|
Windows Vista Problem solving for the Windows Vista Operating System. Please remember to state which edition of Vista you are using - Home Basic, Home Premium, Business, Ultimate etc. and whether you are using the 32-bit or 64-bit version if you know. |
|
Topic Tools |
#31
|
||||
|
||||
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2006-09-12 9216] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-08-13 144672] R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2010-11-10 6127184] R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG10\avgwdsvc.exe [2010-10-22 265400] R2 Bonjour Service; Servizio Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2010-07-27 345376] R2 CFSvcs;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2006-11-14 40960] R2 hpqddsvc;Servizio di rilevamento dispositivi HP CUE; C:\Windows\system32\svchost.exe [2008-01-19 21504] R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe [2010-09-23 374152] R2 LMIMaint;LogMeIn Maintenance Service; C:\Program Files\LogMeIn\x86\RaMaint.exe [2010-09-30 116104] R2 LogMeIn;LogMeIn; C:\Program Files\LogMeIn\x86\LogMeIn.exe [2010-01-27 63040] R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120] R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504] R2 ONDA Autorun CDROM Monitor;ONDA Autorun CDROM Monitor; C:\Windows\system32\SupportAppXL\onda_mon.exe [2008-09-17 86016] R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504] R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2006-05-25 114688] R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2007-03-29 427576] R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2006-10-31 77824] R2 XobniService;XobniService; C:\Program Files\Xobni\XobniService.exe [2010-08-12 56040] R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-19 21504] R3 iPod Service;Servizio iPod; C:\Program Files\iPod\bin\iPodService.exe [2010-09-24 820008] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\msco rsvw.exe [2010-03-18 130384] S2 gupdate1c98a0799186b7c;Google Update Service (gupdate1c98a0799186b7c); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-02-08 133104] S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-11 194032] S2 PCLEPCI;PCLEPCI; C:\Windows\system32\drivers\pclepci.sys [2005-02-09 14165] S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2010-09-04 85096] S3 AVG Security Toolbar Service;AVG Security Toolbar Service; C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe [2010-10-06 517448] S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504] S3 getPlusHelper;@C:\Program Files\NOS\bin\getPlus_Helper.dll,-101; C:\Windows\System32\svchost.exe [2008-01-19 21504] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Frame work\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\ WPFFontCache_v0400.exe [2010-03-18 753504] -----------------EOF----------------- |
#32
|
||||
|
||||
Logfile of random's system information tool 1.08 (written by random/random)
Run by Marco at 2010-12-10 22:43:24 Microsoft® Windows Vista™ Home Premium Service Pack 2 System drive C: has 3 GB (6%) free of 57 GB Total RAM: 2037 MB (39% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 22.43.34, on 10/12/2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18975) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe C:\Windows\system32\taskeng.exe C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe C:\Program Files\LogMeIn\x86\LogMeInSystray.exe C:\Program Files\Synaptics\SynTP\SynTPStart.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Windows\RtHDVCpl.exe C:\Windows\System32\igfxpers.exe C:\Windows\System32\rundll32.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Program Files\AVG\AVG10\avgtray.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\Evernote\Evernote\EvernoteClipper.exe C:\Users\Marco\AppData\Roaming\Dropbox\bin\Dropbox .exe C:\Program Files\Synaptics\SynTP\SynToshiba.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe C:\PROGRA~1\MICROS~2\OFFICE11\OUTLOOK.EXE C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE C:\Program Files\AVG\AVG10\avgcsrvx.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Windows\RtHDVCpl.exe C:\Windows\System32\igfxpers.exe C:\Program Files\LogMeIn\x86\LogMeInSystray.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Windows\System32\hkcmd.exe C:\Program Files\AVG\AVG10\avgtray.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Evernote\Evernote\EvernoteClipper.exe C:\Windows\System32\rundll32.exe C:\Program Files\Synaptics\SynTP\SynToshiba.exe C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\system32\DllHost.exe C:\Users\Anna\Desktop\RSIT.exe C:\Program Files\trend micro\Marco.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.libero.it/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll O1 - Hosts: ::1 localhost O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll O2 - BHO: (no name) - {78875F5C-A685-4405-8DC5-D48DC65452B0} - (no file) O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - (no file) O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\s wg.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - (no file) O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe" O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe O4 - HKCU\..\Run: [SmartRAM] "C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe" /m O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVIZIO LOCALE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVIZIO LOCALE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVIZIO DI RETE') O4 - HKUS\S-1-5-21-1925610512-189826699-490347785-1006\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'Anna') O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user') O4 - Startup: Dropbox.lnk = C:\Users\Marco\AppData\Roaming\Dropbox\bin\Dropbox .exe O4 - Global Startup: Evernote Clipper.lnk = ? O8 - Extra context menu item: Add to Evernote 4.0 - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204 O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204 (file missing) O9 - Extra 'Tools' menuitem: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204 (file missing) O9 - Extra button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?IT (file missing) O16 - DPF: {80AEEC0E-A2BE-4B8D-985F-350FE869DC40} - http://h20264.www2.hp.com/ediags/dd/...sticsVista.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe O23 - Service: Servizio Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: Google Update Service (gupdate1c98a0799186b7c) (gupdate1c98a0799186b7c) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe O23 - Service: ONDA Autorun CDROM Monitor - Unknown owner - C:\Windows\system32\SupportAppXL\onda_mon.exe O23 - Service: PCLEPCI - Pinnacle Systems GmbH - C:\Windows\system32\drivers\pclepci.sys O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe O23 - Service: XobniService - Xobni Corporation - C:\Program Files\Xobni\XobniService.exe -- End of file - 11779 bytes ======Scheduled tasks folder====== C:\Windows\tasks\AWC AutoSweep.job C:\Windows\tasks\AWC Startup.job C:\Windows\tasks\AWC Update.job C:\Windows\tasks\Google Software Updater.job C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1925610512-189826699-490347785-1000Core.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1925610512-189826699-490347785-1000UA.job C:\Windows\tasks\RegistryBooster.job C:\Windows\tasks\User_Feed_Synchronization-{D9B30BB4-63C0-47D4-A444-A174F9308500}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}] AVG Safe Search - C:\Program Files\AVG\AVG10\avgssie.dll [2010-11-04 2731360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{78875F5C-A685-4405-8DC5-D48DC65452B0}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}] AVG Security Toolbar [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}] AVG Security Toolbar BHO - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll [2010-10-06 2475336] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\s wg.dll [2009-12-11 761840] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-09-15 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {A057A204-BACC-4D26-9990-79A187E2698E} - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - AVG Security Toolbar - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll [2010-10-06 2475336] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Run] "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184] "TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2007-03-29 411192] "SynTPStart"=C:\Program Files\Synaptics\SynTP\SynTPStart.exe [2007-10-29 102400] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-08-14 1348904] "SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552] "SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2007-06-15 448080] "RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2006-11-07 3772416] "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-09-08 421888] "Persistence"=C:\Windows\system32\igfxpers.exe [2008-06-18 133656] "NvSvc"=C:\Windows\system32\nvsvc.dll [2006-12-07 90191] "NvMediaCenter"=C:\Windows\system32\NvMcTray.d ll [2006-12-07 81920] "NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2006-12-07 7766016] "LogMeIn GUI"=C:\Program Files\LogMeIn\x86\LogMeInSystray.exe [2010-01-27 63048] "Kernel and Hardware Abstraction Layer"=C:\Windows\KHALMNPR.EXE [2007-04-11 56080] "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2010-09-24 421160] "IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-06-18 141848] "HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2006-12-07 55416] "HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-06-18 166424] "AVG_TRAY"=C:\Program Files\AVG\AVG10\avgtray.exe [2010-10-22 2745696] "00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2007-08-03 714080] "AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [2010-10-08 47904] [HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Run] "SmartRAM"=C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe [2010-07-21 198864] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920] "AnyDVD"=C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe [2010-12-04 4721224] "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup Evernote Clipper.lnk - C:\Windows\Installer\{F761359C-9CED-45AE-9A51-9D6605CD55C4}\Evernote.ico C:\Users\Marco\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Startup Dropbox.lnk - C:\Users\Marco\AppData\Roaming\Dropbox\bin\Dropbox .exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\Windows\system32\igfxdev.dll [2008-06-18 204800] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\network\vsmon] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\network\WudfUsbccidDriver] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Policies\explorer] "BindDirectlyToPropertySetStorage"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\servic es\sharedaccess\parameters\firewallpolicy\standard profile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\servic es\sharedaccess\parameters\firewallpolicy\domainpr ofile\authorizedapplications\list] |
