAN | Source = JavaQuickStarterService | ID = 1
Description =

Error - 05/05/2012 11.44.05 | Computer Name = IVAN | Source = JavaQuickStarterService | ID = 1
Description =

[ System Events ]
Error - 05/05/2012 11.45.04 | Computer Name = IVAN | Source = Service Control Manager | ID = 7023
Description = Servizio Aggiornamenti automatici terminato con l'errore: %%3228369022

Error - 05/05/2012 11.45.04 | Computer Name = IVAN | Source = Service Control Manager | ID = 7031
Description = Il servizio Spooler di stampa è terminato in modo imprevisto. Questo
problema si è verificato 1 volta/e. Le seguenti azioni di correzione saranno eseguite
tra 60000 millisecondi: Riavvia il servizio.

Error - 05/05/2012 11.47.34 | Computer Name = IVAN | Source = Service Control Manager | ID = 7031
Description = Il servizio Spooler di stampa è terminato in modo imprevisto. Questo
problema si è verificato 2 volta/e. Le seguenti azioni di correzione saranno eseguite
tra 60000 millisecondi: Riavvia il servizio.

Error - 05/05/2012 11.50.34 | Computer Name = IVAN | Source = Service Control Manager | ID = 7034
Description = Interruzione imprevista del servizio Spooler di stampa. Questo evento
si è già verificato 3 volta(e).

Error - 05/05/2012 12.43.02 | Computer Name = IVAN | Source = nvgts | ID = 262149
Description = Errore di parità su \Device\Scsi\nvgts1.

Error - 05/05/2012 12.53.11 | Computer Name = IVAN | Source = DCOM | ID = 10005
Description = DCOM ha ricevuto l'errore "%1058" durante il tentativo di avviare
il servizio MDM con gli argomenti "" per eseguire il server {0C0A3666-30C9-11D0-8F20-00805F2CD064}

Error - 05/05/2012 12.53.14 | Computer Name = IVAN | Source = DCOM | ID = 10005
Description = DCOM ha ricevuto l'errore "%1058" durante il tentativo di avviare
il servizio MDM con gli argomenti "" per eseguire il server {0C0A3666-30C9-11D0-8F20-00805F2CD064}

Error - 05/05/2012 13.43.03 | Computer Name = IVAN | Source = nvgts | ID = 262149
Description = Errore di parità su \Device\Scsi\nvgts1.

Error - 05/05/2012 14.43.04 | Computer Name = IVAN | Source = nvgts | ID = 262149
Description = Errore di parità su \Device\Scsi\nvgts1.

Error - 05/05/2012 15.43.05 | Computer Name = IVAN | Source = nvgts | ID = 262149
Description = Errore di parità su \Device\Scsi\nvgts1.


< End of report >



speriamo.....
Danivan
Utente Junior
 
Post: 77
Iscritto il: 26/08/08 19:19

Re: wilogon.exe......impossibileindividuare un componente

Postdi FrancescoFDAC » 05/05/12 20:39

Domani ti preparo uno script, ci sono dei rimasugli, anche di infezioni, da eliminare.

Intanto;
Scarica Kaspersky TDSS Killer: http://support.kaspersky.com/downloads/ ... killer.exe
● posiziona il file scaricato sul Desktop
● clicca due volte sul file TDSSKiller.exe per avviare l'applicazione
● successivamente premi il pulsante Start scan

Nota - riguardo al programma:
● non cliccare sul pulsante Stop scan per nessun motivo, la scansione si interromperebbe

Giunti a questo punto, inizia la scansione del sistema alla ricerca di software malevolo:
● se viene trovato un file infetto, l'azione di default sarà Cure: clicca quindi su Continua
● se viene trovato un file sospetto, l'azione di default sarà Skip: clicca quindi su Continua
● se non viene rilevato nulla, chiudi semplicemente il programma al termine della scansione

Una volta terminata la scansione, si presenterà una di queste due opzioni:
non è necessario il riavvio del sistema: allega il Report situato nel Disco Locale C:\, di nome TDSSKiller.[Version]_[Date]_[Time]_log.txt
● è necessario riavviare il sistema: clicca su Riavvia ora, infine allega il risultato della scansione (si trova nello stesso percorso menzionato poco fa')
FrancescoFDAC
Utente Senior
 
Post: 1048
Iscritto il: 13/08/11 09:53

Re: wilogon.exe......impossibileindividuare un componente

Postdi Danivan » 06/05/12 08:23

Ecco qua ,non e stato necessario riavviare il pc.
sembra che non abbia trovato nessun file infetto o sospetto...


