Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

Aiutamici Forum » Computer & Internet » Problemi Informatici » pagina internet

pagina internet Opzioni
Topic Precedente · Topic Sucessivo
triktrak
Inviato: Monday, January 05, 2009 12:27:36 PM

Rank: Member

Iscritto dal : 7/25/2007
Posts: 9
Ciao a tutti voi,
allora il messaggio di errore che mi da è per esempio:
ENTRANDO IN FACEBOOK............. mi dice

impossibile aprire la pagina www.facebook.com. operazione terminata.

poi gli do l ok aggiorno pagina e me la apre.

Spero ora di essere stato più chiaro.
Ringraziandovi anticipatamente, vi saluto.
triktrak
_________________
CIAOOOOOOOOO A TUTTI
Torna in alto
 
Sponsor
Inviato: Monday, January 05, 2009 12:27:36 PM

 
Torna in alto
 
christyn
Inviato: Monday, January 05, 2009 12:40:58 PM
Rank: AiutAmico

Iscritto dal : 4/7/2002
Posts: 1,731
Ciao...mi viene da pensare che tu abbia salvato offline l'accesso di FaceBook, e ogni volta, appunto, facendo il refresh, tu l'aggiorni e quindi riesci ad accedervi.
Ti dico come faccio io, che non ho problemi ad entrare. Ho memorizzato tra i preferiti questa pagina:
http://it-it.facebook.com/index.php?
e da lì effettuo il login..
Prova..e dimmi se riscontri differenze o gli stessi problemi da te esposti..
\Dancing





Torna in alto
 
triktrak
Inviato: Monday, January 05, 2009 8:16:26 PM

Rank: Member

Iscritto dal : 7/25/2007
Posts: 9
Ciao questo messaggio me lo da con qualsiasi sito.
quello di facebook era un esempio,se accedo a facebook dopo che apro piu' pagine di
FACEBOOK....che ne so vado ha vedere la lista amici... poi torno indietro e mi da il
messaggio.Un'altro es:sono in chat su yahoo...ogni tanto mi da questo
messaggio.Pero ci clikko su ok e torna come prima finche dopo 5 minuti
non ricompare.Dici che ho salvato la pagine di FACEBOOK offline???Cioe'
posso eliminarlo?
Ho profato a fare cio'che mi hai detto ma nullo sempre uguale.

Dunque sulla chat di yahoo mi esce questo errore impossibile aprire la
pagina www.worldsbiggestchat.com/client/?z=1231174687406,
adesso mi si aprono pure pagine di pubblicità in grande.......... e poi tante pagie internet almeno 45 tutte insieme.........ma che sta succedendo??? AIUTATEMIIIIIIIIIIIIIIII
_________________
CIAOOOOOOOOO A TUTTIBrick wall
Torna in alto
 
r16
Inviato: Monday, January 05, 2009 11:30:36 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Ciao.
Esegui queste 2 scansioni:
Scarica ed installa MalwareBytes:
clicca qui per il download : http://www.malwarebytes.org/
Prima di fare la scansione AGGIORNALO.
Esegui una scansione completa del sistema e, una volta terminata la scansione,posta il log che verrà rilasciato in questa discussione.
Assicurati che tutti i files evidenziati siano selezionati e clicca Rimuovi Selezionati
Riavvia il pc.
Ripeti la scansione e posti i 2 log.
Dai una pulita (registro compreso)con CCleaner http://www.aiutaamici.com/software?ID=11223
*********************************************************************************************************
Poi:
Importante: Disabilita il tuo antivirus e chiudi TUTTI i programmi aperti,e dopo aver scaricato COMBOFIX, chiudi la connessione.

Scarica Combofix
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Salvalo sul desktop.
Doppio click su combofix.exe (comparirà una videata.)
Digita 1 premi Invio e segui le indicazioni.
Al termine, verrà creato un file log chiamato C:\ComboFix.txt. Postalo qui.
Durante l'operazione di scansione è importante non usare il PC (neanche il mouse) e attendere pazientemente la fine delle operazioni.

Disinstalla combofix in questo modo: (dopo che avrò visto il log)
Start
Esegui
nella finestra di dialogo, digita (oppure, copia ed incolla) questo comando: Combofix /u e premi invio poi cancella le cartelle in "C" di combofix (qoobox)
Per ultimo posta un log di HijackThis
Torna in alto
 
triktrak
Inviato: Wednesday, January 07, 2009 6:15:23 AM

Rank: Member

Iscritto dal : 7/25/2007
Posts: 9
ComboFix 09-01-05.05 - puddu 2009-01-06 12.24.28.1 - FAT32x86
Microsoft Windows XP Professional 5.1.2600.3.1252.39.1040.18.1526.977 [GMT 1:00]
Eseguito da: c:\documents and settings\puddu\Desktop\ComboFix.exe
* Creato nuovo punto di ripristino

ATENÇÃO - ESTA MAQUINA NAO TEM A CONSOLE DE RECUPERAÇÃO INSTALADA !!
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\puddu\Impostazioni locali\Dati applicazioni\utdbah.dat
c:\documents and settings\puddu\Impostazioni locali\Dati applicazioni\utdbah.exe
c:\documents and settings\puddu\Impostazioni locali\Dati applicazioni\utdbah_nav.dat
c:\documents and settings\puddu\Impostazioni locali\Dati applicazioni\utdbah_navps.dat
c:\documents and settings\puddu\Menu Avvio\Programmi\Videos.url
c:\programmi\pcast
c:\programmi\pcast\PodcastbarMini\bobalogo.dll
c:\programmi\pcast\PodcastbarMini\cache\channels.xml
c:\programmi\pcast\PodcastbarMini\pbmini.config.xml
c:\programmi\pcast\PodcastbarMini\pcast.dll
c:\programmi\pcast\PodcastbarMini\PodcastBarMini.exe
c:\windows\system32.dll
c:\windows\system32\autorun.ini
c:\windows\system32\drivers\npf.sys
c:\windows\system32\packet.dll
c:\windows\system32\pthreadVC.dll
c:\windows\system32\WanPacket.dll
c:\windows\system32\wpcap.dll

.
((((((((((((((((((((((((((((((((((((((( Driver/Servizi )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_NPF


((((((((((((((((((((((((( Files Creati Da 2008-12-06 al 2009-01-06 )))))))))))))))))))))))))))))))))))
.

