Un virus
Fermé
bb
-
27 sept. 2010 à 20:31
info.txt logfile of random's system information tool 1.08 2010-09-27 18:48:02
======Uninstall list======
-->C:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
-->C:\Windows\UNNeroBackItUp.exe /UNINSTALL
-->C:\Windows\UNNeroMediaHome.exe /UNINSTALL
-->C:\Windows\UNNeroShowTime.exe /UNINSTALL
-->C:\Windows\UNNeroVision.exe /UNINSTALL
-->C:\Windows\UNRecode.exe /UNINSTALL
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B145EC69-66F5-11D8-9D75-000129760D75}\setup.exe" -uninstall
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B804C424-B66D-447A-84BD-C6B88C392C3A}\setup.exe" -uninstall
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F79A208D-D929-11D9-9D77-000129760D75}\setup.exe" -uninstall
Acer Arcade Deluxe-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}\setup.exe" -uninstall
Acer Dialer-->MsiExec.exe /I{F2EB512B-1FA1-4BFF-A269-B279726EA2A8}
Acer eDataSecurity Management-->C:\Acer\Empowering Technology\eDataSecurity\eDSnstHelper.exe -Operation UNINSTALL
Acer eLock Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}\setup.exe" -l0x10 -removeonly
Acer Empowering Technology-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB6097D9-D722-4987-BD9E-A076E2848EE2}\setup.exe" -l0x10 -removeonly
Acer eNet Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C06554A1-2C1E-4D20-B613-EE62C79927CC}\setup.exe" -l0x10 -removeonly
Acer ePower Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{58E5844B-7CE2-413D-83D1-99294BF6C74F}\setup.exe" -l0x10 -removeonly
Acer ePresentation Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BF839132-BD43-4056-ACBF-4377F4A88E2A}\setup.exe" -l0x10 -removeonly
Acer GridVista-->C:\Windows\UnInst32.exe GridV.UNI
Acer Mobility Center Plug-In-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{11316260-6666-467B-AC34-183FCB5D4335}\setup.exe" -l0x10 -removeonly
Acer OrbiCam Application-->MsiExec.exe /X{0F79C1B2-36B2-4B62-8221-42721CF54638}
Acer ScreenSaver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}\setup.exe" -l0x9 -removeonly
Acer Tour-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{94389919-B0AA-4882-9BE8-9F0B004ECA35}\setup.exe" -l0x10 -removeonly
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->MsiExec.exe /X{AF36CE1D-FD2C-4BA0-93FA-1196785DD610}
Adobe Flash Player 9 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil9c.exe -uninstallUnlock
Adobe Reader 7.0-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70000000000}
Apple Application Support-->MsiExec.exe /I{A93944F2-D2D4-4750-BFE7-9A288FEAF2CF}
Apple Mobile Device Support-->MsiExec.exe /I{85991ED2-010C-4930-96FA-52F43C2CE98A}
Apple Software Update-->MsiExec.exe /I{C41300B9-185D-475E-BFEC-39EF732F19B1}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Ask Toolbar-->MsiExec.exe /I{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Assistente per l'accesso a Windows Live-->MsiExec.exe /I{DC7B9AB3-2635-45AA-957D-90FDE7CD51D7}
avast! Free Antivirus-->C:\Program Files\Alwil Software\Avast5\aswRunDll.exe "C:\Program Files\Alwil Software\Avast5\Setup\setiface.dll" RunSetup
Bonjour-->MsiExec.exe /X{0CB9668D-F979-4F31-B8B8-67FE90F929F8}
Download_Energy Toolbar-->C:\PROGRA~1\DOWNLO~1\UNWISE.EXE /U C:\PROGRA~1\DOWNLO~1\INSTALL.LOG
eMule-->"C:\Program Files\eMule\Uninstall.exe"
EPSON-Drucker-Software-->C:\Windows\system32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
Everest Poker (Remove Only)-->C:\Program Files\Everest Poker\cstart.exe /uninstall
ffdshow [rev 2975] [2009-05-28]-->"C:\Program Files\Video Convert Master\codec\ffdshow\unins000.exe"
Google Earth-->MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}
Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar2.dll"
HDAUDIO Soft Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118\HXFSETUP.EXE -U -IAcrSUN32z.inf
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