09:35:08.0062 3052 TDSS rootkit removing tool 2.7.34.0 May 2 2012 09:59:18
09:35:08.0203 3052 ============================================================
09:35:08.0203 3052 Current date / time: 2012/05/06 09:35:08.0203
09:35:08.0203 3052 SystemInfo:
09:35:08.0203 3052
09:35:08.0203 3052 OS Version: 5.1.2600 ServicePack: 3.0
09:35:08.0203 3052 Product type: Workstation
09:35:08.0203 3052 ComputerName: IVAN
09:35:08.0203 3052 UserName: Computer
09:35:08.0203 3052 Windows directory: C:\WINDOWS
09:35:08.0203 3052 System windows directory: C:\WINDOWS
09:35:08.0203 3052 Processor architecture: Intel x86
09:35:08.0203 3052 Number of processors: 4
09:35:08.0203 3052 Page size: 0x1000
09:35:08.0203 3052 Boot type: Normal boot
09:35:08.0203 3052 ============================================================
09:35:08.0937 3052 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000058
09:35:08.0937 3052 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000058
09:35:08.0953 3052 Drive \Device\Harddisk2\DR5 - Size: 0x3C280000 (0.94 Gb), SectorSize: 0x200, Cylinders: 0x7A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
09:35:08.0953 3052 ============================================================
09:35:08.0953 3052 \Device\Harddisk0\DR0:
09:35:08.0953 3052 MBR partitions:
09:35:08.0953 3052 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x222E0070
09:35:08.0953 3052 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x222E00AF, BlocksNum 0x314D612
09:35:08.0953 3052 \Device\Harddisk1\DR1:
09:35:08.0953 3052 MBR partitions:
09:35:08.0953 3052 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982
09:35:08.0953 3052 \Device\Harddisk2\DR5:
09:35:08.0953 3052 MBR partitions:
09:35:08.0953 3052 \Device\Harddisk2\DR5\Partition0: MBR, Type 0xB, StartLBA 0x20, BlocksNum 0x1E11E0
09:35:08.0953 3052 ============================================================
09:35:09.0156 3052 C: <-> \Device\Harddisk0\DR0\Partition0
09:35:09.0187 3052 F: <-> \Device\Harddisk0\DR0\Partition1
09:35:09.0218 3052 D: <-> \Device\Harddisk1\DR1\Partition0
09:35:09.0218 3052 ============================================================
09:35:09.0218 3052 Initialize success
09:35:09.0218 3052 ============================================================
09:35:18.0218 0388 ============================================================
09:35:18.0218 0388 Scan started
09:35:18.0218 0388 Mode: Manual;
09:35:18.0218 0388 ============================================================
09:35:18.0562 0388 Aavmker4 (473f97edc5a5312f3665ab2921196c0c) C:\WINDOWS\system32\drivers\Aavmker4.sys
09:35:18.0562 0388 Aavmker4 - ok
09:35:18.0562 0388 Abiosdsk - ok
09:35:18.0562 0388 abp480n5 - ok
09:35:18.0609 0388 ACPI (d766e636187b8f240bbfbabcd51eb2c6) C:\WINDOWS\system32\DRIVERS\ACPI.sys
09:35:18.0625 0388 ACPI - ok
09:35:18.0656 0388 ACPIEC (49ac5cd87fbdda62f3e25190019e7627) C:\WINDOWS\system32\drivers\ACPIEC.sys
09:35:18.0656 0388 ACPIEC - ok
09:35:18.0703 0388 Adobe LM Service (6dcbe41762cff1a00aaab4f5c07b5f28) C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe
09:35:18.0718 0388 Adobe LM Service - ok
09:35:18.0781 0388 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
09:35:18.0781 0388 AdobeFlashPlayerUpdateSvc - ok
09:35:18.0781 0388 adpu160m - ok
09:35:18.0843 0388 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
09:35:18.0859 0388 aec - ok
09:35:18.0906 0388 AFD (f6b7b1ecd7b41736bdb6ff4b092bcb79) C:\WINDOWS\System32\drivers\afd.sys
09:35:18.0906 0388 AFD - ok
09:35:18.0906 0388 Aha154x - ok
09:35:18.0906 0388 aic78u2 - ok
09:35:18.0921 0388 aic78xx - ok
09:35:18.0937 0388 Alerter (14a077ad0cf6116d1102631d8e1edee8) C:\WINDOWS\system32\alrsvc.dll
09:35:18.0953 0388 Alerter - ok
09:35:18.0968 0388 ALG (79fe2e0d7859738225816658f0bb2a0d) C:\WINDOWS\System32\alg.exe
09:35:18.0968 0388 ALG - ok
09:35:18.0968 0388 AliIde - ok
09:35:18.0984 0388 amsint - ok
09:35:19.0062 0388 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe
09:35:19.0062 0388 Apple Mobile Device - ok
09:35:19.0093 0388 AppMgmt (9062ed05b7519324fd7f0d6afb9d1147) C:\WINDOWS\System32\appmgmts.dll
09:35:19.0109 0388 AppMgmt - ok
09:35:19.0125 0388 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
09:35:19.0125 0388 Arp1394 - ok
09:35:19.0125 0388 asc - ok
09:35:19.0125 0388 asc3350p - ok
09:35:19.0140 0388 asc3550 - ok
09:35:19.0171 0388 AsIO (2b4e66fac6503494a2c6f32bb6ab3826) C:\WINDOWS\system32\drivers\AsIO.sys
09:35:19.0171 0388 AsIO - ok
09:35:19.0296 0388 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
09:35:19.0296 0388 aspnet_state - ok
09:35:19.0296 0388 AsrCDDrv - ok
09:35:19.0328 0388 aswFsBlk (0ae43c6c411254049279c2ee55630f95) C:\WINDOWS\system32\drivers\aswFsBlk.sys
09:35:19.0343 0388 aswFsBlk - ok
09:35:19.0343 0388 aswMon2 (8c30b7ddd2f1d8d138ebe40345af2b11) C:\WINDOWS\system32\drivers\aswMon2.sys
09:35:19.0343 0388 aswMon2 - ok
09:35:19.0359 0388 aswRdr (da12626fd9a67f4e917e2f2fbe1e1764) C:\WINDOWS\system32\drivers\aswRdr.sys
09:35:19.0359 0388 aswRdr - ok
09:35:19.0421 0388 aswSnx (dcb199b967375753b5019ec15f008f53) C:\WINDOWS\system32\drivers\aswSnx.sys
09:35:19.0421 0388 aswSnx - ok
09:35:19.0453 0388 aswSP (b32873e5a1443c0a1e322266e203bf10) C:\WINDOWS\system32\drivers\aswSP.sys
09:35:19.0453 0388 aswSP - ok
09:35:19.0484 0388 aswTdi (6ff544175a9180c5d88534d3d9c9a9f7) C:\WINDOWS\system32\drivers\aswTdi.sys
09:35:19.0484 0388 aswTdi - ok
09:35:19.0515 0388 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
09:35:19.0515 0388 AsyncMac - ok
09:35:19.0515 0388 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
09:35:19.0515 0388 atapi - ok
09:35:19.0515 0388 Atdisk - ok
09:35:19.0546 0388 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
09:35:19.0546 0388 Atmarpc - ok
09:35:19.0562 0388 AudioSrv (1b58d118049304e88464be614c6d0014) C:\WINDOWS\System32\audiosrv.dll
09:35:19.0562 0388 AudioSrv - ok
09:35:19.0593 0388 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
09:35:19.0593 0388 audstub - ok
09:35:19.0718 0388 avast! Antivirus (4041d31508a2a084dfb42c595854090f) C:\Programmi\Alwil Software\Avast5\AvastSvc.exe
09:35:19.0718 0388 avast! Antivirus - ok
09:35:19.0765 0388 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
09:35:19.0765 0388 Beep - ok
09:35:19.0812 0388 BITS (48c4763a9c8990fb48b73445beb15d6a) C:\WINDOWS\system32\qmgr.dll
09:35:19.0890 0388 BITS - ok
09:35:20.0000 0388 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Programmi\Bonjour\mDNSResponder.exe
09:35:20.0015 0388 Bonjour Service - ok
09:35:20.0062 0388 Browser (4314623fd836e96a51343ce5c74b48a8) C:\WINDOWS\System32\browser.dll
09:35:20.0062 0388 Browser - ok
09:35:20.0078 0388 btaudio (e2ec8e2b65229497e17f94a0eff1e0ae) C:\WINDOWS\system32\drivers\btaudio.sys
09:35:20.0078 0388 btaudio - ok
09:35:20.0109 0388 BTDriver (58db48fea7f4f3c6b99a0dc62e93504f) C:\WINDOWS\system32\DRIVERS\btport.sys
09:35:20.0109 0388 BTDriver - ok
09:35:20.0156 0388 BTKRNL (9e2e4b187a335faa600353152aeb7123) C:\WINDOWS\system32\DRIVERS\btkrnl.sys
09:35:20.0156 0388 BTKRNL - ok
09:35:20.0187 0388 BTSERIAL (d0c5e812ab1c63e8f3d7e4e8942115e7) C:\WINDOWS\system32\drivers\btserial.sys
09:35:20.0187 0388 BTSERIAL - ok
09:35:20.0234 0388 btwdins (15e9c3b34770390ec6fdc1e351ca7910) C:\Programmi\D-Link\Bluetooth Software\bin\btwdins.exe
09:35:20.0234 0388 btwdins - ok
09:35:20.0250 0388 BTWDNDIS (fbb27c5f29773ebb6be5bb795678cc4c) C:\WINDOWS\system32\DRIVERS\btwdndis.sys
09:35:20.0250 0388 BTWDNDIS - ok
09:35:20.0265 0388 btwhid (7d829ad5f3f62544ed13dd96f0af0d90) C:\WINDOWS\system32\DRIVERS\btwhid.sys
09:35:20.0265 0388 btwhid - ok
09:35:20.0281 0388 BTWUSB (d2fc32f56b04847094eba46c2d3ae531) C:\WINDOWS\system32\Drivers\btwusb.sys
09:35:20.0281 0388 BTWUSB - ok
09:35:20.0296 0388 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
09:35:20.0296 0388 cbidf2k - ok
09:35:20.0312 0388 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
09:35:20.0312 0388 CCDECODE - ok
09:35:20.0328 0388 cd20xrnt - ok
