Condividi:        

wilogon.exe......impossibileindividuare un componente

Se il modem non funziona, hai problemi con la scheda video o non sai che processore scegliere entra qui!!

Moderatori: m.paolo, Caffey

Re: wilogon.exe......impossibileindividuare un componente

Postdi FrancescoFDAC » 26/05/12 12:50

Ciao, prova a cambiare punto di ripristino, sperando che tu ne abbia più di uno.

Francesco
FrancescoFDAC
Utente Senior
 
Post: 1048
Iscritto il: 13/08/11 09:53

Sponsor
 

Re: wilogon.exe......impossibileindividuare un componente

Postdi Danivan » 28/05/12 11:44

Ciao ho provato con piu punti ripristino ma niente da fare....mi da sempre lo stesso errore........ impossibile riprestinere.......ecc ecc
Danivan
Utente Junior
 
Post: 77
Iscritto il: 26/08/08 19:19

Re: wilogon.exe......impossibileindividuare un componente

Postdi FrancescoFDAC » 28/05/12 12:23

Puoi inviare una immagine esplicativa?

Elenca, infine, gli ulteriori problemi che presenta il tuo pc.
FrancescoFDAC
Utente Senior
 
Post: 1048
Iscritto il: 13/08/11 09:53

Re: wilogon.exe......impossibileindividuare un componente

Postdi Danivan » 28/05/12 17:06

Non so cosa sia sucesso ma e tornato tutto quasi normale ,come prima del lancio di yorkyt, forse possiamo ripartire con il nostro intento.
NB: al riavvio del pc mi da sempre lo stesso errore
Ciao
Danivan
Utente Junior
 
Post: 77
Iscritto il: 26/08/08 19:19

Re: wilogon.exe......impossibileindividuare un componente

Postdi FrancescoFDAC » 29/05/12 12:16

Scarica OTL By OldTimer: http://oldtimer.geekstogo.com/OTL.exe
● posiziona il tool scaricato sul Desktop
● doppio click sull'icona del programma per avviarlo
● metti il segno di spunta a Scan All Users
● clicca sul bottone Quick Scan
● attendi pazientemente la fine della scansione
● alla fine della scansione, verranno generati 2 logs: allegali
OTListIt.txt (aperto)
Extra.txt (minimizzato)
FrancescoFDAC
Utente Senior
 
Post: 1048
Iscritto il: 13/08/11 09:53

Re: wilogon.exe......impossibileindividuare un componente

Postdi Danivan » 29/05/12 20:04

ecco qua OTListIt.txt , ho dovuto dividere per superamento caratteri permessi
OTL logfile created on: 29/05/2012 21.10.54 - Run 1
OTL by OldTimer - Version 3.2.44.0 Folder = C:\Documents and Settings\Computer\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy

3,25 Gb Total Physical Memory | 2,61 Gb Available Physical Memory | 80,31% Memory free
7,04 Gb Paging File | 6,60 Gb Available in Paging File | 93,71% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programmi
Drive C: | 273,44 Gb Total Space | 242,90 Gb Free Space | 88,83% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 734,61 Gb Free Space | 78,86% Space Free | Partition Type: NTFS
Drive F: | 24,65 Gb Total Space | 18,65 Gb Free Space | 75,66% Space Free | Partition Type: NTFS
Drive H: | 960,34 Mb Total Space | 950,96 Mb Free Space | 99,02% Space Free | Partition Type: FAT32

Computer Name: IVAN | User Name: Computer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/05/29 21.09.37 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Computer\Desktop\OTL.exe
PRC - [2012/03/07 02.15.17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Programmi\Alwil Software\Avast5\AvastUI.exe
PRC - [2012/03/07 02.15.14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Programmi\Alwil Software\Avast5\AvastSvc.exe
PRC - [2012/02/27 01.15.42 | 000,055,144 | ---- | M] (Apple Inc.) -- C:\Programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2012/02/15 01.03.14 | 024,246,216 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\Computer\Dati applicazioni\Dropbox\bin\Dropbox.exe
PRC - [2010/01/09 21.37.50 | 004,640,000 | ---- | M] (Microsoft Corporation) -- C:\Programmi\File comuni\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
PRC - [2009/12/13 18.45.46 | 001,619,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2012/05/29 08.55.39 | 001,763,328 | ---- | M] () -- C:\Programmi\Alwil Software\Avast5\defs\12052900\algo.dll
MOD - [2012/05/28 19.54.33 | 001,763,328 | ---- | M] () -- C:\Programmi\Alwil Software\Avast5\defs\12052801\algo.dll
MOD - [2012/04/04 07.53.58 | 000,301,056 | ---- | M] () -- C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\PDFShell.ITA
MOD - [2011/09/27 08.23.00 | 000,087,912 | ---- | M] () -- C:\Programmi\File comuni\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 08.22.40 | 001,242,472 | ---- | M] () -- C:\Programmi\File comuni\Apple\Apple Application Support\libxml2.dll
MOD - [2011/03/17 00.11.16 | 004,297,568 | ---- | M] () -- C:\Programmi\File comuni\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Programmi\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2012/05/05 15.24.33 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/03/07 02.15.14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programmi\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012/02/27 01.15.42 | 000,055,144 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/12/08 15.31.06 | 000,628,736 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Programmi\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010/05/05 18.31.35 | 000,072,704 | ---- | M] (Adobe Systems) [On_Demand | Stopped] -- C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service)
SRV - [2010/03/18 13.16.28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2010/01/09 21.37.50 | 004,640,000 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programmi\File comuni\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2010/01/09 21.18.00 | 000,149,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programmi\File comuni\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2009/12/13 17.29.32 | 000,030,720 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\msdtc.exe -- (MSDTC)
SRV - [2009/12/13 17.29.30 | 000,053,248 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\mnmsrvc.exe -- (mnmsrvc)
SRV - [2009/12/13 17.29.12 | 000,043,008 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\clipsrv.exe -- (ClipSrv)
SRV - [2008/07/29 20.24.50 | 000,881,664 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc)
SRV - [2008/06/24 16.05.56 | 000,537,896 | ---- | M] (Nero AG) [Disabled | Stopped] -- C:\Programmi\File comuni\Nero\Lib\NMIndexingService.exe -- (NMIndexingService)
SRV - [2008/06/08 09.31.04 | 000,877,864 | ---- | M] (Nero AG) [Disabled | Stopped] -- C:\Programmi\Nero\Nero8\Nero BackItUp\NBService.exe -- (Nero BackItUp Scheduler 3)
SRV - [2008/04/13 20.14.24 | 000,293,888 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\vssvc.exe -- (VSS)
SRV - [2008/04/13 20.14.24 | 000,074,752 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\tlntsvr.exe -- (TlntSvr)
SRV - [2008/04/13 20.14.22 | 000,092,672 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\smlogsvc.exe -- (SysmonLog)
SRV - [2008/04/13 20.14.20 | 000,142,336 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\sessmgr.exe -- (RDSessMgr)
SRV - [2008/04/13 20.14.16 | 000,113,152 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\netdde.exe -- (NetDDEdsdm)
SRV - [2008/04/13 20.14.16 | 000,113,152 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\netdde.exe -- (NetDDE)
SRV - [2008/04/13 20.14.12 | 000,013,312 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (NtLmSsp)
SRV - [2008/04/13 20.14.12 | 000,013,312 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (Netlogon)
SRV - [2008/04/13 20.14.10 | 000,150,528 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\imapi.exe -- (ImapiService)
SRV - [2008/04/13 20.13.58 | 000,068,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\webclnt.dll -- (WebClient)
SRV - [2008/04/13 20.13.50 | 000,088,576 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\rasauto.dll -- (RasAuto)
SRV - [2008/04/13 20.13.50 | 000,059,904 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\regsvc.dll -- (RemoteRegistry)
SRV - [2008/04/13 20.13.48 | 000,437,248 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\ntmssvc.dll -- (NtmsSvc)
SRV - [2008/04/13 20.13.44 | 000,053,248 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\mprdim.dll -- (RemoteAccess)
SRV - [2008/04/13 20.13.44 | 000,033,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\msgsvc.dll -- (Messenger)
SRV - [2008/04/13 20.13.42 | 000,013,824 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\lmhsvc.dll -- (LmHosts)
SRV - [2008/04/13 20.13.38 | 000,017,408 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\alrsvc.dll -- (Alerter)
SRV - [2006/04/12 10.29.30 | 000,266,295 | ---- | M] (Broadcom Corporation.) [Disabled | Stopped] -- C:\Programmi\D-Link\Bluetooth Software\bin\btwdins.exe -- (btwdins)
SRV - [2004/10/22 03.24.18 | 000,073,728 | ---- | M] (Macrovision Corporation) [Disabled | Stopped] -- C:\Programmi\File comuni\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2004/08/19 14.00.00 | 000,132,608 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\rsvp.exe -- (RSVP)
SRV - [2004/03/18 16.55.48 | 000,065,536 | ---- | M] (HP) [Disabled | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2003/06/20 00.25.00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programmi\File comuni\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Programmi\SiSoftware\SiSoftware Sandra Lite 2011.SP5\WNt500x86\Sandra.sys -- (SANDRA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\Drivers\AsrCDDrv.sys -- (AsrCDDrv)
DRV - [2012/03/07 02.03.51 | 000,612,184 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/03/07 02.03.38 | 000,337,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/03/07 02.02.00 | 000,035,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2012/03/07 02.01.53 | 000,053,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/03/07 02.01.39 | 000,095,704 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012/03/07 02.01.30 | 000,020,696 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/03/07 01.58.29 | 000,024,920 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2012/01/17 22.55.42 | 000,028,424 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PRSBDrvr.sys -- (PRSBDrvr)
DRV - [2010/07/30 15.16.46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010/07/30 15.16.44 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010/07/30 15.16.42 | 000,023,040 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010/07/30 15.16.38 | 000,018,048 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010/07/26 13.24.46 | 000,137,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2010/07/26 13.24.42 | 000,008,576 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2010/06/08 21.30.16 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\Lbd.sys -- (Lbd)
DRV - [2010/04/19 19.29.20 | 000,018,432 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\netaapl.sys -- (Netaapl)
DRV - [2010/03/11 11.17.14 | 000,025,088 | ---- | M] (TeamViewer GmbH) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\teamviewervpn.sys -- (teamviewervpn)
DRV - [2009/08/17 20.16.06 | 001,390,976 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV - [2009/06/29 01.36.36 | 000,017,920 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2009/03/10 14.17.44 | 000,103,552 | R--- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\qscvusb.sys -- (MobileAdapter)
DRV - [2009/01/22 16.43.56 | 000,046,752 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nvhda32.sys -- (NVHDA)
DRV - [2008/08/26 10.26.12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008/08/18 12.54.24 | 000,145,952 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvgts.sys -- (nvgts)
DRV - [2008/04/13 19.56.02 | 000,120,448 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\pcmcia.sys -- (Pcmcia)
DRV - [2008/04/13 19.53.56 | 000,800,256 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\dmboot.sys -- (dmboot)
DRV - [2008/04/13 13.14.22 | 000,063,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\cdfs.sys -- (Cdfs)
DRV - [2008/04/13 12.32.38 | 000,066,048 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\udfs.sys -- (Udfs)
DRV - [2008/03/25 05.48.08 | 000,022,016 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2008/03/25 05.48.06 | 000,054,400 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2007/12/17 18.14.04 | 000,012,400 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AsIO.sys -- (AsIO)
DRV - [2006/04/12 10.14.50 | 000,329,837 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2006/04/12 10.11.36 | 000,023,271 | ---- | M] (Broadcom Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\btserial.sys -- (BTSERIAL)
DRV - [2006/04/12 10.09.32 | 000,854,538 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2006/04/12 10.05.48 | 000,030,427 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2006/04/12 10.04.46 | 000,065,784 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2006/04/12 10.02.14 | 000,148,932 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2006/04/12 10.00.46 | 000,047,811 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btwhid.sys -- (btwhid)
DRV - [2004/08/19 14.00.00 | 000,013,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\cbidf2k.sys -- (cbidf2k)
DRV - [2004/08/19 14.00.00 | 000,012,160 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\acpiec.sys -- (ACPIEC)
DRV - [2004/08/13 11.56.20 | 000,005,810 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/