2009-01-06 12:19 . 2009-01-06 12:19 <DIR> d-------- c:\documents and settings\puddu\Dati applicazioni\Yahoo!
2009-01-06 12:18 . 2009-01-06 12:19 <DIR> d-------- c:\programmi\Yahoo!
2009-01-06 12:18 . 2009-01-06 12:18 <DIR> d-------- c:\programmi\CCleaner
2009-01-06 11:23 . 2009-01-06 11:23 <DIR> d-------- c:\programmi\Malwarebytes' Anti-Malware
2009-01-06 11:23 . 2009-01-06 11:23 <DIR> d-------- c:\documents and settings\puddu\Dati applicazioni\Malwarebytes
2009-01-06 11:23 . 2009-01-06 11:23 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\Malwarebytes
2009-01-06 11:23 . 2009-01-04 18:38 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-01-06 11:23 . 2009-01-04 18:38 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-01-05 11:00 . 2009-01-05 11:00 <DIR> d-------- c:\programmi\ClamWin
2009-01-05 11:00 . 2009-01-05 11:00 <DIR> d-------- c:\documents and settings\puddu\Dati applicazioni\.clamwin
2009-01-05 11:00 . 2009-01-05 11:00 <DIR> d-------- c:\documents and settings\All Users\.clamwin
2009-01-04 10:48 . 2009-01-04 10:48 230,432 --a------ C:\PA207.DAT
2008-12-30 11:14 . 2008-12-30 11:14 <DIR> d-------- c:\programmi\Babylon
2008-12-29 14:04 . 2008-12-29 14:04 <DIR> d-------- c:\programmi\Vuze
2008-12-29 14:04 . 2008-12-29 14:04 <DIR> d-------- c:\programmi\AskSearch
2008-12-29 14:04 . 2008-12-29 14:04 <DIR> d-------- c:\documents and settings\puddu\Dati applicazioni\Azureus
2008-12-29 14:04 . 2008-12-29 14:04 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\Azureus
2008-12-14 14:38 . 2008-12-14 14:38 <DIR> d-------- c:\documents and settings\puddu\LocalLow
2008-12-14 14:38 . 2008-12-14 14:38 <DIR> d-------- c:\documents and settings\All Users\Dati applicazioni\TVU Networks

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-12 17:01 3,088,896 ------w c:\windows\system32\dllcache\mshtml.dll
2008-10-24 11:21 455,296 ------w c:\windows\system32\dllcache\mrxsmb.sys
2008-10-23 12:36 286,720 ----a-w c:\windows\system32\gdi32.dll
2008-10-23 12:36 286,720 ------w c:\windows\system32\dllcache\gdi32.dll
2008-10-16 13:13 202,776 ----a-w c:\windows\system32\wuweb.dll
2008-10-16 13:13 202,776 ----a-w c:\windows\system32\dllcache\wuweb.dll
2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\dllcache\wuaueng.dll
2008-10-16 13:12 561,688 ----a-w c:\windows\system32\wuapi.dll
2008-10-16 13:12 561,688 ----a-w c:\windows\system32\dllcache\wuapi.dll
2008-10-16 13:12 323,608 ----a-w c:\windows\system32\wucltui.dll
2008-10-16 13:12 323,608 ----a-w c:\windows\system32\dllcache\wucltui.dll
2008-10-16 13:09 92,696 ----a-w c:\windows\system32\dllcache\cdm.dll
2008-10-16 13:09 92,696 ----a-w c:\windows\system32\cdm.dll
2008-10-16 13:09 51,224 ----a-w c:\windows\system32\wuauclt.exe
2008-10-16 13:09 51,224 ----a-w c:\windows\system32\dllcache\wuauclt.exe
2008-10-16 13:09 43,544 ----a-w c:\windows\system32\wups2.dll
2008-10-16 13:08 34,328 ----a-w c:\windows\system32\wups.dll
2008-10-16 13:08 34,328 ----a-w c:\windows\system32\dllcache\wups.dll
2008-10-16 13:06 268,648 ----a-w c:\windows\system32\mucltui.dll
2008-10-16 13:06 208,744 ----a-w c:\windows\system32\muweb.dll
2008-10-16 01:00 668,672 ----a-w c:\windows\system32\wininet.dll
2008-10-16 01:00 668,672 ------w c:\windows\system32\dllcache\wininet.dll
2008-10-16 01:00 619,520 ------w c:\windows\system32\dllcache\urlmon.dll
2008-10-16 01:00 1,499,648 ------w c:\windows\system32\dllcache\shdocvw.dll
2008-10-15 17:36 337,408 ------w c:\windows\system32\dllcache\netapi32.dll
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="c:\programmi\MSN Messenger\MsnMsgr.Exe" [2007-01-19 5674352]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"ISUSPM"="c:\documents and settings\All Users\Dati applicazioni\Macrovision\FLEXnet Connect\6\ISUSPM.exe" [2007-03-29 222128]
"Skype"="c:\programmi\Skype\Phone\Skype.exe" [2008-07-30 21738792]
"updateMgr"="c:\programmi\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 313472]
"Camfrog"="c:\programmi\Camfrog\Camfrog Video Chat\CamfrogNet.exe" [2003-09-29 36352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"="Alaunch" [X]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2006-03-23 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2006-03-23 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2006-03-23 118784]
"SynTPEnh"="c:\programmi\Synaptics\SynTP\SynTPEnh.exe" [2006-03-03 761946]
"RemoteControl"="c:\programmi\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768]
"ntiMUI"="c:\programmi\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe" [2006-05-15 45056]
"ADMTray.exe"="c:\acer\Empowering Technology\admtray.exe" [2005-10-24 2462208]
"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2005-12-27 69632]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-19 208952]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-19 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-19 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-19 455168]
"ePower_DMC"="c:\acer\Empowering Technology\ePower\ePower_DMC.exe" [2006-08-10 352256]
"Acer ePower Management"="c:\acer\Empowering Technology\ePower\Acer ePower Management.exe" [2006-05-22 3080704]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2006-07-20 593920]
"eRecoveryService"="c:\acer\Empowering Technology\eRecovery\Monitor.exe" [2006-01-24 397312]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"Symantec PIF AlertEng"="c:\programmi\File comuni\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2007-03-12 517768]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-11-26 81000]
"SunJavaUpdateSched"="c:\programmi\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488]
"ClamWin"="c:\programmi\ClamWin\bin\ClamTray.exe" [2008-11-09 86016]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 c:\windows\system32\bthprops.cpl]
"SkyTel"="SkyTel.EXE" [2006-05-16 c:\windows\SkyTel.exe]
"RTHDCPL"="RTHDCPL.EXE" [2006-06-28 c:\windows\RTHDCPL.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Adobe Gamma Loader.lnk - c:\programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe [2007-05-05 110592]
Adobe Reader Speed Launch.lnk - c:\programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-04-23 29696]