09:35:20.0343 0388 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
09:35:20.0343 0388 Cdaudio - ok
09:35:20.0375 0388 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
09:35:20.0375 0388 Cdfs - ok
09:35:20.0390 0388 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
09:35:20.0390 0388 Cdrom - ok
09:35:20.0390 0388 Changer - ok
09:35:20.0421 0388 CiSvc (d04f2beb5ea63d0766e12e44aef7c38d) C:\WINDOWS\system32\cisvc.exe
09:35:20.0421 0388 CiSvc - ok
09:35:20.0421 0388 ClipSrv (41a40ac24499f593d3129726c46e4bc1) C:\WINDOWS\system32\clipsrv.exe
09:35:20.0437 0388 ClipSrv - ok
09:35:20.0531 0388 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:35:20.0531 0388 clr_optimization_v2.0.50727_32 - ok
09:35:20.0609 0388 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:35:20.0656 0388 clr_optimization_v4.0.30319_32 - ok
09:35:20.0656 0388 CmdIde - ok
09:35:20.0656 0388 COMSysApp - ok
09:35:20.0671 0388 Cpqarray - ok
09:35:20.0703 0388 CryptSvc (b6fcbb157e9c8abdca4134c535535a8b) C:\WINDOWS\System32\cryptsvc.dll
09:35:20.0703 0388 CryptSvc - ok
09:35:20.0718 0388 dac2w2k - ok
09:35:20.0718 0388 dac960nt - ok
09:35:20.0781 0388 DcomLaunch (91f797dfbc1416fcea76ad76fe07da89) C:\WINDOWS\system32\rpcss.dll
09:35:20.0859 0388 DcomLaunch - ok
09:35:20.0859 0388 Dhcp (699ee7f752a25180aeb92c3a0eaee440) C:\WINDOWS\System32\dhcpcsvc.dll
09:35:20.0875 0388 Dhcp - ok
09:35:20.0906 0388 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
09:35:20.0921 0388 Disk - ok
09:35:20.0921 0388 dmadmin - ok
09:35:20.0953 0388 dmboot (82bc125a8ed33f5f0e75f2aac1065323) C:\WINDOWS\system32\drivers\dmboot.sys
09:35:20.0984 0388 dmboot - ok
09:35:21.0000 0388 dmio (e959ddc0ea7ac11ee5e5602e2a364310) C:\WINDOWS\system32\drivers\dmio.sys
09:35:21.0000 0388 dmio - ok
09:35:21.0031 0388 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
09:35:21.0031 0388 dmload - ok
09:35:21.0031 0388 dmserver (a01858c50704b2d2edeebbf6bbbced2a) C:\WINDOWS\System32\dmserver.dll
09:35:21.0031 0388 dmserver - ok
09:35:21.0062 0388 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
09:35:21.0062 0388 DMusic - ok
09:35:21.0093 0388 Dnscache (6a54e08fbce7b50368d7766427b3cc37) C:\WINDOWS\System32\dnsrslvr.dll
09:35:21.0093 0388 Dnscache - ok
09:35:21.0109 0388 Dot3svc (d580d77dff316bd8c9d73b38695de8dc) C:\WINDOWS\System32\dot3svc.dll
09:35:21.0125 0388 Dot3svc - ok
09:35:21.0125 0388 dpti2o - ok
09:35:21.0156 0388 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
09:35:21.0156 0388 drmkaud - ok
09:35:21.0187 0388 EapHost (86b1f123bacd444e81960b339bae3ff2) C:\WINDOWS\System32\eapsvc.dll
09:35:21.0187 0388 EapHost - ok
09:35:21.0218 0388 Eventlog (c79feae2f68982259907ab52b0f2676f) C:\WINDOWS\system32\services.exe
09:35:21.0234 0388 Eventlog - ok
09:35:21.0265 0388 EventSystem (ea518d0002f4338db0e7d83370d61845) C:\WINDOWS\system32\es.dll
09:35:21.0281 0388 EventSystem - ok
09:35:21.0296 0388 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
09:35:21.0312 0388 Fastfat - ok
09:35:21.0343 0388 FastUserSwitchingCompatibility (dccc606fc144f6e44e497f9a906f1c30) C:\WINDOWS\System32\shsvcs.dll
09:35:21.0359 0388 FastUserSwitchingCompatibility - ok
09:35:21.0390 0388 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
09:35:21.0390 0388 Fdc - ok
09:35:21.0406 0388 Fips (2cfea3326981a18c6baf2bd9be76225b) C:\WINDOWS\system32\drivers\Fips.sys
09:35:21.0406 0388 Fips - ok
09:35:21.0437 0388 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
09:35:21.0437 0388 Flpydisk - ok
09:35:21.0468 0388 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
09:35:21.0468 0388 FltMgr - ok
09:35:21.0562 0388 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
09:35:21.0562 0388 FontCache3.0.0.0 - ok
09:35:21.0578 0388 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
09:35:21.0578 0388 Fs_Rec - ok
09:35:21.0593 0388 Ftdisk (f3269a6ee547ea87b949a1cea4816b38) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
09:35:21.0609 0388 Ftdisk - ok
09:35:21.0890 0388 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
09:35:21.0890 0388 GEARAspiWDM - ok
09:35:21.0937 0388 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
09:35:21.0937 0388 Gpc - ok
09:35:22.0062 0388 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Programmi\Google\Update\GoogleUpdate.exe
09:35:22.0062 0388 gupdate - ok
09:35:22.0078 0388 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Programmi\Google\Update\GoogleUpdate.exe
09:35:22.0078 0388 gupdatem - ok
09:35:22.0093 0388 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
09:35:22.0093 0388 HDAudBus - ok
09:35:22.0156 0388 helpsvc (6ce66b51b4eb23d9d073f92698c55c8d) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
09:35:22.0156 0388 helpsvc - ok
09:35:22.0187 0388 HidServ (43d985a9a51e0295091b6ebe84c96b78) C:\WINDOWS\System32\hidserv.dll
09:35:22.0187 0388 HidServ - ok
09:35:22.0203 0388 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
09:35:22.0203 0388 hidusb - ok
09:35:22.0218 0388 hkmsvc (00cad842f48947887a972828aca665f7) C:\WINDOWS\System32\kmsvc.dll
09:35:22.0218 0388 hkmsvc - ok
09:35:22.0218 0388 hpn - ok
09:35:22.0281 0388 HPZid412 (5faba4775d4c61e55ec669d643ffc71f) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
09:35:22.0281 0388 HPZid412 - ok
09:35:22.0281 0388 HPZipr12 (a3c43980ee1f1beac778b44ea65dbdd4) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
09:35:22.0281 0388 HPZipr12 - ok
09:35:22.0312 0388 HPZius12 (2906949bd4e206f2bb0dd1896ce9f66f) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
09:35:22.0312 0388 HPZius12 - ok
09:35:22.0343 0388 HTTP (937031c085718c1c04a9c0864625ec6b) C:\WINDOWS\system32\Drivers\HTTP.sys
09:35:22.0359 0388 HTTP - ok
09:35:22.0375 0388 HTTPFilter (450091aebfcd08e5858533eab5b9a436) C:\WINDOWS\System32\w3ssl.dll
09:35:22.0406 0388 HTTPFilter - ok
09:35:22.0437 0388 i2omgmt - ok
09:35:22.0437 0388 i2omp - ok
09:35:22.0484 0388 i8042prt (610726e28af55b95043c5c35a727e320) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
09:35:22.0484 0388 i8042prt - ok
09:35:22.0531 0388 IDriverT (6f95324909b502e2651442c1548ab12f) C:\Programmi\File comuni\InstallShield\Driver\1050\Intel 32\IDriverT.exe
09:35:22.0531 0388 IDriverT - ok
09:35:22.0593 0388 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
09:35:22.0609 0388 idsvc - ok
09:35:22.0640 0388 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
09:35:22.0640 0388 Imapi - ok
09:35:22.0656 0388 ImapiService (db491237445f172fdddf00541de1a51d) C:\WINDOWS\system32\imapi.exe
09:35:22.0671 0388 ImapiService - ok
09:35:22.0671 0388 ini910u - ok
09:35:22.0687 0388 IntelIde - ok
09:35:22.0703 0388 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
09:35:22.0703 0388 Ip6Fw - ok
09:35:22.0718 0388 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
09:35:22.0718 0388 IpFilterDriver - ok
09:35:22.0718 0388 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
09:35:22.0718 0388 IpInIp - ok
09:35:22.0750 0388 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
09:35:22.0750 0388 IpNat - ok
09:35:22.0859 0388 iPod Service (ce004777b92dea56fe14ec900d20baa4) C:\Programmi\iPod\bin\iPodService.exe
09:35:22.0875 0388 iPod Service - ok
09:35:22.0890 0388 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
09:35:22.0890 0388 IPSec - ok
09:35:22.0921 0388 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
09:35:22.0921 0388 IRENUM - ok
09:35:22.0953 0388 isapnp (0953594beb81cc72fcc62d37921b25a6) C:\WINDOWS\system32\DRIVERS\isapnp.sys
09:35:22.0953 0388 isapnp - ok
09:35:23.0046 0388 JavaQuickStarterService (381b25dc8e958d905b33130d500bbf29) C:\Programmi\Java\jre6\bin\jqs.exe
09:35:23.0062 0388 JavaQuickStarterService - ok
09:35:23.0078 0388 Kbdclass (28b6eace513ca7eaba3b809ad4bc274d) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
09:35:23.0078 0388 Kbdclass - ok
09:35:23.0109 0388 kbdhid (4c61c226bdda2ef1672b2c5f4e56625e) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
09:35:23.0109 0388 kbdhid - ok
09:35:23.0156 0388 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
