
norton non parte più

Come rimuovere virus e spyware? Le carte di credito sono davvero sicure in rete? È possibile navigare anonimi? Con quali programmi tutelare la propria privacy? Come proteggere i file importanti? Se volete una risposta a queste e altre domande questo è il luogo giusto!

Moderatori: m.paolo, kadosh, Luke57

norton non parte più

Postdi alemao » 30/03/07 17:27

non mi parte più norton...
mi fa strani errori . ho cercati i file e sono in questo percorso
documents and setting
poi nome cartella personale
poi impostazioni locali
poi temp

ci sono parecchi appcompact, 117476, applicazioni numeriche strane
szAppName: NAVAPSVC:EXE SZAppVER12.6.0.1 szModName: Kernel32.dll

Logfile of HijackThis v1.99.1
Scan saved at 18.26.30, on 30/03/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe
C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe
C:\Programmi\File comuni\Symantec Shared\SNDSrvc.exe
C:\Programmi\File comuni\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Programmi\File comuni\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Programmi\Adobe\Acrobat 7.0\Distillr\acrotray.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Adobe\Acrobat 7.0\Acrobat\Acrobat.exe
C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe
C:\Documents and Settings\Francesco\Impostazioni locali\Temp\Directory temporanea 1 per\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Programmi\Norton AntiVirus\NavShExt.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Programmi\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Programmi\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background
O4 - Startup: Adobe Gamma.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O4 - Global Startup: Avvio veloce di Adobe Acrobat.lnk = ?
O8 - Extra context menu item: Converti destinazione link in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Converti destinazione link in file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Converti i link selezionati in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Converti i link selezionati in file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Converti in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Converti nel file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Converti selezione in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Converti selezione in file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - ... 9987320295
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - ... 9996248250
O17 - HKLM\System\CCS\Services\Tcpip\..\{32A55733-F307-4251-8FAC-7180FAC59101}: NameServer =
O17 - HKLM\System\CCS\Services\Tcpip\..\{EEB7133A-DC34-4545-9A26-D759022BEAAD}: NameServer =,
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Servizio Auto-Protect di Norton AntiVirus (navapsvc) - Symantec Corporation - C:\Programmi\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Programmi\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Programmi\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\SNDSrvc.exe
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Utilità di pianificazione di LiveUpdate automatico - Symantec Corporation - C:\Programmi\Symantec\LiveUpdate\ALUSchedulerSvc.exe
Utente Junior
Post: 88
Iscritto il: 16/08/06 11:18


Postdi SkunkWorks 68 » 30/03/07 18:03

Il log mi sembra pulito...
Prova a disinstallarlo e reinstallarlo...
P.S...Buona Fortuna.
Avatar utente
SkunkWorks 68
Utente Senior
Post: 2336
Iscritto il: 03/03/07 08:55

Postdi alemao » 30/03/07 19:07

moderatori mi date un aiuto?
Utente Junior
Post: 88
Iscritto il: 16/08/06 11:18

Postdi alemao » 30/03/07 23:02

il virus rilevato da norton è downloader...è un trojan e si trova nel percorso precedenemente detto... che fare?
Utente Junior
Post: 88
Iscritto il: 16/08/06 11:18

Postdi alemao » 31/03/07 10:53

poi quando apro norton si inizia ad installare da solo un certo CCcommon...

per favore datemi una mano non ci capisco niente...
luke andorra per favore
Utente Junior
Post: 88
Iscritto il: 16/08/06 11:18

Postdi Luke57 » 31/03/07 11:37

Ciao, proviamo questo controllo:
scarica SystemScan (se non l'hai già)
aprilo ed assicurati che tutte le opzioni siano spuntate, clicca su "Scan Now" al termine della scansione verrà rilasciato in C:\suspectfile il file report.txt.
Vai su carica il file (sfoglia, indivisui il file, premi Upload) e nella tua prossima risposta scrivi l'URL che si sarà fornito (non quello per cancellarlo) per scaricarlo.
Post: 6413
Iscritto il: 11/08/05 19:10

Postdi alemao » 31/03/07 13:44

questo il report di system scan...
il file virus rilevato da norton già l'avevo eliminato

systemscan - - ver. 2.0.24

Date: 31/03/2007
Time: 14.35.27,07

Output limited to:
-Recent files
-Registry Run Keys
-Running Services
-Not Running Services
-Device Driver Services
-Svchost.exe instances
-Loaded Dlls
-Alternate Data Sreams
-Encrypted Files
-Hidden objects
-Suspicious Files
-Include hijackthis.log

-------------Users folders -------------

Directory di C:\documents and settings

07/03/2005 19.13 <DIR> Default User
07/03/2005 19.13 <DIR> All Users
07/03/2005 19.26 <DIR> NetworkService
07/03/2005 19.26 <DIR> LocalService
05/10/2006 03.23 <DIR> Francesco

-------------Recent files (60 days) -------------
NOTE: searched only in C:, C:\WINDOWS, C:\WINDOWS\system32, C:\Programmi\File comuni, C:\WINDOWS\temp

Directory di C:\

31/03/2007 14.35 <DIR> suspectfile

Directory di C:\WINDOWS

26/03/2007 17.46 702.876 setupapi.log
31/03/2007 14.32 3.824 ModemLog_Agere Systems AC'97 Modem.txt
19/03/2007 00.52 1.738 wmsetup.log
31/03/2007 11.59 1.400.843 WindowsUpdate.log
31/03/2007 11.59 32.474 SchedLgU.Txt
31/03/2007 14.32 0 0.log
20/03/2007 20.22 10 popcinfo.dat

Directory di C:\WINDOWS\system32

17/03/2007 18.12 <DIR> InsFiles
24/03/2007 19.37 <DIR> bak
29/03/2007 19.21 1.158 wpa.dbl
25/03/2007 14.20 1.219.816 FNTCACHE.DAT
17/03/2007 19.53 48.776 S32EVNT1.DLL
12/02/2007 17.22 161.424 SymRedir.dll
12/02/2007 17.22 538.256 SymNeti.dll
24/03/2007 19.28 451 eRLog.ini

Directory di C:\Programmi\File comuni

Directory di C:\WINDOWS\temp



-------------HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\explorer.exe-------------

-------------HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows-------------


-------------HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon-------------

"VmApplet"="rundll32 shell32,Control_RunDLL \"sysdm.cpl\""
"Background"="0 0 0"


@="Quota disco Microsoft"

@="Mapping aree Internet Explorer"


@="Personalizzazione Internet Explorer"

@="EFS recovery"

@="Microsoft Offline Files"

@="Installazione software"
"EventSources"=multi:"(Application Management,Application)\00(MsiInstaller,Application)\00\00"














-------------HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon-------------

"ExcludeProfileDirs"="Impostazioni locali;Temporary Internet Files;Cronologia;Temp"



"SiSPower"="Rundll32.exe SiSPower.dll,ModeAgent"
"IMJPMIG8.1"="\"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE\" /Spoil /RemAdvDef /Migration32"
"MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC"
"AdslTaskBar"="rundll32.exe stmctrl.dll,TaskBar"
"Acrobat Assistant 7.0"="\"C:\Programmi\Adobe\Acrobat 7.0\Distillr\Acrotray.exe\""
"ccApp"="\"C:\Programmi\File comuni\Symantec Shared\ccApp.exe\""












"MSMSGS"="\"C:\Programmi\Messenger\msmsgs.exe\" /background"





-------------HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run-------------

-------------HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run-------------

-------------HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects-------------

[Browser Helper Objects]

[Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
#### HKCR\CLSID\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\InprocServer32 @="C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll"

[Browser Helper Objects\{A8F38D8D-E480-4D52-B7A2-731BB6995FDD}]
#### HKCR\CLSID\{A8F38D8D-E480-4D52-B7A2-731BB6995FDD}\InprocServer32 @="C:\Programmi\Norton AntiVirus\NavShExt.dll"
@="NAV Helper"

[Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
#### HKCR\CLSID\{AE7CD045-E861-484f-8273-0445EE161910}\InprocServer32 @="C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll"

-------------HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks-------------

#### HKCR\CLSID\{CFBFAE00-17A6-11D0-99CB-00C04FD64497}\InprocServer32 @=expand:"%SystemRoot%\system32\shdocvw.dll"


#### HKCR\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}\InprocServer32 @="shell32.dll"


"Authentication Packages"=multi:"msv1_0\00\00"
"Notification Packages"=multi:"scecli\00\00"

"ProviderOrder"=multi:"Windows NT Access Provider\00\00"

[Lsa\AccessProviders\Windows NT Access Provider]















"Comment"="Digest SSPI Authentication Package"

"Comment"="DPA Security Package"

"Comment"="MSN Security Package"


"Description"="Fornisce servizi di conversione indirizzi di rete, indirizzamento e risoluzione nomi e/o servizi di prevenzione intrusione per una rete domestica o una piccola rete aziendale."
"DisplayName"="Windows Firewall / Condivisione connessione Internet (ICS)"
"ImagePath"=expand:"%SystemRoot%\system32\svchost.exe -k netsvcs"

















@="\"%1\" %*"


@="\"%1\" %*"


@="\"%1\" %*"


@="\"%1\" %*"


@="\"%1\" /S"


@="C:\WINDOWS\system32\mshta.exe \"%1\" %*"