#33
|
||||
|
||||
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* .scr - open - "C:\Windows\system32\NOTEPAD.EXE" "%1" .scr - install - .scr - config - ======List of files/folders created in the last 3 months====== 2010-12-01 20:06:29 ----A---- C:\Windows\system32\drivers\AnyDVD.sys 2010-11-30 21:43:26 ----A---- C:\Windows\system32\drivers\ElbyCDIO.sys 2010-11-29 22:14:45 ----D---- C:\Windows\pss 2010-11-25 19:29:05 ----A---- C:\Windows\system32\ElbyCDIO.dll 2010-11-23 22:39:51 ----D---- C:\Program Files\trend micro 2010-11-23 22:39:50 ----D---- C:\rsit 2010-11-20 22:05:37 ----D---- C:\Users\Marco\AppData\Roaming\Uniblue 2010-11-20 22:05:05 ----HDC---- C:\ProgramData\{6DAA3B20-D487-4FA2-81D5-50404CCB868D} 2010-11-20 22:05:00 ----D---- C:\Program Files\Uniblue 2010-11-09 22:20:58 ----A---- C:\Windows\system32\drivers\avgtdix.sys 2010-11-05 17:48:21 ----A---- C:\Windows\system32\javaws.exe 2010-11-05 17:48:21 ----A---- C:\Windows\system32\javaw.exe 2010-11-05 17:48:21 ----A---- C:\Windows\system32\java.exe 2010-11-03 23:23:48 ----D---- C:\Program Files\iPod 2010-11-03 23:23:46 ----D---- C:\Program Files\iTunes 2010-11-03 23:21:24 ----D---- C:\Program Files\QuickTime 2010-11-03 23:20:27 ----D---- C:\Program Files\Apple Software Update 2010-11-03 23:17:53 ----D---- C:\Program Files\Bonjour 2010-11-03 23:17:32 ----D---- C:\Program Files\Common Files\Apple 2010-11-03 23:03:06 ----D---- C:\Program Files\Windows Installer Clean Up 2010-11-01 08:24:14 ----D---- C:\Program Files\Evernote 2010-10-31 11:50:36 ----D---- C:\Program Files\Common Files\Skype 2010-10-31 11:50:34 ----RD---- C:\Program Files\Skype 2010-10-27 21:38:33 ----A---- C:\Windows\system32\gameux.dll 2010-10-27 21:38:29 ----A---- C:\Windows\system32\Apphlpdm.dll 2010-10-27 21:38:28 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll 2010-10-25 21:31:56 ----D---- C:\Users\Marco\AppData\Roaming\Foxit Software 2010-10-23 19:38:38 ----D---- C:\Program Files\Foxit Software 2010-10-15 19:24:23 ----A---- C:\Windows\system32\wmp.dll 2010-10-15 19:24:20 ----A---- C:\Windows\system32\wmploc.DLL 2010-10-15 19:24:03 ----A---- C:\Windows\system32\win32k.sys 2010-10-15 19:23:59 ----A---- C:\Windows\system32\msshsq.dll 2010-10-15 19:23:56 ----A---- C:\Windows\system32\t2embed.dll 2010-10-15 19:23:48 ----A---- C:\Windows\system32\srvsvc.dll 2010-10-15 19:23:48 ----A---- C:\Windows\system32\netevent.dll 2010-10-15 19:23:48 ----A---- C:\Windows\system32\drivers\srvnet.sys 2010-10-15 19:23:48 ----A---- C:\Windows\system32\drivers\srv2.sys 2010-10-15 19:23:48 ----A---- C:\Windows\system32\drivers\srv.sys 2010-10-15 19:23:36 ----A---- C:\Windows\system32\schannel.dll 2010-10-15 19:23:32 ----A---- C:\Windows\system32\mshtml.dll 2010-10-15 19:23:31 ----A---- C:\Windows\system32\ieframe.dll 2010-10-15 19:23:29 ----A---- C:\Windows\system32\msfeeds.dll 2010-10-15 19:23:29 ----A---- C:\Windows\system32\licmgr10.dll 2010-10-15 19:23:28 ----A---- C:\Windows\system32\wininet.dll 2010-10-15 19:23:28 ----A---- C:\Windows\system32\urlmon.dll 2010-10-15 19:23:28 ----A---- C:\Windows\system32\mshtmled.dll 2010-10-15 19:23:27 ----A---- C:\Windows\system32\mstime.dll 2010-10-15 19:23:27 ----A---- C:\Windows\system32\iertutil.dll 2010-10-15 19:23:26 ----A---- C:\Windows\system32\occache.dll 2010-10-15 19:23:26 ----A---- C:\Windows\system32\msfeedssync.exe 2010-10-15 19:23:26 ----A---- C:\Windows\system32\msfeedsbs.dll 2010-10-15 19:23:26 ----A---- C:\Windows\system32\jsproxy.dll 2010-10-15 19:23:26 ----A---- C:\Windows\system32\ieUnatt.exe 2010-10-15 19:23:26 ----A---- C:\Windows\system32\ieui.dll 2010-10-15 19:23:26 ----A---- C:\Windows\system32\iesysprep.dll 2010-10-15 19:23:26 ----A---- C:\Windows\system32\iesetup.dll 2010-10-15 19:23:26 ----A---- C:\Windows\system32\iernonce.dll 2010-10-15 19:23:26 ----A---- C:\Windows\system32\iepeers.dll 2010-10-15 19:23:26 ----A---- C:\Windows\system32\iedkcs32.dll 2010-10-15 19:23:26 ----A---- C:\Windows\system32\ie4uinit.exe 2010-10-15 19:23:22 ----A---- C:\Windows\system32\mfc40u.dll 2010-10-15 19:23:22 ----A---- C:\Windows\system32\mfc40.dll 2010-10-15 19:23:18 ----A---- C:\Windows\system32\ole32.dll 2010-10-15 19:23:14 ----A---- C:\Windows\system32\wmpmde.dll 2010-10-15 19:15:24 ----A---- C:\Windows\system32\comctl32.dll 2010-09-29 22:10:31 ----D---- C:\Users\Marco\AppData\Roaming\AVG10 2010-09-29 22:08:24 ----HD---- C:\ProgramData\Common Files 2010-09-29 22:07:18 ----D---- C:\ProgramData\AVG Security Toolbar 2010-09-29 22:04:36 ----D---- C:\Windows\system32\drivers\AVG 2010-09-29 22:04:36 ----D---- C:\ProgramData\AVG10 2010-09-29 21:04:27 ----D---- C:\ProgramData\MFAData 2010-09-28 21:11:14 ----A---- C:\Windows\system32\tzres.dll 2010-09-26 15:31:21 ----D---- C:\Users\Marco\AppData\Roaming\com.mypicturetown.m yptuploader.F9C4985A082C78528AFA4529A49FFE7D3454A6 4B.1 2010-09-26 15:31:03 ----D---- C:\Program Files\my Picturetown 2010-09-26 15:30:53 ----D---- C:\Program Files\Common Files\Adobe AIR 2010-09-17 23:18:45 ----A---- C:\Windows\system32\usp10.dll 2010-09-17 23:18:39 ----A---- C:\Windows\system32\spoolsv.exe 2010-09-17 23:18:38 ----A---- C:\Windows\system32\MP4SDECD.DLL 2010-09-17 23:18:36 ----A---- C:\Windows\system32\inetcomm.dll 2010-09-13 15:27:40 ----A---- C:\Windows\system32\drivers\AVGIDSEH.sys 2010-09-12 00:20:21 ----D---- C:\Program Files\PokerStars.IT ======List of files/folders modified in the last 3 months====== 2010-12-10 22:43:22 ----D---- C:\Windows\Temp 2010-12-10 22:42:47 ----D---- C:\Windows\Prefetch 2010-12-10 22:30:45 ----D---- C:\Users\Marco\AppData\Roaming\Dropbox 2010-12-10 21:33:40 ----D---- C:\Windows\Tasks 2010-12-10 21:30:51 ----D---- C:\Windows\System32 2010-12-10 21:30:38 ----D---- C:\Program Files\LogMeIn 2010-12-08 23:19:55 ----SHD---- C:\System Volume Information 2010-12-08 19:41:00 ----RD---- C:\Users 2010-12-07 23:42:23 ----D---- C:\Windows\system32\Tasks 2010-12-07 23:19:35 ----SHD---- C:\Windows\Installer 2010-12-07 23:19:24 ----HD---- C:\Config.Msi 2010-12-05 17:25:47 ----SHD---- C:\$Recycle.Bin 2010-12-05 12:51:38 ----D---- C:\Users\Marco\AppData\Roaming\Mozilla 2010-12-04 15:52:42 ----D---- C:\Windows\system32\catroot2 2010-12-04 09:29:38 ----D---- C:\Windows\winsxs 2010-12-04 09:29:37 ----D---- C:\Program Files\Internet Explorer 2010-12-04 09:26:44 ----D---- C:\Windows\system32\catroot 2010-12-04 07:00:12 ----RSD---- C:\Windows\assembly 2010-12-04 07:00:07 ----RD---- C:\Program Files 2010-12-04 07:00:07 ----D---- C:\ProgramData\Autodesk 2010-12-04 07:00:07 ----D---- C:\Program Files\Microsoft Office 2010-12-04 07:00:07 ----D---- C:\Program Files\Common Files\DESIGNER 2010-12-04 07:00:07 ----D---- C:\Program Files\Common Files\Autodesk Shared 2010-12-04 06:59:57 ----RSD---- C:\Windows\Fonts 2010-12-04 06:59:47 ----D---- C:\Windows\Help 2010-11-30 19:34:24 ----D---- C:\Windows\inf 2010-11-30 19:34:24 ----A---- C:\Windows\system32\PerfStringBackup.INI 2010-11-29 22:14:45 ----AD---- C:\Windows 2010-11-29 22:08:21 ----D---- C:\ProgramData\pdf995 2010-11-26 21:48:06 ----D---- C:\Program Files\Microsoft Silverlight 2010-11-23 21:48:00 ----D---- C:\Windows\system32\drivers 2010-11-20 23:06:28 ----D---- C:\Windows\system32\config 2010-11-20 22:05:05 ----HD---- C:\ProgramData 2010-11-19 22:58:05 ----D---- C:\Users\Marco\AppData\Roaming\Skype 2010-11-19 22:07:49 ----D---- C:\Users\Marco\AppData\Roaming\skypePM 2010-11-09 21:16:34 ----D---- C:\Program Files\Windows Mail 2010-11-09 21:13:15 ----A---- C:\Windows\system32\mrt.exe 2010-11-05 17:46:35 ----D---- C:\Program Files\Java 2010-11-05 05:54:43 ----D---- C:\Windows\Microsoft.NET 2010-11-05 00:07:36 ----D---- C:\Program Files\Xobni 2010-11-03 23:17:32 ----D---- C:\Program Files\Common Files 2010-11-03 22:10:43 ----D---- C:\Users\Marco\AppData\Roaming\GoodSync 2010-10-31 11:50:20 ----D---- C:\ProgramData\Skype 2010-10-29 21:19:52 ----D---- C:\Program Files\Mozilla Firefox 2010-10-27 21:43:32 ----D---- C:\Windows\AppPatch 2010-10-23 16:19:26 ----D---- C:\Program Files\Adobe 2010-10-23 16:19:25 ----D---- C:\ProgramData\Adobe 2010-10-15 19:56:39 ----D---- C:\Windows\rescache 2010-10-15 19:34:55 ----D---- C:\Windows\system32\it-IT 2010-10-15 19:34:55 ----D---- C:\Program Files\Windows Media Player 2010-10-15 19:34:53 ----D---- C:\Windows\system32\migration 2010-10-03 10:49:19 ----D---- C:\Program Files\Safari 2010-09-30 20:52:11 ----A---- C:\Windows\system32\LMIRfsClientNP.dll 2010-09-30 20:52:10 ----A---- C:\Windows\system32\LMIport.dll 2010-09-30 20:52:10 ----A---- C:\Windows\system32\LMIinit.dll 2010-09-29 22:05:40 ----D---- C:\Program Files\Windows Sidebar 2010-09-29 21:21:07 ----D---- C:\ProgramData\avg9 2010-09-29 21:12:38 ----D---- C:\Program Files\AVG 2010-09-26 15:29:45 ----D---- C:\Users\Marco\AppData\Roaming\Adobe 2010-09-15 04:50:37 ----A---- C:\Windows\system32\deployJava1.dll ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 AVGIDSEH;AVGIDSEH; C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [2010-09-13 25680] R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx86.sys [2010-09-07 26064] R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2008-11-20 43872] R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2007-11-09 23640] R1 Avgldx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys [2010-09-07 249424] R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys [2010-09-07 34384] R1 Avgtdix;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdix.sys [2010-11-09 299984] R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2010-11-30 30888] R2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Program Files\LogMeIn\x86\RaInfo.sys [2010-01-27 12856] R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\Windows\system32\drivers\LMIRfsDriver.sys [2010-01-27 47640] R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-08-31 1161152] R3 AnyDVD;AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [2010-12-01 108104] R3 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [2010-08-19 123472] R3 AVGIDSFilter;AVGIDSFilter; C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [2010-08-19 30288] R3 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\AVGIDSShim.Sys [2010-08-19 27216] R3 E100B;Driver scheda Intel(R) PRO; C:\Windows\system32\DRIVERS\e100b325.sys [2008-01-19 159744] R3 FwLnk;FwLnk Driver; C:\Windows\system32\DRIVERS\FwLnk.sys [2006-11-19 7168] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600] R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-06-18 2307584] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2006-11-17 1651752] R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2007-04-11 34832] R3 lmimirr;lmimirr; C:\Windows\system32\DRIVERS\lmimirr.sys [2010-01-27 10144] R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2007-04-11 36112] R3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\Windows\System32\Drivers\LUsbFilt.Sys [2007-04-11 28688] R3 MarvinBus;Pinnacle Marvin Bus; C:\Windows\system32\DRIVERS\MarvinBus.sys [2007-01-04 171520] R3 NETw4v32;Driver scheda Intel(R) Wireless WiFi Link per Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-12-28 2251776] R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-08-14 203312] R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2006-10-18 16128] R3 tifm21;tifm21; C:\Windows\system32\drivers\tifm21.sys [2006-07-06 168448] S0 Lbd;Lbd; C:\Windows\system32\DRIVERS\Lbd.sys [] S1 Tosrfcom;Tosrfcom; C:\Windows\system32\drivers\Tosrfcom.sys [2005-08-01 64896] S3 61883;Dispositivo unità 61883; C:\Windows\system32\DRIVERS\61883.sys [2008-01-19 45696] S3 Avc;Dispositivo AVC; C:\Windows\system32\DRIVERS\avc.sys [2008-01-19 40448] S3 Dot4;Driver MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-19 131584] S3 Dot4Print;Driver classe Print per IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-19 16384] S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-19 36864] S3 drmkaud;Decodificatore audio DRM del kernel Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632] S3 HdAudAddService;Driver di funzioni Microsoft 1.1 UAA per servizio High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520] S3 hxctlflt;hxctlflt; C:\Windows\System32\Drivers\hxctlflt.sys [2009-02-09 99968] S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-06-18 2307584] S3 Iviaspi;IVI ASPI Shell; C:\Windows\system32\drivers\iviaspi.sys [] S3 LVUSBSta;Logitech USB Monitor Filter; C:\Windows\system32\drivers\LVUSBSta.sys [2007-10-12 41752] S3 MSDV;Microsoft DV Camera and VCR; C:\Windows\system32\DRIVERS\msdv.sys [2008-01-19 52608] S3 MSKSSRV;Proxy di servizio di flusso Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192] S3 MSPCLOCK;Proxy clock di flusso Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888] S3 MSPQM;Proxy di gestione qualità di flusso Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504] S3 MSTEE;Convertitore a T/Sito a sito per flusso Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016] S3 Netaapl;Apple Mobile Device Ethernet Service; C:\Windows\system32\DRIVERS\netaapl.sys [] S3 NETw3v32;Driver per scheda di rete Intel(R) PRO/Wireless 3945ABG per Windows Vista a 32 bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-10-30 1786880] S3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2006-12-07 4456416] S3 ONDAusbmdm6k;ONDA Proprietary USB Driver; C:\Windows\system32\DRIVERS\ONDAusbmdm6k.sys [2008-09-16 104960] S3 ONDAusbnet;ONDA USB-NDIS miniport; C:\Windows\system32\DRIVERS\ONDAusbnet.sys [2008-09-16 110080] S3 ONDAusbnmea;ONDA NMEA Port; C:\Windows\system32\DRIVERS\ONDAusbnmea.sys [2008-09-16 104960] S3 ONDAusbser6k;ONDA Diagnostic Port; C:\Windows\system32\DRIVERS\ONDAusbser6k.sys [2008-09-16 104960] S3 PID_0928;Logitech QuickCam Express(PID_0928); C:\Windows\system32\DRIVERS\LV561AV.SYS [2007-10-12 490776] S3 SNP2UVC;Hercules Webcam; C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-04-22 3482112] S3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2006-10-23 9216] S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2010-04-19 41984] S3 usbaudio;Driver audio USB (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-11 73216] S3 usbscan;Driver scanner USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328] S3 usbvideo;Dispositivo video USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-19 134016] S3 WISTechVIDCAP;WIS GO7007SB A/V Capture; C:\Windows\system32\drivers\wisgostrm.sys [2005-10-03 245376] S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448] S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328] S4 KR10I;KR10I; C:\Windows\system32\drivers\kr10i.sys [2006-02-14 216320] S4 KR10N;KR10N; C:\Windows\system32\drivers\kr10n.sys [2006-02-14 208256] S4 LMIRfsClientNP;LMIRfsClientNP; C:\Windows\system32\drivers\LMIRfsClientNP.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2006-09-12 9216] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-08-13 144672] R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2010-11-10 6127184] R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG10\avgwdsvc.exe [2010-10-22 265400] R2 Bonjour Service; Servizio Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2010-07-27 345376] R2 CFSvcs;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2006-11-14 40960] R2 hpqddsvc;Servizio di rilevamento dispositivi HP CUE; C:\Windows\system32\svchost.exe [2008-01-19 21504] R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe [2010-09-23 374152] R2 LMIMaint;LogMeIn Maintenance Service; C:\Program Files\LogMeIn\x86\RaMaint.exe [2010-09-30 116104] R2 LogMeIn;LogMeIn; C:\Program Files\LogMeIn\x86\LogMeIn.exe [2010-01-27 63040] R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120] R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504] R2 ONDA Autorun CDROM Monitor;ONDA Autorun CDROM Monitor; C:\Windows\system32\SupportAppXL\onda_mon.exe [2008-09-17 86016] R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504] R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2006-05-25 114688] R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2007-03-29 427576] R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2006-10-31 77824] R2 XobniService;XobniService; C:\Program Files\Xobni\XobniService.exe [2010-08-12 56040] R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-19 21504] R3 iPod Service;Servizio iPod; C:\Program Files\iPod\bin\iPodService.exe [2010-09-24 820008] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\msco rsvw.exe [2010-03-18 130384] S2 gupdate1c98a0799186b7c;Google Update Service (gupdate1c98a0799186b7c); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-02-08 133104] S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-11 194032] S2 PCLEPCI;PCLEPCI; C:\Windows\system32\drivers\pclepci.sys [2005-02-09 14165] S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2010-09-04 85096] S3 AVG Security Toolbar Service;AVG Security Toolbar Service; C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe [2010-10-06 517448] S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504] S3 getPlusHelper;@C:\Program Files\NOS\bin\getPlus_Helper.dll,-101; C:\Windows\System32\svchost.exe [2008-01-19 21504] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Frame work\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\ WPFFontCache_v0400.exe [2010-03-18 753504] -----------------EOF----------------- |
#34
|
||||
|
||||
You posted the same log twice Marco. Can you please also post the other log generated from Anna's account (info.txt).
|
#35
|
||||
|
||||
Also tell me whether or not Anna's account is an Admin account please.
|
#36
|
||||
|
||||
Ok, I had a quick look while I was waiting and straight away I can see that Anna has more processes running that your account does.
Have you disabled some startups and/or services using msconfig or another utility? If so, please re-enable all startups and reboot. I suspect this may be the cause of your problem. |
#37
|
||||
|
||||
I had high hopes that it would work but after I enabled all startups and rebooted the runtime error showed up. :-(.
|
#38
|
||||
|
||||
Ok, could you please re-enable all services and startups again (if you have disabled any) and run RSIT again and post a new log. I want to compare your account against Anna's account when it is not running in selective startup mode.