IE - HKU\S-1-5-21-842925246-179605362-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
IE - HKU\S-1-5-21-842925246-179605362-682003330-1003\..\URLSearchHook: {c91fec63-9f25-400d-95e5-6cd334dd3cc1} - C:\Programmi\IncrediMail_MediaBar_Italiano_2\prxtbInc2.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-842925246-179605362-682003330-1003\..\SearchScopes,DefaultScope = {FE719720-E048-40FE-A783-1A7A418AEBC4}
IE - HKU\S-1-5-21-842925246-179605362-682003330-1003\..\SearchScopes\{FE719720-E048-40FE-A783-1A7A418AEBC4}: "URL" = http://www.google.com/search?hl=en&q={searchTerms}&rlz=1I7ADFA_it
IE - HKU\S-1-5-21-842925246-179605362-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-842925246-179605362-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local;*.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "MyStart Search"
FF - prefs.js..browser.search.order.1: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "megaup"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "megaup"
FF - prefs.js..browser.search.selectedEngine: "MyStart Search"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://mystart.incredimail.com?a=13T2U2d4vgl"
FF - prefs.js..extensions.enabledItems: add-to-searchbox@maltekraus.de:2.0
FF - prefs.js..extensions.enabledItems: amin.eft_Shutdown@gmail.com:3.0.2A
FF - prefs.js..extensions.enabledItems: piclens@cooliris.com:1.8.2.4690
FF - prefs.js..extensions.enabledItems: it-IT@dictionaries.addons.mozilla.org:3.1
FF - prefs.js..extensions.enabledItems: dlembed@aeruder.net:0.5
FF - prefs.js..extensions.enabledItems: {F8A55C97-3DB6-4961-A81D-0DE0080E53CB}:0.9.1
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.6.3
FF - prefs.js..extensions.enabledItems: {c2d0e930-64de-11db-bd13-0800200c9a66}:2.0.4
FF - prefs.js..extensions.enabledItems: {c91fec63-9f25-400d-95e5-6cd334dd3cc1}:3.5.0.12
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: linkalert.conlan@addons.mozilla.com:0.8.2.1
FF - prefs.js..extensions.enabledItems: {9669CC8F-B388-42FE-86F4-CB5E7F5A8BDC}:6.0.1
FF - prefs.js..extensions.enabledItems: {B17C1C5A-04B1-11DB-9804-B622A1EF5492}:1.2
FF - prefs.js..extensions.enabledItems: {37E4D8EA-8BDA-4831-8EA1-89053939A250}:2.0.0.0
FF - prefs.js..extensions.enabledItems: {b548b086-6516-4d37-83f7-302f2bea93b1}:1.5.45.0
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.7
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.5.0.7896
FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.3.0.1
FF - prefs.js..extensions.enabledItems: {992791ee-61dc-7b98-a8fd-dc49b7deeee9}:3.2.0
FF - prefs.js..extensions.enabledItems: {95f24680-9e31-11da-a746-0800200c9a66}:0.1.5.4
FF - prefs.js..extensions.enabledItems: {1e334369-810a-4aca-b482-209966fdde24}:1.5.46.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}:6.0.31
FF - prefs.js..extensions.enabledItems: wrc@avast.com:7.0.1426
FF - prefs.js..keyword.URL: "http://search.sweetim.com/search.asp?src=2&q="
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://search.sweetim.com/search.asp?src=2&q="

FF - user.js..browser.search.openintab: false

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programmi\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programmi\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programmi\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Programmi\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.669: c:\programmi\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.669: c:\programmi\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669: C:\Documents and Settings\All Users\Dati applicazioni\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669: C:\Documents and Settings\All Users\Dati applicazioni\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.669: c:\programmi\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programmi\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programmi\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\Documents and Settings\All Users\Dati applicazioni\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programmi\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Programmi\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010/12/24 23.35.08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Dati applicazioni\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/12/12 21.45.26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\wrc@avast.com: C:\Programmi\Alwil Software\Avast5\WebRep\FF [2012/03/10 19.15.05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Components: C:\Programmi\Mozilla Firefox\components [2011/12/12 21.45.19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Plugins: C:\Programmi\Mozilla Firefox\plugins [2012/04/19 21.47.25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Programmi\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010/12/24 23.35.09 | 000,000,000 | ---D | M]

[2010/09/29 12.52.57 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Extensions
[2010/09/29 12.52.57 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012/05/06 10.45.46 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Firefox\Profiles\bao8jswp.default\extensions
[2008/10/13 01.41.48 | 000,000,000 | ---D | M] (UWP Toolbar) -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Firefox\Profiles\bao8jswp.default\extensions\{1e334369-810a-4aca-b482-209966fdde24}
[2011/10/30 09.00.51 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Firefox\Profiles\bao8jswp.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2008/10/13 01.41.47 | 000,000,000 | ---D | M] (MinimizeToTray) -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Firefox\Profiles\bao8jswp.default\extensions\{31513E58-F253-47ad-86DB-D5F21E905429}
[2008/10/13 01.41.47 | 000,000,000 | ---D | M] (PDF Download) -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Firefox\Profiles\bao8jswp.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
[2008/10/13 01.41.46 | 000,000,000 | ---D | M] (Forecastbar Enhanced) -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Firefox\Profiles\bao8jswp.default\extensions\{3CE993BF-A3D9-4fd2-B3B6-768CBBC337F8}
[2008/10/13 01.41.44 | 000,000,000 | ---D | M] (Update Notifier) -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Firefox\Profiles\bao8jswp.default\extensions\{95f24680-9e31-11da-a746-0800200c9a66}
[2008/10/13 01.41.44 | 000,000,000 | ---D | M] (MR Tech Toolkit (formerly Local Install)) -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Firefox\Profiles\bao8jswp.default\extensions\{9669CC8F-B388-42FE-86F4-CB5E7F5A8BDC}
[2010/02/17 22.53.16 | 000,000,000 | ---D | M] (TryAgain) -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Firefox\Profiles\bao8jswp.default\extensions\{992791ee-61dc-7b98-a8fd-dc49b7deeee9}
[2008/10/13 01.41.43 | 000,000,000 | ---D | M] (Blue Ice 2) -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Firefox\Profiles\bao8jswp.default\extensions\{a8dd47cf-239f-48c4-8379-e6b4cbafdcfa}
[2008/10/13 01.41.43 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Firefox\Profiles\bao8jswp.default\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}
[2010/02/17 22.53.16 | 000,000,000 | ---D | M] (Password Exporter) -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Firefox\Profiles\bao8jswp.default\extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}
[2008/10/13 01.41.43 | 000,000,000 | ---D | M] (Phaze Bar Toolbar) -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Firefox\Profiles\bao8jswp.default\extensions\{b548b086-6516-4d37-83f7-302f2bea93b1}
[2008/10/13 01.41.42 | 000,000,000 | ---D | M] (FAYT) -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Firefox\Profiles\bao8jswp.default\extensions\{c2d0e930-64de-11db-bd13-0800200c9a66}
[2008/10/13 01.41.42 | 000,000,000 | ---D | M] (Fasterfox) -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Firefox\Profiles\bao8jswp.default\extensions\{c36177c0-224a-11da-8cd6-0800200c9a66}
[2011/06/29 19.51.35 | 000,000,000 | ---D | M] (IncrediMail MediaBar Italiano 2 Community Toolbar) -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Firefox\Profiles\bao8jswp.default\extensions\{c91fec63-9f25-400d-95e5-6cd334dd3cc1}
[2008/10/13 01.41.42 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Firefox\Profiles\bao8jswp.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2011/11/08 22.38.15 | 000,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Firefox\Profiles\bao8jswp.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
[2010/02/17 22.53.15 | 000,000,000 | ---D | M] (Download Manager Tweak) -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Firefox\Profiles\bao8jswp.default\extensions\{F8A55C97-3DB6-4961-A81D-0DE0080E53CB}
[2010/02/17 22.53.14 | 000,000,000 | ---D | M] (Add to Search Bar) -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Firefox\Profiles\bao8jswp.default\extensions\add-to-searchbox@maltekraus.de
[2008/10/13 01.41.53 | 000,000,000 | ---D | M] (Auto Shutdown - InBasic) -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Firefox\Profiles\bao8jswp.default\extensions\amin.eft_Shutdown@gmail.com
[2008/10/13 01.41.52 | 000,000,000 | ---D | M] (Download Embedded) -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Firefox\Profiles\bao8jswp.default\extensions\dlembed@aeruder.net
[2008/10/13 01.41.52 | 000,000,000 | ---D | M] (Dizionario italiano) -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Firefox\Profiles\bao8jswp.default\extensions\it-IT@dictionaries.addons.mozilla.org
[2008/10/13 01.41.52 | 000,000,000 | ---D | M] ("Link Alert") -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Firefox\Profiles\bao8jswp.default\extensions\linkalert.conlan@addons.mozilla.com
[2008/10/13 01.41.51 | 000,000,000 | ---D | M] (Cooliris) -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Firefox\Profiles\bao8jswp.default\extensions\piclens@cooliris.com
[2008/10/13 01.41.49 | 000,000,000 | ---D | M] (Translation Panel) -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Firefox\Profiles\bao8jswp.default\extensions\translation@nazo
[2008/10/13 01.41.48 | 000,000,000 | ---D | M] ("Undo Closed Tabs Button") -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Firefox\Profiles\bao8jswp.default\extensions\undoclosedtabsbutton@supernova00.biz
[2010/02/17 22.43.19 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Firefox\Profiles\g5e6l7wp.default\extensions
[2010/05/26 15.18.50 | 000,002,333 | ---- | M] () -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Firefox\Profiles\bao8jswp.default\searchplugins\askcom.xml
[2008/10/09 04.48.08 | 000,002,013 | ---- | M] () -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Firefox\Profiles\bao8jswp.default\searchplugins\crack-spider.xml
[2008/02/18 12.19.24 | 000,000,943 | ---- | M] () -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Firefox\Profiles\bao8jswp.default\searchplugins\filmmusicru.xml
[2008/09/08 23.17.14 | 000,000,992 | ---- | M] () -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Firefox\Profiles\bao8jswp.default\searchplugins\gamecopyworld.xml
[2008/02/18 12.18.32 | 000,005,327 | ---- | M] () -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Firefox\Profiles\bao8jswp.default\searchplugins\infinitewarez.xml
[2008/09/30 00.44.46 | 000,001,001 | ---- | M] () -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Firefox\Profiles\bao8jswp.default\searchplugins\mininova.xml
[2011/04/11 11.53.15 | 000,002,185 | ---- | M] () -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Firefox\Profiles\bao8jswp.default\searchplugins\MyStart Search.xml
[2008/10/14 23.36.03 | 000,001,954 | ---- | M] () -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Firefox\Profiles\bao8jswp.default\searchplugins\phazeddl-warez.xml
[2008/02/21 17.59.20 | 000,001,031 | ---- | M] () -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Firefox\Profiles\bao8jswp.default\searchplugins\phazemp3-albums.xml
[2008/02/18 12.16.14 | 000,000,542 | ---- | M] () -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Firefox\Profiles\bao8jswp.default\searchplugins\serials--keys.xml
[2011/11/08 22.38.08 | 000,003,915 | ---- | M] () -- C:\Documents and Settings\Computer\Dati applicazioni\Mozilla\Firefox\Profiles\bao8jswp.default\searchplugins\sweetim.xml
[2012/05/06 10.45.46 | 000,000,000 | ---D | M] (No name found) -- C:\Programmi\Mozilla Firefox\extensions
[2011/07/23 11.22.28 | 000,000,000 | ---D | M] (Skype extension) -- C:\Programmi\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2010/05/04 21.58.11 | 000,000,000 | ---D | M] (Java Console) -- C:\Programmi\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/10/07 20.26.46 | 000,000,000 | ---D | M] (Java Console) -- C:\Programmi\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/10/29 20.03.54 | 000,000,000 | ---D | M] (Java Console) -- C:\Programmi\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/01/07 10.33.10 | 000,000,000 | ---D | M] (Java Console) -- C:\Programmi\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/06/20 18.28.37 | 000,000,000 | ---D | M] (Java Console) -- C:\Programmi\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2012/05/06 10.45.34 | 000,000,000 | ---D | M] (Java Console) -- C:\Programmi\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
[2011/12/12 21.45.26 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\DATI APPLICAZIONI\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT
[2012/03/10 19.15.05 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAMMI\ALWIL SOFTWARE\AVAST5\WEBREP\FF
[2012/04/15 18.34.57 | 000,000,000 | ---D | M] (No name found) -- C:\PROGRAMMI\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/10/03 05.06.04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programmi\mozilla firefox\plugins\npdeployJava1.dll
[2006/09/26 12.03.14 | 000,098,304 | ---- | M] (Zylom) -- C:\Programmi\mozilla firefox\plugins\npzylomgamesplayer.dll
[2010/05/04 22.01.00 | 000,001,412 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\demauro.xml
[2010/05/04 22.01.00 | 000,000,744 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\eBay-it.xml
[2010/05/04 22.01.00 | 000,001,182 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\wikipedia-it.xml
[2010/05/04 22.01.00 | 000,000,649 | ---- | M] () -- C:\Programmi\mozilla firefox\searchplugins\yahoo-it.xml