"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Precaricatore Browseui"
#### HKCR\CLSID\{438755C2-A8BA-11D1-B96B-00A0C90312E1}\InprocServer32 @=expand:"%SystemRoot%\system32\browseui.dll"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Daemon di cache delle categorie di componenti"
#### HKCR\CLSID\{8C7461EF-2B13-11d2-BE35-3078302C2030}\InprocServer32 @=expand:"%SystemRoot%\system32\browseui.dll"

-------------HKLM\Software\Microsoft\Active Setup\Installed Components-------------

[Installed Components]

[Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
#### HKCR\CLSID\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}\InprocServer32 @="C:\WINDOWS\system32\wmpdxm.dll"
"Stubpath"="C:\WINDOWS\inf\unregmp2.exe /ShowWMP"
@="Microsoft Windows Media Player"

[Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
@="Internet Explorer"
"StubPath"=expand:"%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE"

[Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS]
@="Personalizzazione del browser"
"StubPath"="RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP"

[Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
@="Outlook Express"
"StubPath"=expand:"%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE"

[Installed Components\{10072CEC-8CC1-11D1-986E-00A0C955B42F}]
@="Rendering grafica vettoriale (VML)"

[Installed Components\{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}]
#### HKCR\CLSID\{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}\InprocServer32 @="C:\WINDOWS\system32\wmpdxm.dll"

[Installed Components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
#### HKCR\CLSID\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}\InprocServer32 @="C:\WINDOWS\system32\wmpdxm.dll"
"ComponentID"="Microsoft Windows Media Player"
@="Microsoft Windows Media Player 6.4"

[Installed Components\{283807B5-2C60-11D0-A31D-00AA00B92C03}]
#### HKCR\CLSID\{283807B5-2C60-11D0-A31D-00AA00B92C03}\InprocServer32 @="C:\WINDOWS\system32\danim.dll"

[Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
@="Themes Setup"
"ComponentID"="Theme Component"
"StubPath"=expand:"%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll"

[Installed Components\{36f8ec70-c29a-11d1-b5c7-0000f8051515}]
@="Binding dati Dynamic HTML per Java"

[Installed Components\{3af36230-a269-11d1-b5bf-0000f8051515}]
@="Modulo ricerca non in linea"

[Installed Components\{3B3136FD-73E1-6DF3-9364-221751FAC88D}]
@="Outlook Express"

[Installed Components\{3bf42070-b3b1-11d1-b5c5-0000f8051515}]

[Installed Components\{4278c270-a269-11d1-b5bf-0000f8051515}]
@="Creazione avanzata"

[Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
@="Microsoft Outlook Express 6"
"StubPath"=expand:"\"%ProgramFiles%\Outlook Express\setup50.exe\" /APP:OE /CALLER:WINNT /user /install"

[Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
@="NetMeeting 3.01"
"StubPath"="rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT"

[Installed Components\{44BBA848-CC51-11CF-AAFA-00AA00B6015C}]

[Installed Components\{44BBA855-CC51-11CF-AAFA-00AA00B6015F}]

[Installed Components\{45ea75a0-a269-11d1-b5bf-0000f8051515}]
@="Guida di Internet Explorer"

[Installed Components\{4f216970-c90c-11d1-b5c7-0000f8051515}]
@="Classi Java DirectAnimation"

[Installed Components\{4f645220-306d-11d2-995d-00c04f98bbc9}]
@="Microsoft Windows Script 5.6"

[Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
@="Windows Messenger 4.7"
"StubPath"="rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser"

[Installed Components\{5A8D6EE0-3E18-11D0-821E-444553540000}]
"(Default)"="Internet Connection Wizard"

[Installed Components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}]
@="Strumenti di installazione di Internet Explorer"

[Installed Components\{630b1da0-b465-11d1-9948-00c04f98bbc9}]
@="Miglioramenti sfoglia"

[Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
#### HKCR\CLSID\{6BF52A52-394A-11d3-B153-00C04F79FAA6}\InprocServer32 @="C:\WINDOWS\system32\wmp.dll"
@="Microsoft Windows Media Player"
"ComponentID"="Microsoft Windows Media Player"
"StubPath"="rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub"

[Installed Components\{6fab99d0-bab8-11d1-994a-00c04f98bbc9}]
@="Accesso sito MSN"

[Installed Components\{75D37685-9337-7D32-785B-A33D9BED4F41}]
@="Microsoft Windows Media Player 6.4"
"ComponentID"="Microsoft Windows Media Player"

[Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
@="Rubrica 6"
"StubPath"=expand:"\"%ProgramFiles%\Outlook Express\setup50.exe\" /APP:WAB /CALLER:WINNT /user /install"

[Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
@="Windows Desktop Update"
"StubPath"=expand:"regsvr32.exe /s /n /i:U shell32.dll"

[Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
@="Internet Explorer 6"

[Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}\AuthorizedCDFPrefix]

[Installed Components\{8b15971b-5355-4c82-8c07-7e181ea07608}]
"StubPath"="rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser"

[Installed Components\{9381D8F2-0288-11D0-9501-00AA00B911A5}]
@="Binding dati Dynamic HTML"

[Installed Components\{94de52c8-2d59-4f1b-883e-79663d2d9a8c}]
@="Provider fax"
"ComponentID"="Fax Provider"

[Installed Components\{ACC563BC-4266-43f0-B6ED-9D38C4202C7E}]

[Installed Components\{C9E9A340-D1F1-11D0-821E-444553540600}]
@="Font principali di Internet Explorer"

[Installed Components\{CC2A9BA0-3BDD-11D0-821E-444553540000}]
@="Utilità di pianificazione"

[Installed Components\{CDD7975E-60F8-41d5-8149-19E51D6F71D0}]
"ComponentID"="Windows Movie Maker v2.1"

[Installed Components\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@="Adobe Flash Player 9 ActiveX"

[Installed Components\{de5aed00-a4bf-11d1-9948-00c04f98bbc9}]
@="Guida HTML"

[Installed Components\{E105E9DE-67DA-FF20-80D6-D6365171EB67}]
@="Outlook Express"

[Installed Components\{E92B03AB-B707-11d2-9CBD-0000F87A369E}]
@="Active Directory Service Interface"