09:35:23.0171 0388 kmixer - ok
09:35:23.0171 0388 KSecDD (c6ebf1d6ad71df30db49b8d3287e1368) C:\WINDOWS\system32\drivers\KSecDD.sys
09:35:23.0171 0388 KSecDD - ok
09:35:23.0218 0388 LanmanServer (e53bdd8656eebdf0651e7b6039d73708) C:\WINDOWS\System32\srvsvc.dll
09:35:23.0234 0388 LanmanServer - ok
09:35:23.0250 0388 lanmanworkstation (f0c54b58df6d518d96318d3edd52b82c) C:\WINDOWS\System32\wkssvc.dll
09:35:23.0265 0388 lanmanworkstation - ok
09:35:23.0453 0388 Lavasoft Ad-Aware Service (6df2be94d712753fb8d87495469b5262) C:\Programmi\Lavasoft\Ad-Aware\AAWService.exe
09:35:23.0500 0388 Lavasoft Ad-Aware Service - ok
09:35:23.0671 0388 Lbd (b7c19ec8b0dd7efa58ad41ffeb8b8cda) C:\WINDOWS\system32\DRIVERS\Lbd.sys
09:35:23.0671 0388 Lbd - ok
09:35:23.0671 0388 lbrtfdc - ok
09:35:23.0703 0388 LmHosts (e01255727d0b158538d7c2b469b533a8) C:\WINDOWS\System32\lmhsvc.dll
09:35:23.0703 0388 LmHosts - ok
09:35:23.0796 0388 MDM (11f714f85530a2bd134074dc30e99fca) C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE
09:35:23.0812 0388 MDM - ok
09:35:23.0828 0388 Messenger (3b32f662c8607e891f325e41f7ee225c) C:\WINDOWS\System32\msgsvc.dll
09:35:23.0843 0388 Messenger - ok
09:35:23.0937 0388 Microsoft SharePoint Workspace Audit Service - ok
09:35:23.0953 0388 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
09:35:23.0953 0388 mnmdd - ok
09:35:23.0984 0388 mnmsrvc (cfdc97102a96afba09b6531307d127ed) C:\WINDOWS\system32\mnmsrvc.exe
09:35:24.0000 0388 mnmsrvc - ok
09:35:24.0031 0388 MobileAdapter (83c97f6d9feb37af9d785ac099e41a42) C:\WINDOWS\system32\DRIVERS\qscvusb.sys
09:35:24.0031 0388 MobileAdapter - ok
09:35:24.0031 0388 Modem (8cb6636806d76b85fafaee94d75f5129) C:\WINDOWS\system32\drivers\Modem.sys
09:35:24.0031 0388 Modem - ok
09:35:24.0062 0388 Mouclass (e904ebed608055a2bfb824c07f59766c) C:\WINDOWS\system32\DRIVERS\mouclass.sys
09:35:24.0062 0388 Mouclass - ok
09:35:24.0093 0388 mouhid (d7662f0cf5b77bbbe3202716f5bd5318) C:\WINDOWS\system32\DRIVERS\mouhid.sys
09:35:24.0093 0388 mouhid - ok
09:35:24.0109 0388 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
09:35:24.0125 0388 MountMgr - ok
09:35:24.0125 0388 mraid35x - ok
09:35:24.0156 0388 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
09:35:24.0156 0388 MRxDAV - ok
09:35:24.0187 0388 MRxSmb (fb2fccc70f7174c7bf64f48e96d3adf4) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
09:35:24.0203 0388 MRxSmb - ok
09:35:24.0218 0388 MSDTC (8d768dc8cc2cbfb686d1455f1af53096) C:\WINDOWS\system32\msdtc.exe
09:35:24.0218 0388 MSDTC - ok
09:35:24.0250 0388 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
09:35:24.0250 0388 Msfs - ok
09:35:24.0250 0388 MSIServer - ok
09:35:24.0281 0388 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
09:35:24.0281 0388 MSKSSRV - ok
09:35:24.0296 0388 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
09:35:24.0296 0388 MSPCLOCK - ok
09:35:24.0312 0388 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
09:35:24.0312 0388 MSPQM - ok
09:35:24.0328 0388 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
09:35:24.0328 0388 mssmbios - ok
09:35:24.0359 0388 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
09:35:24.0359 0388 MSTEE - ok
09:35:24.0375 0388 MTsensor (d48659bb24c48345d926ecb45c1ebdf5) C:\WINDOWS\system32\DRIVERS\ASACPI.sys
09:35:24.0375 0388 MTsensor - ok
09:35:24.0390 0388 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
09:35:24.0406 0388 Mup - ok
09:35:24.0406 0388 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
09:35:24.0406 0388 NABTSFEC - ok
09:35:24.0437 0388 napagent (911587fd303c9690a428bb4b04732b61) C:\WINDOWS\System32\qagentrt.dll
09:35:24.0468 0388 napagent - ok
09:35:24.0500 0388 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
09:35:24.0515 0388 NDIS - ok
09:35:24.0531 0388 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
09:35:24.0531 0388 NdisIP - ok
09:35:24.0562 0388 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
09:35:24.0562 0388 NdisTapi - ok
09:35:24.0578 0388 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
09:35:24.0578 0388 Ndisuio - ok
09:35:24.0578 0388 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
09:35:24.0578 0388 NdisWan - ok
09:35:24.0609 0388 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
09:35:24.0625 0388 NDProxy - ok
09:35:24.0781 0388 Nero BackItUp Scheduler 3 (2aae889742376edc5c3203dfb74f28fd) C:\Programmi\Nero\Nero8\Nero BackItUp\NBService.exe
09:35:24.0812 0388 Nero BackItUp Scheduler 3 - ok
09:35:24.0828 0388 Netaapl (7afd0e39ab15cb355487b7cc19f4e2c5) C:\WINDOWS\system32\DRIVERS\netaapl.sys
09:35:24.0828 0388 Netaapl - ok
09:35:24.0859 0388 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
09:35:24.0859 0388 NetBIOS - ok
09:35:24.0875 0388 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
09:35:24.0890 0388 NetBT - ok
09:35:24.0906 0388 NetDDE (1b09227e41f414a93dbc0baf80c4d527) C:\WINDOWS\system32\netdde.exe
09:35:24.0921 0388 NetDDE - ok
09:35:24.0921 0388 NetDDEdsdm (1b09227e41f414a93dbc0baf80c4d527) C:\WINDOWS\system32\netdde.exe
09:35:24.0921 0388 NetDDEdsdm - ok
09:35:24.0953 0388 Netlogon (0fba335727905de8e4cb5a2cf438abf5) C:\WINDOWS\system32\lsass.exe
09:35:24.0953 0388 Netlogon - ok
09:35:24.0968 0388 Netman (02815b70fc4ca8611a926176f1c39fc2) C:\WINDOWS\System32\netman.dll
09:35:25.0000 0388 Netman - ok
09:35:25.0093 0388 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:35:25.0109 0388 NetTcpPortSharing - ok
09:35:25.0125 0388 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
09:35:25.0140 0388 NIC1394 - ok
09:35:25.0171 0388 Nla (e0c98d37a349dc9688fe802f623b16f6) C:\WINDOWS\System32\mswsock.dll
09:35:25.0187 0388 Nla - ok
09:35:25.0328 0388 NMIndexingService (cb992ae1506985d9167e85883b4c3240) C:\Programmi\File comuni\Nero\Lib\NMIndexingService.exe
09:35:25.0343 0388 NMIndexingService - ok
09:35:25.0375 0388 nmwcd (48fb907b069524f2dc7ba62a0762850c) C:\WINDOWS\system32\drivers\ccdcmb.sys
09:35:25.0375 0388 nmwcd - ok
09:35:25.0390 0388 nmwcdc (2914ceb789964141ac6e22c6bc980c42) C:\WINDOWS\system32\drivers\ccdcmbo.sys
09:35:25.0390 0388 nmwcdc - ok
09:35:25.0406 0388 nmwcdnsu (28d40797bcb050321fa6674b08a620c0) C:\WINDOWS\system32\drivers\nmwcdnsu.sys
09:35:25.0421 0388 nmwcdnsu - ok
09:35:25.0437 0388 nmwcdnsuc (7804e9747bc27eddc6a8382bbf35cf25) C:\WINDOWS\system32\drivers\nmwcdnsuc.sys
09:35:25.0437 0388 nmwcdnsuc - ok
09:35:25.0468 0388 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
09:35:25.0468 0388 Npfs - ok
09:35:25.0515 0388 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
09:35:25.0562 0388 Ntfs - ok
09:35:25.0578 0388 NtLmSsp (0fba335727905de8e4cb5a2cf438abf5) C:\WINDOWS\system32\lsass.exe
09:35:25.0578 0388 NtLmSsp - ok
09:35:25.0625 0388 NtmsSvc (89db90b5f35d2795d9fc56d933cc72b8) C:\WINDOWS\system32\ntmssvc.dll
09:35:25.0656 0388 NtmsSvc - ok
09:35:25.0687 0388 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
09:35:25.0687 0388 Null - ok
09:35:26.0093 0388 nv (02e3a5cf6de77dba144550fd1c4a4cd9) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
09:35:26.0218 0388 nv - ok
09:35:26.0390 0388 NVENETFD (70217a23470f4bb4c8fb4abe06813081) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
09:35:26.0390 0388 NVENETFD - ok
09:35:26.0437 0388 nvgts (ea98bfe4931bd13d747d647c1859796e) C:\WINDOWS\system32\DRIVERS\nvgts.sys
09:35:26.0437 0388 nvgts - ok
09:35:26.0468 0388 NVHDA (422bbe63a70950440e1db5fe7a9557a7) C:\WINDOWS\system32\drivers\nvhda32.sys
09:35:26.0468 0388 NVHDA - ok
09:35:26.0500 0388 nvnetbus (be8513730653384939a4d2d977c81027) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
09:35:26.0500 0388 nvnetbus - ok
09:35:26.0531 0388 nvsmu (f13618f0cb1e95232f4c2401592a59e9) C:\WINDOWS\system32\DRIVERS\nvsmu.sys
09:35:26.0531 0388 nvsmu - ok
09:35:26.0562 0388 NVSvc (679b4bd1152079fb65f4a28d7e3bd5d8) C:\WINDOWS\system32\nvsvc32.exe
09:35:26.0562 0388 NVSvc - ok
09:35:26.0593 0388 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
09:35:26.0593 0388 NwlnkFlt - ok