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\Messenger\\MSMSGS.EXE"=
"c:\\WINDOWS\\System32\\dpnsvr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmi\\MSN Messenger\\MsnMsgr.Exe"=
"c:\\Programmi\\MSN Messenger\\livecall.exe"=
"c:\\Programmi\\eMule\\eMule.exe"=
"c:\\Programmi\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3:TCP"= 3:TCP:VMCLite
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-04-01 111184]
R1 OsaFsLoc;OsaFsLoc;c:\windows\system32\drivers\OsaFsLoc.sys [2005-10-15 12106]
R3 NdisFilt;OSA NdisFilter Protocol;c:\windows\system32\drivers\NdisFilt.sys [2005-09-13 4392]
R3 PAC207;Trust WB-1400T Webcam;c:\windows\system32\drivers\PFC027.SYS [2007-05-14 508288]
R4 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-04-01 20560]
R4 EpmPsd;Acer EPM Power Scheme Driver;c:\windows\system32\drivers\epm-psd.sys [2007-05-05 4096]
R4 EpmShd;Acer EPM System Hardware Driver;c:\windows\system32\drivers\epm-shd.sys [2007-05-05 78208]
R4 osaio;osaio;c:\windows\system32\drivers\osaio.sys [2005-06-30 7296]
R4 osanbm;osanbm;c:\windows\system32\drivers\osanbm.sys [2005-01-14 4010]
R4 Utilità di pianificazione di LiveUpdate automatico;Utilità di pianificazione di LiveUpdate automatico;c:\programmi\Symantec\LiveUpdate\AluSchedulerSvc.exe [2007-05-07 100032]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
\Shell\AutoRun\command - F:\VMC_PBStarter.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{10454e68-03c7-11dc-afca-0016d4aa4c52}]
\Shell\AutoRun\command - F:\VMC_PBStarter.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{10454e69-03c7-11dc-afca-0016d4aa4c52}]
\Shell\AutoRun\command - F:\VMC_PBStarter.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4dba707c-04c4-11dc-afd7-0016d4aa4c52}]
\Shell\AutoRun\command - F:\VMC_PBStarter.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4dba707d-04c4-11dc-afd7-0016d4aa4c52}]
\Shell\AutoRun\command - F:\VMC_PBStarter.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bd814b92-10ea-11dc-b01c-0016d4aa4c52}]
\Shell\AutoRun\command - F:\VMC_PBStarter.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bd814b93-10ea-11dc-b01c-0016d4aa4c52}]
\Shell\AutoRun\command - F:\VMC_PBStarter.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e3ca99fc-03e3-11dc-afcf-0016d4aa4c52}]
\Shell\AutoRun\command - F:\VMC_PBStarter.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ed4f0139-fd77-11db-afaa-0016d4aa4c52}]
\Shell\AutoRun\command - 6fnlpetp.exe
\Shell\explore\Command - 6fnlpetp.exe
\Shell\open\Command - 6fnlpetp.exe
.
Contenuto della cartella 'Scheduled Tasks'

2009-01-06 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAVerify.exe [2008-04-08 12:16]

2009-01-04 c:\windows\Tasks\OGADaily.job
- c:\windows\system32\OGAVerify.exe [2008-04-08 12:16]
.
- - - - ORFÃOS REMOVIDOS - - - -

WebBrowser-{8CD8EA48-D284-477E-B6DF-85D1E39D855F} - (no file)
HKCU-Run-utdbah - c:\documents and settings\puddu\impostazioni locali\dati applicazioni\utdbah.exe
HKLM-Run-AzMixerSel - c:\programmi\Realtek\InstallShield\AzMixerSel.exe
HKLM-Run-LaunchList - c:\programmi\Pinnacle\Studio 10\LaunchList.exe
HKLM-Run-pbmini - c:\programmi\pcast\PodcastbarMini\PodcastBarMiniStater.exe


.
------- Supplementare di scansione -------
.
uStart Page = hxxp://www.tiscali.it/nb
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mStart Page = hxxp://it.intl.acer.yahoo.com
uInternet Connection Wizard,ShellNext = hxxp://www.savewealth.com/support/ie6/welcome.html
uSearchURL,(Default) = hxxp://toolbar.ask.com/toolbarv/askRedirect?o=10615&gct=&gc=1&q=%s
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-06 12:27:50
Windows 5.1.2600 Service Pack 3 FAT NTAPI

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-1076167994-577784545-2006676994-1005\AppEvents\Schemes\Apps\.Default\.Default\m*NULL*i*NULL*c*NULL*h*NULL*e*NULL*l*NULL*e*NULL*0*NULL*#]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
@=expand:"%SystemRoot%\\media\\Windows XP Ding.wav"

[HKEY_USERS\S-1-5-21-1076167994-577784545-2006676994-1005\AppEvents\Schemes\Apps\.Default\AppGPFault\m*NULL*i*NULL*c*NULL*h*NULL*e*NULL*l*NULL*e*NULL*0*NULL*#]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
@=""

[HKEY_USERS\S-1-5-21-1076167994-577784545-2006676994-1005\AppEvents\Schemes\Apps\.Default\CCSelect\m*NULL*i*NULL*c*NULL*h*NULL*e*NULL*l*NULL*e*NULL*0*NULL*#]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
@=""