iTunes-->MsiExec.exe /I{91F7F3F3-CE80-48C3-8327-7D24A0A5716A}
Java(TM) 6 Update 17-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216013FF}
Kiwee Toolbar-->MsiExec.exe /X{B05569F3-1D00-4CBA-80E5-E224DB662AA0}
Launch Manager-->C:\Windows\UnInst32.exe LManager.UNI
LimeWire 5.5.14-->"C:\Program Files\LimeWire\uninstall.exe"
Macrogaming SweetIM 2.1-->MsiExec.exe /X{EBE80F23-D120-41F5-8141-5EF536C8BD7A}
Microsoft .NET Framework 3.5 - Language Pack SP1 (italiano)-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - ita\setup.exe
Microsoft .NET Framework 3.5 Language Pack SP1 - ita-->MsiExec.exe /I{55CA4086-0D2C-30E3-A7B5-C76BA737CECE}
Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Office 2000 Premium-->MsiExec.exe /I{00000410-78E1-11D2-B60F-006097C998E7}
Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft SQL Server Compact 3.5 SP1 English-->MsiExec.exe /I{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Word 2002-->MsiExec.exe /I{911B040C-6000-11D3-8CFE-0050048383C9}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Nero 8-->MsiExec.exe /X{F296739D-AF5C-4426-972A-0DC916D11036}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NTI Backup NOW! 4.7-->"C:\Program Files\InstallShield Installation Information\{67ADE9AF-5CD9-4089-8825-55DE4B366799}\setup.exe" -removeonly
NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI
PHOTOfunSTUDIO 5.0-->"C:\Program Files\InstallShield Installation Information\{959282E3-55A9-49D8-B885-D27CF8A2FD82}\setup.exe" -runfromtemp -l0x040c -z"Uninstall" -removeonly
PowerProducer-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\Setup.EXE" -uninstall
QuickTime-->MsiExec.exe /I{3D9892BB-A751-4E48-ADC8-E4289956CE1D}
Raccolta foto di Windows Live-->MsiExec.exe /X{257D6090-2EAC-4FFE-A1B5-1DE7B65275FD}
Real Alternative 1.9.0-->"C:\Program Files\Video Convert Master\codec\real\unins000.exe"
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
Safari-->MsiExec.exe /I{EAFEF30E-3789-49C7-A6D9-77C12E005BAC}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
SMSC Fast Infrared Driver-->C:\Program Files\InstallShield Installation Information\{1AEC7728-1640-4E98-AABC-5EBE3FB57FE4}\setup.exe -runfromtemp -l0x0010 -removeonly
Sony Ericsson Media Manager 1.1-->MsiExec.exe /X{4A27B6AA-D139-4B69-97E0-B65B225E0673}
SweetIM For Internet Explorer 3.0b-->MsiExec.exe /X{F6D63A65-BD23-46F3-B9A3-87F442423481}
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
Video Convert Master 10.0.10.2089-->"C:\Program Files\Video Convert Master\unins000.exe"
VLC media player 0.9.8a-->C:\Program Files\VideoLAN\VLC\uninstall.exe
WIDCOMM Bluetooth Software 6.0.1.3100-->MsiExec.exe /X{A13E07E1-A423-44FB-9DEE-B24C75C1BAF2}
Windows Live Mail-->MsiExec.exe /I{7FDEE06E-736C-4515-9476-EF4CB0186E6D}
Windows Live OneCare safety scanner-->"C:\Program Files\Windows Live Safety Center\UnInstall.exe"
Windows Live OneCare safety scanner-->MsiExec.exe /X{FE0646A7-19D0-41B4-A2BB-2C35D644270D}
Windows Live Toolbar-->"C:\Program Files\Windows Live Toolbar\UnInstall.exe" {800B96E6-7359-441D-A367-9C0CFC5DCD1A}
Windows Live Toolbar-->MsiExec.exe /X{800B96E6-7359-441D-A367-9C0CFC5DCD1A}
Windows Live Writer-->MsiExec.exe /X{BA0DE1F0-BC4C-4F90-A114-15BE51AFB4BB}
======Security center information======
AV: Norton Internet Security (outdated)
FW: Norton Internet Security (disabled)
AS: Windows Defender
AS: Norton Internet Security (outdated)
=====Application event log=====
Computer Name: PC-lina
Event Code: 9002
Message: Impossibile avviare Gestione finestre desktop
Record Number: 11573
Source Name: Desktop Window Manager
Time Written: 20080201154214.000000-000
Event Type: Informazioni
User:
Computer Name: PC-lina
Event Code: 103
Message: msnmsgr (4512) \\.\C:\Users\lina\AppData\Local\Microsoft\Messenger\eli-princi@hotmail.it\SharingMetadata\Working\database_FC90_1056_9010_19AA\dfsr.db: Il modulo del database ha interrotto l'istanza (0).