Also tell me if Anna's account has Admin permissions please. |
#39
|
||||
|
||||
here is the log after all startups were enabled:
Logfile of random's system information tool 1.08 (written by random/random) Run by Marco at 2010-12-15 22:18:48 Microsoft® Windows Vista™ Home Premium Service Pack 2 System drive C: has 5 GB (9%) free of 57 GB Total RAM: 2037 MB (37% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 22.29.24, on 15/12/2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18975) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe C:\Windows\system32\taskeng.exe C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe C:\Program Files\Synaptics\SynTP\SynTPStart.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Windows\RtHDVCpl.exe C:\Windows\System32\igfxpers.exe C:\Program Files\LogMeIn\x86\LogMeInSystray.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Program Files\AVG\AVG10\avgtray.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\Evernote\Evernote\EvernoteClipper.exe C:\Users\Marco\AppData\Roaming\Dropbox\bin\Dropbox .exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\System32\rundll32.exe C:\Program Files\Synaptics\SynTP\SynToshiba.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe E:\Downloads\RSIT.exe C:\Program Files\trend micro\Marco.exe C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe C:\Program Files\Common Files\Apple\Mobile Device Support\SyncServer.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.libero.it/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll O1 - Hosts: ::1 localhost O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll O2 - BHO: (no name) - {78875F5C-A685-4405-8DC5-D48DC65452B0} - (no file) O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - (no file) O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\s wg.dll O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - (no file) O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll O3 - Toolbar: Foxit Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe" O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [SmartRAM] "C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe" /m O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [Nikon Transfer Monitor] C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe O4 - HKCU\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide O4 - HKCU\..\Run: [LogitechCommunicationsManager] C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe O4 - HKCU\..\Run: [Google Update] "C:\Users\Marco\AppData\Local\Google\Update\Google Update.exe" /c O4 - HKCU\..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVIZIO LOCALE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVIZIO LOCALE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVIZIO DI RETE') O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user') O4 - Startup: Dropbox.lnk = C:\Users\Marco\AppData\Roaming\Dropbox\bin\Dropbox .exe O4 - Global Startup: Evernote Clipper.lnk = ? O8 - Extra context menu item: Add to Evernote 4.0 - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204 O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204 (file missing) O9 - Extra 'Tools' menuitem: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204 (file missing) O9 - Extra button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?IT (file missing) O16 - DPF: {80AEEC0E-A2BE-4B8D-985F-350FE869DC40} - http://h20264.www2.hp.com/ediags/dd/...sticsVista.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe O23 - Service: Servizio Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: Google Update Service (gupdate1c98a0799186b7c) (gupdate1c98a0799186b7c) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe O23 - Service: ONDA Autorun CDROM Monitor - Unknown owner - C:\Windows\system32\SupportAppXL\onda_mon.exe O23 - Service: PCLEPCI - Pinnacle Systems GmbH - C:\Windows\system32\drivers\pclepci.sys O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe O23 - Service: XobniService - Xobni Corporation - C:\Program Files\Xobni\XobniService.exe -- End of file - 11599 bytes ======Scheduled tasks folder====== C:\Windows\tasks\AWC AutoSweep.job C:\Windows\tasks\AWC Startup.job C:\Windows\tasks\AWC Update.job C:\Windows\tasks\Google Software Updater.job C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1925610512-189826699-490347785-1000Core.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1925610512-189826699-490347785-1000UA.job C:\Windows\tasks\RegistryBooster.job C:\Windows\tasks\User_Feed_Synchronization-{D9B30BB4-63C0-47D4-A444-A174F9308500}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}] AVG Safe Search - C:\Program Files\AVG\AVG10\avgssie.dll [2010-11-04 2731360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{78875F5C-A685-4405-8DC5-D48DC65452B0}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}] AVG Security Toolbar [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}] AVG Security Toolbar BHO - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll [2010-10-06 2475336] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\s wg.dll [2009-12-11 761840] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] Foxit Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-09-28 1400712] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-09-15 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {A057A204-BACC-4D26-9990-79A187E2698E} - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - AVG Security Toolbar - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll [2010-10-06 2475336] {D4027C7F-154A-4066-A1AD-4243D8127440} - Foxit Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-09-28 1400712] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Run] "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184] "TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2007-03-29 411192] "SynTPStart"=C:\Program Files\Synaptics\SynTP\SynTPStart.exe [2007-10-29 102400] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-08-14 1348904] "SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552] "SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2007-06-15 448080] "RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2006-11-07 3772416] "Persistence"=C:\Windows\system32\igfxpers.exe [2008-06-18 133656] "NvSvc"=C:\Windows\system32\nvsvc.dll [2006-12-07 90191] "NvMediaCenter"=C:\Windows\system32\NvMcTray.d ll [2006-12-07 81920] "NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2006-12-07 7766016] "LogMeIn GUI"=C:\Program Files\LogMeIn\x86\LogMeInSystray.exe [2010-01-27 63048] "Kernel and Hardware Abstraction Layer"=C:\Windows\KHALMNPR.EXE [2007-04-11 56080] "IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-06-18 141848] "HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2006-12-07 55416] "HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-06-18 166424] "AVG_TRAY"=C:\Program Files\AVG\AVG10\avgtray.exe [2010-10-22 2745696] "00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2007-08-03 714080] "AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [2010-10-08 47904] "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-11-29 421888] "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2010-11-17 421160] [HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Run] "SmartRAM"=C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe [2010-07-21 198864] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920] "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240] "Skype"=C:\Program Files\Skype\Phone\Skype.exe [2010-10-11 14940040] "Nikon Transfer Monitor"=C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe [2008-12-16 479232] "LogitechQuickCamRibbon"=C:\Program Files\Logitech\QuickCam\Quickcam.exe /hide [] "LogitechCommunicationsManager"=C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe [] "Google Update"=C:\Users\Marco\AppData\Local\Google\Update \GoogleUpdate.exe [2009-05-07 133104] "Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup Evernote Clipper.lnk - C:\Windows\Installer\{F761359C-9CED-45AE-9A51-9D6605CD55C4}\Evernote.ico C:\Users\Marco\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Startup Dropbox.lnk - C:\Users\Marco\AppData\Roaming\Dropbox\bin\Dropbox .exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\Windows\system32\igfxdev.dll [2008-06-18 204800] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\network\vsmon] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\network\WudfUsbccidDriver] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Policies\explorer] "BindDirectlyToPropertySetStorage"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\servic es\sharedaccess\parameters\firewallpolicy\standard profile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\servic es\sharedaccess\parameters\firewallpolicy\domainpr ofile\authorizedapplications\list] |
#40
|
||||
|
||||
