Go Back   Cyber Tech Help Support Forums > Operating Systems > Windows Vista

Notices

Reply
 
Topic Tools
  #1  
Old November 22nd, 2010, 11:14 PM
marco's Avatar
marco marco is offline
Member
 
Join Date: Jul 2004
O/S: Windows 10 Home
Location: Rome, Italy
Age: 53
Posts: 68
Runtime Error! DllHost.exe terminated

Everytime that I boot up I get with error message:

Microsoft Visual C++ Runtime Library
Runtime Error!

Program: C:\Windows\system32\DllHost.exe

This application has requested the Runtime to terminate it in an unusual way.
Pleas contact the application's support team for more information.

I then close the window and start working. Nothing seems to change and every once in a while the message reappears. How can I fix this?

Thank You.

Marco
Reply With Quote


  #2  
Old November 23rd, 2010, 10:30 PM
AnnMarie's Avatar
AnnMarie AnnMarie is offline
CTH Subscriber
 
Join Date: Oct 2001
O/S: Windows Vista 32-bit
Location: New Zealand
Posts: 59,812
Hi Marco. It might be useful to have a look at your startups.

Download Random's System Information Tool (RSIT) from here and save it to your desktop.

Doubleclick on RSIT.exe to run it. Your computer will be scanned and once the scan has finished, two logs will open. Please post the contents of both (log.txt will be maximized and info.txt will be minimized) in this topic. You can also find the logs in the C:\rsit folder. The logs will be reasonably large so you may have to divide them into sections and make several posts to post them.
Reply With Quote
  #3  
Old November 23rd, 2010, 11:15 PM
marco's Avatar
marco marco is offline
Member
 
Join Date: Jul 2004
O/S: Windows 10 Home
Location: Rome, Italy
Age: 53
Posts: 68
Here they are