========== Chrome ==========


O1 HOSTS File: ([2004/08/19 14.00.00 | 000,000,768 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AC-Pro) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Programmi\AutocompletePro\AutocompletePro.dll (SimplyGen)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Dati applicazioni\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programmi\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programmi\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Guida per l'accesso a Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programmi\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (IncrediMail MediaBar Italiano 2 Toolbar) - {c91fec63-9f25-400d-95e5-6cd334dd3cc1} - C:\Programmi\IncrediMail_MediaBar_Italiano_2\prxtbInc2.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programmi\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (IncrediMail MediaBar Italiano 2 Toolbar) - {c91fec63-9f25-400d-95e5-6cd334dd3cc1} - C:\Programmi\IncrediMail_MediaBar_Italiano_2\prxtbInc2.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-842925246-179605362-682003330-1003\..\Toolbar\WebBrowser: (IncrediMail MediaBar Italiano 2 Toolbar) - {C91FEC63-9F25-400D-95E5-6CD334DD3CC1} - C:\Programmi\IncrediMail_MediaBar_Italiano_2\prxtbInc2.dll (Conduit Ltd.)
O4 - HKLM..\Run: [avast] C:\Programmi\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - Startup: C:\Documents and Settings\Computer\Menu Avvio\Programmi\Esecuzione automatica\Dropbox.lnk = C:\Documents and Settings\Computer\Dati applicazioni\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRemoteRecursiveEvents = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\S-1-5-21-842925246-179605362-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-842925246-179605362-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKU\S-1-5-21-842925246-179605362-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-21-842925246-179605362-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\S-1-5-21-842925246-179605362-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O8 - Extra context menu item: Cerca nel web - C:\Programmi\SweetIM\Toolbars\Internet Explorer\resources\menuext.html File not found
O8 - Extra context menu item: E&sporta in Microsoft Excel - C:\Programmi\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Google Sidewiki... - res://C:\Programmi\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html File not found
O8 - Extra context menu item: I&nvia a OneNote - C:\Programmi\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Invia a periferica &Bluetooth... - C:\Programmi\D-Link\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra Button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programmi\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programmi\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programmi\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programmi\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programmi\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://support.asus.com/select/asusTek_sys_ctrl3.cab (asusTek_sysctrl Class)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2.hp.com/ediags/dex/s ... DEXAXO.cab (HP Download Manager)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2C5CE2E1-40D6-4E6F-AAAE-FB84F38DAF17}: NameServer = 80.79.48.66,79.137.95.200
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E3B066AB-3D56-4A5F-8812-859E5C2DC95C}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programmi\File comuni\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programmi\File comuni\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programmi\File comuni\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programmi\File comuni\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Wallpapers & Etc)
O20 - Winlogon\Notify\WgaLogon: DllName - (WgaLogon.dll) - File not found
O24 - Desktop Components:0 (Pagina iniziale corrente) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Computer\Impostazioni locali\Dati applicazioni\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Computer\Impostazioni locali\Dati applicazioni\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Programmi\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programmi\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {EDB0E980-90BD-11D4-8599-0008C7D3B6F8} - C:\Programmi\Qualcomm\Eudora\EuShlExt.dll (Qualcomm Inc.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/02/29 16.34.58 | 000,000,654 | ---- | M] () - C:\autoAlbum.log -- [ NTFS ]
O32 - AutoRun File - [2010/02/17 19.55.34 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{4191bec8-75b3-11e0-b727-b5f343fae7d6}\Shell - "" = AutoRun
O33 - MountPoints2\{4191bec8-75b3-11e0-b727-b5f343fae7d6}\Shell\AutoRun\command - "" = G:\VDFPcAssistant.exe
O33 - MountPoints2\{4191bec9-75b3-11e0-b727-b5f343fae7d6}\Shell - "" = AutoRun
O33 - MountPoints2\{4191bec9-75b3-11e0-b727-b5f343fae7d6}\Shell\AutoRun\command - "" = G:\VDFPcAssistant.exe
O33 - MountPoints2\{4d301096-6409-11e0-b711-8f210abf15b5}\Shell - "" = AutoRun
O33 - MountPoints2\{4d301096-6409-11e0-b711-8f210abf15b5}\Shell\AutoRun\command - "" = G:\VDFPcAssistant.exe
O33 - MountPoints2\{4d301097-6409-11e0-b711-8f210abf15b5}\Shell - "" = AutoRun
O33 - MountPoints2\{4d301097-6409-11e0-b711-8f210abf15b5}\Shell\AutoRun\command - "" = G:\VDFPcAssistant.exe
O33 - MountPoints2\{4d301099-6409-11e0-b711-8f210abf15b5}\Shell - "" = AutoRun
O33 - MountPoints2\{4d301099-6409-11e0-b711-8f210abf15b5}\Shell\AutoRun\command - "" = G:\VDFPcAssistant.exe
O33 - MountPoints2\{515f4484-aad5-11df-b617-86197a81c019}\Shell - "" = AutoRun
O33 - MountPoints2\{515f4484-aad5-11df-b617-86197a81c019}\Shell\AutoRun\command - "" = G:\VDFPcAssistant.exe
O33 - MountPoints2\{515f4485-aad5-11df-b617-86197a81c019}\Shell - "" = AutoRun
O33 - MountPoints2\{515f4485-aad5-11df-b617-86197a81c019}\Shell\AutoRun\command - "" = G:\VDFPcAssistant.exe
O33 - MountPoints2\{b8e1ecde-91a9-11df-b601-e4c5d96f49b7}\Shell - "" = AutoRun
O33 - MountPoints2\{b8e1ecde-91a9-11df-b601-e4c5d96f49b7}\Shell\AutoRun\command - "" = G:\VDFPcAssistant.exe
O33 - MountPoints2\{b8e1ecdf-91a9-11df-b601-da97358f463f}\Shell - "" = AutoRun
O33 - MountPoints2\{b8e1ecdf-91a9-11df-b601-da97358f463f}\Shell\AutoRun\command - "" = G:\VDFPcAssistant.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/05/29 21.09.35 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Computer\Desktop\OTL.exe
[2012/05/29 06.40.45 | 000,000,000 | ---D | C] -- D:\Documenti\File di Outlook
[2012/05/29 06.16.36 | 000,000,000 | ---D | C] -- D:\Documenti\FILMS E VIDEO
[2012/05/29 06.00.30 | 000,000,000 | ---D | C] -- D:\Documenti\eMule Downloads
[2012/05/29 05.58.10 | 000,000,000 | ---D | C] -- D:\Documenti\FFOutput
[2012/05/28 22.53.13 | 000,000,000 | ---D | C] -- D:\Documenti\IncrediMail Transferred Data
[2012/05/28 22.52.32 | 000,000,000 | ---D | C] -- D:\Documenti\impianti idroelettrici sarca
[2012/05/28 22.50.40 | 000,000,000 | ---D | C] -- D:\Documenti\arena
[2012/05/28 22.49.09 | 000,000,000 | R--D | C] -- D:\Documenti\Ivan
[2012/05/28 22.49.08 | 000,000,000 | ---D | C] -- D:\Documenti\X IPHONE
[2012/05/28 22.28.13 | 000,000,000 | ---D | C] -- D:\Documenti\Video
[2012/05/28 22.28.13 | 000,000,000 | ---D | C] -- D:\Documenti\varie articoli
[2012/05/28 22.28.13 | 000,000,000 | ---D | C] -- D:\Documenti\Updater
[2012/05/28 22.28.13 | 000,000,000 | ---D | C] -- D:\Documenti\Skype
[2012/05/28 22.27.58 | 000,000,000 | R--D | C] -- D:\Documenti\Immagini
[2012/05/28 22.27.06 | 000,000,000 | ---D | C] -- D:\Documenti\foto stampate I°serie
[2012/05/28 22.27.05 | 000,000,000 | ---D | C] -- D:\Documenti\NeroVision
[2012/05/28 22.27.05 | 000,000,000 | ---D | C] -- D:\Documenti\documenti vari
[2012/05/28 22.24.19 | 000,000,000 | ---D | C] -- D:\Documenti\Nero
[2012/05/28 22.24.19 | 000,000,000 | ---D | C] -- D:\Documenti\daniela
[2012/05/28 21.55.59 | 000,000,000 | R--D | C] -- D:\Documenti\FOTO
[2012/05/28 21.23.02 | 000,000,000 | ---D | C] -- D:\Documenti\film
[2012/05/28 21.22.43 | 000,000,000 | ---D | C] -- D:\Documenti\Scansioni personali
[2012/05/28 21.22.32 | 000,000,000 | R--D | C] -- D:\Documenti\Anacli
[2012/05/28 21.22.32 | 000,000,000 | ---D | C] -- D:\Documenti\Album personali
[2012/05/28 21.22.32 | 000,000,000 | ---D | C] -- D:\Documenti\Adobe Scripts
[2012/05/28 21.22.03 | 000,000,000 | R--D | C] -- D:\Documenti\Musica
[2012/05/28 21.22.00 | 000,000,000 | ---D | C] -- D:\Documenti\2010-11 (Nov)
[2012/05/28 21.22.00 | 000,000,000 | ---D | C] -- D:\Documenti\[pcgame]Tetris XP v1
[2012/05/28 21.21.59 | 000,000,000 | ---D | C] -- D:\Documenti\Cartella Scambio Bluetooth
[2012/05/22 19.07.05 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Computer\Recent
[2012/05/22 17.45.16 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2012/05/21 19.49.24 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DBBK
[2012/05/15 16.35.41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Computer\Dati applicazioni\PriceGong
[2012/05/05 14.54.56 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Computer\Desktop\TFC.exe
[2012/05/04 18.02.43 | 000,000,000 | --SD | C] -- C:\32788R22FWJFW
[2012/05/04 11.08.53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Computer\Dati applicazioni\Malwarebytes
[2012/05/04 11.08.49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Malwarebytes' Anti-Malware
[2012/05/04 11.08.48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dati applicazioni\Malwarebytes
[2012/05/04 11.08.47 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/05/04 11.08.19 | 000,000,000 | ---D | C] -- C:\Programmi\Malwarebytes' Anti-Malware
[2012/05/04 11.06.47 | 010,063,000 | ---- | C] (Malwarebytes Corporation ) -- C:\Programmi\mbam-setup-1.61.0.1400.exe
[2012/05/04 11.04.10 | 000,000,000 | ---D | C] -- C:\Programmi\Trend Micro
[2012/05/04 11.04.10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Computer\Menu Avvio\Programmi\HiJackThis
[2012/05/03 17.45.24 | 000,000,000 | R--D | C] -- D:\Documenti\Dropbox
[2012/05/03 15.48.50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Computer\Dati applicazioni\Windows Search
[2012/05/03 15.46.25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Computer\Dati applicazioni\Windows Desktop Search
[2012/05/03 15.44.58 | 000,000,000 | ---D | C] -- C:\Programmi\Windows Desktop Search
[2012/05/03 15.44.58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\GroupPolicy
[2010/10/04 23.04.12 | 002,944,904 | ---- | C] (Ask) -- C:\Programmi\File comuni\AskToolbarInstaller.exe
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/05/29 21.09.37 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Computer\Desktop\OTL.exe
[2012/05/29 20.46.01 | 000,001,130 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/05/29 20.34.28 | 000,000,202 | ---- | M] () -- C:\WINDOWS\tasks\AutoKMSDaily.job
[2012/05/29 20.34.27 | 000,000,206 | ---- | M] () -- C:\WINDOWS\tasks\AutoKMS.job
[2012/05/29 20.34.19 | 000,078,848 | ---- | M] () -- C:\WINDOWS\KMSEmulator.exe
[2012/05/29 20.33.44 | 000,212,641 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2012/05/29 20.33.13 | 000,001,126 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/05/29 20.33.13 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-842925246-179605362-682003330-1003.job
[2012/05/29 20.33.11 | 000,002,278 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/05/29 20.33.10 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/05/29 06.24.00 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/05/28 22.32.34 | 000,000,436 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{9646D064-3E58-45F4-A7FE-B1451095F60C}.job
[2012/05/28 21.20.46 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012/05/28 21.20.45 | 000,157,184 | ---- | M] () -- C:\Documents and Settings\Computer\Impostazioni locali\Dati applicazioni\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/05/28 20.45.00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-842925246-179605362-682003330-1003.job
[2012/05/28 17.37.51 | 000,002,621 | ---- | M] () -- C:\Documents and Settings\Computer\Desktop\Microsoft Outlook 2010.lnk
[2012/05/28 17.35.09 | 000,000,042 | ---- | M] () -- C:\Documents and Settings\Computer\Dati applicazioni\default.pls
[2012/05/21 20.20.43 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/05/21 19.48.40 | 001,410,373 | ---- | M] () -- C:\Documents and Settings\Computer\Desktop\yorkyt.exe
[2012/05/21 19.46.38 | 003,642,720 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/05/21 18.22.27 | 000,001,012 | ---- | M] () -- C:\Documents and Settings\Computer\Menu Avvio\Programmi\Esecuzione automatica\Dropbox.lnk
[2012/05/17 19.59.41 | 000,008,612 | ---- | M] () -- C:\Documents and Settings\Computer\Desktop\hijackthis1
[2012/05/17 19.59.14 | 000,002,431 | ---- | M] () -- C:\Documents and Settings\Computer\Desktop\HiJackThis.lnk
[2012/05/16 21.26.01 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/05/15 21.29.14 | 000,000,492 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2012/05/06 18.07.53 | 001,732,608 | ---- | M] () -- D:\Documenti\Database1.accdb
[2012/05/06 18.00.41 | 000,000,064 | ---- | M] () -- D:\Documenti\Database1.laccdb
[2012/05/05 14.55.01 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Computer\Desktop\TFC.exe
[2012/05/04 11.08.49 | 000,000,756 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/05/04 11.06.47 | 010,063,000 | ---- | M] (Malwarebytes Corporation ) -- C:\Programmi\mbam-setup-1.61.0.1400.exe
[2012/05/03 18.18.15 | 001,253,376 | ---- | M] () -- D:\Documenti\Attività1.accdb
[2012/05/03 18.16.30 | 002,326,528 | ---- | M] () -- D:\Documenti\Progetti di marketing1.accdb
[2012/05/03 18.03.29 | 000,761,856 | ---- | M] () -- D:\Documenti\Eventi.accdb
[2012/05/03 15.45.03 | 000,580,018 | ---- | M] () -- C:\WINDOWS\System32\perfh010.dat
[2012/05/03 15.45.03 | 000,114,204 | ---- | M] () -- C:\WINDOWS\System32\perfc010.dat
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========
Danivan
Utente Junior
 