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* .scr - open - "C:\Windows\system32\NOTEPAD.EXE" "%1" .scr - install - .scr - config - ======List of files/folders created in the last 3 months====== 2010-12-15 22:18:48 ----D---- C:\rsit 2010-12-11 01:17:46 ----D---- C:\Program Files\iPod 2010-12-11 00:38:26 ----D---- C:\Users\Marco\AppData\Roaming\Foxit 2010-12-11 00:36:36 ----D---- C:\Program Files\Ask.com 2010-12-11 00:18:20 ----D---- C:\Program Files\QuickTime 2010-12-01 20:06:29 ----A---- C:\Windows\system32\drivers\AnyDVD.sys 2010-11-30 21:43:26 ----A---- C:\Windows\system32\drivers\ElbyCDIO.sys 2010-11-29 22:14:45 ----D---- C:\Windows\pss 2010-11-25 19:29:05 ----A---- C:\Windows\system32\ElbyCDIO.dll 2010-11-23 22:39:51 ----D---- C:\Program Files\trend micro 2010-11-20 22:05:37 ----D---- C:\Users\Marco\AppData\Roaming\Uniblue 2010-11-20 22:05:05 ----HDC---- C:\ProgramData\{6DAA3B20-D487-4FA2-81D5-50404CCB868D} 2010-11-20 22:05:00 ----D---- C:\Program Files\Uniblue 2010-11-09 22:20:58 ----A---- C:\Windows\system32\drivers\avgtdix.sys 2010-11-05 17:48:21 ----A---- C:\Windows\system32\javaws.exe 2010-11-05 17:48:21 ----A---- C:\Windows\system32\javaw.exe 2010-11-05 17:48:21 ----A---- C:\Windows\system32\java.exe 2010-11-03 23:23:46 ----D---- C:\Program Files\iTunes 2010-11-03 23:20:27 ----D---- C:\Program Files\Apple Software Update 2010-11-03 23:17:53 ----D---- C:\Program Files\Bonjour 2010-11-03 23:17:32 ----D---- C:\Program Files\Common Files\Apple 2010-11-03 23:03:06 ----D---- C:\Program Files\Windows Installer Clean Up 2010-11-01 08:24:14 ----D---- C:\Program Files\Evernote 2010-10-31 11:50:36 ----D---- C:\Program Files\Common Files\Skype 2010-10-31 11:50:34 ----RD---- C:\Program Files\Skype 2010-10-27 21:38:33 ----A---- C:\Windows\system32\gameux.dll 2010-10-27 21:38:29 ----A---- C:\Windows\system32\Apphlpdm.dll 2010-10-27 21:38:28 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll 2010-10-25 21:31:56 ----D---- C:\Users\Marco\AppData\Roaming\Foxit Software 2010-10-23 19:38:38 ----D---- C:\Program Files\Foxit Software 2010-10-15 19:24:23 ----A---- C:\Windows\system32\wmp.dll 2010-10-15 19:24:20 ----A---- C:\Windows\system32\wmploc.DLL 2010-10-15 19:24:03 ----A---- C:\Windows\system32\win32k.sys 2010-10-15 19:23:59 ----A---- C:\Windows\system32\msshsq.dll 2010-10-15 19:23:56 ----A---- C:\Windows\system32\t2embed.dll 2010-10-15 19:23:48 ----A---- C:\Windows\system32\srvsvc.dll 2010-10-15 19:23:48 ----A---- C:\Windows\system32\netevent.dll 2010-10-15 19:23:48 ----A---- C:\Windows\system32\drivers\srvnet.sys 2010-10-15 19:23:48 ----A---- C:\Windows\system32\drivers\srv2.sys 2010-10-15 19:23:48 ----A---- C:\Windows\system32\drivers\srv.sys 2010-10-15 19:23:36 ----A---- C:\Windows\system32\schannel.dll 2010-10-15 19:23:32 ----A---- C:\Windows\system32\mshtml.dll 2010-10-15 19:23:31 ----A---- C:\Windows\system32\ieframe.dll 2010-10-15 19:23:29 ----A---- C:\Windows\system32\msfeeds.dll 2010-10-15 19:23:29 ----A---- C:\Windows\system32\licmgr10.dll 2010-10-15 19:23:28 ----A---- C:\Windows\system32\wininet.dll 2010-10-15 19:23:28 ----A---- C:\Windows\system32\urlmon.dll 2010-10-15 19:23:28 ----A---- C:\Windows\system32\mshtmled.dll 2010-10-15 19:23:27 ----A---- C:\Windows\system32\mstime.dll 2010-10-15 19:23:27 ----A---- C:\Windows\system32\iertutil.dll 2010-10-15 19:23:26 ----A---- C:\Windows\system32\occache.dll 2010-10-15 19:23:26 ----A---- C:\Windows\system32\msfeedssync.exe 2010-10-15 19:23:26 ----A---- C:\Windows\system32\msfeedsbs.dll 2010-10-15 19:23:26 ----A---- C:\Windows\system32\jsproxy.dll 2010-10-15 19:23:26 ----A---- C:\Windows\system32\ieUnatt.exe 2010-10-15 19:23:26 ----A---- C:\Windows\system32\ieui.dll 2010-10-15 19:23:26 ----A---- C:\Windows\system32\iesysprep.dll 2010-10-15 19:23:26 ----A---- C:\Windows\system32\iesetup.dll 2010-10-15 19:23:26 ----A---- C:\Windows\system32\iernonce.dll 2010-10-15 19:23:26 ----A---- C:\Windows\system32\iepeers.dll 2010-10-15 19:23:26 ----A---- C:\Windows\system32\iedkcs32.dll 2010-10-15 19:23:26 ----A---- C:\Windows\system32\ie4uinit.exe 2010-10-15 19:23:22 ----A---- C:\Windows\system32\mfc40u.dll 2010-10-15 19:23:22 ----A---- C:\Windows\system32\mfc40.dll 2010-10-15 19:23:18 ----A---- C:\Windows\system32\ole32.dll 2010-10-15 19:23:14 ----A---- C:\Windows\system32\wmpmde.dll 2010-10-15 19:15:24 ----A---- C:\Windows\system32\comctl32.dll 2010-09-29 22:10:31 ----D---- C:\Users\Marco\AppData\Roaming\AVG10 2010-09-29 22:08:24 ----HD---- C:\ProgramData\Common Files 2010-09-29 22:07:18 ----D---- C:\ProgramData\AVG Security Toolbar 2010-09-29 22:04:36 ----D---- C:\Windows\system32\drivers\AVG 2010-09-29 22:04:36 ----D---- C:\ProgramData\AVG10 2010-09-29 21:04:27 ----D---- C:\ProgramData\MFAData 2010-09-28 21:11:14 ----A---- C:\Windows\system32\tzres.dll 2010-09-28 15:44:52 ----A---- C:\Windows\system32\usbaaplrc.dll 2010-09-28 15:44:52 ----A---- C:\Windows\system32\drivers\usbaapl.sys 2010-09-26 15:31:21 ----D---- C:\Users\Marco\AppData\Roaming\com.mypicturetown.m yptuploader.F9C4985A082C78528AFA4529A49FFE7D3454A6 4B.1 2010-09-26 15:31:03 ----D---- C:\Program Files\my Picturetown 2010-09-26 15:30:53 ----D---- C:\Program Files\Common Files\Adobe AIR 2010-09-17 23:18:45 ----A---- C:\Windows\system32\usp10.dll 2010-09-17 23:18:39 ----A---- C:\Windows\system32\spoolsv.exe 2010-09-17 23:18:38 ----A---- C:\Windows\system32\MP4SDECD.DLL 2010-09-17 23:18:36 ----A---- C:\Windows\system32\inetcomm.dll ======List of files/folders modified in the last 3 months====== 2010-12-15 22:28:22 ----D---- C:\Users\Marco\AppData\Roaming\Skype 2010-12-15 22:27:48 ----D---- C:\Windows\Temp 2010-12-15 22:16:50 ----D---- C:\Users\Marco\AppData\Roaming\Dropbox 2010-12-15 22:12:48 ----D---- C:\Windows\Tasks 2010-12-15 22:12:05 ----D---- C:\Users\Marco\AppData\Roaming\skypePM 2010-12-15 22:10:14 ----D---- C:\Windows\System32 2010-12-15 22:09:37 ----D---- C:\Program Files\LogMeIn 2010-12-11 14:45:46 ----SHD---- C:\System Volume Information 2010-12-11 01:51:59 ----D---- C:\Program Files\Mozilla Firefox 2010-12-11 01:25:43 ----AD---- C:\Windows 2010-12-11 01:22:58 ----HD---- C:\Config.Msi 2010-12-11 01:20:51 ----SHD---- C:\Windows\Installer 2010-12-11 01:17:46 ----RD---- C:\Program Files 2010-12-11 00:36:51 ----D---- C:\Windows\system32\Tasks 2010-12-11 00:34:22 ----D---- C:\Windows\system32\drivers 2010-12-11 00:28:51 ----D---- C:\Windows\system32\catroot 2010-12-11 00:25:44 ----D---- C:\Windows\inf 2010-12-11 00:13:32 ----D---- C:\Windows\Prefetch 2010-12-08 19:41:00 ----RD---- C:\Users 2010-12-05 17:25:47 ----SHD---- C:\$Recycle.Bin 2010-12-05 12:51:38 ----D---- C:\Users\Marco\AppData\Roaming\Mozilla 2010-12-04 15:52:42 ----D---- C:\Windows\system32\catroot2 2010-12-04 09:29:38 ----D---- C:\Windows\winsxs 2010-12-04 09:29:37 ----D---- C:\Program Files\Internet Explorer 2010-12-04 07:00:12 ----RSD---- C:\Windows\assembly 2010-12-04 07:00:07 ----D---- C:\ProgramData\Autodesk 2010-12-04 07:00:07 ----D---- C:\Program Files\Microsoft Office 2010-12-04 07:00:07 ----D---- C:\Program Files\Common Files\DESIGNER 2010-12-04 07:00:07 ----D---- C:\Program Files\Common Files\Autodesk Shared 2010-12-04 06:59:57 ----RSD---- C:\Windows\Fonts 2010-12-04 06:59:47 ----D---- C:\Windows\Help 2010-11-30 19:34:24 ----A---- C:\Windows\system32\PerfStringBackup.INI 2010-11-29 22:08:21 ----D---- C:\ProgramData\pdf995 2010-11-27 07:24:31 ----D---- C:\Program Files\Microsoft Silverlight 2010-11-20 23:06:28 ----D---- C:\Windows\system32\config 2010-11-20 22:05:05 ----HD---- C:\ProgramData 2010-11-09 21:16:34 ----D---- C:\Program Files\Windows Mail 2010-11-09 21:13:15 ----A---- C:\Windows\system32\mrt.exe 2010-11-05 17:46:35 ----D---- C:\Program Files\Java 2010-11-05 05:54:43 ----D---- C:\Windows\Microsoft.NET 2010-11-05 00:07:36 ----D---- C:\Program Files\Xobni 2010-11-03 23:17:32 ----D---- C:\Program Files\Common Files 2010-11-03 22:10:43 ----D---- C:\Users\Marco\AppData\Roaming\GoodSync 2010-10-31 11:50:20 ----D---- C:\ProgramData\Skype 2010-10-27 21:43:32 ----D---- C:\Windows\AppPatch 2010-10-23 16:19:26 ----D---- C:\Program Files\Adobe 2010-10-23 16:19:25 ----D---- C:\ProgramData\Adobe 2010-10-15 22:36:37 ----D---- C:\Program Files\PokerStars.IT 2010-10-15 19:56:39 ----D---- C:\Windows\rescache 2010-10-15 19:34:55 ----D---- C:\Windows\system32\it-IT 2010-10-15 19:34:55 ----D---- C:\Program Files\Windows Media Player 2010-10-15 19:34:53 ----D---- C:\Windows\system32\migration 2010-10-03 10:49:19 ----D---- C:\Program Files\Safari 2010-09-30 20:52:11 ----A---- C:\Windows\system32\LMIRfsClientNP.dll 2010-09-30 20:52:10 ----A---- C:\Windows\system32\LMIport.dll 2010-09-30 20:52:10 ----A---- C:\Windows\system32\LMIinit.dll 2010-09-29 22:05:40 ----D---- C:\Program Files\Windows Sidebar 2010-09-29 21:21:07 ----D---- C:\ProgramData\avg9 2010-09-29 21:12:38 ----D---- C:\Program Files\AVG 2010-09-26 15:29:45 ----D---- C:\Users\Marco\AppData\Roaming\Adobe ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 AVGIDSEH;AVGIDSEH; C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [2010-09-13 25680] R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx86.sys [2010-09-07 26064] R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2008-11-20 43872] R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2007-11-09 23640] R1 Avgldx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys [2010-09-07 249424] R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys [2010-09-07 34384] R1 Avgtdix;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdix.sys [2010-11-09 299984] R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2010-11-30 30888] R2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Program Files\LogMeIn\x86\RaInfo.sys [2010-01-27 12856] R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\Windows\system32\drivers\LMIRfsDriver.sys [2010-01-27 47640] R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-08-31 1161152] R3 AnyDVD;AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [2010-12-01 108104] R3 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [2010-08-19 123472] R3 AVGIDSFilter;AVGIDSFilter; C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [2010-08-19 30288] R3 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\AVGIDSShim.Sys [2010-08-19 27216] R3 E100B;Driver scheda Intel(R) PRO; C:\Windows\system32\DRIVERS\e100b325.sys [2008-01-19 159744] R3 FwLnk;FwLnk Driver; C:\Windows\system32\DRIVERS\FwLnk.sys [2006-11-19 7168] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600] R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-06-18 2307584] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2006-11-17 1651752] R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2007-04-11 34832] R3 lmimirr;lmimirr; C:\Windows\system32\DRIVERS\lmimirr.sys [2010-01-27 10144] R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2007-04-11 36112] R3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\Windows\System32\Drivers\LUsbFilt.Sys [2007-04-11 28688] R3 MarvinBus;Pinnacle Marvin Bus; C:\Windows\system32\DRIVERS\MarvinBus.sys [2007-01-04 171520] R3 NETw4v32;Driver scheda Intel(R) Wireless WiFi Link per Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-12-28 2251776] R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-08-14 203312] R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2006-10-18 16128] R3 tifm21;tifm21; C:\Windows\system32\drivers\tifm21.sys [2006-07-06 168448] S0 Lbd;Lbd; C:\Windows\system32\DRIVERS\Lbd.sys [] S1 Tosrfcom;Tosrfcom; C:\Windows\system32\drivers\Tosrfcom.sys [2005-08-01 64896] S3 61883;Dispositivo unità 61883; C:\Windows\system32\DRIVERS\61883.sys [2008-01-19 45696] S3 Avc;Dispositivo AVC; C:\Windows\system32\DRIVERS\avc.sys [2008-01-19 40448] S3 Dot4;Driver MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-19 131584] S3 Dot4Print;Driver classe Print per IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-19 16384] S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-19 36864] S3 drmkaud;Decodificatore audio DRM del kernel Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632] S3 HdAudAddService;Driver di funzioni Microsoft 1.1 UAA per servizio High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520] S3 hxctlflt;hxctlflt; C:\Windows\System32\Drivers\hxctlflt.sys [2009-02-09 99968] S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-06-18 2307584] S3 Iviaspi;IVI ASPI Shell; C:\Windows\system32\drivers\iviaspi.sys [] S3 LVUSBSta;Logitech USB Monitor Filter; C:\Windows\system32\drivers\LVUSBSta.sys [2007-10-12 41752] S3 MSDV;Microsoft DV Camera and VCR; C:\Windows\system32\DRIVERS\msdv.sys [2008-01-19 52608] S3 MSKSSRV;Proxy di servizio di flusso Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192] S3 MSPCLOCK;Proxy clock di flusso Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888] S3 MSPQM;Proxy di gestione qualità di flusso Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504] S3 MSTEE;Convertitore a T/Sito a sito per flusso Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016] S3 Netaapl;Apple Mobile Device Ethernet Service; C:\Windows\system32\DRIVERS\netaapl.sys [] S3 NETw3v32;Driver per scheda di rete Intel(R) PRO/Wireless 3945ABG per Windows Vista a 32 bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-10-30 1786880] S3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2006-12-07 4456416] S3 ONDAusbmdm6k;ONDA Proprietary USB Driver; C:\Windows\system32\DRIVERS\ONDAusbmdm6k.sys [2008-09-16 104960] S3 ONDAusbnet;ONDA USB-NDIS miniport; C:\Windows\system32\DRIVERS\ONDAusbnet.sys [2008-09-16 110080] S3 ONDAusbnmea;ONDA NMEA Port; C:\Windows\system32\DRIVERS\ONDAusbnmea.sys [2008-09-16 104960] S3 ONDAusbser6k;ONDA Diagnostic Port; C:\Windows\system32\DRIVERS\ONDAusbser6k.sys [2008-09-16 104960] S3 PID_0928;Logitech QuickCam Express(PID_0928); C:\Windows\system32\DRIVERS\LV561AV.SYS [2007-10-12 490776] S3 SNP2UVC;Hercules Webcam; C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-04-22 3482112] S3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2006-10-23 9216] S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2010-09-28 41984] S3 usbaudio;Driver audio USB (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-11 73216] S3 usbscan;Driver scanner USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328] S3 usbvideo;Dispositivo video USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-19 134016] S3 WISTechVIDCAP;WIS GO7007SB A/V Capture; C:\Windows\system32\drivers\wisgostrm.sys [2005-10-03 245376] S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448] S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328] S4 KR10I;KR10I; C:\Windows\system32\drivers\kr10i.sys [2006-02-14 216320] S4 KR10N;KR10N; C:\Windows\system32\drivers\kr10n.sys [2006-02-14 208256] S4 LMIRfsClientNP;LMIRfsClientNP; C:\Windows\system32\drivers\LMIRfsClientNP.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2006-09-12 9216] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-10-16 37664] R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2010-11-10 6127184] R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG10\avgwdsvc.exe [2010-10-22 265400] R2 Bonjour Service; Servizio Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2010-07-27 345376] R2 CFSvcs;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2006-11-14 40960] R2 hpqddsvc;Servizio di rilevamento dispositivi HP CUE; C:\Windows\system32\svchost.exe [2008-01-19 21504] R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe [2010-09-23 374152] R2 LMIMaint;LogMeIn Maintenance Service; C:\Program Files\LogMeIn\x86\RaMaint.exe [2010-09-30 116104] R2 LogMeIn;LogMeIn; C:\Program Files\LogMeIn\x86\LogMeIn.exe [2010-01-27 63040] R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120] R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504] R2 ONDA Autorun CDROM Monitor;ONDA Autorun CDROM Monitor; C:\Windows\system32\SupportAppXL\onda_mon.exe [2008-09-17 86016] R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504] R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2006-05-25 114688] R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2007-03-29 427576] R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2006-10-31 77824] R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-19 21504] R3 iPod Service;Servizio iPod; C:\Program Files\iPod\bin\iPodService.exe [2010-11-17 820008] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\msco rsvw.exe [2010-03-18 130384] S2 gupdate1c98a0799186b7c;Google Update Service (gupdate1c98a0799186b7c); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-02-08 133104] S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-11 194032] S2 PCLEPCI;PCLEPCI; C:\Windows\system32\drivers\pclepci.sys [2005-02-09 14165] S2 XobniService;XobniService; C:\Program Files\Xobni\XobniService.exe [2010-08-12 56040] S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2010-09-04 85096] S3 AVG Security Toolbar Service;AVG Security Toolbar Service; C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe [2010-10-06 517448] S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504] S3 getPlusHelper;@C:\Program Files\NOS\bin\getPlus_Helper.dll,-101; C:\Windows\System32\svchost.exe [2008-01-19 21504] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Frame work\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\ WPFFontCache_v0400.exe [2010-03-18 753504] -----------------EOF----------------- |
#41
|
||||
|
||||
info.txt logfile of random's system information tool 1.08 2010-12-15 22:29:41
======Uninstall list====== 32 Bit HP CIO Components Installer-->MsiExec.exe /I{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7} Adobe AIR-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall Adobe AIR-->MsiExec.exe /I{B194272D-1F92-46DF-99EB-8D5CE91CB4EC} Adobe Download Manager-->"C:\Windows\system32\rundll32.exe" "C:\Program Files\NOS\bin\getPlus_Helper.dll",Uninstall /Get1 Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil10k_A ctiveX.exe -maintain activex Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\FlashUtil10l_P lugin.exe -maintain plugin Advanced SystemCare 3-->"C:\Program Files\IObit\Advanced SystemCare 3\unins000.exe" Alice MOBILE_MT503HSA-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\ 50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CFA7CC8D-6D38-40F9-A767-B876794D1C67}\setup.exe" -l0x10 -removeonly AnyDVD-->"C:\Program Files\SlySoft\AnyDVD\AnyDVD-uninst.exe" /D="C:\Program Files\SlySoft\AnyDVD" Apple Application Support-->MsiExec.exe /I{EE6097DD-05F4-4178-9719-D3170BF098E8} Apple Mobile Device Support-->MsiExec.exe /I{308B6AEA-DE50-4666-996D-0FA461719D6B} Apple Software Update-->MsiExec.exe /I{C41300B9-185D-475E-BFEC-39EF732F19B1} ArcSoft Panorama Maker 4-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D45E8C45-B601-4A80-AFD8-E16338744DE1}\Setup.exe" -l0x9 Ask Toolbar-->MsiExec.exe /X{86D4B82A-ABED-442A-BE86-96357B70F4FE} AVG 2011-->"C:\Program Files\AVG\AVG10\avgmfapx.exe" /AppMode=SETUP /Uninstall AVG 2011-->MsiExec.exe /I{5AD96CF5-2627-4F29-9D2D-72FCD85F6355} AVG 2011-->MsiExec.exe /I{A23061AF-5361-433C-B7F0-CE5F79A22C49} Bluetooth Stack for Windows by Toshiba-->MsiExec.exe /X{CEBB6BFB-D708-4F99-A633-BC2600E01EF6} Bonjour-->MsiExec.exe /X{FF1C31AE-0CDC-40CE-AB85-406F8B70D643} CardRecovery-->C:\PROGRA~1\CARDRE~1\UNWISE.EXE C:\PROGRA~1\CARDRE~1\INSTALL.LOG CDDRV_Installer-->MsiExec.exe /I{8CC990CD-87C8-475C-AC32-8A7984E2FCFA} CloneDVD2-->"C:\Program Files\Elaborate Bytes\CloneDVD2\CloneDVD2-uninst.exe" /D="C:\Program Files\Elaborate Bytes\CloneDVD2" CloneDVDmobile-->"C:\Program Files\SlySoft\CloneDVDmobile\CloneDVDmobile-uninst.exe" /D="C:\Program Files\SlySoft\CloneDVDmobile" Codificatore di Windows Media 9 Series-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} Codificatore di Windows Media 9 Series-->MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} Evernote v. 4.0.1-->MsiExec.exe /X{F761359C-9CED-45AE-9A51-9D6605CD55C4} File Uploader-->MsiExec.exe /X{237CD223-1B9D-47E8-A76C-E478B83CCEA2} FileMenu Tools-->"C:\Program Files\LopeSoft\FileMenu Tools\unins000.exe" Flickr Uploadr 3.2.1-->"C:\Program Files\Flickr Uploadr\uninstall.exe" Foxit Reader-->C:\Program Files\Foxit Software\Foxit Reader\Uninstall.exe GoodSync-->"C:\Program Files\Siber Systems\GoodSync\uninstall.exe" Google Earth-->MsiExec.exe /X{6DB7AD00-F781-11DF-9EEF-001279CD8240} Google Talk Plugin-->MsiExec.exe /I{3C79DC59-6099-323B-B27B-90B45542B270} Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} Google Updater-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall Hercules Webcam Station Evolution-->C:\Program Files\InstallShield Installation Information\{B60D61FD-1CB1-4ED5-974E-8C959F14208E}\setup.exe -runfromtemp -l0x0010 -removeonly Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT="" HP Photosmart.All-In-One Driver Software 8.0 .A-->C:\Program Files\HP\Digital Imaging\{282E5AB2-8E47-4571-B6FA-6B512555B557}\setup\hpzscr01.exe -datfile hposcr18.dat -onestop -showdisconnect -forcereboot HP Product Assistant-->MsiExec.exe /I{36FDBE6E-6684-462B-AE98-9A39A1B200CC} Intel(R) Graphics Media Accelerator Driver-->C:\Windows\system32\igxpun.exe -uninstall iTunes-->MsiExec.exe /I{FAE36873-1941-4076-A9A5-48812B5EA0B7} Java(TM) 6 Update 22-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216019FF} KhalInstallWrapper-->MsiExec.exe /I{56918C0C-0D87-4CA6-92BF-4975A43AC719} Legacy 6.0-->C:\Legacy\UNWISE.EXE /U C:\Legacy\Install.log Logitech SetPoint-->C:\Program Files\InstallShield Installation Information\{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}\setup.exe -runfromtemp -l0x0010 -removeonly LogMeIn-->MsiExec.exe /I{4475560E-9418-4908-A158-472D873AE139} Manuali TOSHIBA-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\ 01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D9667236-F84B-48AD-A887-F40D64D3D7A0}\setup.exe" -l0x10 -removeonly Media Player Codec Pack 3.9.6-->C:\Windows\system32\C2MP\Uninst.exe Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe" Microsoft .NET Framework 1.1 Italian Language Pack-->MsiExec.exe /X{F2D2B58B-B2FD-46D1-8319-DCE564079934} Microsoft .NET Framework 1.1 Security Update (KB2416447)-->"C:\Windows\Microsoft.NET\Framework\v1.1.4322\Upd ates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Upda tes\M2416447\M2416447Uninstall.msp" Microsoft .NET Framework 1.1 Security Update (KB979906)-->"C:\Windows\Microsoft.NET\Framework\v1.1.4322\Upd ates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Upda tes\M979906\M979906Uninstall.msp" Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 3.5 - Language Pack SP1 (italiano)-->C:\Windows\Microsoft.NET\Framework\v3.5\Microso ft .NET Framework 3.5 Language Pack SP1 - ita\setup.exe Microsoft .NET Framework 3.5 Language Pack SP1 - ita-->MsiExec.exe /I{55CA4086-0D2C-30E3-A7B5-C76BA737CECE} Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microso ft .NET Framework 3.5 SP1\setup.exe Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\Set upCache\Client\Setup.exe /repair /x86 /parameterfolder Client Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6} Microsoft Money 2005-->C:\Program Files\Microsoft Money 2005\MNYCoreFiles\Setup\uninst.exe /s:120 Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110410-6000-11D3-8CFE-0150048383C9} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989} Microsoft_VC90_CRT_x86-->MsiExec.exe /I{DF2035BE-5820-4965-BD97-7FAF8D4A7879} MioFotografo.it MyComposer 5.0-->"C:\Program Files\miofotografo.it\myComposer\unins000.exe" Mozilla Firefox (3.6.13)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF} MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC} my Picturetown Uploader-->msiexec /qb /x {36D3FD7C-A497-8DE1-8932-2CF519CE2F13} my Picturetown Uploader-->MsiExec.exe /I{36D3FD7C-A497-8DE1-8932-2CF519CE2F13} Nikon Transfer-->MsiExec.exe /X{E9757890-7EC5-46C8-99AB-B00F07B6525C} NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI Pdf995-->C:\Program Files\pdf995\setup.exe uninstall PdfEdit995-->C:\Program Files\pdf995\res\utilities\thinsetup.exe - uninstall Picasa 3-->"C:\Program Files\Google\Picasa3\Uninstall.exe" Pinnacle Instant DVD Recorder-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\ 01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EF781A5C-58F5-4BFD-87F9-E4F14D382F25}\setup.exe" -l0x9 UNINSTALL PokerStars.it-->"C:\Program Files\PokerStars.IT\PokerStarsUninstall.exe" /u:PokerStars.it proDAD Heroglyph 2.5-->"C:\Program Files\proDAD\Heroglyph-2.5\uninstall.exe" uninstall spcp PATHVERSION 2.5 MAINNAME Heroglyph proDAD Vitascene 1.0-->"C:\Program Files\proDAD\Vitascene-1.0\uninstall.exe" uninstall spcp PATHVERSION 1.0 MAINNAME Vitascene QuickTime-->MsiExec.exe /I{57752979-A1C9-4C02-856B-FBB27AC4E02C} Realtek High Definition Audio Driver-->RtlUpd.exe -r -m Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A8894F19-59C8-38D2-8A75-36C0CCE56A5B} /qb+ REBOOTPROMPT="" Security Update for Windows Media Encoder (KB954156)-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} MSIPATCHREMOVE={E836F1B7-43FB-46B0-A0D9-E4D2A5951659} /qb Security Update for Windows Media Encoder (KB979332)-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} MSIPATCHREMOVE={950E24CA-CA7E-4606-8F0D-DEDBC94F2A1E} /qb Signature995-->C:\Program Files\pdf995\res\utilities\Signature995\thinsetup. exe - uninstall Silenziatore unità CD/DVD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\ 01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}\setup.exe" -l0x10 Skype™ 5.0-->MsiExec.exe /X{E633D396-5188-4E9D-8F6B-BFB8BF3467E8} Studio 11 Bonus DVD-->C:\Program Files\InstallShield Installation Information\{45A1BF92-700A-4408-B95E-79F462E3D67D}\setup.exe -runfromtemp -l0x0009 UNINSTALL -removeonly Studio 11-->C:\Program Files\InstallShield Installation Information\{110B1ADF-2EAE-4E8F-B501-D2A1E6D8ED9D}\Setup2.exe -runfromtemp -l0x0009 UNINSTALL -removeonly Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUnin stall System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe Texas Instruments PCIxx21/x515/xx12 drivers.-->C:\Program Files\InstallShield Installation Information\{F7B05784-334C-4F76-8BAB-30ABEB7FD534}\setup.exe -runfromtemp -l0x0410 TOSHIBA Assist-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\ 01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{12B3A009-A080-4619-9A2A-C6DB151D8D67}\setup.exe" -l0x10 TOSHIBA ConfigFree-->C:\Program Files\InstallShield Installation Information\{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}\setup.exe -runfromtemp -l0x0010uninstall -removeonly Toshiba Connect-->MsiExec.exe /X{65F3C8ED-19DD-4167-BA40-6FF49564728E} TOSHIBA Disc Creator-->MsiExec.exe /I{5DA0E02F-970B-424B-BF41-513A5018E4C0} TOSHIBA Extended Tiles for Windows Mobility Center-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1150\INTEL3~ 1\IDriver.exe /M{617C36FD-0CBE-4600-84B2-441CEB12FADF} /l1040 TOSHIBA Hardware Setup-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\ 01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B77A308F-85F5-4D68-8CB5-313332CB2779}\setup.exe" -l0x10 Toshiba Online Product Information-->C:\Program Files\InstallShield Installation Information\{2290A680-4083-410A-ADCC-7092C67FC052}\setup.exe -runfromtemp -l0x0010 -removeonly TOSHIBA SD Memory Utilities-->MsiExec.exe /X{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7} TOSHIBA Software Modem-->Tosmreg -U TOSHIBA Supervisor Password-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\ 01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{74892A2F-57B2-48E4-81C3-1E21E12A470B}\setup.exe" -l0x10 TOSHIBA Value Added Package-->C:\Program Files\InstallShield Installation Information\{FEDD27A0-B306-45EF-BF58-B527406B42C8}\setup.exe -runfromtemp -l0x0409 Tunatic-->"C:\Windows\lsb_un20.exe" /C=UC /N=Tunatic Uniblue RegistryBooster-->"C:\ProgramData\{6DAA3B20-D487-4FA2-81D5-50404CCB868D}\rbia.exe" REMOVE=TRUE MODIFY=FALSE Uniblue RegistryBooster-->C:\ProgramData\{6DAA3B20-D487-4FA2-81D5-50404CCB868D}\rbia.exe Uniblue SystemTweaker-->"C:\Program Files\Uniblue\SystemTweaker\unins000.exe" Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT="" Utility Configurazione iPhone-->MsiExec.exe /I{FA54AFB1-5745-4389-B8C1-9F7509672ED1} VC 9.0 Runtime-->MsiExec.exe /I{02E89EFC-7B07-4D5A-AA03-9EC0902914EE} VC 9.0 Runtime-->MsiExec.exe /I{A040AC77-C1AA-4CC9-8931-9F648AF178F6} Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27} Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\Windows\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT="" Visual C++ 8.0 ATL (x86) WinSXS MSM-->MsiExec.exe /I{97F81AF1-0E47-DC99-FF1F-C8B3B9A1E18E} Visual C++ 8.0 CRT (x86) WinSXS MSM-->MsiExec.exe /I{98CB24AD-52FB-DB5F-FF1F-C8B3B9A1E18E} Visual C++ CRT 8.0-->MsiExec.exe /I{B2395631-54D5-481E-B9A8-74B269546F40} Windows Installer Clean Up-->MsiExec.exe /I{121634B0-2F4A-11D3-ADA3-00C04F52DD53} Xobni Core-->MsiExec.exe /I{8DC069E7-893C-41E1-9442-DE89FEC33371} Xobni-->"C:\Program Files\Xobni\UninstallerWizard.exe" Yahoo! Desktop Login-->MsiExec.exe /I{F9AEEC34-CF00-4CBD-9E36-DF9DC4002685} ======Hosts File====== 127.0.0.1 babe.the-killer.bz 127.0.0.1 www.babe.the-killer.bz 127.0.0.1 babe.k-lined.com 127.0.0.1 www.babe.k-lined.com 127.0.0.1 did.i-used.cc 127.0.0.1 www.did.i-used.cc 127.0.0.1 coolwwwsearch.com 127.0.0.1 www.coolwwwsearch.com 127.0.0.1 coolwebsearch.com 127.0.0.1 www.coolwebsearch.com ======Security center information====== AS: Lavasoft Ad-Watch Live! (disabled) AS: Windows Defender (disabled) |