Record Number: 11572
Source Name: ESENT
Time Written: 20080201141017.000000-000
Event Type: Informazioni
User:
Computer Name: PC-lina
Event Code: 508
Message: msnmsgr (4512) \\.\C:\Users\lina\AppData\Local\Microsoft\Messenger\eli-princi@hotmail.it\SharingMetadata\Working\database_FC90_1056_9010_19AA\dfsr.db: Tentativo di scrittura sul file "\\.\C:\Users\lina\AppData\Local\Microsoft\Messenger\eli-princi@hotmail.it\SharingMetadata\Working\database_FC90_1056_9010_19AA\fsr.log" all'offset 115200 (0x000000000001c200) per 512 (0x00000200) byte riuscito, ma con un tempo di completamento della richiesta da parte del sistema operativo insolitamente lungo (4804 secondi). Il problema è probabilmente dovuto a un guasto hardware. Rivolgersi al fornitore dell'hardware per ulteriore assistenza nella diagnosi del problema.
Record Number: 11571
Source Name: ESENT
Time Written: 20080201141001.000000-000
Event Type: Avviso
User:
Computer Name: PC-lina
Event Code: 507
Message: msnmsgr (4512) \\.\C:\Users\lina\AppData\Local\Microsoft\Messenger\eli-princi@hotmail.it\SharingMetadata\Working\database_FC90_1056_9010_19AA\dfsr.db: Tentativo di lettura dal file "\\.\C:\Users\lina\AppData\Local\Microsoft\Messenger\eli-princi@hotmail.it\SharingMetadata\Working\database_FC90_1056_9010_19AA\dfsr.db" all'offset 319488 (0x000000000004e000) per 8192 (0x00002000) soddisfatta, ma con un tempo di completamento della richiesta da parte del sistema operativo insolitamente lungo (4804 secondi). Il problema è probabilmente dovuto a un guasto hardware. Rivolgersi al fornitore dell'hardware per ulteriore assistenza nella diagnosi del problema.
Record Number: 11570
Source Name: ESENT
Time Written: 20080201141001.000000-000
Event Type: Avviso
User:
Computer Name: PC-lina
Event Code: 102
Message: msnmsgr (4512) \\.\C:\Users\lina\AppData\Local\Microsoft\Messenger\eli-princi@hotmail.it\SharingMetadata\Working\database_FC90_1056_9010_19AA\dfsr.db: Il modulo di gestione di database (6.00.6000.0000) ha avviato una nuova istanza (0).
Record Number: 11569
Source Name: ESENT
Time Written: 20080201123109.000000-000
Event Type: Informazioni
User:
=====Security event log=====
Computer Name: thomas
Event Code: 4907
Message: Le impostazioni di controllo per l'oggetto sono cambiate.
Soggetto:
ID protezione: S-1-5-18
Nome account: THOMAS$
Dominio account: MSHOME
ID accesso: 0x3e7
Oggetto:
Server dell'oggetto: Security
Tipo di oggetto: File
Nome oggetto: C:\Windows\System32\DriverStore\it-IT\msmouse.inf_loc
ID handle: 0x18
Informazioni sul processo:
ID processo: 0x1630
Nome processo: C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6001.18000_none_095f6148c74a7a64\poqexec.exe
Impostazioni di controllo:
Descrittore di protezione originale:
Nuovo descrittore di protezione: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 45152
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20081106222403.520400-000
Event Type: Controllo riuscito
User:
Computer Name: thomas
Event Code: 4907
Message: Le impostazioni di controllo per l'oggetto sono cambiate.
Soggetto:
ID protezione: S-1-5-18
Nome account: THOMAS$
Dominio account: MSHOME
ID accesso: 0x3e7
Oggetto:
Server dell'oggetto: Security
Tipo di oggetto: File
Nome oggetto: C:\Windows\System32\DriverStore\it-IT\iastorv.inf_loc
ID handle: 0x18
Informazioni sul processo:
ID processo: 0x1630
Nome processo: C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6001.18000_none_095f6148c74a7a64\poqexec.exe
Impostazioni di controllo:
Descrittore di protezione originale:
Nuovo descrittore di protezione: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 45151
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20081106222403.504800-000
Event Type: Controllo riuscito
User:
Computer Name: thomas
Event Code: 4907
Message: Le impostazioni di controllo per l'oggetto sono cambiate.