Post: 77
Iscritto il: 26/08/08 19:19

Re: wilogon.exe......impossibileindividuare un componente

Postdi Danivan » 29/05/12 20:09

seconda parte di OTListIt.txt
[2012/05/29 06.40.48 | 000,761,856 | ---- | C] () -- D:\Documenti\Eventi.accdb
[2012/05/29 06.40.48 | 000,036,580 | ---- | C] () -- D:\Documenti\OfficeKeyRemover1.0.0.1.zip
[2012/05/29 06.40.48 | 000,002,178 | ---- | C] () -- D:\Documenti\Nuovo database.odb
[2012/05/28 21.22.59 | 021,073,936 | ---- | C] () -- D:\Documenti\vlc-1.1.11-win32.exe
[2012/05/28 21.22.58 | 003,761,365 | ---- | C] () -- D:\Documenti\panasonic tz 20.pdf
[2012/05/28 21.22.51 | 002,792,638 | ---- | C] () -- D:\Documenti\bonifico bosetti.pdf
[2012/05/28 21.22.51 | 000,008,343 | ---- | C] () -- D:\Documenti\cerchi qq.jpg
[2012/05/28 21.22.50 | 001,732,608 | ---- | C] () -- D:\Documenti\Database1.accdb
[2012/05/28 21.22.50 | 000,000,064 | ---- | C] () -- D:\Documenti\Database1.laccdb
[2012/05/28 21.22.49 | 002,326,528 | ---- | C] () -- D:\Documenti\Progetti di marketing1.accdb
[2012/05/28 21.22.49 | 002,326,528 | ---- | C] () -- D:\Documenti\Progetti di marketing.accdb
[2012/05/28 21.22.49 | 000,306,820 | ---- | C] () -- D:\Documenti\richiesta rimborso.pdf
[2012/05/28 21.22.32 | 000,175,343 | ---- | C] () -- D:\Documenti\SoftKeyRevealer-2.3.0[1].zip
[2012/05/28 21.22.32 | 000,175,343 | ---- | C] () -- D:\Documenti\SoftKeyRevealer-2.3.0.zip
[2012/05/28 21.22.31 | 004,213,181 | ---- | C] () -- D:\Documenti\Stampa di fax a pagina intera.pdf
[2012/05/28 21.22.31 | 002,228,224 | ---- | C] () -- D:\Documenti\Beni.accdb
[2012/05/28 21.22.31 | 001,253,376 | ---- | C] () -- D:\Documenti\Attività1.accdb
[2012/05/28 21.22.31 | 001,191,936 | ---- | C] () -- D:\Documenti\Attività.accdb
[2012/05/28 21.22.31 | 000,075,902 | ---- | C] () -- D:\Documenti\unlockdisk.zip
[2012/05/28 21.22.31 | 000,015,675 | ---- | C] () -- D:\Documenti\Audio1.nra
[2012/05/27 11.53.18 | 000,028,424 | ---- | C] () -- C:\WINDOWS\System32\drivers\PRSBDrvr.sys
[2012/05/21 19.48.35 | 001,410,373 | ---- | C] () -- C:\Documents and Settings\Computer\Desktop\yorkyt.exe
[2012/05/21 18.22.27 | 000,001,012 | ---- | C] () -- C:\Documents and Settings\Computer\Menu Avvio\Programmi\Esecuzione automatica\Dropbox.lnk
[2012/05/17 19.59.41 | 000,008,612 | ---- | C] () -- C:\Documents and Settings\Computer\Desktop\hijackthis1
[2012/05/04 13.34.51 | 000,078,848 | ---- | C] () -- C:\WINDOWS\KMSEmulator.exe
[2012/05/04 11.08.49 | 000,000,756 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/05/04 11.04.10 | 000,002,431 | ---- | C] () -- C:\Documents and Settings\Computer\Desktop\HiJackThis.lnk
[2012/05/03 15.45.04 | 000,001,753 | ---- | C] () -- C:\Documents and Settings\All Users\Menu Avvio\Programmi\Windows Search.lnk
[2012/03/06 18.50.09 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/12/10 18.21.38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\Localsecmondo.ini
[2011/12/10 18.15.40 | 000,000,133 | ---- | C] () -- C:\WINDOWS\System32\prndrvr.ini
[2011/11/05 15.58.51 | 001,657,376 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2011/11/05 15.58.49 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2011/11/05 15.58.48 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2011/11/05 15.58.46 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2011/11/05 15.58.43 | 001,503,232 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2011/11/05 15.58.43 | 001,346,080 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2011/11/05 15.58.37 | 000,449,056 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2011/11/05 15.58.23 | 000,436,768 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2011/11/05 15.55.20 | 000,003,948 | R--- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin
[2011/11/04 06.34.45 | 000,001,769 | ---- | C] () -- C:\WINDOWS\Language_trs.ini
[2011/10/29 22.13.56 | 000,647,168 | ---- | C] () -- C:\WINDOWS\AutoKMS.exe
[2011/10/29 22.13.56 | 000,000,184 | ---- | C] () -- C:\WINDOWS\AutoKMS.ini
[2011/09/13 22.30.32 | 000,982,720 | ---- | C] () -- C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\WPFFontCache_v0400-S-1-5-21-842925246-179605362-682003330-1003-0.dat
[2011/09/13 22.30.32 | 000,450,146 | ---- | C] () -- C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\WPFFontCache_v0400-System.dat
[2011/09/13 09.00.11 | 000,234,800 | ---- | C] () -- C:\Documents and Settings\LocalService\Impostazioni locali\Dati applicazioni\FontCache3.0.0.0.dat
[2011/05/20 18.01.50 | 000,066,908 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/12/18 18.43.29 | 000,000,000 | ---- | C] () -- C:\Programmi\vlc-1.1.5-win32.exe
[2010/11/02 22.33.58 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll
[2010/07/25 11.50.52 | 000,006,414 | ---- | C] () -- C:\WINDOWS\System32\content.ini
[2010/06/23 20.44.36 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat

========== LOP Check ==========

[2010/05/04 21.31.49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Alwil Software
[2010/06/23 20.33.09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Babylon
[2011/10/02 17.25.12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Cabela's® Big Game Hunter III Saves
[2011/05/28 16.17.15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Cisco Systems
[2011/03/03 21.01.19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\FarmFrenzy2
[2010/05/11 17.53.47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\IM
[2010/05/11 17.51.59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\IncrediMail
[2010/11/02 22.41.14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\MAGIX
[2010/12/24 22.09.06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\NokiaInstallerCache
[2010/12/24 23.36.46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\PC Suite
[2011/04/11 11.54.43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Photo Notifier and Animation Creator
[2010/07/09 17.10.49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\PhotoMail
[2010/09/02 17.08.50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\regid.1986-12.com.adobe
[2010/05/21 21.35.03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Spamihilator
[2010/09/29 12.52.26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\SweetIM
[2010/06/19 16.42.53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\TEMP
[2010/06/23 17.42.52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\TuneUp Software
[2011/12/10 18.13.56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\WinMagaPlus5
[2011/05/15 12.19.08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\Zylom
[2011/05/19 18.35.05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/06/23 17.42.36 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Dati applicazioni\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2011/10/30 11.41.49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Computer\Dati applicazioni\Auslogics
[2010/06/23 20.33.09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Computer\Dati applicazioni\Babylon
[2010/06/19 20.30.09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Computer\Dati applicazioni\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012/02/29 20.43.09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Computer\Dati applicazioni\Desktopicon
[2012/05/29 21.08.58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Computer\Dati applicazioni\Dropbox
[2010/05/24 11.29.15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Computer\Dati applicazioni\eMule
[2010/02/17 21.25.27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Computer\Dati applicazioni\Faxalo
[2010/05/08 17.08.57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Computer\Dati applicazioni\FreeAudioPack
[2010/05/08 17.16.42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Computer\Dati applicazioni\FreeCDRipper
[2010/05/04 21.54.43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Computer\Dati applicazioni\ImgBurn
[2011/08/13 17.22.57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Computer\Dati applicazioni\it.vodafone.desktopwidget.75C5D0AC8E830B80BD4FBC0B32A23F0123E8C097.1
[2012/02/29 16.57.31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Computer\Dati applicazioni\KC Softwares
[2010/11/02 22.36.52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Computer\Dati applicazioni\MAGIX
[2010/12/17 10.41.32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Computer\Dati applicazioni\Notepad++
[2010/05/04 21.38.52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Computer\Dati applicazioni\OpenOffice.org
[2010/05/21 21.22.13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Computer\Dati applicazioni\Opera
[2010/12/27 18.54.46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Computer\Dati applicazioni\PC Suite
[2012/05/29 21.11.25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Computer\Dati applicazioni\PriceGong
[2010/09/29 12.25.12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Computer\Dati applicazioni\Qualcomm
[2010/02/17 21.23.19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Computer\Dati applicazioni\Scooter Software
[2010/05/07 20.15.25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Computer\Dati applicazioni\Softland
[2012/05/16 10.46.43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Computer\Dati applicazioni\Spamihilator
[2011/06/20 18.10.45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Computer\Dati applicazioni\TeamViewer
[2010/09/29 12.52.42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Computer\Dati applicazioni\Thunderbird
[2010/06/23 17.43.00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Computer\Dati applicazioni\TuneUp Software
[2012/01/03 11.49.48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Computer\Dati applicazioni\uTorrent
[2012/05/03 15.46.26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Computer\Dati applicazioni\Windows Desktop Search
[2012/05/03 15.48.50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Computer\Dati applicazioni\Windows Search
[2011/05/15 12.19.20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Computer\Dati applicazioni\Zylom
[2010/05/07 20.15.25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Dati applicazioni\Softland
[2012/05/15 21.29.14 | 000,000,492 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2012/05/29 20.34.27 | 000,000,206 | ---- | M] () -- C:\WINDOWS\Tasks\AutoKMS.job
[2012/05/29 20.34.28 | 000,000,202 | ---- | M] () -- C:\WINDOWS\Tasks\AutoKMSDaily.job
[2012/05/28 22.32.34 | 000,000,436 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{9646D064-3E58-45F4-A7FE-B1451095F60C}.job

========== Purity Check ==========



< End of report >
prima parte di Extra.txt (minimizzato)
OTL Extras logfile created on: 29/05/2012 21.10.54 - Run 1
OTL by OldTimer - Version 3.2.44.0 Folder = C:\Documents and Settings\Computer\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy

3,25 Gb Total Physical Memory | 2,61 Gb Available Physical Memory | 80,31% Memory free
7,04 Gb Paging File | 6,60 Gb Available in Paging File | 93,71% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programmi
Drive C: | 273,44 Gb Total Space | 242,90 Gb Free Space | 88,83% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 734,61 Gb Free Space | 78,86% Space Free | Partition Type: NTFS
Drive F: | 24,65 Gb Total Space | 18,65 Gb Free Space | 75,66% Space Free | Partition Type: NTFS
Drive H: | 960,34 Mb Total Space | 950,96 Mb Free Space | 99,02% Space Free | Partition Type: FAT32