#42
|
||||
|
||||
======System event log======
Computer Name: Notebook Event Code: 7036 Message: Il servizio Programma di installazione dei moduli di Windows è ora in modalità esecuzione. Record Number: 422724 Source Name: Service Control Manager Time Written: 20100711074136.000000-000 Event Type: Informazioni User: Computer Name: Notebook Event Code: 10029 Message: Servizio TrustedInstaller avviato da DCOM con argomenti "" per eseguire il server: {752073A1-23F2-4396-85F0-8FDB879ED0ED} Record Number: 422723 Source Name: Microsoft-Windows-DistributedCOM Time Written: 20100711074136.000000-000 Event Type: Informazioni User: Computer Name: Notebook Event Code: 7036 Message: Il servizio Google Software Updater è ora in modalità arrestato. Record Number: 422722 Source Name: Service Control Manager Time Written: 20100711074133.000000-000 Event Type: Informazioni User: Computer Name: Notebook Event Code: 7036 Message: Il servizio Windows Update è ora in modalità esecuzione. Record Number: 422721 Source Name: Service Control Manager Time Written: 20100711074039.000000-000 Event Type: Informazioni User: Computer Name: Notebook Event Code: 7036 Message: Il servizio Utilità di avvio servizi Windows Media Center è ora in modalità arrestato. Record Number: 422720 Source Name: Service Control Manager Time Written: 20100711074025.000000-000 Event Type: Informazioni User: =====Application event log===== Computer Name: Notebook Event Code: 100 Message: Task Scheduling Error: m->NextScheduledEvent 1449967 Record Number: 480934 Source Name: Bonjour Service Time Written: 20100801214752.000000-000 Event Type: Errore User: Computer Name: Notebook Event Code: 100 Message: Task Scheduling Error: Continuously busy for more than a second Record Number: 480933 Source Name: Bonjour Service Time Written: 20100801214752.000000-000 Event Type: Errore User: Computer Name: Notebook Event Code: 100 Message: Task Scheduling Error: m->NextScheduledSPRetry 1448969 Record Number: 480932 Source Name: Bonjour Service Time Written: 20100801214751.000000-000 Event Type: Errore User: Computer Name: Notebook Event Code: 100 Message: Task Scheduling Error: m->NextScheduledEvent 1448969 Record Number: 480931 Source Name: Bonjour Service Time Written: 20100801214751.000000-000 Event Type: Errore User: Computer Name: Notebook Event Code: 100 Message: Task Scheduling Error: Continuously busy for more than a second Record Number: 480930 Source Name: Bonjour Service Time Written: 20100801214751.000000-000 Event Type: Errore User: =====Security event log===== Computer Name: Notebook Event Code: 5032 Message: Il servizio Windows Firewall non è stato in grado di notificare all'utente che ha impedito a un'applicazione di accettare connessioni in ingresso sulla rete. Codice di errore: 2 Record Number: 145593 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20100517183104.254676-000 Event Type: Controllo non riuscito User: Computer Name: Notebook Event Code: 5032 Message: Il servizio Windows Firewall non è stato in grado di notificare all'utente che ha impedito a un'applicazione di accettare connessioni in ingresso sulla rete. Codice di errore: 2 Record Number: 145592 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20100517183104.254676-000 Event Type: Controllo non riuscito User: Computer Name: Notebook Event Code: 4624 Message: Accesso di un account riuscito. Soggetto: ID protezione: S-1-0-0 Nome account: - Dominio account: - ID accesso: 0x0 Tipo di accesso: 3 Nuovo accesso: ID protezione: S-1-5-7 Nome account: ACCESSO ANONIMO Dominio account: NT AUTHORITY ID accesso: 0x222eb GUID accesso: {00000000-0000-0000-0000-000000000000} Informazioni sul processo: ID processo: 0x0 Nome processo: - Informazioni di rete: Nome workstation: Indirizzo rete di origine: - Porta di origine: - Informazioni di autenticazione dettagliate: Processo di accesso: NtLmSsp Pacchetto di autenticazione: NTLM Servizi transitati: - Nome pacchetto (solo NTLM): NTLM V1 Lunghezza chiave: 0 Questo evento viene generato quando viene creata una sessione di accesso. Viene generato nel computer in cui è stato effettuato l'accesso. Il campo Soggetto indica l'account nel sistema locale che ha richiesto l'accesso. Generalmente si tratta di un servizio, quale il servizio Server, o di un processo locale, ad esempio Winlogon.exe o Services.exe. Il campo Tipo di accesso indica il tipo di accesso che è stato effettuato. I tipi più comuni sono 2 (interattivo) e 3 (rete). Il campo Nuovo accesso indica l'account per il quale è stato creato il nuovo accesso, vale a dire l'account che ha effettuato l'accesso. Il campo Informazioni di rete indica l'origine della richiesta di accesso remota. Il nome della workstation non è sempre disponibile e può essere vuoto in alcuni casi. Il campo Informazioni di autenticazione fornisce informazioni dettagliate sulla specifica richiesta di accesso. - GUID accesso è un identificatore univoco che può essere utilizzato per correlare questo evento a un evento KDC. - Servizi transitati indica quali servizi intermedi hanno partecipato alla richiesta di accesso. - Nome pacchetto indica quale sottoprotocollo dei protocolli NTLM è stato utilizzato. - Lunghezza chiave indica la lunghezza della chiave di sessione generata. Se non è stata richiesta alcuna chiave di sessione, la lunghezza sarà pari a zero. Record Number: 145591 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20100517183102.784676-000 Event Type: Controllo riuscito User: Computer Name: Notebook Event Code: 5024 Message: Il servizio Windows Firewall è stato avviato correttamente. Record Number: 145590 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20100517183102.707676-000 Event Type: Controllo riuscito User: Computer Name: Notebook Event Code: 5033 Message: Il driver di Windows Firewall è stato avviato correttamente. Record Number: 145589 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20100517183102.439676-000 Event Type: Controllo riuscito User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemR oot%\System32\Wbem;C:\Program Files\Common Files\Ulead Systems\MPEG;%SYSTEMROOT%\System32\WindowsPowerShe ll\v1.0\;C:\Program Files\QuickTime\QTSystem\ "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;. WSF;.WSH;.MSC "PROCESSOR_ARCHITECTURE"=x86 "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "USERNAME"=SYSTEM "windir"=%SystemRoot% "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 2, GenuineIntel "PROCESSOR_REVISION"=0f02 "NUMBER_OF_PROCESSORS"=2 "asl.log"=Destination=file;OnFirstLog=command,envi ronment "PSModulePath"=%SystemRoot%\system32\WindowsPowerS hell\v1.0\Modules\ "CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip "QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip -----------------EOF----------------- |
#43
|
||||
|
||||
The account Anna is not as administrator.
|
#44
|
||||
|
||||
Ok. Anna has two processes running that are not running in your account.
One is a process belonging to SlySoft AnyDVD software. The other is an AVG 10 process relating to the resident shield. If I had to guess, I would pick that AVG is generating the error so try uninstalling and reinstalling it first. If that doesnt help, try uninstalling and reinstalling AnyDVD. Make sure you reboot after each uninstall and reinstall. |
#45
|
||||
|
||||
AnnMarie
After following your suggestions the runtime error still comes up. I uninstalled AVG and rebooted and it came up I installed AVG and rebooted and it came up I uninstalled AnyDVD and rebooted and it came up I installed AnyDVD and rebooted and it came up. :-( Marco |
Bookmarks |
«
Previous Topic
|
Next Topic
»
Topic Tools | |
|
|
Similar Topics | ||||
Topic | Topic Starter | Forum | Replies | Last Post |
Microsoft visual C++ Runtime Library - Runtime Error - correction help needed | DKerr | Malware Removal | 24 | January 20th, 2011 11:05 PM |
Microsoft visual C++ Runtime Library - Runtime Error - correction help needed | DKerr | Windows XP | 1 | January 16th, 2011 03:41 AM |
Microsoft visual C++ Runtime Library (Wordperfect runtime error?) | Bibliophilia | Windows XP | 1 | April 17th, 2006 03:47 PM |
Microsoft Visual C++ Runtime LIbrary Runtime error | helenlee | Windows XP | 1 | March 27th, 2006 01:37 AM |
runtime error | idr | Windows 98 | 0 | September 16th, 2004 08:36 AM |
All times are GMT +1. The time now is 04:34 PM.