Soggetto:
ID protezione: S-1-5-18
Nome account: THOMAS$
Dominio account: MSHOME
ID accesso: 0x3e7
Oggetto:
Server dell'oggetto: Security
Tipo di oggetto: File
Nome oggetto: C:\Windows\System32\DriverStore\it-IT\adpu320.inf_loc
ID handle: 0x18
Informazioni sul processo:
ID processo: 0x1630
Nome processo: C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6001.18000_none_095f6148c74a7a64\poqexec.exe
Impostazioni di controllo:
Descrittore di protezione originale:
Nuovo descrittore di protezione: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 45150
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20081106222403.208400-000
Event Type: Controllo riuscito
User:
Computer Name: thomas
Event Code: 4907
Message: Le impostazioni di controllo per l'oggetto sono cambiate.
Soggetto:
ID protezione: S-1-5-18
Nome account: THOMAS$
Dominio account: MSHOME
ID accesso: 0x3e7
Oggetto:
Server dell'oggetto: Security
Tipo di oggetto: File
Nome oggetto: C:\Windows\System32\DriverStore\it-IT\ql2300.inf_loc
ID handle: 0x18
Informazioni sul processo:
ID processo: 0x1630
Nome processo: C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6001.18000_none_095f6148c74a7a64\poqexec.exe
Impostazioni di controllo:
Descrittore di protezione originale:
Nuovo descrittore di protezione: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 45149
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20081106222403.114800-000
Event Type: Controllo riuscito
User:
Computer Name: thomas
Event Code: 4907
Message: Le impostazioni di controllo per l'oggetto sono cambiate.
Soggetto:
ID protezione: S-1-5-18
Nome account: THOMAS$
Dominio account: MSHOME
ID accesso: 0x3e7
Oggetto:
Server dell'oggetto: Security
Tipo di oggetto: File
Nome oggetto: C:\Windows\System32\DriverStore\it-IT\lsi_sas.inf_loc
ID handle: 0x18
Informazioni sul processo:
ID processo: 0x1630
Nome processo: C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6001.18000_none_095f6148c74a7a64\poqexec.exe
Impostazioni di controllo:
Descrittore di protezione originale:
Nuovo descrittore di protezione: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 45148
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20081106222403.083600-000
Event Type: Controllo riuscito
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 6, GenuineIntel
"PROCESSOR_REVISION"=0f06
"NUMBER_OF_PROCESSORS"=2
"asl.log"=Destination=file;OnFirstLog=command,environment,parent
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"SAFEBOOT_OPTION"=NETWORK
-----------------EOF-----------------
======Uninstall list======
-->C:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
-->C:\Windows\UNNeroBackItUp.exe /UNINSTALL
-->C:\Windows\UNNeroMediaHome.exe /UNINSTALL
-->C:\Windows\UNNeroShowTime.exe /UNINSTALL
-->C:\Windows\UNNeroVision.exe /UNINSTALL
-->C:\Windows\UNRecode.exe /UNINSTALL
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B145EC69-66F5-11D8-9D75-000129760D75}\setup.exe" -uninstall
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B804C424-B66D-447A-84BD-C6B88C392C3A}\setup.exe" -uninstall
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F79A208D-D929-11D9-9D77-000129760D75}\setup.exe" -uninstall
Acer Arcade Deluxe-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}\setup.exe" -uninstall
Acer Dialer-->MsiExec.exe /I{F2EB512B-1FA1-4BFF-A269-B279726EA2A8}
Acer eDataSecurity Management-->C:\Acer\Empowering Technology\eDataSecurity\eDSnstHelper.exe -Operation UNINSTALL
Acer eLock Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}\setup.exe" -l0x10 -removeonly
Acer Empowering Technology-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB6097D9-D722-4987-BD9E-A076E2848EE2}\setup.exe" -l0x10 -removeonly
Acer eNet Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C06554A1-2C1E-4D20-B613-EE62C79927CC}\setup.exe" -l0x10 -removeonly
Acer ePower Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{58E5844B-7CE2-413D-83D1-99294BF6C74F}\setup.exe" -l0x10 -removeonly