[HKEY_USERS\S-1-5-21-1076167994-577784545-2006676994-1005\AppEvents\Schemes\Apps\.Default\Close\m*NULL*i*NULL*c*NULL*h*NULL*e*NULL*l*NULL*e*NULL*0*NULL*#]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
@=""

[HKEY_USERS\S-1-5-21-1076167994-577784545-2006676994-1005\AppEvents\Schemes\Apps\.Default\CriticalBatteryAlarm\m*NULL*i*NULL*c*NULL*h*NULL*e*NULL*l*NULL*e*NULL*0*NULL*#]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
@=expand:"%SystemRoot%\\media\\Windows XP - Batteria quasi scarica.wav"

[HKEY_USERS\S-1-5-21-1076167994-577784545-2006676994-1005\AppEvents\Schemes\Apps\.Default\DeviceConnect\m*NULL*i*NULL*c*NULL*h*NULL*e*NULL*l*NULL*e*NULL*0*NULL*#]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
@=expand:"%SystemRoot%\\media\\Windows XP - Aggiunta hardware.wav"

[HKEY_USERS\S-1-5-21-1076167994-577784545-2006676994-1005\AppEvents\Schemes\Apps\.Default\DeviceDisconnect\m*NULL*i*NULL*c*NULL*h*NULL*e*NULL*l*NULL*e*NULL*0*NULL*#]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
@=expand:"%SystemRoot%\\media\\Windows XP - Rimozione hardware.wav"

[HKEY_USERS\S-1-5-21-1076167994-577784545-2006676994-1005\AppEvents\Schemes\Apps\.Default\DeviceFail\m*NULL*i*NULL*c*NULL*h*NULL*e*NULL*l*NULL*e*NULL*0*NULL*#]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
@=expand:"%SystemRoot%\\media\\Windows XP - Errore hardware.wav"

[HKEY_USERS\S-1-5-21-1076167994-577784545-2006676994-1005\AppEvents\Schemes\Apps\.Default\LowBatteryAlarm\m*NULL*i*NULL*c*NULL*h*NULL*e*NULL*l*NULL*e*NULL*0*NULL*#]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
@=expand:"%SystemRoot%\\media\\Windows XP - Batteria in esaurimento.wav"

[HKEY_USERS\S-1-5-21-1076167994-577784545-2006676994-1005\AppEvents\Schemes\Apps\.Default\MailBeep\m*NULL*i*NULL*c*NULL*h*NULL*e*NULL*l*NULL*e*NULL*0*NULL*#]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
@=expand:"%SystemRoot%\\media\\Windows XP - Notifica.wav"

[HKEY_USERS\S-1-5-21-1076167994-577784545-2006676994-1005\AppEvents\Schemes\Apps\.Default\Maximize\m*NULL*i*NULL*c*NULL*h*NULL*e*NULL*l*NULL*e*NULL*0*NULL*#]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
@=""

[HKEY_USERS\S-1-5-21-1076167994-577784545-2006676994-1005\AppEvents\Schemes\Apps\.Default\MenuCommand\m*NULL*i*NULL*c*NULL*h*NULL*e*NULL*l*NULL*e*NULL*0*NULL*#]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
@=""

[HKEY_USERS\S-1-5-21-1076167994-577784545-2006676994-1005\AppEvents\Schemes\Apps\.Default\MenuPopup\m*NULL*i*NULL*c*NULL*h*NULL*e*NULL*l*NULL*e*NULL*0*NULL*#]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
@=""

[HKEY_USERS\S-1-5-21-1076167994-577784545-2006676994-1005\AppEvents\Schemes\Apps\.Default\Minimize\m*NULL*i*NULL*c*NULL*h*NULL*e*NULL*l*NULL*e*NULL*0*NULL*#]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
@=""

[HKEY_USERS\S-1-5-21-1076167994-577784545-2006676994-1005\AppEvents\Schemes\Apps\.Default\Open\m*NULL*i*NULL*c*NULL*h*NULL*e*NULL*l*NULL*e*NULL*0*NULL*#]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
@=""

[HKEY_USERS\S-1-5-21-1076167994-577784545-2006676994-1005\AppEvents\Schemes\Apps\.Default\PrintComplete\m*NULL*i*NULL*c*NULL*h*NULL*e*NULL*l*NULL*e*NULL*0*NULL*#]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
@=""

[HKEY_USERS\S-1-5-21-1076167994-577784545-2006676994-1005\AppEvents\Schemes\Apps\.Default\RestoreDown\m*NULL*i*NULL*c*NULL*h*NULL*e*NULL*l*NULL*e*NULL*0*NULL*#]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
@=""

[HKEY_USERS\S-1-5-21-1076167994-577784545-2006676994-1005\AppEvents\Schemes\Apps\.Default\RestoreUp\m*NULL*i*NULL*c*NULL*h*NULL*e*NULL*l*NULL*e*NULL*0*NULL*#]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
@=""

[HKEY_USERS\S-1-5-21-1076167994-577784545-2006676994-1005\AppEvents\Schemes\Apps\.Default\ShowBand\m*NULL*i*NULL*c*NULL*h*NULL*e*NULL*l*NULL*e*NULL*0*NULL*#]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
@=""

[HKEY_USERS\S-1-5-21-1076167994-577784545-2006676994-1005\AppEvents\Schemes\Apps\.Default\SystemAsterisk\m*NULL*i*NULL*c*NULL*h*NULL*e*NULL*l*NULL*e*NULL*0*NULL*#]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
@=expand:"%SystemRoot%\\media\\Windows XP - Errore.wav"

[HKEY_USERS\S-1-5-21-1076167994-577784545-2006676994-1005\AppEvents\Schemes\Apps\.Default\SystemExclamation\m*NULL*i*NULL*c*NULL*h*NULL*e*NULL*l*NULL*e*NULL*0*NULL*#]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
@=expand:"%SystemRoot%\\media\\Windows XP - Messaggio o avviso 2.wav"

[HKEY_USERS\S-1-5-21-1076167994-577784545-2006676994-1005\AppEvents\Schemes\Apps\.Default\SystemExit\m*NULL*i*NULL*c*NULL*h*NULL*e*NULL*l*NULL*e*NULL*0*NULL*#]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
@=expand:"%SystemRoot%\\media\\Windows XP - Chiusura.wav"