info.txt logfile of random's system information tool 1.08 2010-11-23 22:41:17

======Uninstall list======

32 Bit HP CIO Components Installer-->MsiExec.exe /I{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}
Adobe AIR-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}
Adobe Download Manager-->"C:\Windows\system32\rundll32.exe" "C:\Program Files\NOS\bin\getPlus_Helper.dll",Uninstall /Get1
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil10k_A ctiveX.exe -maintain activex
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\FlashUtil10h_P lugin.exe -maintain plugin
Advanced SystemCare 3-->"C:\Program Files\IObit\Advanced SystemCare 3\unins000.exe"
Alice MOBILE_MT503HSA-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\ 50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CFA7CC8D-6D38-40F9-A767-B876794D1C67}\setup.exe" -l0x10 -removeonly
AnyDVD-->"C:\Program Files\SlySoft\AnyDVD\AnyDVD-uninst.exe" /D="C:\Program Files\SlySoft\AnyDVD"
Apple Application Support-->MsiExec.exe /I{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}
Apple Mobile Device Support-->MsiExec.exe /I{CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}
Apple Software Update-->MsiExec.exe /I{C41300B9-185D-475E-BFEC-39EF732F19B1}
ArcSoft Panorama Maker 4-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D45E8C45-B601-4A80-AFD8-E16338744DE1}\Setup.exe" -l0x9
AutoCAD 2007 - Italiano-->MsiExec.exe /I{5783F2D7-5001-0410-0002-0060B0CE6BBA}
Autodesk DWF Viewer-->C:\PROGRA~1\Autodesk\AUTODE~1\Setup.exe /remove /q0
AVG 2011-->"C:\Program Files\AVG\AVG10\avgmfapx.exe" /AppMode=SETUP /Uninstall
AVG 2011-->MsiExec.exe /I{5AD96CF5-2627-4F29-9D2D-72FCD85F6355}
AVG 2011-->MsiExec.exe /I{A23061AF-5361-433C-B7F0-CE5F79A22C49}
Bluetooth Stack for Windows by Toshiba-->MsiExec.exe /X{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}
Bonjour-->MsiExec.exe /X{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}
CardRecovery-->C:\PROGRA~1\CARDRE~1\UNWISE.EXE C:\PROGRA~1\CARDRE~1\INSTALL.LOG
CDDRV_Installer-->MsiExec.exe /I{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}
CloneDVD2-->"C:\Program Files\Elaborate Bytes\CloneDVD2\CloneDVD2-uninst.exe" /D="C:\Program Files\Elaborate Bytes\CloneDVD2"
CloneDVDmobile-->"C:\Program Files\SlySoft\CloneDVDmobile\CloneDVDmobile-uninst.exe" /D="C:\Program Files\SlySoft\CloneDVDmobile"
Codificatore di Windows Media 9 Series-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Codificatore di Windows Media 9 Series-->MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Evernote v. 4.0.1-->MsiExec.exe /X{F761359C-9CED-45AE-9A51-9D6605CD55C4}
File Uploader-->MsiExec.exe /X{237CD223-1B9D-47E8-A76C-E478B83CCEA2}
FileMenu Tools-->"C:\Program Files\LopeSoft\FileMenu Tools\unins000.exe"
Flickr Uploadr 3.2.1-->"C:\Program Files\Flickr Uploadr\uninstall.exe"
Foxit Creator-->C:\Program Files\Foxit Software\PDF Creator\uninstall.exe
Foxit PDF Editor-->C:\Program Files\Foxit Software\PDF Editor\uninstall.exe
Foxit Reader-->C:\Program Files\Foxit Software\Foxit Reader\Uninstall.exe
GoodSync-->"C:\Program Files\Siber Systems\GoodSync\uninstall.exe"
Google Earth-->MsiExec.exe /X{4286E640-B5FB-11DF-AC4B-005056C00008}
Google Talk Plugin-->MsiExec.exe /I{58F58158-8DFE-31DA-AC1F-7E5D89A0F74F}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Google Updater-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
Hercules Webcam Station Evolution-->C:\Program Files\InstallShield Installation Information\{B60D61FD-1CB1-4ED5-974E-8C959F14208E}\setup.exe -runfromtemp -l0x0010 -removeonly
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
HP Photosmart.All-In-One Driver Software 8.0 .A-->C:\Program Files\HP\Digital Imaging\{282E5AB2-8E47-4571-B6FA-6B512555B557}\setup\hpzscr01.exe -datfile hposcr18.dat -onestop -showdisconnect -forcereboot
HP Product Assistant-->MsiExec.exe /I{36FDBE6E-6684-462B-AE98-9A39A1B200CC}
Intel(R) Graphics Media Accelerator Driver-->C:\Windows\system32\igxpun.exe -uninstall
iTunes-->MsiExec.exe /I{2CE5A2E7-3437-4CE7-BCF4-85ED6EEFF9E4}
Java(TM) 6 Update 22-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216019FF}
KhalInstallWrapper-->MsiExec.exe /I{56918C0C-0D87-4CA6-92BF-4975A43AC719}
Legacy 6.0-->C:\Legacy\UNWISE.EXE /U C:\Legacy\Install.log
Logitech SetPoint-->C:\Program Files\InstallShield Installation Information\{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}\setup.exe -runfromtemp -l0x0010 -removeonly
LogMeIn-->MsiExec.exe /I{4475560E-9418-4908-A158-472D873AE139}
Manuali TOSHIBA-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\ 01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D9667236-F84B-48AD-A887-F40D64D3D7A0}\setup.exe" -l0x10 -removeonly
Media Player Codec Pack 3.9.6-->C:\Windows\system32\C2MP\Uninst.exe
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 1.1 Italian Language Pack-->MsiExec.exe /X{F2D2B58B-B2FD-46D1-8319-DCE564079934}
Microsoft .NET Framework 1.1 Security Update (KB2416447)-->"C:\Windows\Microsoft.NET\Framework\v1.1.4322\Upd ates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Upda tes\M2416447\M2416447Uninstall.msp"
Microsoft .NET Framework 1.1 Security Update (KB979906)-->"C:\Windows\Microsoft.NET\Framework\v1.1.4322\Upd ates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Upda tes\M979906\M979906Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 3.5 - Language Pack SP1 (italiano)-->C:\Windows\Microsoft.NET\Framework\v3.5\Microso ft .NET Framework 3.5 Language Pack SP1 - ita\setup.exe
Microsoft .NET Framework 3.5 Language Pack SP1 - ita-->MsiExec.exe /I{55CA4086-0D2C-30E3-A7B5-C76BA737CECE}
Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microso ft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\Set upCache\Client\Setup.exe /repair /x86 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}
Microsoft Money 2005-->C:\Program Files\Microsoft Money 2005\MNYCoreFiles\Setup\uninst.exe /s:120
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110410-6000-11D3-8CFE-0150048383C9}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft_VC90_CRT_x86-->MsiExec.exe /I{DF2035BE-5820-4965-BD97-7FAF8D4A7879}
MioFotografo.it MyComposer 5.0-->"C:\Program Files\miofotografo.it\myComposer\unins000.exe"
Mozilla Firefox (3.6.12)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
my Picturetown Uploader-->msiexec /qb /x {36D3FD7C-A497-8DE1-8932-2CF519CE2F13}
my Picturetown Uploader-->MsiExec.exe /I{36D3FD7C-A497-8DE1-8932-2CF519CE2F13}
Nikon Transfer-->MsiExec.exe /X{E9757890-7EC5-46C8-99AB-B00F07B6525C}
NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI
Pdf995-->C:\Program Files\pdf995\setup.exe uninstall
PdfEdit995-->C:\Program Files\pdf995\res\utilities\thinsetup.exe - uninstall
Picasa 3-->"C:\Program Files\Google\Picasa3\Uninstall.exe"
Pinnacle Instant DVD Recorder-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\ 01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EF781A5C-58F5-4BFD-87F9-E4F14D382F25}\setup.exe" -l0x9 UNINSTALL
PokerStars.it-->"C:\Program Files\PokerStars.IT\PokerStarsUninstall.exe" /u:PokerStars.it
proDAD Heroglyph 2.5-->"C:\Program Files\proDAD\Heroglyph-2.5\uninstall.exe" uninstall spcp PATHVERSION 2.5 MAINNAME Heroglyph
proDAD Vitascene 1.0-->"C:\Program Files\proDAD\Vitascene-1.0\uninstall.exe" uninstall spcp PATHVERSION 1.0 MAINNAME Vitascene
QuickTime-->MsiExec.exe /I{E7004147-2CCA-431C-AA05-2AB166B9785D}
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A8894F19-59C8-38D2-8A75-36C0CCE56A5B} /qb+ REBOOTPROMPT=""
Security Update for Windows Media Encoder (KB954156)-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} MSIPATCHREMOVE={E836F1B7-43FB-46B0-A0D9-E4D2A5951659} /qb
Security Update for Windows Media Encoder (KB979332)-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} MSIPATCHREMOVE={950E24CA-CA7E-4606-8F0D-DEDBC94F2A1E} /qb
Signature995-->C:\Program Files\pdf995\res\utilities\Signature995\thinsetup. exe - uninstall
Silenziatore unità CD/DVD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\ 01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}\setup.exe" -l0x10
Skype™ 5.0-->MsiExec.exe /X{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}
Studio 11 Bonus DVD-->C:\Program Files\InstallShield Installation Information\{45A1BF92-700A-4408-B95E-79F462E3D67D}\setup.exe -runfromtemp -l0x0009 UNINSTALL -removeonly
Studio 11-->C:\Program Files\InstallShield Installation Information\{110B1ADF-2EAE-4E8F-B501-D2A1E6D8ED9D}\Setup2.exe -runfromtemp -l0x0009 UNINSTALL -removeonly
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUnin stall
System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe
Texas Instruments PCIxx21/x515/xx12 drivers.-->C:\Program Files\InstallShield Installation Information\{F7B05784-334C-4F76-8BAB-30ABEB7FD534}\setup.exe -runfromtemp -l0x0410
TOSHIBA Assist-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\ 01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{12B3A009-A080-4619-9A2A-C6DB151D8D67}\setup.exe" -l0x10
TOSHIBA ConfigFree-->C:\Program Files\InstallShield Installation Information\{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}\setup.exe -runfromtemp -l0x0010uninstall -removeonly
Toshiba Connect-->MsiExec.exe /X{65F3C8ED-19DD-4167-BA40-6FF49564728E}
TOSHIBA Disc Creator-->MsiExec.exe /I{5DA0E02F-970B-424B-BF41-513A5018E4C0}
TOSHIBA Extended Tiles for Windows Mobility Center-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1150\INTEL3~ 1\IDriver.exe /M{617C36FD-0CBE-4600-84B2-441CEB12FADF} /l1040
TOSHIBA Hardware Setup-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\ 01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B77A308F-85F5-4D68-8CB5-313332CB2779}\setup.exe" -l0x10
Toshiba Online Product Information-->C:\Program Files\InstallShield Installation Information\{2290A680-4083-410A-ADCC-7092C67FC052}\setup.exe -runfromtemp -l0x0010 -removeonly
TOSHIBA SD Memory Utilities-->MsiExec.exe /X{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}
TOSHIBA Software Modem-->Tosmreg -U
TOSHIBA Supervisor Password-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\ 01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{74892A2F-57B2-48E4-81C3-1E21E12A470B}\setup.exe" -l0x10
TOSHIBA Value Added Package-->C:\Program Files\InstallShield Installation Information\{FEDD27A0-B306-45EF-BF58-B527406B42C8}\setup.exe -runfromtemp -l0x0409
Tunatic-->"C:\Windows\lsb_un20.exe" /C=UC /N=Tunatic
Uniblue RegistryBooster-->"C:\ProgramData\{6DAA3B20-D487-4FA2-81D5-50404CCB868D}\rbia.exe" REMOVE=TRUE MODIFY=FALSE
Uniblue RegistryBooster-->C:\ProgramData\{6DAA3B20-D487-4FA2-81D5-50404CCB868D}\rbia.exe
Uniblue SystemTweaker-->"C:\Program Files\Uniblue\SystemTweaker\unins000.exe"
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Utility Configurazione iPhone-->MsiExec.exe /I{FA54AFB1-5745-4389-B8C1-9F7509672ED1}
VC 9.0 Runtime-->MsiExec.exe /I{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}
VC 9.0 Runtime-->MsiExec.exe /I{A040AC77-C1AA-4CC9-8931-9F648AF178F6}
Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\Windows\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
Visual C++ 8.0 ATL (x86) WinSXS MSM-->MsiExec.exe /I{97F81AF1-0E47-DC99-FF1F-C8B3B9A1E18E}
Visual C++ 8.0 CRT (x86) WinSXS MSM-->MsiExec.exe /I{98CB24AD-52FB-DB5F-FF1F-C8B3B9A1E18E}
Visual C++ CRT 8.0-->MsiExec.exe /I{B2395631-54D5-481E-B9A8-74B269546F40}
Windows Installer Clean Up-->MsiExec.exe /I{121634B0-2F4A-11D3-ADA3-00C04F52DD53}
Xobni Core-->MsiExec.exe /I{8DC069E7-893C-41E1-9442-DE89FEC33371}
Xobni-->"C:\Program Files\Xobni\UninstallerWizard.exe"
Yahoo! Desktop Login-->MsiExec.exe /I{F9AEEC34-CF00-4CBD-9E36-DF9DC4002685}