09:35:26.0609 0388 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
09:35:26.0609 0388 NwlnkFwd - ok
09:35:26.0625 0388 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
09:35:26.0625 0388 ohci1394 - ok
09:35:26.0703 0388 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Programmi\File comuni\Microsoft Shared\Source Engine\OSE.EXE
09:35:26.0703 0388 ose - ok
09:35:27.0125 0388 osppsvc (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Programmi\File comuni\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
09:35:27.0250 0388 osppsvc - ok
09:35:27.0437 0388 Parport (4e9408a178b2d955871c2cdd278de3c3) C:\WINDOWS\system32\DRIVERS\parport.sys
09:35:27.0437 0388 Parport - ok
09:35:27.0437 0388 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
09:35:27.0437 0388 PartMgr - ok
09:35:27.0484 0388 ParVdm (0dabef655a444cb1e193626fb1d24b9f) C:\WINDOWS\system32\drivers\ParVdm.sys
09:35:27.0484 0388 ParVdm - ok
09:35:27.0515 0388 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
09:35:27.0515 0388 pccsmcfd - ok
09:35:27.0546 0388 PCI (f40a46892afebb0314536b849d57c11e) C:\WINDOWS\system32\DRIVERS\pci.sys
09:35:27.0546 0388 PCI - ok
09:35:27.0546 0388 PCIDump - ok
09:35:27.0562 0388 PCIIde (b2df00d650fd6c4ee781740ed3c8e67f) C:\WINDOWS\system32\DRIVERS\pciide.sys
09:35:27.0562 0388 PCIIde - ok
09:35:27.0578 0388 Pcmcia (815c50f2b1d1562800bdce8be895000e) C:\WINDOWS\system32\drivers\Pcmcia.sys
09:35:27.0593 0388 Pcmcia - ok
09:35:27.0593 0388 PDCOMP - ok
09:35:27.0593 0388 PDFRAME - ok
09:35:27.0593 0388 PDRELI - ok
09:35:27.0609 0388 PDRFRAME - ok
09:35:27.0609 0388 perc2 - ok
09:35:27.0609 0388 perc2hib - ok
09:35:27.0671 0388 PLFlash DeviceIoControl Service (875e4e0661f3a5994df9e5e3a0a4f96b) C:\WINDOWS\system32\IoctlSvc.exe
09:35:27.0671 0388 PLFlash DeviceIoControl Service - ok
09:35:27.0718 0388 PlugPlay (c79feae2f68982259907ab52b0f2676f) C:\WINDOWS\system32\services.exe
09:35:27.0718 0388 PlugPlay - ok
09:35:27.0765 0388 Pml Driver HPZ12 (901c43516504cbe582e4c4193e00876a) C:\WINDOWS\system32\HPZipm12.exe
09:35:27.0765 0388 Pml Driver HPZ12 - ok
09:35:27.0781 0388 PolicyAgent (0fba335727905de8e4cb5a2cf438abf5) C:\WINDOWS\system32\lsass.exe
09:35:27.0781 0388 PolicyAgent - ok
09:35:27.0828 0388 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
09:35:27.0828 0388 PptpMiniport - ok
09:35:27.0843 0388 Processor (b479f50e883b2297a5f7f212aaee6f6c) C:\WINDOWS\system32\DRIVERS\processr.sys
09:35:27.0843 0388 Processor - ok
09:35:27.0843 0388 ProtectedStorage (0fba335727905de8e4cb5a2cf438abf5) C:\WINDOWS\system32\lsass.exe
09:35:27.0859 0388 ProtectedStorage - ok
09:35:27.0859 0388 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
09:35:27.0859 0388 PSched - ok
09:35:27.0875 0388 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
09:35:27.0890 0388 Ptilink - ok
09:35:27.0890 0388 PxHelp20 (b5dfb86a6caeae9b2bf3dedb43be6393) C:\WINDOWS\system32\Drivers\PxHelp20.sys
09:35:27.0890 0388 PxHelp20 - ok
09:35:27.0890 0388 ql1080 - ok
09:35:27.0890 0388 Ql10wnt - ok
09:35:27.0906 0388 ql12160 - ok
09:35:27.0906 0388 ql1240 - ok
09:35:27.0906 0388 ql1280 - ok
09:35:27.0906 0388 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
09:35:27.0921 0388 RasAcd - ok
09:35:27.0937 0388 RasAuto (9839b418343d6e6e52659bdf3ff1fe67) C:\WINDOWS\System32\rasauto.dll
09:35:27.0953 0388 RasAuto - ok
09:35:27.0984 0388 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
09:35:27.0984 0388 Rasl2tp - ok
09:35:28.0000 0388 RasMan (62ad41548e720db4763b86f95e44f3fa) C:\WINDOWS\System32\rasmans.dll
09:35:28.0015 0388 RasMan - ok
09:35:28.0015 0388 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
09:35:28.0015 0388 RasPppoe - ok
09:35:28.0031 0388 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
09:35:28.0046 0388 Raspti - ok
09:35:28.0062 0388 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
09:35:28.0062 0388 Rdbss - ok
09:35:28.0078 0388 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
09:35:28.0078 0388 RDPCDD - ok
09:35:28.0109 0388 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
09:35:28.0109 0388 rdpdr - ok
09:35:28.0156 0388 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
09:35:28.0156 0388 RDPWD - ok
09:35:28.0171 0388 RDSessMgr (cc72e6ae90245f0ae48bf1236a7e1f9c) C:\WINDOWS\system32\sessmgr.exe
09:35:28.0218 0388 RDSessMgr - ok
09:35:28.0250 0388 redbook (393fc252593323b624b230eca6b85e63) C:\WINDOWS\system32\DRIVERS\redbook.sys
09:35:28.0250 0388 redbook - ok
09:35:28.0281 0388 RemoteAccess (7ebbf16fbd3e0e34f084fa635c1844e3) C:\WINDOWS\System32\mprdim.dll
09:35:28.0281 0388 RemoteAccess - ok
09:35:28.0312 0388 RemoteRegistry (f667a41bced959988e53feecc8bf5da0) C:\WINDOWS\system32\regsvc.dll
09:35:28.0328 0388 RemoteRegistry - ok
09:35:28.0359 0388 RpcLocator (dc97f6c8a94691834439872b9e8ff2b3) C:\WINDOWS\system32\locator.exe
09:35:28.0375 0388 RpcLocator - ok
09:35:28.0421 0388 RpcSs (91f797dfbc1416fcea76ad76fe07da89) C:\WINDOWS\system32\rpcss.dll
09:35:28.0421 0388 RpcSs - ok
09:35:28.0468 0388 RSVP (dce0d20f8fb66df41d53734bff9d66f0) C:\WINDOWS\system32\rsvp.exe
09:35:28.0500 0388 RSVP - ok
09:35:28.0515 0388 SamSs (0fba335727905de8e4cb5a2cf438abf5) C:\WINDOWS\system32\lsass.exe
09:35:28.0531 0388 SamSs - ok
09:35:28.0578 0388 SANDRA - ok
09:35:28.0593 0388 SCardSvr (1d456f1cd76a80793c07ba52cf3a7455) C:\WINDOWS\System32\SCardSvr.exe
09:35:28.0609 0388 SCardSvr - ok
09:35:28.0640 0388 Schedule (511886e5bd060046cce8373e92e62edf) C:\WINDOWS\system32\schedsvc.dll
09:35:28.0656 0388 Schedule - ok
09:35:28.0687 0388 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
09:35:28.0687 0388 Secdrv - ok
09:35:28.0718 0388 seclogon (17c6354ca08e7c7972e12c67478ae134) C:\WINDOWS\System32\seclogon.dll
09:35:28.0718 0388 seclogon - ok
09:35:28.0718 0388 SENS (a0eca1ce0fccb29c5e4e1f416e95e73e) C:\WINDOWS\system32\sens.dll
09:35:28.0734 0388 SENS - ok
09:35:28.0750 0388 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
09:35:28.0750 0388 serenum - ok
09:35:28.0750 0388 Serial (fdbd9d64e2e03270021d424f0dccf79d) C:\WINDOWS\system32\DRIVERS\serial.sys
09:35:28.0750 0388 Serial - ok
09:35:28.0859 0388 ServiceLayer (7d3903af48e6c1dc2704eafcb608d031) C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
09:35:28.0875 0388 ServiceLayer - ok
09:35:28.0906 0388 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
09:35:28.0906 0388 Sfloppy - ok
09:35:28.0984 0388 SharedAccess (152c0555925dfe028e3148fd215146bb) C:\WINDOWS\System32\ipnathlp.dll
09:35:29.0015 0388 SharedAccess - ok
09:35:29.0062 0388 ShellHWDetection (dccc606fc144f6e44e497f9a906f1c30) C:\WINDOWS\System32\shsvcs.dll
09:35:29.0062 0388 ShellHWDetection - ok
09:35:29.0078 0388 Simbad - ok
09:35:29.0109 0388 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
09:35:29.0109 0388 SLIP - ok
09:35:29.0109 0388 Sparrow - ok
09:35:29.0140 0388 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
09:35:29.0140 0388 splitter - ok
09:35:29.0187 0388 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
09:35:29.0187 0388 Spooler - ok
09:35:29.0234 0388 sr (618718cae288bf7cbd8fcbab2577d932) C:\WINDOWS\system32\DRIVERS\sr.sys
09:35:29.0234 0388 sr - ok
09:35:29.0250 0388 srservice (b3e3da70a7a76e69b872de3d06d32c19) C:\WINDOWS\system32\srsvc.dll
09:35:29.0281 0388 srservice - ok
09:35:29.0328 0388 Srv (9b390283569ea58d43d2586032b892f5) C:\WINDOWS\system32\DRIVERS\srv.sys
09:35:29.0343 0388 Srv - ok
09:35:29.0359 0388 SSDPSRV (5215569dd3a8fbc65a85e85f3c12258b) C:\WINDOWS\System32\ssdpsrv.dll
09:35:29.0359 0388 SSDPSRV - ok
09:35:29.0437 0388 stisvc (3b9263e137896e4d303494f116e00608) C:\WINDOWS\system32\wiaservc.dll
09:35:29.0484 0388 stisvc - ok
09:35:29.0500 0388 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
09:35:29.0500 0388 streamip - ok
09:35:29.0531 0388 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
09:35:29.0531 0388 swenum - ok
09:35:29.0531 0388 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
09:35:29.0531 0388 swmidi - ok