[HKEY_USERS\S-1-5-21-1076167994-577784545-2006676994-1005\AppEvents\Schemes\Apps\.Default\SystemHand\m*NULL*i*NULL*c*NULL*h*NULL*e*NULL*l*NULL*e*NULL*0*NULL*#]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
@=expand:"%SystemRoot%\\media\\Windows XP - Arresto critico.wav"

[HKEY_USERS\S-1-5-21-1076167994-577784545-2006676994-1005\AppEvents\Schemes\Apps\.Default\SystemNotification\m*NULL*i*NULL*c*NULL*h*NULL*e*NULL*l*NULL*e*NULL*0*NULL*#]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
@=expand:"%SystemRoot%\\media\\Windows XP - Promemoria.wav"

[HKEY_USERS\S-1-5-21-1076167994-577784545-2006676994-1005\AppEvents\Schemes\Apps\.Default\SystemQuestion\m*NULL*i*NULL*c*NULL*h*NULL*e*NULL*l*NULL*e*NULL*0*NULL*#]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
@=""

[HKEY_USERS\S-1-5-21-1076167994-577784545-2006676994-1005\AppEvents\Schemes\Apps\.Default\SystemStart\m*NULL*i*NULL*c*NULL*h*NULL*e*NULL*l*NULL*e*NULL*0*NULL*#]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
@=expand:"%SystemRoot%\\media\\Windows XP - Esecuzione automatica.wav"

[HKEY_USERS\S-1-5-21-1076167994-577784545-2006676994-1005\AppEvents\Schemes\Apps\.Default\WindowsLogoff\m*NULL*i*NULL*c*NULL*h*NULL*e*NULL*l*NULL*e*NULL*0*NULL*#]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
@=expand:"%SystemRoot%\\media\\Windows XP Logoff Sound.wav"

[HKEY_USERS\S-1-5-21-1076167994-577784545-2006676994-1005\AppEvents\Schemes\Apps\.Default\WindowsLogon\m*NULL*i*NULL*c*NULL*h*NULL*e*NULL*l*NULL*e*NULL*0*NULL*#]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
@=expand:"%SystemRoot%\\media\\Windows XP Logon Sound.wav"

[HKEY_USERS\S-1-5-21-1076167994-577784545-2006676994-1005\AppEvents\Schemes\Apps\Avast\Aggiornamento automatico VPS\m*NULL*i*NULL*c*NULL*h*NULL*e*NULL*l*NULL*e*NULL*0*NULL*#]
@="c:\\Programmi\\Alwil Software\\Avast4\\Italian\\vpsupd.wav"

[HKEY_USERS\S-1-5-21-1076167994-577784545-2006676994-1005\AppEvents\Schemes\Apps\Avast\Avvio programma\m*NULL*i*NULL*c*NULL*h*NULL*e*NULL*l*NULL*e*NULL*0*NULL*#]
@=""

[HKEY_USERS\S-1-5-21-1076167994-577784545-2006676994-1005\AppEvents\Schemes\Apps\Avast\Detenzione messaggio sospetto\m*NULL*i*NULL*c*NULL*h*NULL*e*NULL*l*NULL*e*NULL*0*NULL*#]
@="c:\\Programmi\\Alwil Software\\Avast4\\Italian\\suspic.wav"

[HKEY_USERS\S-1-5-21-1076167994-577784545-2006676994-1005\AppEvents\Schemes\Apps\Avast\Fine programma\m*NULL*i*NULL*c*NULL*h*NULL*e*NULL*l*NULL*e*NULL*0*NULL*#]
@=""

[HKEY_USERS\S-1-5-21-1076167994-577784545-2006676994-1005\AppEvents\Schemes\Apps\Avast\Hai premuto il tasto di Interfaccia Utente Semplice.\m*NULL*i*NULL*c*NULL*h*NULL*e*NULL*l*NULL*e*NULL*0*NULL*#]
@="c:\\Programmi\\Alwil Software\\Avast4\\Italian\\press.wav"

[HKEY_USERS\S-1-5-21-1076167994-577784545-2006676994-1005\AppEvents\Schemes\Apps\Avast\Il mouse è sul tasto Interfaccia Utente Semplice.\m*NULL*i*NULL*c*NULL*h*NULL*e*NULL*l*NULL*e*NULL*0*NULL*#]
@="c:\\Programmi\\Alwil Software\\Avast4\\Italian\\hover.wav"

[HKEY_USERS\S-1-5-21-1076167994-577784545-2006676994-1005\AppEvents\Schemes\Apps\Avast\Operazione eseguita\m*NULL*i*NULL*c*NULL*h*NULL*e*NULL*l*NULL*e*NULL*0*NULL*#]
@="c:\\Programmi\\Alwil Software\\Avast4\\Italian\\ready.wav"

[HKEY_USERS\S-1-5-21-1076167994-577784545-2006676994-1005\AppEvents\Schemes\Apps\Avast\Trovato malware\m*NULL*i*NULL*c*NULL*h*NULL*e*NULL*l*NULL*e*NULL*0*NULL*#]
@="c:\\Programmi\\Alwil Software\\Avast4\\Italian\\malfound.wav"

[HKEY_USERS\S-1-5-21-1076167994-577784545-2006676994-1005\AppEvents\Schemes\Apps\Avast\Trovato virus\m*NULL*i*NULL*c*NULL*h*NULL*e*NULL*l*NULL*e*NULL*0*NULL*#]
@="c:\\Programmi\\Alwil Software\\Avast4\\Italian\\virfound.wav"

[HKEY_USERS\S-1-5-21-1076167994-577784545-2006676994-1005\AppEvents\Schemes\Apps\Conf\Ricevi chiamata\m*NULL*i*NULL*c*NULL*h*NULL*e*NULL*l*NULL*e*NULL*0*NULL*#]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
@="RingIn.wav"

[HKEY_USERS\S-1-5-21-1076167994-577784545-2006676994-1005\AppEvents\Schemes\Apps\Conf\Ricevi richiesta di partecipazione\m*NULL*i*NULL*c*NULL*h*NULL*e*NULL*l*NULL*e*NULL*0*NULL*#]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
@="RingIn.wav"