-------------Comparing registry keys CCS1 vs CCS2 -------------
< Value: HKEY_LOCAL_MACHINE\system\controlset001\services\Dhcp\Parameters {32A55733-F307-4251-8FAC-7180FAC59101} REG_BINARY 0F000000000000000000000000000000FC540E46F9000000000000000000000000000000FC540E4601000000000000000000000000000000FC540E462B000000000000000000000000000000FC540E462C000000000000000000000000000000FC540E4606000000000000000000000000000000FC540E46
> Value: HKEY_LOCAL_MACHINE\system\controlset002\services\Dhcp\Parameters {32A55733-F307-4251-8FAC-7180FAC59101} REG_BINARY 0F000000000000000000000000000000D0200E46F9000000000000000000000000000000D0200E4601000000000000000000000000000000D0200E462B000000000000000000000000000000D0200E462C000000000000000000000000000000D0200E4606000000000000000000000000000000D0200E46
< Value: HKEY_LOCAL_MACHINE\system\controlset001\services\eeCtrl\Started
< Value: HKEY_LOCAL_MACHINE\system\controlset001\services\Eventlog\Application\ESENT EventMessageFile REG_EXPAND_SZ C:\WINDOWS\system32\ESENT.dll
> Value: HKEY_LOCAL_MACHINE\system\controlset002\services\Eventlog\Application\ESENT EventMessageFile REG_EXPAND_SZ c:\windows\system32\ESENT.dll
< Value: HKEY_LOCAL_MACHINE\system\controlset001\services\Eventlog\Application\ESENT CategoryMessageFile REG_EXPAND_SZ C:\WINDOWS\system32\ESENT.dll
> Value: HKEY_LOCAL_MACHINE\system\controlset002\services\Eventlog\Application\ESENT CategoryMessageFile REG_EXPAND_SZ c:\windows\system32\ESENT.dll
> Value: HKEY_LOCAL_MACHINE\system\controlset002\services\Eventlog\Security\DS
> Value: HKEY_LOCAL_MACHINE\system\controlset002\services\Eventlog\Security\LSA
> Value: HKEY_LOCAL_MACHINE\system\controlset002\services\Eventlog\Security\NetDDE Object
> Value: HKEY_LOCAL_MACHINE\system\controlset002\services\Eventlog\Security\SC Manager
> Value: HKEY_LOCAL_MACHINE\system\controlset002\services\Eventlog\Security\Security
> Value: HKEY_LOCAL_MACHINE\system\controlset002\services\Eventlog\Security\Security Account Manager
> Value: HKEY_LOCAL_MACHINE\system\controlset002\services\Eventlog\Security\Spooler
> Value: HKEY_LOCAL_MACHINE\system\controlset002\services\MRxDAV\EncryptedDirectories
< Value: HKEY_LOCAL_MACHINE\system\controlset001\services\mssmbios\Data
< Value: HKEY_LOCAL_MACHINE\system\controlset001\services\NetBT\Parameters\Interfaces\Tcpip_{32A55733-F307-4251-8FAC-7180FAC59101} NetbiosOptions REG_DWORD 2 (0x2)
< Value: HKEY_LOCAL_MACHINE\system\controlset001\services\SharedAccess\Epoch Epoch REG_DWORD 1799 (0x707)
> Value: HKEY_LOCAL_MACHINE\system\controlset002\services\SharedAccess\Epoch Epoch REG_DWORD 1792 (0x700)
< Value: HKEY_LOCAL_MACHINE\system\controlset001\services\SPBBCDrv\DBlocking
< Value: HKEY_LOCAL_MACHINE\system\controlset001\services\Tcpip\Parameters\Interfaces\{32A55733-F307-4251-8FAC-7180FAC59101} NTEContextList REG_MULTI_SZ 0x00000004\0\0
> Value: HKEY_LOCAL_MACHINE\system\controlset002\services\Tcpip\Parameters\Interfaces\{32A55733-F307-4251-8FAC-7180FAC59101} NTEContextList REG_MULTI_SZ \0
< Value: HKEY_LOCAL_MACHINE\system\controlset001\services\Tcpip\Parameters\Interfaces\{32A55733-F307-4251-8FAC-7180FAC59101} DhcpIPAddress REG_SZ
> Value: HKEY_LOCAL_MACHINE\system\controlset002\services\Tcpip\Parameters\Interfaces\{32A55733-F307-4251-8FAC-7180FAC59101} DhcpIPAddress REG_SZ
< Value: HKEY_LOCAL_MACHINE\system\controlset001\services\Tcpip\Parameters\Interfaces\{32A55733-F307-4251-8FAC-7180FAC59101} DhcpSubnetMask REG_SZ
> Value: HKEY_LOCAL_MACHINE\system\controlset002\services\Tcpip\Parameters\Interfaces\{32A55733-F307-4251-8FAC-7180FAC59101} DhcpSubnetMask REG_SZ
< Value: HKEY_LOCAL_MACHINE\system\controlset001\services\Tcpip\Parameters\Interfaces\{32A55733-F307-4251-8FAC-7180FAC59101} NameServer REG_SZ
> Value: HKEY_LOCAL_MACHINE\system\controlset002\services\Tcpip\Parameters\Interfaces\{32A55733-F307-4251-8FAC-7180FAC59101} NameServer REG_SZ
< Value: HKEY_LOCAL_MACHINE\system\controlset001\services\Tcpip\Parameters\Interfaces\{EEB7133A-DC34-4545-9A26-D759022BEAAD} EnableDHCP REG_DWORD 0 (0x0)
> Value: HKEY_LOCAL_MACHINE\system\controlset002\services\Tcpip\Parameters\Interfaces\{EEB7133A-DC34-4545-9A26-D759022BEAAD} EnableDHCP REG_DWORD 1 (0x1)
< Value: HKEY_LOCAL_MACHINE\system\controlset001\services\Tcpip\Parameters\Interfaces\{EEB7133A-DC34-4545-9A26-D759022BEAAD} IPAddress REG_MULTI_SZ\0\0
> Value: HKEY_LOCAL_MACHINE\system\controlset002\services\Tcpip\Parameters\Interfaces\{EEB7133A-DC34-4545-9A26-D759022BEAAD} IPAddress REG_MULTI_SZ\0\0
< Value: HKEY_LOCAL_MACHINE\system\controlset001\services\Tcpip\Parameters\Interfaces\{EEB7133A-DC34-4545-9A26-D759022BEAAD} SubnetMask REG_MULTI_SZ\0\0
> Value: HKEY_LOCAL_MACHINE\system\controlset002\services\Tcpip\Parameters\Interfaces\{EEB7133A-DC34-4545-9A26-D759022BEAAD} SubnetMask REG_MULTI_SZ\0\0
< Value: HKEY_LOCAL_MACHINE\system\controlset001\services\Tcpip\Parameters\Interfaces\{EEB7133A-DC34-4545-9A26-D759022BEAAD} DefaultGateway REG_MULTI_SZ\0\0
> Value: HKEY_LOCAL_MACHINE\system\controlset002\services\Tcpip\Parameters\Interfaces\{EEB7133A-DC34-4545-9A26-D759022BEAAD} DefaultGateway REG_MULTI_SZ \0
< Value: HKEY_LOCAL_MACHINE\system\controlset001\services\Tcpip\Parameters\Interfaces\{EEB7133A-DC34-4545-9A26-D759022BEAAD} DefaultGatewayMetric REG_MULTI_SZ 0\0\0
> Value: HKEY_LOCAL_MACHINE\system\controlset002\services\Tcpip\Parameters\Interfaces\{EEB7133A-DC34-4545-9A26-D759022BEAAD} DefaultGatewayMetric REG_MULTI_SZ \0
< Value: HKEY_LOCAL_MACHINE\system\controlset001\services\Tcpip\Parameters\Interfaces\{EEB7133A-DC34-4545-9A26-D759022BEAAD} NameServer REG_SZ,
> Value: HKEY_LOCAL_MACHINE\system\controlset002\services\Tcpip\Parameters\Interfaces\{EEB7133A-DC34-4545-9A26-D759022BEAAD} NameServer REG_SZ
< Value: HKEY_LOCAL_MACHINE\system\controlset001\services\Tcpip\Parameters\Interfaces\{EEB7133A-DC34-4545-9A26-D759022BEAAD} NTEContextList REG_MULTI_SZ 0x00000003\0\0
> Value: HKEY_LOCAL_MACHINE\system\controlset002\services\Tcpip\Parameters\Interfaces\{EEB7133A-DC34-4545-9A26-D759022BEAAD} NTEContextList REG_MULTI_SZ 0x00000002\0\0
< Value: HKEY_LOCAL_MACHINE\system\controlset001\services\Tcpip\Parameters\Interfaces\{EEB7133A-DC34-4545-9A26-D759022BEAAD} DhcpClassIdBin REG_BINARY

Result compared: Different

-------------Comparing registry keys CCS1 vs CCS3 -------------
< Value: HKEY_LOCAL_MACHINE\system\controlset001\services

Result compared: Identical

-------------List of running services -------------

000) "Adobe LM Service" - Adobe LM Service
---> STAT = (RUNNING) Started manually
---> FILE = "C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe"

001) "ALG" - Servizio Gateway di livello applicazione
---> STAT = (RUNNING) Started manually
---> FILE = C:\WINDOWS\System32\alg.exe

002) "anbmService" - Notebook Manager Service
---> STAT = (RUNNING) Started automatically
---> FILE = C:\Acer\eManager\anbmServ.exe

003) "AudioSrv" - Audio Windows
---> STAT = (RUNNING) Started automatically
---> FILE = C:\WINDOWS\System32\svchost.exe -k netsvcs

004) "Browser" - Browser di computer
---> STAT = (RUNNING) Started automatically
---> FILE = C:\WINDOWS\system32\svchost.exe -k netsvcs

005) "ccEvtMgr" - Symantec Event Manager
---> STAT = (RUNNING) Started automatically
---> FILE = "C:\Programmi\File comuni\Symantec Shared\ccEvtMgr.exe"

006) "ccSetMgr" - Symantec Settings Manager
---> STAT = (RUNNING) Started automatically
---> FILE = "C:\Programmi\File comuni\Symantec Shared\ccSetMgr.exe"

007) "CryptSvc" - Servizi di crittografia
---> STAT = (RUNNING) Started automatically
---> FILE = C:\WINDOWS\system32\svchost.exe -k netsvcs

008) "DcomLaunch" - Utilità di avvio processo server DCOM
---> STAT = (RUNNING) Started automatically
---> FILE = C:\WINDOWS\system32\svchost -k DcomLaunch

009) "Dhcp" - Client DHCP
---> STAT = (RUNNING) Started automatically
---> FILE = C:\WINDOWS\system32\svchost.exe -k netsvcs

010) "Dnscache" - Client DNS
---> STAT = (RUNNING) Started automatically
---> FILE = C:\WINDOWS\system32\svchost.exe -k NetworkService

011) "ERSvc" - Servizio di segnalazione errori
---> STAT = (RUNNING) Started automatically
---> FILE = C:\WINDOWS\System32\svchost.exe -k netsvcs

012) "Eventlog" - Registro eventi
---> STAT = (RUNNING) Started automatically
---> FILE = C:\WINDOWS\system32\services.exe

013) "EventSystem" - Sistema di eventi COM+
---> STAT = (RUNNING) Started manually
---> FILE = C:\WINDOWS\system32\svchost.exe -k netsvcs

014) "FastUserSwitchingCompatibility" - Compatibilità di Cambio rapido utente
---> STAT = (RUNNING) Started manually
---> FILE = C:\WINDOWS\System32\svchost.exe -k netsvcs

015) "helpsvc" - Guida in linea e supporto tecnico
---> STAT = (RUNNING) Started automatically
---> FILE = C:\WINDOWS\System32\svchost.exe -k netsvcs

016) "lanmanserver" - Server
---> STAT = (RUNNING) Started automatically
---> FILE = C:\WINDOWS\system32\svchost.exe -k netsvcs

017) "lanmanworkstation" - Workstation
---> STAT = (RUNNING) Started automatically
---> FILE = C:\WINDOWS\system32\svchost.exe -k netsvcs

018) "LmHosts" - Helper NetBIOS di TCP/IP
---> STAT = (RUNNING) Started automatically
---> FILE = C:\WINDOWS\system32\svchost.exe -k LocalService

019) "Netman" - Connessioni di rete
---> STAT = (RUNNING) Started manually
---> FILE = C:\WINDOWS\System32\svchost.exe -k netsvcs