Computer Name: IVAN | User Name: Computer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Programmi\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Programmi\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programmi\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /k cd "%L" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Find.Target] -- "explorer.exe" /select,"%1" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programmi\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\Programmi\eMule\emule.exe" = C:\Programmi\eMule\emule.exe:*:Enabled:eMule -- (http://www.emule-project.net)
"C:\Programmi\VideoLAN\VLC\vlc.exe" = C:\Programmi\VideoLAN\VLC\vlc.exe:*:Disabled:VLC media player -- ()
"C:\Programmi\IncrediMail\Bin\IncMail.exe" = C:\Programmi\IncrediMail\Bin\IncMail.exe:*:Enabled:IncrediMail -- (IncrediMail, Ltd.)
"C:\Programmi\IncrediMail\Bin\ImApp.exe" = C:\Programmi\IncrediMail\Bin\ImApp.exe:*:Enabled:IncrediMail -- (IncrediMail, Ltd.)
"C:\Programmi\IncrediMail\Bin\ImpCnt.exe" = C:\Programmi\IncrediMail\Bin\ImpCnt.exe:*:Enabled:IncrediMail -- (IncrediMail, Ltd.)
"C:\Programmi\uTorrent\uTorrent.exe" = C:\Programmi\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Programmi\Spamihilator\spamihilator.exe" = C:\Programmi\Spamihilator\spamihilator.exe:*:Enabled:Spamihilator -- (Michel Krämer)
"C:\Programmi\Spamihilator\cdcc.exe" = C:\Programmi\Spamihilator\cdcc.exe:*:Enabled:Spamihilator DCC Filter Configuration -- ()
"C:\Programmi\Spamihilator\dccproc.exe" = C:\Programmi\Spamihilator\dccproc.exe:*:Enabled:Spamihilator DCC Filter -- ()
"C:\Programmi\Google\Google Earth\plugin\geplugin.exe" = C:\Programmi\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth -- (Google)
"C:\Programmi\Google\Google Earth\client\googleearth.exe" = C:\Programmi\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- (Google)
"C:\Programmi\TeamViewer\Version6\TeamViewer.exe" = C:\Programmi\TeamViewer\Version6\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Programmi\TeamViewer\Version6\TeamViewer_Service.exe" = C:\Programmi\TeamViewer\Version6\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service -- (TeamViewer GmbH)
"C:\Programmi\Microsoft Office\Office14\GROOVE.EXE" = C:\Programmi\Microsoft Office\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace -- (Microsoft Corporation)
"C:\Programmi\Microsoft Office\Office14\ONENOTE.EXE" = C:\Programmi\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote -- (Microsoft Corporation)
"C:\Programmi\Microsoft Office\Office14\OUTLOOK.EXE" = C:\Programmi\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Programmi\Skype\Plugin Manager\skypePM.exe" = C:\Programmi\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager
"C:\Documents and Settings\Computer\Dati applicazioni\Dropbox\bin\Dropbox.exe" = C:\Documents and Settings\Computer\Dati applicazioni\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox -- (Dropbox, Inc.)
"C:\WINDOWS\KMSEmulator.exe" = C:\WINDOWS\KMSEmulator.exe:*:Enabled:Local KMS Host -- ()
"C:\Programmi\SiSoftware\SiSoftware Sandra Lite 2011.SP5\WNt500x86\RpcSandraSrv.exe" = C:\Programmi\SiSoftware\SiSoftware Sandra Lite 2011.SP5\WNt500x86\RpcSandraSrv.exe:*:Enabled:SiSoftware Sandra Agent Service
"D:\Documenti\Ivan\varie\SweetImSetup.exe" = D:\Documenti\Ivan\varie\SweetImSetup.exe:*:Enabled:SweetIM Installer -- (SweetIM Technologies, Ltd.)
"C:\Programmi\File comuni\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Programmi\File comuni\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{082EC8DE-8C4E-453B-8623-87E24642426E}" = Google SketchUp 8
"{08600005-5228-4BF6-845E-E9A957AFDCB4}" = OviMPlatform
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51}" = HP USB Disk Storage Format Tool
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{13F00518-807A-4B3A-83B0-A7CD90F3A398}" = MarketResearch
"{14544CE3-0AA3-48C3-93C2-758578EA9F99}" = Photo Notifier and Animation Creator
"{1A6A04AB-7FA8-420B-A198-63DBCCA6F64C}_is1" = uTorrent v1.8.1
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Strumento di caricamento di Windows Live
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{236BB7C4-4419-42FD-0410-1E257A25E34D}" = Adobe Photoshop CS2
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 29
"{2767DEDE-EA9D-4FCE-A06A-40F4DD293330}" = hppusgP1000
"{2BBC9458-07CA-4843-848B-5C8146E5EFA8}" = CreativeProjects
"{2F7E5F47-40EC-403E-844C-0874E07F5358}" = RealSpeak Solo per l'Italiano, Silvia
"{32714140-CBC5-3FAF-BFC2-3A7376C3EECF}" = Microsoft .NET Framework 4 Client Profile ITA Language Pack
"{350C9410-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3553E875-F00E-4031-BDEC-75FB1DFEB093}" = Nokia Ovi Suite Software Updater
"{36ABE32F-D7D4-4A5E-AADD-589F506B1B50}" = Nokia Ovi Suite
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{3AE681E0-4E8D-453F-950A-48534D3C0724}" = Copy
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3CF78481-FB7B-4B51-99A2-D5E0CD0B3AAF}" = HPSystemDiagnostics
"{3F4EC965-28EF-45C3-B063-04B25D4E9679}" = D-Link DBT-122 Bluetooth Software
"{41254D7B-EADF-4078-AE4A-BD73B300EE86}" = Unload
"{4216D328-0FE8-48B8-85B8-BD300E6F080F}" = Nokia Connectivity Cable Driver
"{4344E211-F621-3870-9A08-2F56C71BA0A7}" = Microsoft .NET Framework 4 Extended ITA Language Pack
"{43A650AA-D1DC-4C52-8819-D7848B3A08DA}" = OpenOffice.org 3.1
"{457791C5-D702-4143-A7B2-2744BE9573F2}" = HP Software Update
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{49C77D21-F91F-4296-B7DF-19C5FF51AF4D}" = Windows Live Call
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{587178E7-B1DF-494E-9838-FA4DD36E873C}" = ASUSUpdate
"{58ECE031-9AAD-4011-B34A-BC78E77527E2}" = hppMSRedist
"{59EC5F32-D8D7-3909-B0CB-255AD09F5993}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - ITA
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5D95AD35-368F-47D5-B63A-A082DDF00119}" = Microsoft Digital Image 2006 Suite Edition Editor
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{691F4068-81BF-49E3-B32E-FE3E16400119}" = Microsoft Digital Image 2006 Suite Edition Library
"{69916AD2-3710-4C86-895E-8F475290AA64}" = Ovi Desktop Sync Engine
"{6D14916C-EC29-40FC-8FFB-08A66576BE78}" = Spamihilator 0.9.9.53 (32 bit)
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6D7BDA00-A4DA-49F9-BAE4-7FB71FAA4737}" = Windows Live Essentials
"{6F695BCF-9BDC-48AB-8D46-D57CFAD7A248}" = Assistente per l'accesso a Windows Live
"{710BF966-43C8-4216-A8EC-BC4E169FF7C1}" = MobileMe Control Panel
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71CB2612-627C-3D58-8D82-B77444B27B6A}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - ITA
"{75AE8014-1184-4BC0-B279-C879540719EE}" = PhotoMail Maker
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{786C5747-1437-443D-B06E-79A00FE45110}" = Adobe Stock Photos 1.0
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B92D97D-DB3D-4926-A8F7-718FE7C5EE18}" = iTunes
"{8EDBA74D-0686-4C99-BFDD-F894678E5102}" = Adobe Common File Installer
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-008A-0410-0000-0000000FF1CE}" = Gadget Documenti recenti di Microsoft Office 2007
"{90140000-0010-0410-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Italian) 14
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0410-0000-0000000FF1CE}" = Microsoft Office Access MUI (Italian) 2010
"{90140000-0015-0410-0000-0000000FF1CE}_Office14.PROPLUS_{269F607C-E754-459B-AD70-F15D73EB8D10}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0410-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Italian) 2010
"{90140000-0016-0410-0000-0000000FF1CE}_Office14.PROPLUS_{269F607C-E754-459B-AD70-F15D73EB8D10}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0410-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Italian) 2010
"{90140000-0018-0410-0000-0000000FF1CE}_Office14.PROPLUS_{269F607C-E754-459B-AD70-F15D73EB8D10}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0410-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Italian) 2010
"{90140000-0019-0410-0000-0000000FF1CE}_Office14.PROPLUS_{269F607C-E754-459B-AD70-F15D73EB8D10}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0410-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Italian) 2010
"{90140000-001A-0410-0000-0000000FF1CE}_Office14.PROPLUS_{269F607C-E754-459B-AD70-F15D73EB8D10}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0410-0000-0000000FF1CE}" = Microsoft Office Word MUI (Italian) 2010
"{90140000-001B-0410-0000-0000000FF1CE}_Office14.PROPLUS_{269F607C-E754-459B-AD70-F15D73EB8D10}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.PROPLUS_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0410-0000-0000000FF1CE}" = Microsoft Office Proofing (Italian) 2010
"{90140000-002C-0410-0000-0000000FF1CE}_Office14.PROPLUS_{711BC808-AC64-48E2-82B2-6B53BB802142}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0410-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Italian) 2010
"{90140000-0044-0410-0000-0000000FF1CE}_Office14.PROPLUS_{269F607C-E754-459B-AD70-F15D73EB8D10}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0410-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Italian) 2010
"{90140000-006E-0410-0000-0000000FF1CE}_Office14.PROPLUS_{C9172EE7-BDCA-4E57-9217-4C589947298B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0410-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Italian) 2010
"{90140000-00A1-0410-0000-0000000FF1CE}_Office14.PROPLUS_{269F607C-E754-459B-AD70-F15D73EB8D10}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0410-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Italian) 2010
"{90140000-00BA-0410-0000-0000000FF1CE}_Office14.PROPLUS_{269F607C-E754-459B-AD70-F15D73EB8D10}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92DA8743-42CF-45E1-AF40-34F8D9066989}" = IncrediMail
"{9311A75A-D83D-37B5-8D49-88E7F5AB2762}" = Microsoft .NET Framework 3.5 Language Pack - ita
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{981FB376-8418-4EA8-BBED-9DE5AA63E7D5}" = SkinsHP1
"{9A3EABC0-CA06-11D4-BF77-00104B130C19}" = EPSON TWAIN 5
"{9CB2512B-3EC4-43DF-8002-46BDAB5EDD1B}" = QuickProjects
"{9EEBF8D5-8712-4D1D-88F4-4CDC2D270BC3}" = PrintScreen
"{9F7FC79B-3059-4264-9450-39EB368E3225}" = Microsoft Digital Image Library 9 - Blocker
"{A08BAD08-9AA3-410F-98F3-C92C8EE37218}" = Safari
"{A1DCC235-DACC-4E1F-8D11-D630634B4AEF}" = PhotoGallery
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A201AB41-F4B1-42BD-AF91-316C88477744}" = Cabela's Big Game Hunter
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A7BC02AF-1128-4A31-BCF8-1A3EE803D3B3}" = SweetIM Toolbar for Internet Explorer 4.2
"{A81A974F-8A22-43E6-9243-5198FF758DA1}" = SweetIM for Messenger 3.6
"{A82D052A-0806-42DF-80CD-1730A1AC0ED3}" = MrvlUsgTracking
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1040-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Italiano
"{ACEB2BAF-96DF-48FD-ADD5-43842D4C443D}" = Adobe AIR
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B32C75F2-7495-4D01-9431-C11E97D66F8C}" = DocProc
"{B3D5D4E0-E965-41C4-ABFD-A7B1AD0663C2}" = Director
"{B45D9FEE-1AF4-46F3-9A83-2545F81547F5}" = CreativeProjectsTemplates
"{B56D5B09-C4FB-4EA0-8EAD-7BC3E2715A2D}" = DocumentViewer
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{B74D4E10-6884-0000-0000-000000000101}" = Adobe Bridge 1.0
"{BB05D173-9681-4812-A7FA-BD4042A3DA00}" = Alky for Applications (Windows XP)
"{BCC992E5-5C81-4066-9B55-03DC10B24D21}" = InstantShare
"{BF018D2F-C788-4AB1-AB95-1280EAB8F13E}" = TrayApp
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX
"{C82185E8-C27B-4EF4-2007-3333BC2C2B6D}" = Microsoft AutoRoute 2007
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D4AEC53C-1720-41D9-B6D7-6A60DE62D444}" = PC Connectivity Solution
"{D6C9AF27-9414-46C8-B9D8-D878BA041040}" = Nero 8
"{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}" = Skype™ 5.3
"{D738A9EC-E4BB-4050-BD85-A01E50CBDD1F}" = WinXP Manager
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{E0ABA486-A39B-4B96-BD80-757396151079}" = Windows Live Messenger
"{E9787678-551D-4478-9682-DBB587257110}" = Adobe Help Center 1.0
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EC8673DA-F96B-497E-B2DB-BC7B029FD680}" = BufferChm
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{EFC04D3F-A152-47E7-8517-EE0F6201AFEF}" = Apple Mobile Device Support
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F2D2B58B-B2FD-46D1-8319-DCE564079934}" = Microsoft .NET Framework 1.1 Italian Language Pack
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F4F47155-5B4D-42AA-97F8-490BC52EA7F3}" = Destinations
"{F65787F3-B356-45EC-8DD0-0E6758EDBCEE}" = WebReg
"{F6F05110-E070-7045-A598-AD12B7D83F9C}" = WinMagaPlus5
"{FF26F7EA-BCEE-478C-9A1B-6B4F88717D73}" = CueTour
"504244733D18C8F63FF584AEB290E3904E791693" = Pacchetto driver Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0410-1E257A25E34D}" = Adobe Photoshop CS2
"AMDAway INF" = AMDAway INF
"AutocompletePro3_is1" = AutocompletePro
"avast" = avast! Free Antivirus
"BullZip PDF Printer_is1" = BullZip PDF Printer 1.0.0.20
"CCleaner" = CCleaner
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"CPLBonus" = Kels' CPL Bonus Pack!
"doPDF 7 printer_is1" = doPDF 7.1 printer
"eMule" = eMule
"Farm Frenzy" = Farm Frenzy
"Foxit Reader" = Foxit Reader
"Free Mp3 Wma Converter_is1" = Free Mp3 Wma Converter V 1.9
"GJ aMAZEing Pacman Demo" = GJ aMAZEing Pacman Demo
"GPL Ghostscript 8.60" = GPL Ghostscript 8.60
"GPL Ghostscript Fonts" = GPL Ghostscript Fonts
"HP Photo & Imaging" = HP Image Zone 4.2
"ie8" = Windows Internet Explorer 8
"ImgBurn" = ImgBurn
"IncrediMail" = IncrediMail 2.0
"IncrediMail_MediaBar_Italiano_2 Toolbar" = IncrediMail MediaBar Italiano 2 Toolbar
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Manager Piattaforma
"KC Softwares IDPhotoStudio_is1" = KC Softwares IDPhotoStudio
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.1.7 (Full)
"LClock" = LClock
"MAGIX Screenshare I" = MAGIX Screenshare
"MAGIX Speed burnR I" = MAGIX Speed burnR
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versione 1.61.0.1400
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack - ita" = Microsoft .NET Framework 3.5 - Language Pack (italiano)
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile ITA Language Pack" = Microsoft .NET Framework 4 Client Profile - Language Pack (ITA)
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended ITA Language Pack" = Microsoft .NET Framework 4 Extended - Language Pack (ITA)
"Mozilla Firefox (3.0.19)" = Mozilla Firefox (3.0.19)
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Nokia Ovi Suite" = Nokia Ovi Suite
"Notepad++" = Notepad++
"NVIDIA Drivers" = NVIDIA Drivers
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Photo Notifier and Animation Creator" = Photo Notifier and Animation Creator
"PhotoMail" = PhotoMail Maker
"PictureItSuite_v11" = Microsoft Digital Image 2006 Suite Edition
"pyt_FotoService" = FotoService 1.5.94
"Qurb {EFF974CB-6711-42E4-BDD4-5DBF53002F05}" = eTrust Anti-Spam
"RealPlayer 12.0" = RealPlayer
"TeamViewer 6" = TeamViewer 6
"TetrisXP!" = TetrisXP!
"uTorrent" = µTorrent
"Visual ToolTip_is1" = Visual ToolTip v2.21
"VLC media player" = VLC media player 1.0.5
"VMidi" = vanBasco's Karaoke Player
"Vodafone PC Suite" = Vodafone PC Suite
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Windows Sidebar" = Windows Sidebar
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR gestione archivi
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-842925246-179605362-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"uTorrent" = µTorrent