======Hosts File======

127.0.0.1 babe.the-killer.bz
127.0.0.1 www.babe.the-killer.bz
127.0.0.1 babe.k-lined.com
127.0.0.1 www.babe.k-lined.com
127.0.0.1 did.i-used.cc
127.0.0.1 www.did.i-used.cc
127.0.0.1 coolwwwsearch.com
127.0.0.1 www.coolwwwsearch.com
127.0.0.1 coolwebsearch.com
127.0.0.1 www.coolwebsearch.com

======Security center information======

AS: Lavasoft Ad-Watch Live! (disabled)
AS: Windows Defender (disabled)

======System event log======

Computer Name: Notebook
Event Code: 102
Message: Il servizio ha temporaneamente interrotto la pubblicazione a causa di un evento di alimentazione.
Record Number: 416219
Source Name: Microsoft-Windows-ResourcePublication
Time Written: 20100622180423.291832-000
Event Type: Informazioni
User: NT AUTHORITY\SERVIZIO LOCALE

Computer Name: Notebook
Event Code: 7036
Message: Il servizio Acquisizione di immagini di Windows (WIA) è ora in modalità pausa.
Record Number: 416218
Source Name: Service Control Manager
Time Written: 20100622180423.000000-000
Event Type: Informazioni
User:

Computer Name: Notebook
Event Code: 7036
Message: Il servizio Net Driver HPZ12 è ora in modalità arrestato.
Record Number: 416217
Source Name: Service Control Manager
Time Written: 20100622180419.000000-000
Event Type: Informazioni
User:

Computer Name: Notebook
Event Code: 7036
Message: Il servizio Pml Driver HPZ12 è ora in modalità arrestato.
Record Number: 416216
Source Name: Service Control Manager
Time Written: 20100622180419.000000-000
Event Type: Informazioni
User:

Computer Name: Notebook
Event Code: 7036
Message: Il servizio Servizio rilevamento automatico proxy WinHTTP è ora in modalità arrestato.
Record Number: 416215
Source Name: Service Control Manager
Time Written: 20100622173935.000000-000
Event Type: Informazioni
User:
Reply With Quote
  #4  
Old November 23rd, 2010, 11:16 PM
marco's Avatar
marco marco is offline
Member
 