020) "Nla" - NLA (Network Location Awareness)
---> STAT = (RUNNING) Started manually
---> FILE = C:\WINDOWS\system32\svchost.exe -k netsvcs

021) "PlugPlay" - Plug and Play
---> STAT = (RUNNING) Started automatically
---> FILE = C:\WINDOWS\system32\services.exe

022) "PolicyAgent" - Servizi IPSEC
---> STAT = (RUNNING) Started automatically
---> FILE = C:\WINDOWS\system32\lsass.exe

023) "ProtectedStorage" - Archiviazione protetta
---> STAT = (RUNNING) Started automatically
---> FILE = C:\WINDOWS\system32\lsass.exe

024) "RasMan" - Connection Manager di Accesso remoto
---> STAT = (RUNNING) Started manually
---> FILE = C:\WINDOWS\system32\svchost.exe -k netsvcs

025) "RpcSs" - RPC (Remote Procedure Call)
---> STAT = (RUNNING) Started automatically
---> FILE = C:\WINDOWS\system32\svchost -k rpcss

026) "SamSs" - Gestione account di protezione (SAM)
---> STAT = (RUNNING) Started automatically
---> FILE = C:\WINDOWS\system32\lsass.exe

027) "Schedule" - Utilità di pianificazione
---> STAT = (RUNNING) Started automatically
---> FILE = C:\WINDOWS\System32\svchost.exe -k netsvcs

028) "seclogon" - Accesso secondario
---> STAT = (RUNNING) Started automatically
---> FILE = C:\WINDOWS\System32\svchost.exe -k netsvcs

029) "SENS" - Notifica eventi di sistema
---> STAT = (RUNNING) Started automatically
---> FILE = C:\WINDOWS\system32\svchost.exe -k netsvcs

030) "SharedAccess" - Windows Firewall / Condivisione connessione Internet (ICS)
---> STAT = (RUNNING) Started automatically
---> FILE = C:\WINDOWS\system32\svchost.exe -k netsvcs

031) "ShellHWDetection" - Rilevamento hardware shell
---> STAT = (RUNNING) Started automatically
---> FILE = C:\WINDOWS\System32\svchost.exe -k netsvcs

032) "SNDSrvc" - Symantec Network Drivers Service
---> STAT = (RUNNING) Started automatically
---> FILE = "C:\Programmi\File comuni\Symantec Shared\SNDSrvc.exe"

033) "SPBBCSvc" - SPBBCSvc
---> STAT = (RUNNING) Started automatically
---> FILE = "C:\Programmi\File comuni\Symantec Shared\SPBBC\SPBBCSvc.exe"

034) "Spooler" - Spooler di stampa
---> STAT = (RUNNING) Started automatically
---> FILE = C:\WINDOWS\system32\spoolsv.exe

035) "srservice" - Servizio Ripristino configurazione di sistema
---> STAT = (RUNNING) Started automatically
---> FILE = C:\WINDOWS\system32\svchost.exe -k netsvcs

036) "SSDPSRV" - Servizio di rilevamento SSDP
---> STAT = (RUNNING) Started manually
---> FILE = C:\WINDOWS\system32\svchost.exe -k LocalService

037) "Symantec Core LC" - Symantec Core LC
---> STAT = (RUNNING) Started automatically
---> FILE = "C:\Programmi\File comuni\Symantec Shared\CCPD-LC\symlcsvc.exe"

038) "TapiSrv" - Telefonia
---> STAT = (RUNNING) Started manually
---> FILE = C:\WINDOWS\System32\svchost.exe -k netsvcs

039) "TermService" - Servizi terminal
---> STAT = (RUNNING) Started manually
---> FILE = C:\WINDOWS\System32\svchost -k DComLaunch

040) "Themes" - Temi
---> STAT = (RUNNING) Started automatically
---> FILE = C:\WINDOWS\System32\svchost.exe -k netsvcs

041) "TrkWks" - Manutenzione collegamenti distribuiti client
---> STAT = (RUNNING) Started automatically
---> FILE = C:\WINDOWS\system32\svchost.exe -k netsvcs

042) "Utilità di pianificazione di LiveUpdate automatico" - Utilità di pianificazione di LiveUpdate automatico
---> STAT = (RUNNING) Started automatically
---> FILE = "C:\Programmi\Symantec\LiveUpdate\ALUSchedulerSvc.exe"

043) "W32Time" - Ora di Windows
---> STAT = (RUNNING) Started automatically
---> FILE = C:\WINDOWS\System32\svchost.exe -k netsvcs

044) "WebClient" - WebClient
---> STAT = (RUNNING) Started automatically
---> FILE = C:\WINDOWS\system32\svchost.exe -k LocalService

045) "winmgmt" - Strumentazione gestione Windows
---> STAT = (RUNNING) Started automatically
---> FILE = C:\WINDOWS\system32\svchost.exe -k netsvcs

046) "wuauserv" - Aggiornamenti automatici
---> STAT = (RUNNING) Started automatically
---> FILE = C:\WINDOWS\system32\svchost.exe -k netsvcs

047) "WZCSVC" - Zero Configuration reti senza fili
---> STAT = (RUNNING) Started automatically
---> FILE = C:\WINDOWS\System32\svchost.exe -k netsvcs


0) "LaunchApp"
---> CMD = Alaunch
---> FILE = C:\WINDOWS\System32\Alaunch

1) "SoundMan"

---> CMD = AGRSMMSG.exe
---> FILE = C:\WINDOWS\System32\AGRSMMSG.exe

3) "SiSPower"
---> CMD = Rundll32.exe SiSPower.dll,ModeAgent
---> FILE = C:\WINDOWS\System32\Rundll32.exe SiSPower.dll,ModeAgent

4) "IMJPMIG8.1"
---> CMD = "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32

5) "MSPY2002"
---> CMD = C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
---> FILE = C:\WINDOWS\system32\IME\PINTLGNT\imscinst.exe

6) "PHIME2002ASync"
---> FILE = C:\WINDOWS\system32\IME\TINTLGNT\tintsetp.exe

7) "PHIME2002A"
---> FILE = C:\WINDOWS\system32\IME\TINTLGNT\tintsetp.exe

8) ""
---> CMD =

9) "AdslTaskBar"
---> CMD = rundll32.exe stmctrl.dll,TaskBar
---> FILE = C:\WINDOWS\system32\IME\TINTLGNT\rundll32.exe stmctrl.dll,TaskBar

10) "Acrobat Assistant 7.0"
---> CMD = "C:\Programmi\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
---> FILE = C:\Programmi\Adobe\Acrobat 7.0\Distillr\acrotray.exe

11) "ccApp"
---> CMD = "C:\Programmi\File comuni\Symantec Shared\ccApp.exe"

-------------List of NOT running services -------------

000) "Alerter" - Avvisi
---> STAT = (NOT RUNNING) Disabled
---> FILE = C:\WINDOWS\system32\svchost.exe -k LocalService

001) "AppMgmt" - Gestione applicazione
---> STAT = (NOT RUNNING) Started manually
---> FILE = C:\WINDOWS\system32\svchost.exe -k netsvcs

002) "BITS" - Servizio trasferimento intelligente in background
---> STAT = (NOT RUNNING) Started manually
---> FILE = C:\WINDOWS\system32\svchost.exe -k netsvcs

003) "CiSvc" - Servizio di indicizzazione
---> STAT = (NOT RUNNING) Started manually
---> FILE = C:\WINDOWS\system32\cisvc.exe

004) "ClipSrv" - ClipBook
---> STAT = (NOT RUNNING) Disabled
---> FILE = C:\WINDOWS\system32\clipsrv.exe

005) "COMSysApp" - Applicazione di sistema COM+
---> STAT = (NOT RUNNING) Started manually
---> FILE = C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}

006) "dmadmin" - Servizio amministrativo di Gestione disco logico
---> STAT = (NOT RUNNING) Started manually
---> FILE = C:\WINDOWS\System32\dmadmin.exe /com

007) "dmserver" - Gestione dischi logici
---> STAT = (NOT RUNNING) Started manually
---> FILE = C:\WINDOWS\System32\svchost.exe -k netsvcs

008) "Fax" - Fax
---> STAT = (NOT RUNNING) Started automatically
---> FILE = C:\WINDOWS\system32\fxssvc.exe

009) "HidServ" - Accesso periferica Human Interface
---> STAT = (NOT RUNNING) Disabled
---> FILE = C:\WINDOWS\System32\svchost.exe -k netsvcs

010) "HTTPFilter" - SSL HTTP
---> STAT = (NOT RUNNING) Started manually
---> FILE = C:\WINDOWS\System32\svchost.exe -k HTTPFilter

011) "ImapiService" - Servizio COM di masterizzazione CD IMAPI
---> STAT = (NOT RUNNING) Started manually
---> FILE = C:\WINDOWS\system32\imapi.exe

012) "LiveUpdate" - LiveUpdate
---> STAT = (NOT RUNNING) Started manually
---> FILE = "C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE"

013) "Messenger" - Messenger
---> STAT = (NOT RUNNING) Disabled
---> FILE = C:\WINDOWS\system32\svchost.exe -k netsvcs

014) "mnmsrvc" - Condivisione desktop remoto di NetMeeting
---> STAT = (NOT RUNNING) Started manually
---> FILE = C:\WINDOWS\system32\mnmsrvc.exe