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 20/05/2012 5.06.29 | Computer Name = IVAN | Source = JavaQuickStarterService | ID = 1
Description =

Error - 21/05/2012 11.11.13 | Computer Name = IVAN | Source = JavaQuickStarterService | ID = 1
Description =

Error - 21/05/2012 12.33.18 | Computer Name = IVAN | Source = JavaQuickStarterService | ID = 1
Description =

Error - 21/05/2012 13.41.20 | Computer Name = IVAN | Source = JavaQuickStarterService | ID = 1
Description =

Error - 21/05/2012 13.45.33 | Computer Name = IVAN | Source = JavaQuickStarterService | ID = 1
Description =

Error - 23/05/2012 12.44.37 | Computer Name = IVAN | Source = JavaQuickStarterService | ID = 1
Description =

Error - 27/05/2012 5.51.43 | Computer Name = IVAN | Source = JavaQuickStarterService | ID = 1
Description =

Error - 27/05/2012 5.56.03 | Computer Name = IVAN | Source = JavaQuickStarterService | ID = 1
Description =

Error - 28/05/2012 11.31.47 | Computer Name = IVAN | Source = JavaQuickStarterService | ID = 1
Description =

Error - 29/05/2012 14.33.39 | Computer Name = IVAN | Source = JavaQuickStarterService | ID = 1
Description =

[ System Events ]
Error - 28/05/2012 21.31.58 | Computer Name = IVAN | Source = nvgts | ID = 262149
Description = Errore di parità su \Device\Scsi\nvgts1.

Error - 28/05/2012 22.31.58 | Computer Name = IVAN | Source = nvgts | ID = 262149
Description = Errore di parità su \Device\Scsi\nvgts1.

Error - 28/05/2012 23.31.58 | Computer Name = IVAN | Source = nvgts | ID = 262149
Description = Errore di parità su \Device\Scsi\nvgts1.

Error - 29/05/2012 0.31.58 | Computer Name = IVAN | Source = nvgts | ID = 262149
Description = Errore di parità su \Device\Scsi\nvgts1.

Error - 29/05/2012 14.34.08 | Computer Name = IVAN | Source = Service Control Manager | ID = 7000
Description = Il servizio Lavasoft Ad-Aware Service non è stato avviato per il seguente
errore: %%3

Error - 29/05/2012 14.34.08 | Computer Name = IVAN | Source = Service Control Manager | ID = 7024
Description = Servizio Java Quick Starter terminato. Errore specifico del servizio
1 (0x1).

Error - 29/05/2012 14.34.08 | Computer Name = IVAN | Source = Service Control Manager | ID = 7023
Description = Servizio Aggiornamenti automatici terminato con l'errore: %%3228369022

Error - 29/05/2012 14.34.08 | Computer Name = IVAN | Source = Service Control Manager | ID = 7031
Description = Il servizio Spooler di stampa è terminato in modo imprevisto. Questo
problema si è verificato 1 volta/e. Le seguenti azioni di correzione saranno eseguite
tra 60000 millisecondi: Riavvia il servizio.

Error - 29/05/2012 14.37.02 | Computer Name = IVAN | Source = Service Control Manager | ID = 7031
Description = Il servizio Spooler di stampa è terminato in modo imprevisto. Questo
problema si è verificato 2 volta/e. Le seguenti azioni di correzione saranno eseguite
tra 60000 millisecondi: Riavvia il servizio.

Error - 29/05/2012 14.40.02 | Computer Name = IVAN | Source = Service Control Manager | ID = 7034
Description = Interruzione imprevista del servizio Spooler di stampa. Questo evento
si è già verificato 3 volta(e).


< End of report >
Danivan
Utente Junior
 
Post: 77
Iscritto il: 26/08/08 19:19

Re: wilogon.exe......impossibileindividuare un componente

Postdi FrancescoFDAC » 30/05/12 12:43

Metti OTL.exe sul desktop. Avvialo e copia/incolla il codice sottostante nel Custom Scans/Fixes.

Codice: Seleziona tutto
:Services
:OTL
SRV - File not found [Auto | Stopped] -- C:\Programmi\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Programmi\SiSoftware\SiSoftware Sandra Lite 2011.SP5\WNt500x86\Sandra.sys -- (SANDRA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\Drivers\AsrCDDrv.sys -- (AsrCDDrv)
[2012/05/15 16.35.41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Computer\Dati applicazioni\PriceGong
[2010/10/04 23.04.12 | 002,944,904 | ---- | C] (Ask) -- C:\Programmi\File comuni\AskToolbarInstaller.exe
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2010/09/29 12.52.26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dati applicazioni\SweetIM
[2012/05/29 21.11.25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Computer\Dati applicazioni\PriceGong

:Commands
[PURITY]
[EMPTYTEMP]
[EMPTYFLASH]
[CREATERESTOREPOINT]


Clicca su Run Fix e dai Ok. Potrebbe essere richiesto un riavvio, accetta.
Si aprirà un report salvalo ed allegalo.

Infine, allega anche un nuovo log aggiornato di Hijackthis.
FrancescoFDAC
Utente Senior
 
Post: 1048
Iscritto il: 13/08/11 09:53

Re: wilogon.exe......impossibileindividuare un componente

Postdi Danivan » 30/05/12 15:09

Ecco qua....



All processes killed
========== SERVICES/DRIVERS ==========
========== OTL ==========
Service Lavasoft Ad-Aware Service stopped successfully!
Service Lavasoft Ad-Aware Service deleted successfully!
File C:\Programmi\Lavasoft\Ad-Aware\AAWService.exe not found.
Service WDICA stopped successfully!
Service WDICA deleted successfully!
Service SANDRA stopped successfully!
Service SANDRA deleted successfully!
File C:\Programmi\SiSoftware\SiSoftware Sandra Lite 2011.SP5\WNt500x86\Sandra.sys not found.
Service PDRFRAME stopped successfully!
Service PDRFRAME deleted successfully!
Service PDRELI stopped successfully!
Service PDRELI deleted successfully!
Service PDFRAME stopped successfully!
Service PDFRAME deleted successfully!
Service PDCOMP stopped successfully!
Service PDCOMP deleted successfully!
Service PCIDump stopped successfully!
Service PCIDump deleted successfully!
Service lbrtfdc stopped successfully!
Service lbrtfdc deleted successfully!
Service i2omgmt stopped successfully!
Service i2omgmt deleted successfully!
Service Changer stopped successfully!
Service Changer deleted successfully!
Service AsrCDDrv stopped successfully!
Service AsrCDDrv deleted successfully!
File C:\WINDOWS\system32\Drivers\AsrCDDrv.sys not found.
C:\Documents and Settings\Computer\Dati applicazioni\PriceGong\Data folder moved successfully.
C:\Documents and Settings\Computer\Dati applicazioni\PriceGong folder moved successfully.
C:\Programmi\File comuni\AskToolbarInstaller.exe moved successfully.
C:\WINDOWS\DUMP5e7b.tmp deleted successfully.
C:\WINDOWS\DUMP612b.tmp deleted successfully.
C:\WINDOWS\DUMP6292.tmp deleted successfully.
C:\Documents and Settings\All Users\Dati applicazioni\SweetIM\Toolbars\Internet Explorer\cache folder moved successfully.
C:\Documents and Settings\All Users\Dati applicazioni\SweetIM\Toolbars\Internet Explorer folder moved successfully.
C:\Documents and Settings\All Users\Dati applicazioni\SweetIM\Toolbars folder moved successfully.
C:\Documents and Settings\All Users\Dati applicazioni\SweetIM\Messenger\update folder moved successfully.
C:\Documents and Settings\All Users\Dati applicazioni\SweetIM\Messenger\logs folder moved successfully.
C:\Documents and Settings\All Users\Dati applicazioni\SweetIM\Messenger\data\packages\FailDialog folder moved successfully.
C:\Documents and Settings\All Users\Dati applicazioni\SweetIM\Messenger\data\packages folder moved successfully.
C:\Documents and Settings\All Users\Dati applicazioni\SweetIM\Messenger\data\contentdb folder moved successfully.
C:\Documents and Settings\All Users\Dati applicazioni\SweetIM\Messenger\data\Bars\Default\400 folder moved successfully.
C:\Documents and Settings\All Users\Dati applicazioni\SweetIM\Messenger\data\Bars\Default\200 folder moved successfully.
C:\Documents and Settings\All Users\Dati applicazioni\SweetIM\Messenger\data\Bars\Default\100 folder moved successfully.
C:\Documents and Settings\All Users\Dati applicazioni\SweetIM\Messenger\data\Bars\Default folder moved successfully.
C:\Documents and Settings\All Users\Dati applicazioni\SweetIM\Messenger\data\Bars folder moved successfully.
C:\Documents and Settings\All Users\Dati applicazioni\SweetIM\Messenger\data folder moved successfully.
C:\Documents and Settings\All Users\Dati applicazioni\SweetIM\Messenger\conf\users folder moved successfully.
C:\Documents and Settings\All Users\Dati applicazioni\SweetIM\Messenger\conf folder moved successfully.
C:\Documents and Settings\All Users\Dati applicazioni\SweetIM\Messenger folder moved successfully.
C:\Documents and Settings\All Users\Dati applicazioni\SweetIM folder moved successfully.
Folder C:\Documents and Settings\Computer\Dati applicazioni\PriceGong\ not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 311255 bytes