Join Date: Jul 2004
O/S: Windows 10 Home
Location: Rome, Italy
Age: 53
Posts: 68
=====Application event log=====

Computer Name: Notebook
Event Code: 100
Message: Task Scheduling Error: Continuously busy for more than a second
Record Number: 478313
Source Name: Bonjour Service
Time Written: 20100718185206.000000-000
Event Type: Errore
User:

Computer Name: Notebook
Event Code: 100
Message: Task Scheduling Error: m->NextScheduledSPRetry 2184
Record Number: 478312
Source Name: Bonjour Service
Time Written: 20100718185204.000000-000
Event Type: Errore
User:

Computer Name: Notebook
Event Code: 100
Message: Task Scheduling Error: m->NextScheduledEvent 2184
Record Number: 478311
Source Name: Bonjour Service
Time Written: 20100718185204.000000-000
Event Type: Errore
User:

Computer Name: Notebook
Event Code: 100
Message: Task Scheduling Error: Continuously busy for more than a second
Record Number: 478310
Source Name: Bonjour Service
Time Written: 20100718185204.000000-000
Event Type: Errore
User:

Computer Name: Notebook
Event Code: 100
Message: Task Scheduling Error: m->NextScheduledSPRetry 1014
Record Number: 478309
Source Name: Bonjour Service
Time Written: 20100718185203.000000-000
Event Type: Errore
User:

=====Security event log=====

Computer Name: Notebook
Event Code: 4672
Message: Privilegi speciali assegnati a nuovo accesso.

Soggetto:
ID protezione: S-1-5-18
Nome account: SYSTEM
Dominio account: NT AUTHORITY
ID accesso: 0x3e7

Privilegi: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 140371
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100418142108.110640-000
Event Type: Controllo riuscito
User:

Computer Name: Notebook
Event Code: 4624
Message: Accesso di un account riuscito.

Soggetto:
ID protezione: S-1-5-18
Nome account: NOTEBOOK$
Dominio account: SOLA
ID accesso: 0x3e7

Tipo di accesso: 5

Nuovo accesso:
ID protezione: S-1-5-18
Nome account: SYSTEM
Dominio account: NT AUTHORITY
ID accesso: 0x3e7
GUID accesso: {00000000-0000-0000-0000-000000000000}

Informazioni sul processo:
ID processo: 0x298
Nome processo: C:\Windows\System32\services.exe

Informazioni di rete:
Nome workstation:
Indirizzo rete di origine: -
Porta di origine: -

Informazioni di autenticazione dettagliate:
Processo di accesso: Advapi
Pacchetto di autenticazione: Negotiate
Servizi transitati: -
Nome pacchetto (solo NTLM): -
Lunghezza chiave: 0

Questo evento viene generato quando viene creata una sessione di accesso. Viene generato nel computer in cui è stato effettuato l'accesso.

Il campo Soggetto indica l'account nel sistema locale che ha richiesto l'accesso. Generalmente si tratta di un servizio, quale il servizio Server, o di un processo locale, ad esempio Winlogon.exe o Services.exe.

Il campo Tipo di accesso indica il tipo di accesso che è stato effettuato. I tipi più comuni sono 2 (interattivo) e 3 (rete).

Il campo Nuovo accesso indica l'account per il quale è stato creato il nuovo accesso, vale a dire l'account che ha effettuato l'accesso.

Il campo Informazioni di rete indica l'origine della richiesta di accesso remota. Il nome della workstation non è sempre disponibile e può essere vuoto in alcuni casi.

Il campo Informazioni di autenticazione fornisce informazioni dettagliate sulla specifica richiesta di accesso.
- GUID accesso è un identificatore univoco che può essere utilizzato per correlare questo evento a un evento KDC.
- Servizi transitati indica quali servizi intermedi hanno partecipato alla richiesta di accesso.
- Nome pacchetto indica quale sottoprotocollo dei protocolli NTLM è stato utilizzato.
- Lunghezza chiave indica la lunghezza della chiave di sessione generata. Se non è stata richiesta alcuna chiave di sessione, la lunghezza sarà pari a zero.
Record Number: 140370
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100418142108.110640-000
Event Type: Controllo riuscito
User:

Computer Name: Notebook
Event Code: 4648
Message: È stato tentato un accesso utilizzando credenziali esplicite.

Soggetto:
ID protezione: S-1-5-18
Nome account: NOTEBOOK$
Dominio account: SOLA
ID accesso: 0x3e7
GUID accesso: {00000000-0000-0000-0000-000000000000}

Account di cui sono state utilizzate le credenziali:
Nome account: SYSTEM
Dominio account: NT AUTHORITY
GUID accesso: {00000000-0000-0000-0000-000000000000}

Server di destinazione:
Nome server di destinazione: localhost
Informazioni aggiuntive: localhost

Informazioni sul processo:
ID processo: 0x298
Nome processo: C:\Windows\System32\services.exe

Informazioni di rete:
Indirizzo di rete: -
Porta: -

Questo evento viene generato quando un processo tenta di far accedere un account specificando esplicitamente le credenziali dell'account. Generalmente si verifica in configurazioni di tipo batch, ad esempio attività pianificate, oppure quando si utilizza il comando RUNAS.
Record Number: 140369
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100418142108.110640-000
Event Type: Controllo riuscito
User:

Computer Name: Notebook
Event Code: 5032
Message: Il servizio Windows Firewall non è stato in grado di notificare all'utente che ha impedito a un'applicazione di accettare connessioni in ingresso sulla rete.

Codice di errore: 2
Record Number: 140368
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100418142107.034240-000
Event Type: Controllo non riuscito
User:

Computer Name: Notebook
Event Code: 5032
Message: Il servizio Windows Firewall non è stato in grado di notificare all'utente che ha impedito a un'applicazione di accettare connessioni in ingresso sulla rete.