[HKEY_USERS\S-1-5-21-1076167994-577784545-2006676994-1005\AppEvents\Schemes\Apps\Conf\Utente aggiunto\m*NULL*i*NULL*c*NULL*h*NULL*e*NULL*l*NULL*e*NULL*0*NULL*#]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
@="c:\\Programmi\\NetMeeting\\Blip.wav"

[HKEY_USERS\S-1-5-21-1076167994-577784545-2006676994-1005\AppEvents\Schemes\Apps\Conf\Utente uscito\m*NULL*i*NULL*c*NULL*h*NULL*e*NULL*l*NULL*e*NULL*0*NULL*#]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
@="c:\\Programmi\\NetMeeting\\Blip.wav"

[HKEY_USERS\S-1-5-21-1076167994-577784545-2006676994-1005\AppEvents\Schemes\Apps\Explorer\ActivatingDocument\m*NULL*i*NULL*c*NULL*h*NULL*e*NULL*l*NULL*e*NULL*0*NULL*#]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
@=""

[HKEY_USERS\S-1-5-21-1076167994-577784545-2006676994-1005\AppEvents\Schemes\Apps\Explorer\BlockedPopup\m*NULL*i*NULL*c*NULL*h*NULL*e*NULL*l*NULL*e*NULL*0*NULL*#]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
@="Windows XP - popup bloccato.wav"

[HKEY_USERS\S-1-5-21-1076167994-577784545-2006676994-1005\AppEvents\Schemes\Apps\Explorer\EmptyRecycleBin\m*NULL*i*NULL*c*NULL*h*NULL*e*NULL*l*NULL*e*NULL*0*NULL*#]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
@=expand:"%SystemRoot%\\media\\Windows XP - Cestino.wav"

[HKEY_USERS\S-1-5-21-1076167994-577784545-2006676994-1005\AppEvents\Schemes\Apps\Explorer\FaxError\m*NULL*i*NULL*c*NULL*h*NULL*e*NULL*l*NULL*e*NULL*0*NULL*#]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
@=expand:"%systemroot%\\media\\ding.wav"

[HKEY_USERS\S-1-5-21-1076167994-577784545-2006676994-1005\AppEvents\Schemes\Apps\Explorer\FaxLineRings\m*NULL*i*NULL*c*NULL*h*NULL*e*NULL*l*NULL*e*NULL*0*NULL*#]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
@=expand:"%systemroot%\\media\\ringin.wav"

[HKEY_USERS\S-1-5-21-1076167994-577784545-2006676994-1005\AppEvents\Schemes\Apps\Explorer\FaxNew\m*NULL*i*NULL*c*NULL*h*NULL*e*NULL*l*NULL*e*NULL*0*NULL*#]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
@=expand:"%systemroot%\\media\\notify.wav"

[HKEY_USERS\S-1-5-21-1076167994-577784545-2006676994-1005\AppEvents\Schemes\Apps\Explorer\FaxSent\m*NULL*i*NULL*c*NULL*h*NULL*e*NULL*l*NULL*e*NULL*0*NULL*#]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
@=expand:"%systemroot%\\media\\tada.wav"

[HKEY_USERS\S-1-5-21-1076167994-577784545-2006676994-1005\AppEvents\Schemes\Apps\Explorer\MoveMenuItem\m*NULL*i*NULL*c*NULL*h*NULL*e*NULL*l*NULL*e*NULL*0*NULL*#]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
@=""

[HKEY_USERS\S-1-5-21-1076167994-577784545-2006676994-1005\AppEvents\Schemes\Apps\Explorer\Navigating\m*NULL*i*NULL*c*NULL*h*NULL*e*NULL*l*NULL*e*NULL*0*NULL*#]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
@=expand:"%SystemRoot%\\media\\Windows XP - Avvio.wav"

[HKEY_USERS\S-1-5-21-1076167994-577784545-2006676994-1005\AppEvents\Schemes\Apps\Explorer\SecurityBand\m*NULL*i*NULL*c*NULL*h*NULL*e*NULL*l*NULL*e*NULL*0*NULL*#]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
@="Windows XP - barra informazioni.wav"

[HKEY_USERS\S-1-5-21-1076167994-577784545-2006676994-1005\AppEvents\Schemes\Apps\MSMSGS\MSMSGS_ContactOnline\m*NULL*i*NULL*c*NULL*h*NULL*e*NULL*l*NULL*e*NULL*0*NULL*#]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
@="c:\\Programmi\\Messenger\\online.wav"

[HKEY_USERS\S-1-5-21-1076167994-577784545-2006676994-1005\AppEvents\Schemes\Apps\MSMSGS\MSMSGS_NewAlert\m*NULL*i*NULL*c*NULL*h*NULL*e*NULL*l*NULL*e*NULL*0*NULL*#]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
@="c:\\Programmi\\Messenger\\newalert.wav"

[HKEY_USERS\S-1-5-21-1076167994-577784545-2006676994-1005\AppEvents\Schemes\Apps\MSMSGS\MSMSGS_NewMail\m*NULL*i*NULL*c*NULL*h*NULL*e*NULL*l*NULL*e*NULL*0*NULL*#]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
@="c:\\Programmi\\Messenger\\newemail.wav"

[HKEY_USERS\S-1-5-21-1076167994-577784545-2006676994-1005\AppEvents\Schemes\Apps\MSMSGS\MSMSGS_NewMessage\m*NULL*i*NULL*c*NULL*h*NULL*e*NULL*l*NULL*e*NULL*0*NULL*#]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
@="c:\\Programmi\\Messenger\\type.wav"

[HKEY_USERS\S-1-5-21-1076167994-577784545-2006676994-1005\AppEvents\Schemes\Names\m*NULL*i*NULL*c*NULL*h*NULL*e*NULL*l*NULL*e*NULL*0*NULL*#]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
@="michele"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32*NULL*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"cd042efbbd7f7af1647644e76e06692b"=hex:c8,28,51,af,b0,29,a3,98,5a,1d,7a,6b,14,\
5b,ba,03,e2,63,26,f1,3f,c8,ff,68,41,78,54,6b,cb,25,73,5e,e2,63,26,f1,3f,c8,\
ff,68,2d,97,17,36,d3,ed,f0,23,e2,63,26,f1,3f,c8,ff,68,c5,4c,0d,6f,43,23,66,\
a6,42,c8,d6,cd