09:35:29.0546 0388 SwPrv - ok
09:35:29.0546 0388 symc810 - ok
09:35:29.0546 0388 symc8xx - ok
09:35:29.0546 0388 sym_hi - ok
09:35:29.0546 0388 sym_u3 - ok
09:35:29.0562 0388 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
09:35:29.0562 0388 sysaudio - ok
09:35:29.0593 0388 SysmonLog (a34a9a872eec4c026fd542ac7156fe0b) C:\WINDOWS\system32\smlogsvc.exe
09:35:29.0609 0388 SysmonLog - ok
09:35:29.0640 0388 TapiSrv (6b85f1a9dce45d45bffad3222c21f297) C:\WINDOWS\System32\tapisrv.dll
09:35:29.0656 0388 TapiSrv - ok
09:35:29.0718 0388 Tcpip (ad978a1b783b5719720cff204b666c8e) C:\WINDOWS\system32\DRIVERS\tcpip.sys
09:35:29.0734 0388 Tcpip - ok
09:35:29.0765 0388 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
09:35:29.0765 0388 TDPIPE - ok
09:35:29.0765 0388 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
09:35:29.0765 0388 TDTCP - ok
09:35:29.0796 0388 teamviewervpn (9101fffcfccd1a30e870a5b8a9091b10) C:\WINDOWS\system32\DRIVERS\teamviewervpn.sys
09:35:29.0796 0388 teamviewervpn - ok
09:35:29.0812 0388 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
09:35:29.0812 0388 TermDD - ok
09:35:29.0843 0388 TermService (fe5a5329ccfc33d645c33077ff04f052) C:\WINDOWS\System32\termsrv.dll
09:35:29.0875 0388 TermService - ok
09:35:29.0921 0388 Themes (dccc606fc144f6e44e497f9a906f1c30) C:\WINDOWS\System32\shsvcs.dll
09:35:29.0921 0388 Themes - ok
09:35:29.0953 0388 TlntSvr (2fff150ea4396956f10b66211687f335) C:\WINDOWS\system32\tlntsvr.exe
09:35:29.0968 0388 TlntSvr - ok
09:35:29.0968 0388 TosIde - ok
09:35:30.0000 0388 TrkWks (690294999df1248faf85d95b31955d0c) C:\WINDOWS\system32\trkwks.dll
09:35:30.0015 0388 TrkWks - ok
09:35:30.0046 0388 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
09:35:30.0046 0388 Udfs - ok
09:35:30.0062 0388 ultra - ok
09:35:30.0093 0388 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
09:35:30.0109 0388 Update - ok
09:35:30.0140 0388 upnphost (8057b0744d9842a090e51d2845861d5f) C:\WINDOWS\System32\upnphost.dll
09:35:30.0171 0388 upnphost - ok
09:35:30.0187 0388 upperdev (e526a166e6acafd0a9b3841d3941669e) C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
09:35:30.0187 0388 upperdev - ok
09:35:30.0203 0388 UPS (f5e8b846ec10e1df8dca64119e2eb709) C:\WINDOWS\System32\ups.exe
09:35:30.0218 0388 UPS - ok
09:35:30.0250 0388 USBAAPL (eafe1e00739afe6c51487a050e772e17) C:\WINDOWS\system32\Drivers\usbaapl.sys
09:35:30.0250 0388 USBAAPL - ok
09:35:30.0281 0388 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
09:35:30.0281 0388 usbaudio - ok
09:35:30.0296 0388 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
09:35:30.0296 0388 usbccgp - ok
09:35:30.0312 0388 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
09:35:30.0328 0388 usbehci - ok
09:35:30.0328 0388 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
09:35:30.0328 0388 usbhub - ok
09:35:30.0343 0388 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
09:35:30.0343 0388 usbohci - ok
09:35:30.0359 0388 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
09:35:30.0375 0388 usbprint - ok
09:35:30.0390 0388 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
09:35:30.0390 0388 usbscan - ok
09:35:30.0406 0388 usbser (1c888b000c2f9492f4b15b5b6b84873e) C:\WINDOWS\system32\drivers\usbser.sys
09:35:30.0406 0388 usbser - ok
09:35:30.0406 0388 UsbserFilt (6f3e3c6811b930d2414552a2e4a40f36) C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
09:35:30.0406 0388 UsbserFilt - ok
09:35:30.0421 0388 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
09:35:30.0421 0388 USBSTOR - ok
09:35:30.0437 0388 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
09:35:30.0453 0388 usbvideo - ok
09:35:30.0468 0388 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
09:35:30.0468 0388 VgaSave - ok
09:35:30.0546 0388 VIAHdAudAddService (8586d10602ff4994e0f56a13a47d2b28) C:\WINDOWS\system32\drivers\viahduaa.sys
09:35:30.0562 0388 VIAHdAudAddService - ok
09:35:30.0562 0388 ViaIde - ok
09:35:30.0593 0388 VolSnap (e46c1b5a56da7da603d09dfcc79ec59e) C:\WINDOWS\system32\drivers\VolSnap.sys
09:35:30.0593 0388 VolSnap - ok
09:35:30.0625 0388 VSS (c2fe17125256102f5b44194d5db0a799) C:\WINDOWS\System32\vssvc.exe
09:35:30.0640 0388 VSS - ok
09:35:30.0671 0388 W32Time (2969dd84b584a6bb541a5273103957a3) C:\WINDOWS\system32\w32time.dll
09:35:30.0687 0388 W32Time - ok
09:35:30.0703 0388 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
09:35:30.0703 0388 Wanarp - ok
09:35:30.0765 0388 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
09:35:30.0781 0388 Wdf01000 - ok
09:35:30.0781 0388 WDICA - ok
09:35:30.0812 0388 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
09:35:30.0812 0388 wdmaud - ok
09:35:30.0843 0388 WebClient (2ec50ee79b65f60c8e8b4a03bbb3a42f) C:\WINDOWS\System32\webclnt.dll
09:35:30.0859 0388 WebClient - ok
09:35:30.0953 0388 winmgmt (40911e98d0f1cbb1015f2101982f1ddf) C:\WINDOWS\system32\wbem\WMIsvc.dll
09:35:30.0953 0388 winmgmt - ok
09:35:30.0984 0388 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\mspmsnsv.dll
09:35:31.0000 0388 WmdmPmSN - ok
09:35:31.0078 0388 Wmi (a4572edcacfc695aec6fdcd4f92f938d) C:\WINDOWS\System32\advapi32.dll
09:35:31.0093 0388 Wmi - ok
09:35:31.0109 0388 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
09:35:31.0109 0388 WmiAcpi - ok
09:35:31.0125 0388 WmiApSrv (81fd02839fdb10acf0ec40b809b9f8cc) C:\WINDOWS\system32\wbem\wmiapsrv.exe
09:35:31.0125 0388 WmiApSrv - ok
09:35:31.0250 0388 WMPNetworkSvc (f30dc8f80cf65a323e8b6a2db81561e3) C:\Programmi\Windows Media Player\WMPNetwk.exe
09:35:31.0296 0388 WMPNetworkSvc - ok
09:35:31.0359 0388 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
09:35:31.0359 0388 WpdUsb - ok
09:35:31.0500 0388 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
09:35:31.0546 0388 WPFFontCache_v0400 - ok
09:35:31.0546 0388 WSearch - ok
09:35:31.0578 0388 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
09:35:31.0578 0388 WSTCODEC - ok
09:35:31.0609 0388 wuauserv (cc48415e6c7cbaa441a3d6a6dccbcfa6) C:\WINDOWS\system32\wuauserv.dll
09:35:31.0625 0388 wuauserv - ok
09:35:31.0625 0388 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
09:35:31.0640 0388 WudfPf - ok
09:35:31.0656 0388 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
09:35:31.0656 0388 WudfRd - ok
09:35:31.0687 0388 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
09:35:31.0734 0388 WudfSvc - ok
09:35:31.0781 0388 WZCSVC (053e0307a08cac60793e27e921b46b3e) C:\WINDOWS\System32\wzcsvc.dll
09:35:31.0796 0388 WZCSVC - ok
09:35:31.0828 0388 xmlprov (5526482dcba6047641b13bf9c75a74e0) C:\WINDOWS\System32\xmlprov.dll
09:35:31.0843 0388 xmlprov - ok
09:35:31.0859 0388 MBR (0x1B8) (828e02d5c4a4fbe53441ee9dbee51f43) \Device\Harddisk0\DR0
09:35:32.0046 0388 \Device\Harddisk0\DR0 - ok
09:35:32.0062 0388 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
09:35:32.0062 0388 \Device\Harddisk1\DR1 - ok
09:35:32.0062 0388 MBR (0x1B8) (e5fa06aca0d60ba9c870d0ef3d9898c9) \Device\Harddisk2\DR5
09:35:32.0062 0388 \Device\Harddisk2\DR5 - ok
09:35:32.0078 0388 Boot (0x1200) (3839712c3d4ea8eadc2ca8be6e60a93d) \Device\Harddisk0\DR0\Partition0
09:35:32.0078 0388 \Device\Harddisk0\DR0\Partition0 - ok
09:35:32.0093 0388 Boot (0x1200) (14548f616980ac08c8699e7c9da341ff) \Device\Harddisk0\DR0\Partition1
09:35:32.0093 0388 \Device\Harddisk0\DR0\Partition1 - ok
09:35:32.0093 0388 Boot (0x1200) (be548995e1b5ce23e9175811654365e3) \Device\Harddisk1\DR1\Partition0
09:35:32.0093 0388 \Device\Harddisk1\DR1\Partition0 - ok
09:35:32.0093 0388 Boot (0x1200) (4d2d7b958709d2991639562d82ce2bf3) \Device\Harddisk2\DR5\Partition0
09:35:32.0093 0388 \Device\Harddisk2\DR5\Partition0 - ok
09:35:32.0093 0388 ============================================================
09:35:32.0093 0388 Scan finished
09:35:32.0093 0388 ============================================================
09:35:32.0109 3260 Detected object count: 0
09:35:32.0109 3260 Actual detected object count: 0
09:36:23.0421 1956 Deinitialize success
Danivan
Utente Junior
 