015) "MSDTC" - Distributed Transaction Coordinator
---> STAT = (NOT RUNNING) Started manually
---> FILE = C:\WINDOWS\system32\msdtc.exe

016) "MSIServer" - Windows Installer
---> STAT = (NOT RUNNING) Started manually
---> FILE = C:\WINDOWS\system32\msiexec.exe /V

017) "navapsvc" - Servizio Auto-Protect di Norton AntiVirus
---> STAT = (NOT RUNNING) Started automatically
---> FILE = "C:\Programmi\Norton AntiVirus\navapsvc.exe"

018) "NetDDE" - DDE di rete
---> STAT = (NOT RUNNING) Disabled
---> FILE = C:\WINDOWS\system32\netdde.exe

019) "NetDDEdsdm" - DDE DSDM di rete
---> STAT = (NOT RUNNING) Disabled
---> FILE = C:\WINDOWS\system32\netdde.exe

020) "Netlogon" - Accesso rete
---> STAT = (NOT RUNNING) Started manually
---> FILE = C:\WINDOWS\system32\lsass.exe

021) "NPFMntor" - Norton AntiVirus Firewall Monitor Service
---> STAT = (NOT RUNNING) Started automatically
---> FILE = "C:\Programmi\Norton AntiVirus\IWP\NPFMntor.exe"

022) "NSCService" - Norton Protection Center Service
---> STAT = (NOT RUNNING) Started manually
---> FILE = "C:\Programmi\File comuni\Symantec Shared\Security Console\NSCSRVCE.EXE"

023) "NtLmSsp" - Provider supporto protezione LM NT
---> STAT = (NOT RUNNING) Started manually
---> FILE = C:\WINDOWS\system32\lsass.exe

024) "NtmsSvc" - Archivi rimovibili
---> STAT = (NOT RUNNING) Started manually
---> FILE = C:\WINDOWS\system32\svchost.exe -k netsvcs

025) "RasAuto" - Auto Connection Manager di Accesso remoto
---> STAT = (NOT RUNNING) Started manually
---> FILE = C:\WINDOWS\system32\svchost.exe -k netsvcs

026) "RDSessMgr" - Gestione sessione di assistenza mediante desktop remoto
---> STAT = (NOT RUNNING) Started manually
---> FILE = C:\WINDOWS\system32\sessmgr.exe

027) "RemoteAccess" - Routing e Accesso remoto
---> STAT = (NOT RUNNING) Disabled
---> FILE = C:\WINDOWS\system32\svchost.exe -k netsvcs

028) "RpcLocator" - RPC Locator
---> STAT = (NOT RUNNING) Started manually
---> FILE = C:\WINDOWS\system32\locator.exe

029) "RSVP" - QoS RSVP
---> STAT = (NOT RUNNING) Started manually
---> FILE = C:\WINDOWS\system32\rsvp.exe

030) "SAVScan" - Symantec AVScan
---> STAT = (NOT RUNNING) Started manually
---> FILE = "C:\Programmi\Norton AntiVirus\SAVScan.exe"

031) "SCardSvr" - smart card
---> STAT = (NOT RUNNING) Started manually
---> FILE = C:\WINDOWS\System32\SCardSvr.exe

032) "stisvc" - Acquisizione di immagini di Windows (WIA)
---> STAT = (NOT RUNNING) Started manually
---> FILE = C:\WINDOWS\system32\svchost.exe -k imgsvc

033) "SwPrv" - MS Software Shadow Copy Provider
---> STAT = (NOT RUNNING) Started manually
---> FILE = C:\WINDOWS\system32\dllhost.exe /Processid:{50CFF27D-AC37-45C3-9BCD-C924D5B7C006}

034) "SysmonLog" - Avvisi e registri di prestazioni
---> STAT = (NOT RUNNING) Started manually
---> FILE = C:\WINDOWS\system32\smlogsvc.exe

035) "upnphost" - Host di periferiche Plug and Play universali
---> STAT = (NOT RUNNING) Started manually
---> FILE = C:\WINDOWS\system32\svchost.exe -k LocalService

036) "UPS" - Gruppo di continuità
---> STAT = (NOT RUNNING) Started manually
---> FILE = C:\WINDOWS\System32\ups.exe

037) "VSS" - Copia replicata del volume
---> STAT = (NOT RUNNING) Started manually
---> FILE = C:\WINDOWS\System32\vssvc.exe

038) "WmdmPmSN" - Servizio Numero di serie per dispositivi multimediali portatili
---> STAT = (NOT RUNNING) Started manually
---> FILE = C:\WINDOWS\System32\svchost.exe -k netsvcs

039) "WmiApSrv" - Scheda WMI Performance
---> STAT = (NOT RUNNING) Started manually
---> FILE = C:\WINDOWS\system32\wbem\wmiapsrv.exe

040) "wscsvc" - Centro sicurezza PC
---> STAT = (NOT RUNNING) Disabled
---> FILE = C:\WINDOWS\System32\svchost.exe -k netsvcs

041) "xmlprov" - Servizio Provisioning di rete
---> STAT = (NOT RUNNING) Started manually
---> FILE = C:\WINDOWS\System32\svchost.exe -k netsvcs

-------------List of running device driver services -------------

000) "ACPI" - Driver ACPI Microsoft
---> STAT = (RUNNING) Started by operating system loader
---> FILE = \SystemRoot\system32\DRIVERS\ACPI.sys

001) "ACPIEC" - Driver del controller integrato Microsoft
---> STAT = (RUNNING) Started by operating system loader
---> FILE = \SystemRoot\system32\DRIVERS\ACPIEC.sys

002) "AFD" - AFD
---> STAT = (RUNNING) Started by "IoInitSystem" function
---> FILE = \SystemRoot\System32\drivers\afd.sys

003) "AgereSoftModem" - Agere Systems Soft Modem
---> STAT = (RUNNING) Started manually
---> FILE = system32\DRIVERS\AGRSM.sys

004) "ALCXWDM" - Service for Realtek AC97 Audio (WDM)
---> STAT = (RUNNING) Started manually
---> FILE = system32\drivers\ALCXWDM.SYS

005) "AmdK8" - Driver del processore AMD
---> STAT = (RUNNING) Started by "IoInitSystem" function
---> FILE = system32\DRIVERS\AmdK8.sys

006) "atapi" - Controller disco rigido IDE/ESDI standard
---> STAT = (RUNNING) Started by operating system loader
---> FILE = \SystemRoot\system32\DRIVERS\atapi.sys

007) "audstub" - Driver stub audio
---> STAT = (RUNNING) Started manually
---> FILE = system32\DRIVERS\audstub.sys

008) "BCM43XX" - Driver per l’adattatore di rete Broadcom 802.11
---> STAT = (RUNNING) Started manually
---> FILE = system32\DRIVERS\bcmwl5.sys

009) "Beep" - Beep
---> STAT = (RUNNING) Started by "IoInitSystem" function

010) "Cdfs" - Cdfs
---> STAT = (RUNNING) Disabled

011) "Cdrom" - Driver del CD-ROM
---> STAT = (RUNNING) Started by "IoInitSystem" function
---> FILE = system32\DRIVERS\cdrom.sys

012) "CmBatt" - Driver batteria a metodo di controllo ACPI Microsoft
---> STAT = (RUNNING) Started manually
---> FILE = system32\DRIVERS\CmBatt.sys

013) "Compbatt" - Driver della batteria composita Microsoft
---> STAT = (RUNNING) Started by operating system loader
---> FILE = \SystemRoot\system32\DRIVERS\compbatt.sys

014) "Disk" - Driver del disco
---> STAT = (RUNNING) Started by operating system loader
---> FILE = \SystemRoot\system32\DRIVERS\disk.sys

015) "DKbFltr" - Dritek HotKey Keyboard Filter Driver
---> STAT = (RUNNING) Started manually
---> FILE = System32\Drivers\DKbFltr.sys

016) "eeCtrl" - Symantec Eraser Control driver
---> STAT = (RUNNING) Started by "IoInitSystem" function
---> FILE = \??\C:\Programmi\File comuni\Symantec Shared\EENGINE\eeCtrl.sys

017) "EraserUtilRebootDrv" - EraserUtilRebootDrv
---> STAT = (RUNNING) Started manually
---> FILE = \??\C:\Programmi\File comuni\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys

018) "Fastfat" - Fastfat
---> STAT = (RUNNING) Disabled

019) "Fips" - Fips
---> STAT = (RUNNING) Started by "IoInitSystem" function

020) "FltMgr" - FltMgr
---> STAT = (RUNNING) Started by operating system loader
---> FILE = \SystemRoot\system32\DRIVERS\fltMgr.sys

021) "Ftdisk" - Driver archiviazione volumi
---> STAT = (RUNNING) Started by operating system loader
---> FILE = \SystemRoot\system32\DRIVERS\ftdisk.sys

022) "gagp30kx" - Filtro Microsoft AGPv3.0 generico per piattaforme processore K8
---> STAT = (RUNNING) Started by operating system loader
---> FILE = \SystemRoot\system32\DRIVERS\gagp30kx.sys

023) "Gpc" - Utilità di classificazione pacchetti generica
---> STAT = (RUNNING) Started manually
---> FILE = system32\DRIVERS\msgpc.sys