User: All Users

User: Computer
->Temp folder emptied: 238920 bytes
->Temporary Internet Files folder emptied: 16661800 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 456 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 7283 bytes
RecycleBin emptied: 3334384207 bytes

Total Files Cleaned = 3.196,00 mb


[EMPTYFLASH]

User: Administrator

User: All Users

User: Computer
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0,00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.44.0 log created on 05302012_161732

Files\Folders moved on Reboot...
C:\Documents and Settings\Computer\Impostazioni locali\Temporary Internet Files\Content.IE5\QQOKIY32\statCADX3LW9.htm moved successfully.
C:\Documents and Settings\Computer\Impostazioni locali\Temporary Internet Files\Content.IE5\QQOKIY32\stat_targetCA0UIETN.htm moved successfully.
C:\Documents and Settings\Computer\Impostazioni locali\Temporary Internet Files\Content.IE5\LZFBL2Y2\component[2].html moved successfully.
C:\Documents and Settings\Computer\Impostazioni locali\Temporary Internet Files\Content.IE5\LZFBL2Y2\index[1].htm moved successfully.
C:\Documents and Settings\Computer\Impostazioni locali\Temporary Internet Files\Content.IE5\LZFBL2Y2\stat_target[1].htm moved successfully.
C:\Documents and Settings\Computer\Impostazioni locali\Temporary Internet Files\Content.IE5\9CR68THU\htm[4].htm moved successfully.
C:\Documents and Settings\Computer\Impostazioni locali\Temporary Internet Files\Content.IE5\32HKAXVH\96e5fcf2-a399-4833-8819-187ff041c245[1].htm moved successfully.
C:\Documents and Settings\Computer\Impostazioni locali\Temporary Internet Files\Content.IE5\32HKAXVH\ads[11].htm moved successfully.
C:\Documents and Settings\Computer\Impostazioni locali\Temporary Internet Files\Content.IE5\32HKAXVH\stat[1].htm moved successfully.
C:\Documents and Settings\Computer\Impostazioni locali\Temporary Internet Files\Content.IE5\32HKAXVH\viewtopic[1].htm moved successfully.
C:\Documents and Settings\Computer\Impostazioni locali\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.
File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...





Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16.30.44, on 30/05/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Programmi\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\notepad.exe
C:\Programmi\Alwil Software\Avast5\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Computer\Dati applicazioni\Dropbox\bin\Dropbox.exe
C:\Programmi\Internet Explorer\IEXPLORE.EXE
C:\Programmi\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Programmi\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: IncrediMail MediaBar Italiano 2 Toolbar - {c91fec63-9f25-400d-95e5-6cd334dd3cc1} - C:\Programmi\IncrediMail_MediaBar_Italiano_2\prxtbInc2.dll
O2 - BHO: SuggestMeYesBHO - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Programmi\AutocompletePro\AutocompletePro.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Dati applicazioni\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programmi\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: IncrediMail MediaBar Italiano 2 - {c91fec63-9f25-400d-95e5-6cd334dd3cc1} - C:\Programmi\IncrediMail_MediaBar_Italiano_2\prxtbInc2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: IncrediMail MediaBar Italiano 2 Toolbar - {c91fec63-9f25-400d-95e5-6cd334dd3cc1} - C:\Programmi\IncrediMail_MediaBar_Italiano_2\prxtbInc2.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programmi\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [avast] "C:\Programmi\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Dropbox.lnk = C:\Documents and Settings\Computer\Dati applicazioni\Dropbox\bin\Dropbox.exe
O8 - Extra context menu item: Cerca nel web - C:\Programmi\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Programmi\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
O8 - Extra context menu item: I&nvia a OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Invia a periferica &Bluetooth... - C:\Programmi\D-Link\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programmi\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programmi\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programmi\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programmi\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/select/asusTek_sys_ctrl3.cab
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/s ... DEXAXO.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{2C5CE2E1-40D6-4E6F-AAAE-FB84F38DAF17}: NameServer = 80.79.48.66,79.137.95.200
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programmi\File comuni\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Programmi\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Servizio Bonjour (Bonjour Service) - Apple Inc. - C:\Programmi\Bonjour\mDNSResponder.exe
O23 - Service: Servizio di Google Update (gupdate) (gupdate) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: ServiceLayer - Nokia - C:\Programmi\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 8771 bytes
Danivan
Utente Junior
 
Post: 77
Iscritto il: 26/08/08 19:19

Re: wilogon.exe......impossibileindividuare un componente

Postdi FrancescoFDAC » 30/05/12 15:23

Controlla in questo percorso se è presente il file sfc.dll

C:\Windows\System32

se non lo trovi fai Start, esegui e digita CMD.
premi invio

dalla linea di comando, scrivi (copia e incolla il comando)) sfc /scannow
premi invio

vedi se cosi risolvi il problema (potrebbe venir richiesto di inserire il CD di Windows, lo hai?)

Francesco
FrancescoFDAC
Utente Senior
 
Post: 1048
Iscritto il: 13/08/11 09:53

Re: wilogon.exe......impossibileindividuare un componente

Postdi Danivan » 30/05/12 19:55

Ho trovato il file ,ora pero non so cosè la linea da comando, il cd di windows non lo ho.
Danivan
Utente Junior
 
Post: 77
Iscritto il: 26/08/08 19:19

Re: wilogon.exe......impossibileindividuare un componente

Postdi FrancescoFDAC » 31/05/12 12:55

Ciao
Ultima modifica di FrancescoFDAC su 31/05/12 12:58, modificato 1 volte in totale.
FrancescoFDAC
Utente Senior
 
Post: 1048
Iscritto il: 13/08/11 09:53

Re: wilogon.exe......impossibileindividuare un componente

Postdi FrancescoFDAC » 31/05/12 12:56

la linea di comando (chiamata anche "prompt dei comandi") è semplicemente la schermata nera che appare quando digiti CMD in start/esegui.

Riesci a procurarti un CD per il tuo sistema operativo (Non ricordo se è XP professional o XP Home edition)?

Ripristina un file di sistema

Per ripristinare il file sfc.dll, segui questa procedura:

● vai in C:\windows\system32
● rinomina il file sfc.dll in sfcold.dll
● scarica il nuovo file sfc.dll: http://www.dlldump.com/dllfiles/S/SFC.DLL
● salvalo sul Desktop
scompatta il file .zip
● taglia e incolla sfc.dll nella cartella C:\windows\system32
riavvia il sistema
FrancescoFDAC
Utente Senior
 
Post: 1048
Iscritto il: 13/08/11 09:53

Re: wilogon.exe......impossibileindividuare un componente

Postdi Danivan » 31/05/12 16:48

Ho scaricati il file , sfc_os.dll fatto come hai detto e in partenza non mi da piu l errore, ma però non riesco più a : reinstallare la stampante ed aprire la posta elettronica
Danivan
Utente Junior
 
Post: 77
Iscritto il: 26/08/08 19:19

Re: wilogon.exe......impossibileindividuare un componente

Postdi FrancescoFDAC » 01/06/12 12:35

ciao, per quelli errori dovresti chiedere nella sezione generica.

Esegui la procedura descritta, rigorosamente nel suo ordine, al fine di:
guadagnare spazio su disco
ottimizzare le prestazioni del sistema
mantenere il corretto funzionamento di Windows

Ottimizzazione - post rimozione malware

Il mio consiglio è quello di stampare questa procedura, perché tornerà senz'altro utile in futuro, a te ed ai tuoi conoscenti: condividila pure con loro, non ha controindicazioni di alcun genere ed andrebbe eseguita dopo aver rimosso tutte le infezione presenti nel sistema.
Queste operazioni infatti, andrebbero eseguite almeno una volta al mese (per utilizzatori di Computer assidui il tempo è ridotto a due settimane, eccetto per lo Scandisk, punto 13. della procedura).

Tieni presente che la maggior parte delle chiavi di registro corrotte e danneggiate non si possono ripristinare e riparare correttamente, e l'installazione e la disinstallazione continua dei programmi può causare crash di sistema e fastidiose schermate blu.

Una formattazione consente di ottenere dei massimi benefici, in termini di velocità, stabilità e prestazioni: questa procedura si avvicina maggiormente ai risultati ottenuti tramite una formattazione del disco fisso.

2. Disinstalla i programmi inutilizzati, e tutte le Toolbar

Procedura per Windows XP:
● clicca sul pulsante Start
● apri il Pannello di controllo
● clicca su Installazione applicazioni
● seleziona il programma da disinstallare, e clicca sul tasto Cambia/Rimuovi: partirà la procedura di disinstallazione

Procedura per Windows Vista e Windows Seven:
● clicca sul pulsante Start
● apri il Pannello di controllo
● clicca su Programmi, e su Programmi e funzionalità
● seleziona il programma da disinstallare, e clicca sul tasto Cambia/Disinstalla: partirà la procedura di disinstallazione

******************************

3. Disinstalla dal Pannello di controllo, in particolare, le seguenti applicazioni:
Adobe Flash Player
Adobe Reader
Java (tutte le versioni installate)

Scarica ed installa, dai siti proposti, le versioni aggiornate dei programmi appena disinstallati:
Adobe Flash Player: http://get.adobe.com/it/flashplayer
Adobe Reader : http://get.adobe.com/it/reader
Java: http://java.com/it/download/index.jsp

Note - riguardo alla procedura:
non consentire l'installazione di componenti aggiuntivi (Toolbar in particolare): non installarne alcuno, quindi togli la spunta alla relativa voce
● alternativamente ad Abobe Reader, software pesante e soprattutto soggetto a vulnerabilità sfruttabili dai malware presenti nella rete per infettare il sistema, puoi scaricare il veloce e leggerissimo Sumatra PDF Reader, che nulla ha da invidiare al prodotto di casa Adobe: http://blog.kowalczyk.info/software/sum ... eader.html

******************************

4. Disattiva il Ripristino Configurazione di Sistema

Procedura per Windows XP:
● clicca sul pulsante Start
● tasto destro del mouse sull'icona Risorse del computer
● seleziona, dal menù a tendina, la voce Proprietà
● apri la scheda Ripristino configurazione di sistema
● metti la spunta alla voce Disattiva Ripristino configurazione di sistema su tutte le unità
● conferma la modifica, con Applica e OK
riavvia il sistema

Procedura per Windows Vista e Windows Seven:
● clicca sul pulsante Start
● tasto destro del mouse sull'icona Computer
● seleziona, dal menù a tendina, la voce Proprietà
● clicca, nel menù a sinistra, su Protezione sistema; compare un avviso relativo al Controllo Account Utente: clicca su Continua
● deseleziona la casella di controllo visualizzata accanto al Disco Locale C:
● clicca sul pulsante OK
● conferma la modifica apportata, cliccando sul pulsante Applica e OK
riavvia il sistema

******************************

5. Svuota del suo contenuto la cartella Prefetch

Procedura per Windows XP:
● clicca sul pulsante Start
● clicca su Risorse del computer
● apri il Disco locale C:
● individua ed apri la cartella Windows
● individua ed apri la cartella Prefetch
elimina tutte le voci conservate al suo interno: fai attenzione però, a non eliminare la cartella

Procedura per Windows Vista e Windows Seven:
● clicca sul pulsante Start
● clicca su Computer
● apri il Disco locale C:
● individua ed apri la cartella Windows
● individua ed apri la cartella Prefetch
elimina tutte le voci conservate al suo interno, tranne il file Layout.ini: fai attenzione però, a non eliminare la cartella

Nota - riguardo alla procedura:
● la cartella Prefetch contiene i file che il sistema operativo esegue; un'operazione di prefetch consiste nel rendere immediatamente disponibili, nella memoria cache, i file utilizzati più spesso e quelli necessari per il processo di avvio del personal computer.
Il riavvio successivo sarà un po' lento, ma quelli seguenti saranno senza dubbio più veloci