Post: 77
Iscritto il: 26/08/08 19:19

Re: wilogon.exe......impossibileindividuare un componente

Postdi Danivan » 11/05/12 14:37

aiutooooooo
Danivan
Utente Junior
 
Post: 77
Iscritto il: 26/08/08 19:19

Re: wilogon.exe......impossibileindividuare un componente

Postdi FrancescoFDAC » 11/05/12 18:36

Dani, scusa il ritardo, perdonami.

Elimina queste due cartelle:
C:\Documents and Settings\Computer\Dati applicazioni\OfferBox
C:\Documents and Settings\Computer\Dati applicazioni\PriceGong

Riavvia il PC.

Controlla se sono ancora presenti.

Hai sempre gli stessi problemi?
FrancescoFDAC
Utente Senior
 
Post: 1048
Iscritto il: 13/08/11 09:53

Re: wilogon.exe......impossibileindividuare un componente

Postdi Danivan » 14/05/12 18:40

Quando arrivo a C:\Documents and Settings\Computer\ non trovo e non dati applicazioni ma data application, aprendo ,trovo solo una cartella di microsoft e nient altro.....
come devo fare....
ciao
Danivan
Utente Junior
 
Post: 77
Iscritto il: 26/08/08 19:19

Re: wilogon.exe......impossibileindividuare un componente

Postdi FrancescoFDAC » 15/05/12 12:02

Abilita la Visualizzazione delle cartelle e dei files nascosti

Procedura per Windows XP:
● clicca su Start - Pannello di controllo - Opzioni cartella
● clicca sulla scheda Visualizzazione
● in Impostazioni Avanzate spunta la voce Visualizza cartelle e file nascosti

Procedura per Windows Vista e Seven:
● clicca su Start - Computer
● premi ora il tasto ALT per la visualizzazione della Barra dei Menù
● clicca su Strumenti - Opzioni cartella - Tab Visualizzazione
● spunta la voce a Visualizza cartelle e file nascosti

Prova a seguire nuovamente il percorso.
FrancescoFDAC
Utente Senior
 
Post: 1048
Iscritto il: 13/08/11 09:53

Re: wilogon.exe......impossibileindividuare un componente

Postdi Danivan » 15/05/12 15:25

OK fatto tutto come spiegato ,ho eliminato le cartelle, riavviato ,ma la cartella PriceGong ce' ancora e non me la lascia eliminare ,rimangono gli stessi problemi...
ciao
Danivan
Utente Junior
 