024) "HTTP" - HTTP
---> STAT = (RUNNING) Started manually
---> FILE = System32\Drivers\HTTP.sys

025) "i8042prt" - Driver di porta mouse PS/2 e tastiera i8042
---> STAT = (RUNNING) Started by "IoInitSystem" function
---> FILE = system32\DRIVERS\i8042prt.sys

026) "Imapi" - Driver filtro masterizzazione CD
---> STAT = (RUNNING) Started by "IoInitSystem" function
---> FILE = system32\DRIVERS\imapi.sys

027) "IpNat" - Traduttore indirizzi di rete IP
---> STAT = (RUNNING) Started manually
---> FILE = system32\DRIVERS\ipnat.sys

028) "IPSec" - Driver IPSEC
---> STAT = (RUNNING) Started by "IoInitSystem" function
---> FILE = system32\DRIVERS\ipsec.sys

029) "isapnp" - Driver bus PnP ISA/EISA
---> STAT = (RUNNING) Started by operating system loader
---> FILE = \SystemRoot\system32\DRIVERS\isapnp.sys

030) "Kbdclass" - Driver classe tastiera
---> STAT = (RUNNING) Started by "IoInitSystem" function
---> FILE = system32\DRIVERS\kbdclass.sys

031) "kmixer" - Mixer wave audio del kernel Microsoft
---> STAT = (RUNNING) Started manually
---> FILE = system32\drivers\kmixer.sys

032) "KSecDD" - KSecDD
---> STAT = (RUNNING) Started by operating system loader

033) "mnmdd" - mnmdd
---> STAT = (RUNNING) Started by "IoInitSystem" function

034) "Modem" - Modem
---> STAT = (RUNNING) Started manually

035) "Mouclass" - Driver classe mouse
---> STAT = (RUNNING) Started by "IoInitSystem" function
---> FILE = system32\DRIVERS\mouclass.sys

036) "MountMgr" - MountMgr
---> STAT = (RUNNING) Started by operating system loader

037) "MRxDAV" - Redirector del client WebDav
---> STAT = (RUNNING) Started manually
---> FILE = system32\DRIVERS\mrxdav.sys

038) "MRxSmb" - MRXSMB
---> STAT = (RUNNING) Started by "IoInitSystem" function
---> FILE = system32\DRIVERS\mrxsmb.sys

039) "Msfs" - Msfs
---> STAT = (RUNNING) Started by "IoInitSystem" function

040) "mssmbios" - Driver BIOS Microsoft System Management
---> STAT = (RUNNING) Started manually
---> FILE = system32\DRIVERS\mssmbios.sys

041) "Mup" - Mup
---> STAT = (RUNNING) Started by operating system loader

042) "NDIS" - Driver di sistema NDIS
---> STAT = (RUNNING) Started by operating system loader

043) "NdisTapi" - Driver TAPI NDIS di accesso remoto
---> STAT = (RUNNING) Started manually
---> FILE = system32\DRIVERS\ndistapi.sys

044) "Ndisuio" - Protocollo I/O modalità utente su NDIS
---> STAT = (RUNNING) Started manually
---> FILE = system32\DRIVERS\ndisuio.sys

045) "NdisWan" - Driver WAN NDIS di accesso remoto
---> STAT = (RUNNING) Started manually
---> FILE = system32\DRIVERS\ndiswan.sys

046) "NDProxy" - Proxy NDIS
---> STAT = (RUNNING) Started manually

047) "NetBIOS" - Interfaccia NetBIOS
---> STAT = (RUNNING) Started by "IoInitSystem" function
---> FILE = system32\DRIVERS\netbios.sys

048) "NetBT" - NetBios su Tcpip
---> STAT = (RUNNING) Started by "IoInitSystem" function
---> FILE = system32\DRIVERS\netbt.sys

049) "Npfs" - Npfs
---> STAT = (RUNNING) Started by "IoInitSystem" function

050) "NTIDrvr" - Upper Class Filter Driver
---> STAT = (RUNNING) Started manually
---> FILE = system32\DRIVERS\NTIDrvr.sys

051) "Null" - Null
---> STAT = (RUNNING) Started by "IoInitSystem" function

052) "PartMgr" - PartMgr
---> STAT = (RUNNING) Started by operating system loader

053) "PCI" - PCI Bus Driver
---> STAT = (RUNNING) Started by operating system loader
---> FILE = \SystemRoot\system32\DRIVERS\pci.sys

054) "PCIIde" - PCIIde
---> STAT = (RUNNING) Started by operating system loader
---> FILE = \SystemRoot\system32\DRIVERS\pciide.sys

055) "Pcmcia" - Pcmcia
---> STAT = (RUNNING) Started by operating system loader
---> FILE = \SystemRoot\system32\DRIVERS\pcmcia.sys

056) "PptpMiniport" - WAN Miniport (PPTP)
---> STAT = (RUNNING) Started manually
---> FILE = system32\DRIVERS\raspptp.sys

057) "PSched" - Utilità di pianificazione pacchetti QoS
---> STAT = (RUNNING) Started manually
---> FILE = system32\DRIVERS\psched.sys

058) "Ptilink" - Driver Direct Parallel Link
---> STAT = (RUNNING) Started manually
---> FILE = system32\DRIVERS\ptilink.sys

059) "RasAcd" - Driver connessione automatica Accesso remoto
---> STAT = (RUNNING) Started by "IoInitSystem" function
---> FILE = system32\DRIVERS\rasacd.sys

060) "Rasl2tp" - WAN Miniport (L2TP)
---> STAT = (RUNNING) Started manually
---> FILE = system32\DRIVERS\rasl2tp.sys

061) "RasPppoe" - Driver PPPOE di accesso remoto
---> STAT = (RUNNING) Started manually
---> FILE = system32\DRIVERS\raspppoe.sys

062) "Raspti" - Direct Parallel
---> STAT = (RUNNING) Started manually
---> FILE = system32\DRIVERS\raspti.sys

063) "Rdbss" - Rdbss
---> STAT = (RUNNING) Started by "IoInitSystem" function
---> FILE = system32\DRIVERS\rdbss.sys

---> STAT = (RUNNING) Started by "IoInitSystem" function
---> FILE = System32\DRIVERS\RDPCDD.sys

065) "redbook" - Driver filtro riproduzione CD-ROM audio digitale
---> STAT = (RUNNING) Started by "IoInitSystem" function
---> FILE = system32\DRIVERS\redbook.sys

---> STAT = (RUNNING) Started by "IoInitSystem" function
---> FILE = \??\C:\Programmi\Norton AntiVirus\SAVRTPEL.SYS

067) "Secdrv" - Secdrv
---> STAT = (RUNNING) Started automatically
---> FILE = system32\DRIVERS\secdrv.sys

068) "SiS315" - SiS315
---> STAT = (RUNNING) Started manually
---> FILE = system32\DRIVERS\sisgrp.sys

069) "SISAGP" - SiS AGP Filter
---> STAT = (RUNNING) Started by operating system loader
---> FILE = \SystemRoot\system32\DRIVERS\SISAGPX.sys

070) "SiSkp" - SiSkp
---> STAT = (RUNNING) Started by "IoInitSystem" function
---> FILE = system32\DRIVERS\srvkp.sys

071) "SISNICXP" - SiS PCI Fast Ethernet Adapter Driver for NDIS51
---> STAT = (RUNNING) Started manually
---> FILE = system32\DRIVERS\sisnicxp.sys

072) "SPBBCDrv" - SPBBCDrv
---> STAT = (RUNNING) Started by "IoInitSystem" function
---> FILE = \??\C:\Programmi\File comuni\Symantec Shared\SPBBC\SPBBCDrv.sys

073) "sr" - Driver filtro Ripristino configurazione di sistema
---> STAT = (RUNNING) Started by operating system loader
---> FILE = \SystemRoot\system32\DRIVERS\sr.sys

074) "Srv" - Srv
---> STAT = (RUNNING) Started manually
---> FILE = system32\DRIVERS\srv.sys

075) "Stmatm" - ATM/ADSL miniport
---> STAT = (RUNNING) Started manually
---> FILE = system32\DRIVERS\stmatm.sys

076) "swenum" - Driver bus software
---> STAT = (RUNNING) Started manually
---> FILE = system32\DRIVERS\swenum.sys

---> STAT = (RUNNING) Started manually
---> FILE = \SystemRoot\System32\Drivers\SYMDNS.SYS

078) "SymEvent" - SymEvent
---> STAT = (RUNNING) Started manually
---> FILE = \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS

079) "SYMFW" - SYMFW
---> STAT = (RUNNING) Started manually
---> FILE = \SystemRoot\System32\Drivers\SYMFW.SYS

---> STAT = (RUNNING) Started manually
---> FILE = \SystemRoot\System32\Drivers\SYMIDS.SYS

---> STAT = (RUNNING) Started manually
---> FILE = \??\C:\PROGRA~1\FILECO~1\SYMANT~1\SymcData\IDS-DI~1\20070308.002\symidsco.sys

082) "symlcbrd" - symlcbrd
---> STAT = (RUNNING) Started automatically
---> FILE = \??\C:\WINDOWS\system32\drivers\symlcbrd.sys

---> STAT = (RUNNING) Started manually
---> FILE = \SystemRoot\System32\Drivers\SYMNDIS.SYS