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32*NULL*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"bca643cdc5c2726b20d2ecedcc62c59b"=hex:6a,9c,d6,61,af,45,84,18,4f,40,ad,98,56,\
77,95,0a,6a,9c,d6,61,af,45,84,18,38,bb,d5,45,c2,68,70,5c,6a,9c,d6,61,af,45,\
84,18,a9,ab,fb,56,0d,e5,2d,da,71,3b,04,66,8b,46,0d,96,41,6d,4d,dd,13,9c,69,\
61,36,f5,d9,88

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32*NULL*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"2c81e34222e8052573023a60d06dd016"=hex:ff,7c,85,e0,43,d4,0e,fe,5f,c1,13,32,f6,\
38,54,8f,ff,7c,85,e0,43,d4,0e,fe,e7,38,ef,42,95,63,97,c3,ff,7c,85,e0,43,d4,\
0e,fe,68,eb,b7,64,02,ad,e5,27,25,da,ec,7e,55,20,c9,26,84,13,f8,ac,11,46,f9,\
60,ca,a6,c6,8a

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32*NULL*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"2582ae41fb52324423be06337561aa48"=hex:86,8c,21,01,be,91,eb,e7,da,c9,34,ff,fa,\
ee,e1,7c,86,8c,21,01,be,91,eb,e7,ba,33,a5,03,1a,41,48,16,86,8c,21,01,be,91,\
eb,e7,f9,a7,11,0d,49,9e,30,88,86,8c,21,01,be,91,eb,e7,cd,11,3a,ab,47,2f,d9,\
89,af,39,e7,17

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32*NULL*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"caaeda5fd7a9ed7697d9686d4b818472"=hex:cd,44,cd,b9,a6,33,6c,cd,8f,da,82,37,0b,\
f8,c4,3a,f5,1d,4d,73,a8,13,5c,05,1d,83,69,e8,ac,fb,66,38,f5,1d,4d,73,a8,13,\
5c,05,62,b5,b4,84,e3,a6,ce,a3,f5,1d,4d,73,a8,13,5c,05,ba,2b,37,77,95,1e,da,\
92,64,f6,5e,3e

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32*NULL*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"a4a1bcf2cc2b8bc3716b74b2b4522f5d"=hex:df,20,58,62,78,6b,cf,c8,ea,16,bd,ce,04,\
e8,d3,e8,df,20,58,62,78,6b,cf,c8,4e,9e,52,48,ec,c0,a7,1c,df,20,58,62,78,6b,\
cf,c8,4f,99,e8,46,2e,b8,2d,55,df,20,58,62,78,6b,cf,c8,bd,fe,43,a6,99,a4,7a,\
62,da,9d,2c,3e

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32*NULL*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"4d370831d2c43cd13623e232fed27b7b"=hex:97,20,4e,9a,c7,f1,35,ee,5e,7c,52,c9,09,\
a0,b3,7a,fb,a7,78,e6,12,2f,9a,ea,e2,c6,0d,83,3a,45,f8,77,fb,a7,78,e6,12,2f,\
9a,ea,4b,c2,8f,34,17,ef,6a,e2,fb,a7,78,e6,12,2f,9a,ea,a3,e0,70,97,9f,22,23,\
1b,37,22,75,f1

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32*NULL*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"1d68fe701cdea33e477eb204b76f993d"=hex:01,3a,48,fc,e8,04,4a,f1,1e,8e,71,a5,56,\
82,4e,40,01,3a,48,fc,e8,04,4a,f1,82,29,83,2f,7d,40,7b,d2,01,3a,48,fc,e8,04,\
4a,f1,30,26,4f,46,bc,9c,e0,b4,83,6c,56,8b,a0,85,96,ab,81,7f,7d,15,ba,6d,8e,\
d0,d3,6c,6d,7b

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32*NULL*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"1fac81b91d8e3c5aa4b0a51804d844a3"=hex:f6,0f,4e,58,98,5b,89,c9,05,a2,05,87,a3,\
99,68,e3,f6,0f,4e,58,98,5b,89,c9,25,df,65,00,2e,63,32,b1,f6,0f,4e,58,98,5b,\
89,c9,bc,f9,d9,a5,c9,9e,40,f8,51,fa,6e,91,28,9e,14,cc,d4,af,38,57,cf,67,64,\
a6,20,b9,89,d1

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32*NULL*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"f5f62a6129303efb32fbe080bb27835b"=hex:3d,ce,ea,26,2d,45,aa,78,01,a7,79,aa,39,\
d5,1f,24,3d,ce,ea,26,2d,45,aa,78,37,32,9f,41,5c,1f,78,77,3d,ce,ea,26,2d,45,\
aa,78,ac,ed,c1,c0,f4,e7,26,58,37,a4,aa,c3,a6,15,56,0a,56,05,0f,4d,6d,79,74,\
b0,3a,69,ae,c2

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32*NULL*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"fd4e2e1a3940b94dceb5a6a021f2e3c6"=hex:e3,0e,66,d5,eb,bc,2f,6b,a1,aa,68,3d,8f,\
00,e5,e0,2a,b7,cc,b5,b9,7f,41,e7,8b,2c,6d,d9,31,77,a6,50,2a,b7,cc,b5,b9,7f,\
41,e7,da,97,17,ae,ac,4c,d8,6e,2a,b7,cc,b5,b9,7f,41,e7,f4,48,7c,20,ae,ab,2c,\
24,08,03,56,02

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32*NULL*]
"ThreadingModel"="Apartment"
@="c:\\WINDOWS\\system32\\OLE32.DLL"
"8a8aec57dd6508a385616fbc86791ec2"=hex:6c,43,2d,1e,aa,22,2f,9c,17,ac,e2,2c,c2,\
01,dd,a2,6c,43,2d,1e,aa,22,2f,9c,92,e1,1e,0f,d6,06,73,36,6c,43,2d,1e,aa,22,\
2f,9c,e1,e1,5f,c5,c2,f4,8d,b5,6c,43,2d,1e,aa,22,2f,9c,d8,19,58,80,16,37,a9,\
b7,77,0e,65,ad