******************************

6. Svuota del suo contenuto la cartella Download

Procedura per Windows XP:
● clicca sul pulsante Start
● clicca su Risorse del computer
● apri il Disco locale C:
● individua ed apri la cartella Windows
● individua ed apri la cartella SoftwareDistribution
● individua ed apri la cartella Download
elimina tutte le voci conservate al suo interno: fai attenzione però, a non eliminare la cartella

Procedura per Windows Vista e Windows Seven:
● clicca sul pulsante Start
● clicca su Computer
● apri il Disco locale C:
● individua ed apri la cartella Windows
● individua ed apri la cartella SoftwareDistribution
● individua ed apri la cartella Download
elimina tutte le voci conservate al suo interno: fai attenzione però, a non eliminare la cartella

Nota - riguardo alla procedura:
● la cartella Download contiene i file di installazione degli aggiornamenti di Windows, che possono essere eliminati senza problemi per recuperare spazio su disco e risolvere fastidiosi problemi di aggiornamenti

******************************

7. Scarica TFC by OldTimer: http://oldtimer.geekstogo.com/TFC.exe
● posiziona il tool sul Desktop
termina tutti i programmi attivi, comprese le pagine Internet
● avvia il tool con un doppio click
● clicca, in basso a sinistra, sul pulsante Start
scomparirà, per qualche istante, il Desktop: nulla di cui preoccuparsi
● attendi pazientemente il termine delle operazioni
● clicca, in basso a destra, sul pulsante Exit
● una volta terminate le operazioni, chiudi il programma

Nota: per eseguire correttamente TFC by OldTimer su Windows Vista e Windows Seven, clicca con il tasto destro del mouse sull'icona del programma e, dal menù contestuale, scegli la voce Esegui come Amministratore: conferma la richiesta proposta

******************************

8. Scarica ed installa CCleaner: http://www.piriform.com/ccleaner/download
Nota - durante l'installazione: non consentire l'installazione di componenti aggiuntivi (Toolbar in particolare): non installarne alcuno, quindi togli la spunta alla relativa voce

Una volta installato ed avviato, esegui queste operazioni:
● nel menù di sinistra, clicca su Opzioni
● nella finestra successiva, clicca su Impostazioni
● spunta la voce Tipo cancellazione: Sicura (lenta) e nel menù a tendina seleziona la voce DOD 5220.22-M (3 passaggi)
● clicca su Avanzate
● togli la spunta alla voce Cancella file in Windows Temp solo se più vecchi di 24 ore e alla voce Chiedi se salvare un backup dei problemi del registro
● clicca, nel menù a sinistra, su Pulizia: nella sezione Avanzate, metti la spunta alle voci Vecchi dati Prefetch, Disinstallatori Aggiornamenti di Windows e File Log IIS
● apri, in alto, il tab Applicazioni: spunta tutte le voci presenti
termina tutti i programmi attivi, comprese le pagine Internet
● clicca, in basso a sinistra, sul bottone Analizza, per cercare i file temporanei
● clicca, in basso a destra, sul bottone Avvia Pulizia, per avviare la pulizia dei file temporanei
● nella finestra che compare, metti la spunta alla voce Non mostrare più questo messaggio, e conferma cliccando sul pulsante OK
● terminata la pulizia, nel menù a sinistra, clicca sulla voce Registro
● clicca sul bottone Trova Problemi, per avviare la ricerca delle voci di registro corrotte e danneggiate
● clicca sul bottone Ripara selezionati... e prosegui con la riparazione: la pulizia del registro ripetila più volte, fino a quando non verranno più rilevati problemi da correggere
● una volta terminate le operazioni, chiudi il programma

Nota: in Windows Seven, manca la voce Disinstallatori Aggiornamenti di Windows, e la voce Tipo cancellazione: Sicura (lenta) DOD 5220.22-M (3 passaggi) è stata sostituita dalla dicitura Sovrascrittura avanzata 83 passaggi

******************************

9. Lancia Hijackthis e pulisci gli ADS (esclusivamente su partizioni formattate in NTFS):
● clicca sulla voce Open the Misc Tools section
● clicca su Open ADS Spy..., nel tab System tools
● in alto, togli la spunta alla voce Quick scan (Windows base folder only)
● clicca, in basso, sul pulsante Scan
● attendi pazientemente il termine della scansione
● se venissero rilevati molti ADS, clicca con il tasto destro sulla prima casellina, e scegli la voce Select all
● clicca, in basso, sul pulsante Remove selected: conferma con
● una volta terminate le operazioni, chiudi il programma

Nota - riguardo al programma:
● in caso avessi un sistema operativo a 64 Bit, tralascia la procedura. Fai click qui per scoprire se il tuo sistema operativo è a 32 o 64 Bit: http://support.microsoft.com/kb/827218/it

******************************

10. Scarica OTC by OldTimer: http://oldtimer.geekstogo.com/OTC.exe
● posiziona il tool sul Desktop
● chiudi tutti i programmi attivi
● avvia il tool con un doppio click
● clicca sul pulsante CleanUp!
● il programma chiede di riavviare il sistema: consenti, cliccando su Yes per due volte

Note - riguardo al programma:
OTC by OldTimer va eseguito solamente nel caso tu abbia utilizzato in precedenza particolari programmi che richiedono una particolare procedura di disinstallazione, come ComboFix, FindAWF, GMER, RSIT e TDSS Killer.
● per eseguire correttamente OTC by OldTimer su Windows Vista e Windows Seven, clicca con il tasto destro del mouse sull'icona del programma e, dal menù contestuale, scegli la voce Esegui come Amministratore: conferma la richiesta proposta

******************************

11. Riabilita il Ripristino Configurazione di Sistema, seguendo la procedura inversa al punto 4

******************************

12. Scarica ed installa Defraggler: http://www.piriform.com/defraggler/download

Nota - durante l'installazione:
non consentire l'installazione di componenti aggiuntivi (Toolbar in particolare): non installarne alcuno, quindi togli la spunta alla relativa voce

Una volta installato, esegui queste operazioni:
● avvia il programma con un doppio click
● seleziona con il tasto sinistro del mouse l'unità Disco Locale C:
● clicca, in basso a sinistra, sul bottone Deframmenta
● attendi pazientemente il termine delle operazioni

******************************

13. Controlla l'Hard Disk per eventuali errori


Procedura per Windows XP:
● clicca sul pulsante Start
● clicca su Esegui
● nello spazio bianco, copia ed incolla questa riga:
cmd /c chkdsk c: |find /v "percent" >> "%userprofile%\desktop\checkhd.txt"
● clicca sul pulsante OK
● attendi pazientemente il termine delle operazioni
● una finestra DOS vuota si aprirà sul Desktop, per poi chiudersi automaticamente: nulla di cui preoccuparsi
● allega il file checkhd.txt presente sul Desktop per un controllo

Procedura per Windows Vista e Windows Seven:


● clicca sul pulsante Start
● scegli la voce Tutti i programmi
● clicca su Accessori
● clicca con il tasto destro sull'icona Prompt dei comandi, e scegli la voce Esegui come amministratore
● nello spazio nero, copia ed incolla questa riga:
cmd /c chkdsk c: |find /v "percent" >> "%userprofile%\desktop\checkhd.txt"
● clicca sul pulsante OK
● attendi pazientemente il termine delle operazioni; digita ora exit, sempre nello spazio nero, per uscire dal Prompt dei comandi, e quindi premi il pulsante Invio
● una finestra DOS vuota potrebbe aprirsi sul Desktop, per poi chiudersi automaticamente: nulla di cui preoccuparsi
● allega il file checkhd.txt presente sul Desktop per un controllo

******************************

Note - al termine della procedura:
riavvia il sistema
allega un nuovo log di HijackThis
● comunica come funziona il sistema, e quali problemi riscontri attualmente
FrancescoFDAC
Utente Senior
 
Post: 1048
Iscritto il: 13/08/11 09:53

Re: wilogon.exe......impossibileindividuare un componente

Postdi Danivan » 03/06/12 16:15

Il file system Š di tipo NTFS.

Avvertenza! Parametro F non specificato
CHKDSK eseguito in modalit… sola lettura.

Verifica dei file in corso (fase 1 di 3)...
Verifica degli indici in corso (fase 2 di 3)...
CHKDSK sta recuperando i file perduti.
Verifica dei descrittori di protezione in corso (fase 3 di 3)...
CHKDSK sta verificando il diario USN...
Verifica del diario USN completata.
CHKDSK ha rilevato spazio libero su disco contrassegnato come allocato
nella bitmap della Tabella file master (MFT).
CHKDSK ha rilevato spazio libero su disco contrassegnato come allocato nella bitmap del volume.
Nessun problema rilevato nel file system.
Eseguire CHKDSK con l'opzione /F per le correzioni.

286720055 KB di spazio totale su disco.
20806152 KB in 86987 file.
33376 KB in 15343 indici.
0 KB in settori danneggiati.
540455 KB in uso dal sistema.
65536 KB occupati dal file registro.
265340072 KB disponibili su disco.

4096 byte in ogni unit… di allocazione.
71680013 unit… totali di allocazione su disco.
66335018 unit… di allocazione disponibili su disco.








Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17.33.23, on 03/06/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Programmi\Bonjour\mDNSResponder.exe
C:\Programmi\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programmi\Alwil Software\Avast5\avastUI.exe
C:\Programmi\SweetIM\Messenger\SweetIM.exe
C:\Programmi\File comuni\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Windows Live\Messenger\msnmsgr.exe
C:\Documents and Settings\Computer\Dati applicazioni\Dropbox\bin\Dropbox.exe
C:\WINDOWS\system32\msiexec.exe
C:\Programmi\Internet Explorer\IEXPLORE.EXE
C:\Programmi\Internet Explorer\IEXPLORE.EXE
C:\Programmi\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Programmi\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
O2 - BHO: SuggestMeYesBHO - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Programmi\AutocompletePro\AutocompletePro.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Dati applicazioni\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programmi\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Programmi\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programmi\Alwil Software\Avast5\aswWebRepIE.dll
O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programmi\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O4 - HKLM\..\Run: [avast] "C:\Programmi\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SweetIM] C:\Programmi\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\File comuni\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] ~"C:\Programmi\Windows Live\Messenger\msnmsgr.exe" /background
O4 - Startup: Dropbox.lnk = C:\Documents and Settings\Computer\Dati applicazioni\Dropbox\bin\Dropbox.exe
O8 - Extra context menu item: Cerca nel web - C:\Programmi\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Programmi\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
O8 - Extra context menu item: I&nvia a OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Invia a periferica &Bluetooth... - C:\Programmi\D-Link\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programmi\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programmi\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programmi\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programmi\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/select/asusTek_sys_ctrl3.cab
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/s ... DEXAXO.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{2C5CE2E1-40D6-4E6F-AAAE-FB84F38DAF17}: NameServer = 80.79.48.66,79.137.95.200
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programmi\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programmi\File comuni\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Programmi\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Servizio Bonjour (Bonjour Service) - Apple Inc. - C:\Programmi\Bonjour\mDNSResponder.exe
O23 - Service: Servizio di Google Update (gupdate) (gupdate) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Programmi\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Programmi\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: ServiceLayer - Nokia - C:\Programmi\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 9286 bytes
Apparte i problemi con la posta e stampante almomento funziona bene,non riscontro gossi problemi , vediamo con il tempo se compare qualcosa di anomalo.......
Danivan
Utente Junior
 
Post: 77
Iscritto il: 26/08/08 19:19

Re: wilogon.exe......impossibileindividuare un componente

Postdi FrancescoFDAC » 03/06/12 17:48

Avvia HiJackThis e:
● clicca sul pulsante Do a system scan only/Scan
● a sinistra, metti la spunta accanto ad ogni singola voce che ti indicherò sotto (non spuntare tutte le voce , solo quelle riportate sotto, mi raccomando)
● spuntate le voci, termina tutti i programmi attivi, comprese le pagine Internet
● clicca, in basso a sinistra, sul pulsante Fix checked; potrebbe comparire un'ulteriore finestra durante il fix delle voci: clicca su
Queste sono le voci da fixare:

R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Programmi\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
O2 - BHO: SuggestMeYesBHO - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Programmi\AutocompletePro\AutocompletePro.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Programmi\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programmi\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmi\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SweetIM] C:\Programmi\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\File comuni\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] ~"C:\Programmi\Windows Live\Messenger\msnmsgr.exe" /background
O4 - Startup: Dropbox.lnk = C:\Documents and Settings\Computer\Dati applicazioni\Dropbox\bin\Dropbox.exe

Cestina la cartella:
C:\Programmi\AutocompletePro

Se non riscontri problemi, abbiamo finito.
FrancescoFDAC
Utente Senior
 
Post: 1048
Iscritto il: 13/08/11 09:53

Precedente

Torna a Assistenza Hardware


Topic correlati a "wilogon.exe......impossibileindividuare un componente":


Chi c’è in linea

Visitano il forum: Nessuno e 56 ospiti

cron