---> STAT = (RUNNING) Started manually
---> FILE = \SystemRoot\System32\Drivers\SYMREDRV.SYS

---> STAT = (RUNNING) Started by "IoInitSystem" function
---> FILE = \SystemRoot\System32\Drivers\SYMTDI.SYS

086) "SynTP" - Synaptics TouchPad Driver
---> STAT = (RUNNING) Started manually
---> FILE = system32\DRIVERS\SynTP.sys

087) "sysaudio" - Periferica audio di sistema Microsoft Kernel
---> STAT = (RUNNING) Started manually
---> FILE = system32\drivers\sysaudio.sys

088) "TaurusUsb" - ADSL Modem USB Service 1.09a
---> STAT = (RUNNING) Started manually
---> FILE = system32\DRIVERS\torususb.sys

089) "Tcpip" - Driver protocollo TCP/IP
---> STAT = (RUNNING) Started by "IoInitSystem" function
---> FILE = system32\DRIVERS\tcpip.sys

090) "TermDD" - Driver della periferica terminale
---> STAT = (RUNNING) Started by "IoInitSystem" function
---> FILE = system32\DRIVERS\termdd.sys

091) "UBHelper" - UBHelper
---> STAT =
Utente Junior
Post: 88
Iscritto il: 16/08/06 11:18

Postdi Luke57 » 31/03/07 14:46

Ciao, non può entrarci, è troppo lungo,lo devi inserire nel link che ti ho detto.
Post: 6413
Iscritto il: 11/08/05 19:10

Postdi alemao » 31/03/07 15:06


file url :

html code : <a target="_blank" href="">download</a>

bbcode: download
Utente Junior
Post: 88
Iscritto il: 16/08/06 11:18

Postdi Luke57 » 31/03/07 15:14

Ciao, scarica Findawf da qui:

Esegui il file, si aprirà una finestra dos, premi invio per continuare, finito tutto si aprirà il block notes, copia e incolla il contenuto in un post.
Post: 6413
Iscritto il: 11/08/05 19:10

Postdi alemao » 31/03/07 16:05

Find AWF report by noahdfear ©2006

bak folders found

Il volume nell'unit… C Š ACER
Numero di serie del volume: 320D-180E

Directory di C:\WINDOWS\SYSTEM32\BAK

0 File 0 byte
2 Directory 26.974.420.992 byte disponibili
Il volume nell'unit… C Š ACER
Numero di serie del volume: 320D-180E

Directory di C:\PROGRA~1\MESSEN~1\BAK

0 File 0 byte
2 Directory 26.974.420.992 byte disponibili
Il volume nell'unit… C Š ACER
Numero di serie del volume: 320D-180E

Directory di C:\PROGRA~1\ARCADE\BAK

09/03/2005 18.59 49.152 PCMService.exe
1 File 49.152 byte
2 Directory 26.974.420.992 byte disponibili
Il volume nell'unit… C Š ACER
Numero di serie del volume: 320D-180E

Directory di C:\PROGRA~1\LAUNCH~1\BAK

12/10/2005 15.16 315.392 QtZgAcer.EXE
1 File 315.392 byte
2 Directory 26.974.420.992 byte disponibili
Il volume nell'unit… C Š ACER
Numero di serie del volume: 320D-180E

Directory di C:\WINDOWS\IME\IMJP8_1\BAK

19/08/2004 05.00 208.952 IMJPMIG.EXE
1 File 208.952 byte
2 Directory 26.974.420.992 byte disponibili
Il volume nell'unit… C Š ACER
Numero di serie del volume: 320D-180E

Directory di C:\PROGRA~1\FILECO~1\SYMANT~1\BAK

22/02/2007 12.11 52.840 ccApp.exe
1 File 52.840 byte
2 Directory 26.974.420.992 byte disponibili
Il volume nell'unit… C Š ACER
Numero di serie del volume: 320D-180E


07/10/2004 23.43 688.218 SynTPEnh.exe
07/10/2004 23.44 98.394 SynTPLpr.exe
2 File 786.612 byte
2 Directory 26.974.420.992 byte disponibili
Il volume nell'unit… C Š ACER
Numero di serie del volume: 320D-180E

Directory di C:\ACER\EMPOWE~1\ERECOV~1\BAK

16/11/2005 16.54 385.024 Monitor.exe
1 File 385.024 byte
2 Directory 26.974.420.992 byte disponibili
Il volume nell'unit… C Š ACER
Numero di serie del volume: 320D-180E


19/08/2004 05.00 59.392 ImScInst.exe
1 File 59.392 byte
2 Directory 26.974.420.992 byte disponibili
Il volume nell'unit… C Š ACER
Numero di serie del volume: 320D-180E


19/08/2004 05.00 455.168 TINTSETP.EXE
1 File 455.168 byte
2 Directory 26.974.420.992 byte disponibili
Il volume nell'unit… C Š ACER
Numero di serie del volume: 320D-180E


11/08/2005 16.30 81.920 issch.exe
11/08/2005 16.30 249.856 ISUSPM.exe
2 File 331.776 byte
2 Directory 26.974.420.992 byte disponibili
Il volume nell'unit… C Š ACER
Numero di serie del volume: 320D-180E


12/01/2006 20.52 483.328 Acrotray.exe
1 File 483.328 byte
2 Directory 26.974.420.992 byte disponibili

Duplicate files of bak directory contents

49152 9 Mar 2005 "C:\Programmi\Arcade\bak\PCMService.exe"
315392 12 Oct 2005 "C:\Programmi\Launch Manager\bak\QtZgAcer.EXE"
208952 19 Aug 2004 "C:\WINDOWS\ime\imjp8_1\imjpmig.exe"
208952 19 Aug 2004 "C:\WINDOWS\ime\imjp8_1\bak\IMJPMIG.EXE"
52840 22 Feb 2007 "C:\Programmi\File comuni\Symantec Shared\bak\ccApp.exe"
98394 7 Oct 2004 "C:\Programmi\Synaptics\SynTP\Media\SYNTPLPR.EXE"
98394 7 Oct 2004 "C:\Programmi\Synaptics\SynTP\bak\SynTPLpr.exe"
688218 7 Oct 2004 "C:\Programmi\Synaptics\SynTP\Media\SYNTPENH.EXE"
688218 7 Oct 2004 "C:\Programmi\Synaptics\SynTP\bak\SynTPEnh.exe"
385024 16 Nov 2005 "C:\Acer\Empowering Technology\eRecovery\bak\Monitor.exe"
59392 19 Aug 2004 "C:\WINDOWS\system32\IME\PINTLGNT\imscinst.exe"
59392 19 Aug 2004 "C:\WINDOWS\system32\IME\PINTLGNT\bak\ImScInst.exe"
455168 19 Aug 2004 "C:\WINDOWS\system32\IME\TINTLGNT\tintsetp.exe"
455168 19 Aug 2004 "C:\WINDOWS\system32\IME\TINTLGNT\bak\TINTSETP.EXE"
249856 11 Aug 2005 "C:\Programmi\File comuni\InstallShield\UpdateService\bak\ISUSPM.exe"
81920 11 Aug 2005 "C:\Programmi\File comuni\InstallShield\UpdateService\bak\issch.exe"
483328 12 Jan 2006 "C:\Programmi\Adobe\Acrobat 7.0\Distillr\acrotray.exe"
483328 12 Jan 2006 "C:\Programmi\Adobe\Acrobat 7.0\Distillr\bak\Acrotray.exe"
Utente Junior
Post: 88
Iscritto il: 16/08/06 11:18

Postdi Luke57 » 31/03/07 18:01

Ciao, Scarica avenger sul desktop
Decomprimi l'archivio

- con un doppio click avvia il file avenger.exe
- Seleziona "Input Script Manually"
- Clicca sulla lente di ingrandimento

- Nella finestra che si aprirà "View/edit script"
- copia / incolla (Ctrl+V) quanto segue (in neretto):

files to delete:
C:\Programmi\Launch Manager\QtZgAcer.EXE
C:\Programmi\File comuni\Symantec Shared\ccApp.exe
C:\Acer\Empowering Technology\eRecovery\Monitor.exe
C:\Programmi\File comuni\InstallShield\UpdateService\ISUSPM.exe
C:\Programmi\File comuni\InstallShield\UpdateService\issch.exe
C:\Programmi\Adobe\Acrobat 7.0\Distillr\Acrotray.exe

files to move:
C:\Programmi\Arcade\bak\PCMService.exe | C:\Programmi\Arcade\PCMService.exe
C:\Programmi\Launch Manager\bak\QtZgAcer.EXE | C:\Programmi\Launch Manager\QtZgAcer.EXE
C:\WINDOWS\ime\imjp8_1\bak\IMJPMIG.EXE | C:\WINDOWS\ime\imjp8_1\IMJPMIG.EXE
C:\Programmi\File comuni\Symantec Shared\bak\ccApp.exe | C:\Programmi\File comuni\Symantec Shared\ccApp.exe
C:\Programmi\Synaptics\SynTP\bak\SynTPLpr.exe | C:\Programmi\Synaptics\SynTP\SynTPLpr.exe
C:\Programmi\Synaptics\SynTP\bak\SynTPEnh.exe | C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
C:\Acer\Empowering Technology\eRecovery\bak\Monitor.exe | C:\Acer\Empowering Technology\eRecovery\Monitor.exe
C:\WINDOWS\system32\IME\PINTLGNT\bak\ImScInst.exe | C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe
C:\Programmi\File comuni\InstallShield\UpdateService\bak\ISUSPM.exe | C:\Programmi\File comuni\InstallShield\UpdateService\ISUSPM.exe
C:\Programmi\File comuni\InstallShield\UpdateService\bak\issch.exe | C:\Programmi\File comuni\InstallShield\UpdateService\issch.exe
C:\Programmi\Adobe\Acrobat 7.0\Distillr\bak\Acrotray.exe | C:\Programmi\Adobe\Acrobat 7.0\Distillr\Acrotray.exe