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•9~*NULL*]
"0140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\programmi\INTEL\WIRELESS\BIN\EVTENG.EXE
c:\programmi\INTEL\WIRELESS\BIN\S24EVMON.EXE
c:\windows\SYSTEM32\WGATRAY.EXE
c:\programmi\ALWIL SOFTWARE\AVAST4\ASWUPDSV.EXE
c:\programmi\ALWIL SOFTWARE\AVAST4\ASHSERV.EXE
c:\acer\EMPOWERING TECHNOLOGY\ADMSERV.EXE
c:\programmi\FILE COMUNI\INTERVIDEO\DEVICESERVICE\DEVSVC.EXE
c:\programmi\FILE COMUNI\LIGHTSCRIBE\LSSRVC.EXE
c:\programmi\INTEL\WIRELESS\BIN\REGSRVC.EXE
c:\programmi\ALWIL SOFTWARE\AVAST4\ASHMAISV.EXE
c:\programmi\ALWIL SOFTWARE\AVAST4\ASHWEBSV.EXE
c:\windows\SYSTEM32\RUNDLL32.EXE
c:\windows\SYSTEM32\IGFXSRVC.EXE
c:\programmi\LAUNCH MANAGER\LMANAGER.EXE
c:\programmi\ALWIL SOFTWARE\AVAST4\ASHDISP.EXE
c:\windows\SYSTEM32\IGFXEXT.EXE
c:\windows\system32\wbem\unsecapp.exe
c:\docume~1\puddu\IMPOST~1\Temp\RtkBtMnt.exe
.
**************************************************************************
.
Ora fine scansione: 2009-01-06 12:30:18 - macchina è stato riavviato
ComboFix-quarantined-files.txt 2009-01-06 11:30:16

Pre-Run: 37.297.422.336 byte disponibili
Post-Run: 37,401,362,432 byte disponibili



E questo log di HijackThis


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12.43.56, on 06/01/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Intel\Wireless\Bin\EvtEng.exe
C:\Programmi\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\WgaTray.exe
C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmi\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\Empowering Technology\admServ.exe
C:\Programmi\File comuni\InterVideo\DeviceService\DevSvc.exe
C:\Programmi\File comuni\LightScribe\LSSrvc.exe
C:\Programmi\File comuni\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Programmi\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Acer\Empowering Technology\admtray.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\PROGRA~1\LAUNCH~1\LManager.exe
C:\Acer\Empowering Technology\eRecovery\Monitor.exe
C:\Programmi\File comuni\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Programmi\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\PixArt\PAC207\Monitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\All Users\Dati applicazioni\Macrovision\FLEXnet Connect\6\ISUSPM.exe
C:\WINDOWS\system32\igfxext.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\DOCUME~1\puddu\IMPOST~1\Temp\RtkBtMnt.exe
C:\WINDOWS\explorer.exe
G:\PhoneConnectorVMC.exe
G:\vmc.exe
C:\Programmi\Camfrog\Camfrog Video Chat\Camfrog Video Chat.exe
C:\Programmi\internet explorer\iexplore.exe
C:\Programmi\File comuni\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Programmi\Yahoo!\Companion\Installs\cpn\ytbb.exe
C:\DOCUME~1\puddu\IMPOST~1\Temp\Directory temporanea 1 per HiJackThis.zip\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tiscali.it/nb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://it.intl.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedirect?o=10615&gct=&gc=1&q=
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://toolbar.ask.com/toolbarv/askRedirect?o=10615&gct=&gc=1&q=%s
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.savewealth.com/support/ie6/welcome.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: Multi Media Italy Toolbar - {2e6f36ce-1217-4ba1-982f-24560c0eb677} - C:\Programmi\Multi_Media_Italy\tbMul0.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Multi Media Italy Toolbar - {2e6f36ce-1217-4ba1-982f-24560c0eb677} - C:\Programmi\Multi_Media_Italy\tbMul0.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Programmi\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmi\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Multi Media Italy Toolbar - {2e6f36ce-1217-4ba1-982f-24560c0eb677} - C:\Programmi\Multi_Media_Italy\tbMul0.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RemoteControl] C:\Programmi\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [ntiMUI] C:\Programmi\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe"
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [Acer ePower Management] C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe boot
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Programmi\File comuni\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Programmi\File comuni\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmi\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [ClamWin] "C:\Programmi\ClamWin\bin\ClamTray.exe" --logon
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmi\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ISUSPM] "C:\Documents and Settings\All Users\Dati applicazioni\Macrovision\FLEXnet Connect\6\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [Skype] "C:\Programmi\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [updateMgr] C:\Programmi\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0
O4 - HKCU\..\Run: [Camfrog] "C:\Programmi\Camfrog\Camfrog Video Chat\CamfrogNet.exe" 0 C:\Programmi\Camfrog\Camfrog Video Chat\Camfrog Video Chat.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programmi\File comuni\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: PalTalk.lnk = C:\Programmi\Paltalk Messenger\paltalk.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmi\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Programmi\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.savewealth.com
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/IT-IT/a-UNO1/GAME_UNO1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{D498077E-5B75-4079-B0DE-C34A7CEC84C6}: NameServer = 83.224.66.134 83.224.65.134
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FILECO~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! web Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AdminWorks Agent X6 (AWService) - Avocent Inc. - C:\Acer\Empowering Technology\admServ.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Programmi\File comuni\InterVideo\DeviceService\DevSvc.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programmi\File comuni\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Programmi\File comuni\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Programmi\WinPcap\rpcapd.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Programmi\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Utilità di pianificazione di LiveUpdate automatico - Symantec Corporation - C:\Programmi\Symantec\LiveUpdate\ALUSchedulerSvc.exe

--
End of file - 11868 bytes
_________________
CIAOOOOOOOOO A TUTTI cerca di perdonarmi ti ringrazio tantissimo dell'aiuto che mi stai dando
Torna in alto
 
Utenti presenti in questo topic
Guest

Aiutamici Forum » Computer & Internet » Problemi Informatici » pagina internet


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.