Codice di errore: 2
Record Number: 140367
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100418142107.034240-000
Event Type: Controllo non riuscito
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemR oot%\System32\Wbem;C:\Program Files\Common Files\Ulead Systems\MPEG;%SYSTEMROOT%\System32\WindowsPowerShe ll\v1.0\;C:\Program Files\QuickTime\QTSystem\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;. WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 2, GenuineIntel
"PROCESSOR_REVISION"=0f02
"NUMBER_OF_PROCESSORS"=2
"asl.log"=Destination=file;OnFirstLog=command,envi ronment
"PSModulePath"=%SystemRoot%\system32\WindowsPowerS hell\v1.0\Modules\
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------
Reply With Quote
  #5  
Old November 23rd, 2010, 11:32 PM
AnnMarie's Avatar
AnnMarie AnnMarie is offline
CTH Subscriber
 
Join Date: Oct 2001
O/S: Windows Vista 32-bit
Location: New Zealand
Posts: 59,812
Hi Marco. I need to see the other log too but I have to log out now. I'll be back later on.
Reply With Quote
  #6  
Old November 24th, 2010, 10:25 PM
marco's Avatar
marco marco is offline
Member
 
Join Date: Jul 2004
O/S: Windows 10 Home
Location: Rome, Italy
Age: 53
Posts: 68
Ok.
Reply With Quote
  #7  
Old November 26th, 2010, 12:23 AM
AnnMarie's Avatar
AnnMarie AnnMarie is offline
CTH Subscriber
 
Join Date: Oct 2001
O/S: Windows Vista 32-bit
Location: New Zealand
Posts: 59,812
Feel free to post it when you have time.
Reply With Quote
  #8  
Old November 26th, 2010, 09:59 PM
marco's Avatar
marco marco is offline
Member
 
Join Date: Jul 2004
O/S: Windows 10 Home
Location: Rome, Italy
Age: 53
Posts: 68
Sorry Anne I though that I posted both files.

Logfile of random's system information tool 1.08 (written by random/random)
Run by Marco at 2010-11-23 22:39:50
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 6 GB (10%) free of 57 GB
Total RAM: 2037 MB (50% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22.41.13, on 23/11/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18975)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
C:\Windows\Explorer.EXE
C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Evernote\Evernote\EvernoteClipper.exe
C:\Users\Marco\AppData\Roaming\Dropbox\bin\Dropbox .exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Poker\Sisal Poker\casino.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE
C:\Program Files\AVG\AVG10\avgcsrvx.exe
C:\Users\Marco\Desktop\RSIT.exe
C:\Program Files\trend micro\Marco.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.libero.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
O1 - Hosts: ::1 localhost
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll
O2 - BHO: (no name) - {78875F5C-A685-4405-8DC5-D48DC65452B0} - (no file)
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - (no file)
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\s wg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - (no file)
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [SmartRAM] "C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe" /m
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user')
O4 - Startup: Dropbox.lnk = C:\Users\Marco\AppData\Roaming\Dropbox\bin\Dropbox .exe
O4 - Global Startup: Evernote Clipper.lnk = ?
O4 - Global Startup: Tasto di scelta rapida per l'avvio di AutoCAD.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart17.exe
O8 - Extra context menu item: Add to Evernote 4.0 - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?IT (file missing)
O16 - DPF: {80AEEC0E-A2BE-4B8D-985F-350FE869DC40} - http://h20264.www2.hp.com/ediags/dd/...sticsVista.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe
O23 - Service: Servizio Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Google Update Service (gupdate1c98a0799186b7c) (gupdate1c98a0799186b7c) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: ONDA Autorun CDROM Monitor - Unknown owner - C:\Windows\system32\SupportAppXL\onda_mon.exe
O23 - Service: PCLEPCI - Pinnacle Systems GmbH - C:\Windows\system32\drivers\pclepci.sys
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: XobniService - Xobni Corporation - C:\Program Files\Xobni\XobniService.exe

--
End of file - 10673 bytes

======Scheduled tasks folder======

C:\Windows\tasks\AWC AutoSweep.job
C:\Windows\tasks\AWC Startup.job
C:\Windows\tasks\AWC Update.job
C:\Windows\tasks\Google Software Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1925610512-189826699-490347785-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1925610512-189826699-490347785-1000UA.job
C:\Windows\tasks\RegistryBooster.job
C:\Windows\tasks\User_Feed_Synchronization-{D9B30BB4-63C0-47D4-A444-A174F9308500}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG10\avgssie.dll [2010-11-04 2731360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{78875F5C-A685-4405-8DC5-D48DC65452B0}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}]
AVG Security Toolbar

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
AVG Security Toolbar BHO - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll [2010-10-06 2475336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\s wg.dll [2009-12-11 761840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-09-15 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{A057A204-BACC-4D26-9990-79A187E2698E} -
{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - AVG Security Toolbar - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll [2010-10-06 2475336]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"NvSvc"=C:\Windows\system32\nvsvc.dll [2006-12-07 90191]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2006-12-07 7766016]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.d ll [2006-12-07 81920]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2006-11-07 3772416]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2007-03-29 411192]
"HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2006-12-07 55416]
"SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2007-06-15 448080]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2007-08-03 714080]
"SynTPStart"=C:\Program Files\Synaptics\SynTP\SynTPStart.exe [2007-10-29 102400]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-08-14 1348904]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-06-18 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-06-18 166424]
"Persistence"=C:\Windows\system32\igfxpers.exe [2008-06-18 133656]
"LogMeIn GUI"=C:\Program Files\LogMeIn\x86\LogMeInSystray.exe [2010-01-27 63048]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"Kernel and Hardware Abstraction Layer"=C:\Windows\KHALMNPR.EXE [2007-04-11 56080]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-09-08 421888]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2010-09-24 421160]
"AVG_TRAY"=C:\Program Files\AVG\AVG10\avgtray.exe [2010-10-22 2745696]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"SmartRAM"=C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe [2010-07-21 198864]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]
"AnyDVD"=C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe [2010-11-15 4676544]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Evernote Clipper.lnk - C:\Windows\Installer\{F761359C-9CED-45AE-9A51-9D6605CD55C4}\Evernote.ico
Tasto di scelta rapida per l'avvio di AutoCAD.lnk - C:\Program Files\Common Files\Autodesk Shared\acstart17.exe