- Clicca sul tasto Done
- Poi sull'icona del semaforo
- Rispondi Yes due volte
Il pc dovrebbe riavviarsi ( se così non fosse, fallo tu)
Posta il log che verrà creato in C:\Avenger
Post: 6413
Iscritto il: 11/08/05 19:10

Postdi alemao » 31/03/07 18:19

mi dice error dopo che clikko sul semaforo
Utente Junior
Post: 88
Iscritto il: 16/08/06 11:18

Postdi alemao » 31/03/07 18:30

mi è ripartito norton e questo mi conferma che tu sei un mostro di bravura....!!

questo il log
Logfile of The Avenger version 1, by Swandog46
Running from registry key:


Script file located at: \??\C:\fycwcskj.txt
Script file opened successfully.

Script file read successfully

Backups directory opened successfully at C:\Avenger


Beginning to process script file:

File C:\Programmi\Arcade\PCMService.exe not found!
Deletion of file C:\Programmi\Arcade\PCMService.exe failed!

Could not process line:
Status: 0xc0000034

File C:\Programmi\Launch Manager\QtZgAcer.EXE not found!
Deletion of file C:\Programmi\Launch Manager\QtZgAcer.EXE failed!

Could not process line:
C:\Programmi\Launch Manager\QtZgAcer.EXE
Status: 0xc0000034

File C:\WINDOWS\ime\imjp8_1\IMJPMIG.EXE deleted successfully.

File C:\Programmi\File comuni\Symantec Shared\ccApp.exe not found!
Deletion of file C:\Programmi\File comuni\Symantec Shared\ccApp.exe failed!

Could not process line:
C:\Programmi\File comuni\Symantec Shared\ccApp.exe
Status: 0xc0000034

File C:\Programmi\Synaptics\SynTP\SynTPLpr.exe not found!
Deletion of file C:\Programmi\Synaptics\SynTP\SynTPLpr.exe failed!

Could not process line:
Status: 0xc0000034

File C:\Programmi\Synaptics\SynTP\SynTPEnh.exe not found!
Deletion of file C:\Programmi\Synaptics\SynTP\SynTPEnh.exe failed!

Could not process line:
Status: 0xc0000034

File C:\Acer\Empowering Technology\eRecovery\Monitor.exe not found!
Deletion of file C:\Acer\Empowering Technology\eRecovery\Monitor.exe failed!

Could not process line:
C:\Acer\Empowering Technology\eRecovery\Monitor.exe
Status: 0xc0000034

File C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe deleted successfully.
File C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE deleted successfully.

File C:\Programmi\File comuni\InstallShield\UpdateService\ISUSPM.exe not found!
Deletion of file C:\Programmi\File comuni\InstallShield\UpdateService\ISUSPM.exe failed!

Could not process line:
C:\Programmi\File comuni\InstallShield\UpdateService\ISUSPM.exe
Status: 0xc0000034

File C:\Programmi\File comuni\InstallShield\UpdateService\issch.exe not found!
Deletion of file C:\Programmi\File comuni\InstallShield\UpdateService\issch.exe failed!

Could not process line:
C:\Programmi\File comuni\InstallShield\UpdateService\issch.exe
Status: 0xc0000034

File C:\Programmi\Adobe\Acrobat 7.0\Distillr\Acrotray.exe deleted successfully.
File move operation C:\Programmi\Arcade\bak\PCMService.exe|C:\Programmi\Arcade\PCMService.exe completed successfully.
File move operation C:\Programmi\Launch Manager\bak\QtZgAcer.EXE|C:\Programmi\Launch Manager\QtZgAcer.EXE completed successfully.
File move operation C:\WINDOWS\ime\imjp8_1\bak\IMJPMIG.EXE|C:\WINDOWS\ime\imjp8_1\IMJPMIG.EXE completed successfully.
File move operation C:\Programmi\File comuni\Symantec Shared\bak\ccApp.exe|C:\Programmi\File comuni\Symantec Shared\ccApp.exe completed successfully.
File move operation C:\Programmi\Synaptics\SynTP\bak\SynTPLpr.exe|C:\Programmi\Synaptics\SynTP\SynTPLpr.exe completed successfully.
File move operation C:\Programmi\Synaptics\SynTP\bak\SynTPEnh.exe|C:\Programmi\Synaptics\SynTP\SynTPEnh.exe completed successfully.
File move operation C:\Acer\Empowering Technology\eRecovery\bak\Monitor.exe|C:\Acer\Empowering Technology\eRecovery\Monitor.exe completed successfully.
File move operation C:\WINDOWS\system32\IME\PINTLGNT\bak\ImScInst.exe|C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe completed successfully.
File move operation C:\WINDOWS\system32\IME\TINTLGNT\bak\TINTSETP.EXE|C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE completed successfully.
File move operation C:\Programmi\File comuni\InstallShield\UpdateService\bak\ISUSPM.exe|C:\Programmi\File comuni\InstallShield\UpdateService\ISUSPM.exe completed successfully.
File move operation C:\Programmi\File comuni\InstallShield\UpdateService\bak\issch.exe|C:\Programmi\File comuni\InstallShield\UpdateService\issch.exe completed successfully.
File move operation C:\Programmi\Adobe\Acrobat 7.0\Distillr\bak\Acrotray.exe|C:\Programmi\Adobe\Acrobat 7.0\Distillr\Acrotray.exe completed successfully.

Completed script processing.


Finished! Terminate.

tutto ok?
Utente Junior
Post: 88
Iscritto il: 16/08/06 11:18

Postdi alemao » 01/04/07 19:41

scusa luke ma mi compare nelle connessioni remote istant access...
Utente Junior
Post: 88
Iscritto il: 16/08/06 11:18

Postdi alemao » 01/04/07 19:46

ho scaricato quel programma che tu consigliavi agli altri e questo è il report

Find AWF report by noahdfear ©2006

bak folders found

Il volume nell'unit… C Š ACER
Numero di serie del volume: 320D-180E

Directory di C:\WINDOWS\SYSTEM32\BAK

0 File 0 byte
2 Directory 26.977.435.648 byte disponibili
Il volume nell'unit… C Š ACER
Numero di serie del volume: 320D-180E

Directory di C:\PROGRA~1\MESSEN~1\BAK

0 File 0 byte
2 Directory 26.977.435.648 byte disponibili
Il volume nell'unit… C Š ACER
Numero di serie del volume: 320D-180E

Directory di C:\PROGRA~1\ARCADE\BAK

0 File 0 byte
2 Directory 26.977.435.648 byte disponibili
Il volume nell'unit… C Š ACER
Numero di serie del volume: 320D-180E

Directory di C:\PROGRA~1\LAUNCH~1\BAK

0 File 0 byte
2 Directory 26.977.435.648 byte disponibili
Il volume nell'unit… C Š ACER
Numero di serie del volume: 320D-180E

Directory di C:\WINDOWS\IME\IMJP8_1\BAK

0 File 0 byte
2 Directory 26.977.435.648 byte disponibili
Il volume nell'unit… C Š ACER
Numero di serie del volume: 320D-180E

Directory di C:\PROGRA~1\FILECO~1\SYMANT~1\BAK

0 File 0 byte
2 Directory 26.977.435.648 byte disponibili
Il volume nell'unit… C Š ACER
Numero di serie del volume: 320D-180E


0 File 0 byte
2 Directory 26.977.435.648 byte disponibili
Il volume nell'unit… C Š ACER
Numero di serie del volume: 320D-180E

Directory di C:\ACER\EMPOWE~1\ERECOV~1\BAK

0 File 0 byte
2 Directory 26.977.435.648 byte disponibili
Il volume nell'unit… C Š ACER
Numero di serie del volume: 320D-180E


0 File 0 byte
2 Directory 26.977.435.648 byte disponibili
Il volume nell'unit… C Š ACER
Numero di serie del volume: 320D-180E


0 File 0 byte
2 Directory 26.977.435.648 byte disponibili
Il volume nell'unit… C Š ACER
Numero di serie del volume: 320D-180E


0 File 0 byte
2 Directory 26.977.435.648 byte disponibili
Il volume nell'unit… C Š ACER
Numero di serie del volume: 320D-180E


0 File 0 byte
2 Directory 26.977.435.648 byte disponibili

Duplicate files of bak directory contents

end of report
Utente Junior
Post: 88
Iscritto il: 16/08/06 11:18

Postdi Luke57 » 02/04/07 07:09

Ciao, sembra tutto a posto.
Post: 6413
Iscritto il: 11/08/05 19:10

Torna a Sicurezza e Privacy

Topic correlati a "norton non parte più":

Chi c’è in linea

Visitano il forum: Nessuno e 38 ospiti