Post: 77
Iscritto il: 26/08/08 19:19

Re: wilogon.exe......impossibileindividuare un componente

Postdi FrancescoFDAC » 15/05/12 15:58

Ciao.
Allega un nuovo log di Hijackthis.
FrancescoFDAC
Utente Senior
 
Post: 1048
Iscritto il: 13/08/11 09:53

Re: wilogon.exe......impossibileindividuare un componente

Postdi Danivan » 15/05/12 19:40

Ecco qua

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20.58.31, on 15/05/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\VIA\VIAudioi\HDADeck\HDeck.exe
C:\Programmi\CA\eTrust EZ Armor\eTrust Anti-Spam\QSP-2.1.215.14\QOELoader.exe
C:\Programmi\File comuni\Java\Java Update\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Programmi\Alwil Software\Avast5\avastUI.exe
C:\Programmi\HP\HP Software Update\HPWuSchd2.exe
C:\programmi\real\realplayer\update\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\LClock\LClock.exe
C:\Programmi\Microsoft Office\Office14\MSOSYNC.EXE
C:\Programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Programmi\Bonjour\mDNSResponder.exe
C:\Programmi\Windows Desktop Search\WindowsSearch.exe
C:\Documents and Settings\Computer\Dati applicazioni\Dropbox\bin\Dropbox.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Spamihilator\spamihilator.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Programmi\Internet Explorer\IEXPLORE.EXE
C:\Programmi\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Programmi\Trend Micro\HiJackThis\HiJackThis.exe
C:\WINDOWS\system32\SearchProtocolHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: IncrediMail MediaBar Italiano 2 Toolbar - {c91fec63-9f25-400d-95e5-6cd334dd3cc1} - C:\Programmi\IncrediMail_MediaBar_Italiano_2\prxtbInc2.dll
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: SuggestMeYesBHO - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Programmi\AutocompletePro\AutocompletePro.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Dati applicazioni\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programmi\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: IncrediMail MediaBar Italiano 2 - {c91fec63-9f25-400d-95e5-6cd334dd3cc1} - C:\Programmi\IncrediMail_MediaBar_Italiano_2\prxtbInc2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: IncrediMail MediaBar Italiano 2 Toolbar - {c91fec63-9f25-400d-95e5-6cd334dd3cc1} - C:\Programmi\IncrediMail_MediaBar_Italiano_2\prxtbInc2.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programmi\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Programmi\VIA\VIAudioi\HDADeck\HDeck.exe 1
O4 - HKLM\..\Run: [QOELOADER] "C:\Programmi\CA\eTrust EZ Armor\eTrust Anti-Spam\QSP-2.1.215.14\QOELoader.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Programmi\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\File comuni\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [ASUS Update Checker] C:\Programmi\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avast] "C:\Programmi\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HP Software Update] "C:\Programmi\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HPUsageTracking] C:\Programmi\HP\HP UT\bin\hppusg.exe "C:\Programmi\HP\HP UT\"
O4 - HKLM\..\Run: [TkBellExe] "C:\programmi\real\realplayer\update\realsched.exe" -osboot
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LClock] C:\Programmi\LClock\LClock.exe
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Programmi\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Startup: Dropbox.lnk = C:\Documents and Settings\Computer\Dati applicazioni\Dropbox\bin\Dropbox.exe
O4 - Startup: Spamihilator.lnk = C:\Programmi\Spamihilator\spamihilator.exe
O4 - Global Startup: Windows Search.lnk = C:\Programmi\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Cerca nel web - C:\Programmi\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Programmi\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
O8 - Extra context menu item: I&nvia a OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Invia a periferica &Bluetooth... - C:\Programmi\D-Link\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programmi\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programmi\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programmi\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programmi\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/select/asusTek_sys_ctrl3.cab
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/s ... DEXAXO.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{2C5CE2E1-40D6-4E6F-AAAE-FB84F38DAF17}: NameServer = 80.79.48.66,79.137.95.200
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programmi\File comuni\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Programmi\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Servizio Bonjour (Bonjour Service) - Apple Inc. - C:\Programmi\Bonjour\mDNSResponder.exe
O23 - Service: Servizio di Google Update (gupdate) (gupdate) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Programmi\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: ServiceLayer - Nokia - C:\Programmi\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 11648 bytes
Danivan
Utente Junior
 
Post: 77
Iscritto il: 26/08/08 19:19

Re: wilogon.exe......impossibileindividuare un componente

Postdi FrancescoFDAC » 15/05/12 20:53

Disinstalla Lavasoft Ad-Aware

Avvia HiJackThis e:
● clicca sul pulsante Do a system scan only/Scan
● a sinistra, metti la spunta accanto ad ogni singola voce che ti indicherò sotto (non spuntare tutte le voce , solo quelle riportate sotto, mi raccomando)
● spuntate le voci, termina tutti i programmi attivi, comprese le pagine Internet
● clicca, in basso a sinistra, sul pulsante Fix checked; potrebbe comparire un'ulteriore finestra durante il fix delle voci: clicca su
Queste sono le voci da fixare:

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O4 - HKLM\..\Run: [HDAudDeck] C:\Programmi\VIA\VIAudioi\HDADeck\HDeck.exe 1
O4 - HKLM\..\Run: [QOELOADER] "C:\Programmi\CA\eTrust EZ Armor\eTrust Anti-Spam\QSP-2.1.215.14\QOELoader.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Programmi\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\File comuni\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [ASUS Update Checker] C:\Programmi\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HP Software Update] "C:\Programmi\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HPUsageTracking] C:\Programmi\HP\HP UT\bin\hppusg.exe "C:\Programmi\HP\HP UT\"
O4 - HKLM\..\Run: [TkBellExe] "C:\programmi\real\realplayer\update\realsched.exe" -osboot
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LClock] C:\Programmi\LClock\LClock.exe
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Programmi\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Startup: Dropbox.lnk = C:\Documents and Settings\Computer\Dati applicazioni\Dropbox\bin\Dropbox.exe
O4 - Startup: Spamihilator.lnk = C:\Programmi\Spamihilator\spamihilator.exe
O4 - Global Startup: Windows Search.lnk = C:\Programmi\Windows Desktop Search\WindowsSearch.exe




Script personalizzato di ComboFix

Avviso: non eseguire ComboFix di tua iniziativa; questo tool non è un giocattolo e non è adatto ad un uso quotidiano.

Apri il Block Note: Start> Tutti i programmi> Accessori> Blocco note
● all'interno del nuovo documento di testo, copia ed incolla le seguenti righe:

Folder::
C:\Documents and Settings\Computer\Dati applicazioni\OfferBox
C:\Documents and Settings\Computer\Dati applicazioni\PriceGong

● chiama questo file CFScript.txt, e posizionalo sul Desktop

Molto importante! Disabilita temporaneamente il tuo antivirus e firewall prima di seguire la procedura indicata. Potrebbero infatti interferire con ComboFix o rimuovere alcuni dei suoi file incorporati che possono portare a risultati imprevedibili.
Facendo riferimento all'immagine presente qui sotto, trascina con il puntatore del mouse CFScript.txt sull'icona di ComboFix
ComboFix ora eseguirà una scansione del tuo sistema. Una volta terminata, potrebbe riavviare automaticamente il sistema: in caso contrario, procedi tu manualmente.
A questo punto, il programma produrrà un Report. Copia ed incolla il log nel tuo prossimo post.

Immagine

Nota - riguardo alla procedura:
● non toccare assolutamente il mouse e la tastiera durante la scansione: potrebbe interrompersi
N.B :
● se viene visualizzato l'errore: Operazione non valida tentata su una chiave di registro che è stato contrassegnato per l'eliminazione, dovrai semplicemente riavviare il sistema e ripetere lo Script


Il PC è sempre lento?
FrancescoFDAC
Utente Senior
 
Post: 1048
Iscritto il: 13/08/11 09:53

Prossimo

Torna a Assistenza Hardware


Topic correlati a "wilogon.exe......impossibileindividuare un componente":


Chi c’è in linea

Visitano il forum: Nessuno e 44 ospiti