C:\Users\Marco\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Startup
Dropbox.lnk - C:\Users\Marco\AppData\Roaming\Dropbox\bin\Dropbox .exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2008-06-18 204800]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\servic es\sharedaccess\parameters\firewallpolicy\standard profile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\servic es\sharedaccess\parameters\firewallpolicy\domainpr ofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - "C:\Windows\system32\NOTEPAD.EXE" "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 months======

2010-11-23 22:39:51 ----D---- C:\Program Files\trend micro
2010-11-23 22:39:50 ----D---- C:\rsit
2010-11-20 22:05:37 ----D---- C:\Users\Marco\AppData\Roaming\Uniblue
2010-11-20 22:05:05 ----HDC---- C:\ProgramData\{6DAA3B20-D487-4FA2-81D5-50404CCB868D}
2010-11-20 22:05:00 ----D---- C:\Program Files\Uniblue
2010-11-09 22:20:58 ----A---- C:\Windows\system32\drivers\avgtdix.sys
2010-11-05 17:48:21 ----A---- C:\Windows\system32\javaws.exe
2010-11-05 17:48:21 ----A---- C:\Windows\system32\javaw.exe
2010-11-05 17:48:21 ----A---- C:\Windows\system32\java.exe
2010-11-03 23:23:48 ----D---- C:\Program Files\iPod
2010-11-03 23:23:46 ----D---- C:\Program Files\iTunes
2010-11-03 23:21:24 ----D---- C:\Program Files\QuickTime
2010-11-03 23:20:27 ----D---- C:\Program Files\Apple Software Update
2010-11-03 23:17:53 ----D---- C:\Program Files\Bonjour
2010-11-03 23:17:32 ----D---- C:\Program Files\Common Files\Apple
2010-11-03 23:03:06 ----D---- C:\Program Files\Windows Installer Clean Up
2010-11-01 08:24:14 ----D---- C:\Program Files\Evernote
2010-10-31 11:50:36 ----D---- C:\Program Files\Common Files\Skype
2010-10-31 11:50:34 ----RD---- C:\Program Files\Skype
2010-10-27 21:38:33 ----A---- C:\Windows\system32\gameux.dll
2010-10-27 21:38:29 ----A---- C:\Windows\system32\Apphlpdm.dll
2010-10-27 21:38:28 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2010-10-25 21:31:56 ----D---- C:\Users\Marco\AppData\Roaming\Foxit Software
Reply With Quote
  #9  
Old November 26th, 2010, 10:00 PM
marco's Avatar
marco marco is offline
Member
 
Join Date: Jul 2004
O/S: Windows 10 Home
Location: Rome, Italy
Age: 53
Posts: 68
======List of files/folders modified in the last 1 months======

2010-11-23 22:40:19 ----D---- C:\Windows\Prefetch
2010-11-23 22:39:51 ----RD---- C:\Program Files
2010-11-23 22:39:22 ----D---- C:\Windows\Temp
2010-11-23 21:52:16 ----SHD---- C:\Windows\Installer
2010-11-23 21:52:15 ----HD---- C:\Config.Msi
2010-11-23 21:48:00 ----D---- C:\Windows\system32\drivers
2010-11-23 21:35:50 ----D---- C:\Users\Marco\AppData\Roaming\Dropbox
2010-11-23 21:34:51 ----D---- C:\Windows\system32\drivers\AVG
2010-11-23 21:33:11 ----D---- C:\Windows\Tasks
2010-11-23 21:30:27 ----D---- C:\Windows\System32
2010-11-23 21:29:50 ----D---- C:\Program Files\LogMeIn
2010-11-23 00:23:24 ----D---- C:\Windows\system32\Tasks
2010-11-23 00:23:12 ----AD---- C:\Windows
2010-11-22 19:45:41 ----SHD---- C:\System Volume Information
2010-11-20 23:06:28 ----D---- C:\Windows\system32\config
2010-11-20 22:34:28 ----D---- C:\ProgramData\pdf995
2010-11-20 22:05:05 ----HD---- C:\ProgramData
2010-11-19 23:01:40 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-11-19 23:01:26 ----D---- C:\Windows\inf
2010-11-19 22:58:05 ----D---- C:\Users\Marco\AppData\Roaming\Skype
2010-11-19 22:07:49 ----D---- C:\Users\Marco\AppData\Roaming\skypePM
2010-11-18 21:58:45 ----D---- C:\Windows\system32\catroot2
2010-11-16 21:59:25 ----RD---- C:\Users
2010-11-13 00:29:49 ----D---- C:\Program Files\Foxit Software
2010-11-09 21:21:44 ----D---- C:\Windows\winsxs
2010-11-09 21:16:41 ----D---- C:\Windows\system32\catroot
2010-11-09 21:16:34 ----D---- C:\Program Files\Windows Mail
2010-11-09 21:13:15 ----A---- C:\Windows\system32\mrt.exe
2010-11-05 17:46:35 ----D---- C:\Program Files\Java
2010-11-05 05:54:43 ----D---- C:\Windows\Microsoft.NET
2010-11-05 05:54:17 ----RSD---- C:\Windows\assembly
2010-11-05 00:07:36 ----D---- C:\Program Files\Xobni
2010-11-03 23:17:32 ----D---- C:\Program Files\Common Files
2010-11-03 22:10:43 ----D---- C:\Users\Marco\AppData\Roaming\GoodSync
2010-10-31 11:50:20 ----D---- C:\ProgramData\Skype
2010-10-29 21:19:52 ----D---- C:\Program Files\Mozilla Firefox
2010-10-29 21:17:15 ----D---- C:\ProgramData\AVG Security Toolbar
2010-10-27 21:43:32 ----D---- C:\Windows\AppPatch

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSEH;AVGIDSEH; C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [2010-09-13 25680]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx86.sys [2010-09-07 26064]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2008-11-20 43872]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2007-11-09 23640]
R1 Avgldx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys [2010-09-07 249424]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys [2010-09-07 34384]
R1 Avgtdix;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdix.sys [2010-11-09 299984]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2010-09-30 30376]
R2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Program Files\LogMeIn\x86\RaInfo.sys [2010-01-27 12856]
R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\Windows\system32\drivers\LMIRfsDriver.sys [2010-01-27 47640]
R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-08-31 1161152]
R3 AnyDVD;AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [2010-09-14 108480]
R3 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [2010-08-19 123472]
R3 AVGIDSFilter;AVGIDSFilter; C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [2010-08-19 30288]
R3 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\AVGIDSShim.Sys [2010-08-19 27216]
R3 E100B;Driver scheda Intel(R) PRO; C:\Windows\system32\DRIVERS\e100b325.sys [2008-01-19 159744]
R3 FwLnk;FwLnk Driver; C:\Windows\system32\DRIVERS\FwLnk.sys [2006-11-19 7168]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-06-18 2307584]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2006-11-17 1651752]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2007-04-11 34832]
R3 lmimirr;lmimirr; C:\Windows\system32\DRIVERS\lmimirr.sys [2010-01-27 10144]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2007-04-11 36112]
R3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\Windows\System32\Drivers\LUsbFilt.Sys [2007-04-11 28688]
R3 MarvinBus;Pinnacle Marvin Bus; C:\Windows\system32\DRIVERS\MarvinBus.sys [2007-01-04 171520]
R3 NETw4v32;Driver scheda Intel(R) Wireless WiFi Link per Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-12-28 2251776]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-08-14 203312]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2006-10-18 16128]
R3 tifm21;tifm21; C:\Windows\system32\drivers\tifm21.sys [2006-07-06 168448]
S0 Lbd;Lbd; C:\Windows\system32\DRIVERS\Lbd.sys []
S1 Tosrfcom;Tosrfcom; C:\Windows\system32\drivers\Tosrfcom.sys [2005-08-01 64896]
S3 61883;Dispositivo unità 61883; C:\Windows\system32\DRIVERS\61883.sys [2008-01-19 45696]
S3 Avc;Dispositivo AVC; C:\Windows\system32\DRIVERS\avc.sys [2008-01-19 40448]
S3 Dot4;Driver MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-19 131584]
S3 Dot4Print;Driver classe Print per IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-19 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-19 36864]
S3 drmkaud;Decodificatore audio DRM del kernel Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 HdAudAddService;Driver di funzioni Microsoft 1.1 UAA per servizio High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 hxctlflt;hxctlflt; C:\Windows\System32\Drivers\hxctlflt.sys [2009-02-09 99968]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-06-18 2307584]
S3 Iviaspi;IVI ASPI Shell; C:\Windows\system32\drivers\iviaspi.sys []
S3 LVUSBSta;Logitech USB Monitor Filter; C:\Windows\system32\drivers\LVUSBSta.sys [2007-10-12 41752]
S3 MSDV;Microsoft DV Camera and VCR; C:\Windows\system32\DRIVERS\msdv.sys [2008-01-19 52608]
S3 MSKSSRV;Proxy di servizio di flusso Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Proxy clock di flusso Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Proxy di gestione qualità di flusso Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Convertitore a T/Sito a sito per flusso Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 Netaapl;Apple Mobile Device Ethernet Service; C:\Windows\system32\DRIVERS\netaapl.sys []
S3 NETw3v32;Driver per scheda di rete Intel(R) PRO/Wireless 3945ABG per Windows Vista a 32 bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-10-30 1786880]
S3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2006-12-07 4456416]
S3 ONDAusbmdm6k;ONDA Proprietary USB Driver; C:\Windows\system32\DRIVERS\ONDAusbmdm6k.sys [2008-09-16 104960]
S3 ONDAusbnet;ONDA USB-NDIS miniport; C:\Windows\system32\DRIVERS\ONDAusbnet.sys [2008-09-16 110080]
S3 ONDAusbnmea;ONDA NMEA Port; C:\Windows\system32\DRIVERS\ONDAusbnmea.sys [2008-09-16 104960]
S3 ONDAusbser6k;ONDA Diagnostic Port; C:\Windows\system32\DRIVERS\ONDAusbser6k.sys [2008-09-16 104960]
S3 PID_0928;Logitech QuickCam Express(PID_0928); C:\Windows\system32\DRIVERS\LV561AV.SYS [2007-10-12 490776]
S3 SNP2UVC;Hercules Webcam; C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-04-22 3482112]
S3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2006-10-23 9216]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2010-04-19 41984]
S3 usbaudio;Driver audio USB (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-11 73216]
S3 usbscan;Driver scanner USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 usbvideo;Dispositivo video USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-19 134016]
S3 WISTechVIDCAP;WIS GO7007SB A/V Capture; C:\Windows\system32\drivers\wisgostrm.sys [2005-10-03 245376]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S4 KR10I;KR10I; C:\Windows\system32\drivers\kr10i.sys [2006-02-14 216320]
S4 KR10N;KR10N; C:\Windows\system32\drivers\kr10n.sys [2006-02-14 208256]
S4 LMIRfsClientNP;LMIRfsClientNP; C:\Windows\system32\drivers\LMIRfsClientNP.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2006-09-12 9216]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-08-13 144672]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG10\avgwdsvc.exe [2010-10-22 265400]
R2 Bonjour Service; Servizio Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2010-07-27 345376]
R2 CFSvcs;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2006-11-14 40960]
R2 hpqddsvc;Servizio di rilevamento dispositivi HP CUE; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe [2010-09-23 374152]
R2 LMIMaint;LogMeIn Maintenance Service; C:\Program Files\LogMeIn\x86\RaMaint.exe [2010-09-30 116104]
R2 LogMeIn;LogMeIn; C:\Program Files\LogMeIn\x86\LogMeIn.exe [2010-01-27 63040]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 ONDA Autorun CDROM Monitor;ONDA Autorun CDROM Monitor; C:\Windows\system32\SupportAppXL\onda_mon.exe [2008-09-17 86016]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2006-05-25 114688]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2007-03-29 427576]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2006-10-31 77824]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R3 iPod Service;Servizio iPod; C:\Program Files\iPod\bin\iPodService.exe [2010-09-24 820008]
S2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2010-11-10 6127184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\msco rsvw.exe [2010-03-18 130384]
S2 gupdate1c98a0799186b7c;Google Update Service (gupdate1c98a0799186b7c); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-02-08 133104]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-11 194032]
S2 PCLEPCI;PCLEPCI; C:\Windows\system32\drivers\pclepci.sys [2005-02-09 14165]
S2 XobniService;XobniService; C:\Program Files\Xobni\XobniService.exe [2010-08-12 56040]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2010-09-04 85096]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service; C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe [2010-10-06 517448]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 getPlusHelper;@C:\Program Files\NOS\bin\getPlus_Helper.dll,-101; C:\Windows\System32\svchost.exe [2008-01-19 21504]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Frame work\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\ WPFFontCache_v0400.exe [2010-03-18 753504]

-----------------EOF-----------------
Reply With Quote
  #10  
Old November 26th, 2010, 10:54 PM
AnnMarie's Avatar
AnnMarie AnnMarie is offline
CTH Subscriber
 
Join Date: Oct 2001
O/S: Windows Vista 32-bit
Location: New Zealand
Posts: 59,812
No problem. Lets start by disabling your Scheduled Tasks and see if one of them is responsible.

To to do, go to Start > Search and type:

taskschd.msc

In the Start Search box. Rightclick on the File and choose "Run As Administrator. Find the below tasks and select each one (one at a time) and go to Actions and choose Disable.


C:\Windows\tasks\AWC AutoSweep.job
C:\Windows\tasks\AWC Startup.job
C:\Windows\tasks\AWC Update.job
C:\Windows\tasks\Google Software Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1925610512-189826699-490347785-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1925610512-189826699-490347785-1000UA.job
C:\Windows\tasks\RegistryBooster.job
C:\Windows\tasks\User_Feed_Synchronization-{D9B30BB4-63C0-47D4-A444-A174F9308500}.job

When you have disabled them all, reboot and tell me if you still get that error message.
Reply With Quote
  #11  
Old November 27th, 2010, 08:02 AM
marco's Avatar
marco marco is offline
Member
 
Join Date: Jul 2004
O/S: Windows 10 Home
Location: Rome, Italy
Age: 53
Posts: 68
I found taskschd.msc and ran it as administrator. I have Vista in Italian and I can't find disable in the actions menu. The Actions menu looks like this:

Connetti a un altro computer... (connect)
Crea attività di base... (create)
Crea attività... (create)
Importa attività... (import)
Visualizza tutte le attività in esecuzione (running)
"If I choose this option, a window pops up with all running tasks that I can terminate. They are not the same as the ones you specified"
Configurazione account servizio AT (configuration)
Visualizza (visualize)
Aggiorna (update)

Marco
Reply With Quote
  #12  
Old November 28th, 2010, 06:15 AM
AnnMarie's Avatar
AnnMarie AnnMarie is offline
CTH Subscriber
 
Join Date: Oct 2001
O/S: Windows Vista 32-bit
Location: New Zealand
Posts: 59,812
Marco, click on Task Scheduler Library. Can you see the Tasks now? You may have to click on the Actions tab to see what each task does.
Reply With Quote
  #13  
Old November 28th, 2010, 11:00 AM
marco's Avatar
marco marco is offline
Member
 
Join Date: Jul 2004
O/S: Windows 10 Home
Location: Rome, Italy
Age: 53
Posts: 68
OK. I clicked on library and was able to disable some but not all the tasks. The path was not shown.

The tasks that I disabled are:
C:\Windows\tasks\AWC AutoSweep.job
C:\Windows\tasks\AWC Startup.job
C:\Windows\tasks\AWC Update.job
C:\Windows\tasks\Google Software Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1925610512-189826699-490347785-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1925610512-189826699-490347785-1000UA.job
C:\Windows\tasks\RegistryBooster.job

I did not find:
C:\Windows\tasks\User_Feed_Synchronization-{D9B30BB4-63C0-47D4-A444-A174F9308500}.job

I rebooted and unfortunately the Runtime error popped up again.

I checked taskschd.msc and found that C:\Windows\tasks\Google Software Updater.job was not disactivated and was "Ready"

Marco
Reply With Quote
  #14  
Old November 29th, 2010, 12:44 AM
AnnMarie's Avatar
AnnMarie AnnMarie is offline
CTH Subscriber
 
Join Date: Oct 2001
O/S: Windows Vista 32-bit
Location: New Zealand
Posts: 59,812
Ok, go back and re-enable them.

When you have done this, try clean booting your computer (see here, Step 1: Perform a clean boot). Dont troubleshoot it yet and make sure you dont download anything or surf to dodgy sites while you are running in this state because your antivirus will be disabled. Do you still get the error message?
Reply With Quote
  #15  
Old November 29th, 2010, 10:25 PM
marco's Avatar
marco marco is offline
Member
 
Join Date: Jul 2004
O/S: Windows 10 Home
Location: Rome, Italy
Age: 53
Posts: 68
AnnMarie

I re-enabled all the library items and followed the microsoft instructions for a clean boot. It loaded incredibly fast but the runtime error popped up.

I have two other users installed on the notebook and I noticed that the runtime error does not come up!

Marco
Reply With Quote
Reply

Bookmarks

Topic Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump




All times are GMT +1. The time now is 10:25 AM.