Acer ePresentation Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BF839132-BD43-4056-ACBF-4377F4A88E2A}\setup.exe" -l0x10 -removeonly
Acer GridVista-->C:\Windows\UnInst32.exe GridV.UNI
Acer Mobility Center Plug-In-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{11316260-6666-467B-AC34-183FCB5D4335}\setup.exe" -l0x10 -removeonly
Acer OrbiCam Application-->MsiExec.exe /X{0F79C1B2-36B2-4B62-8221-42721CF54638}
Acer ScreenSaver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}\setup.exe" -l0x9 -removeonly
Acer Tour-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{94389919-B0AA-4882-9BE8-9F0B004ECA35}\setup.exe" -l0x10 -removeonly
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->MsiExec.exe /X{AF36CE1D-FD2C-4BA0-93FA-1196785DD610}
Adobe Flash Player 9 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil9c.exe -uninstallUnlock
Adobe Reader 7.0-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70000000000}
Apple Application Support-->MsiExec.exe /I{A93944F2-D2D4-4750-BFE7-9A288FEAF2CF}
Apple Mobile Device Support-->MsiExec.exe /I{85991ED2-010C-4930-96FA-52F43C2CE98A}
Apple Software Update-->MsiExec.exe /I{C41300B9-185D-475E-BFEC-39EF732F19B1}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Ask Toolbar-->MsiExec.exe /I{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Assistente per l'accesso a Windows Live-->MsiExec.exe /I{DC7B9AB3-2635-45AA-957D-90FDE7CD51D7}
avast! Free Antivirus-->C:\Program Files\Alwil Software\Avast5\aswRunDll.exe "C:\Program Files\Alwil Software\Avast5\Setup\setiface.dll" RunSetup
Bonjour-->MsiExec.exe /X{0CB9668D-F979-4F31-B8B8-67FE90F929F8}
Download_Energy Toolbar-->C:\PROGRA~1\DOWNLO~1\UNWISE.EXE /U C:\PROGRA~1\DOWNLO~1\INSTALL.LOG
eMule-->"C:\Program Files\eMule\Uninstall.exe"
EPSON-Drucker-Software-->C:\Windows\system32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
Everest Poker (Remove Only)-->C:\Program Files\Everest Poker\cstart.exe /uninstall
ffdshow [rev 2975] [2009-05-28]-->"C:\Program Files\Video Convert Master\codec\ffdshow\unins000.exe"
Google Earth-->MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}
Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar2.dll"
HDAUDIO Soft Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118\HXFSETUP.EXE -U -IAcrSUN32z.inf
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
iTunes-->MsiExec.exe /I{91F7F3F3-CE80-48C3-8327-7D24A0A5716A}
Java(TM) 6 Update 17-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216013FF}
Kiwee Toolbar-->MsiExec.exe /X{B05569F3-1D00-4CBA-80E5-E224DB662AA0}
Launch Manager-->C:\Windows\UnInst32.exe LManager.UNI
LimeWire 5.5.14-->"C:\Program Files\LimeWire\uninstall.exe"
Macrogaming SweetIM 2.1-->MsiExec.exe /X{EBE80F23-D120-41F5-8141-5EF536C8BD7A}
Microsoft .NET Framework 3.5 - Language Pack SP1 (italiano)-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - ita\setup.exe
Microsoft .NET Framework 3.5 Language Pack SP1 - ita-->MsiExec.exe /I{55CA4086-0D2C-30E3-A7B5-C76BA737CECE}
Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Office 2000 Premium-->MsiExec.exe /I{00000410-78E1-11D2-B60F-006097C998E7}
Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft SQL Server Compact 3.5 SP1 English-->MsiExec.exe /I{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Word 2002-->MsiExec.exe /I{911B040C-6000-11D3-8CFE-0050048383C9}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Nero 8-->MsiExec.exe /X{F296739D-AF5C-4426-972A-0DC916D11036}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NTI Backup NOW! 4.7-->"C:\Program Files\InstallShield Installation Information\{67ADE9AF-5CD9-4089-8825-55DE4B366799}\setup.exe" -removeonly
NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI
PHOTOfunSTUDIO 5.0-->"C:\Program Files\InstallShield Installation Information\{959282E3-55A9-49D8-B885-D27CF8A2FD82}\setup.exe" -runfromtemp -l0x040c -z"Uninstall" -removeonly
PowerProducer-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\Setup.EXE" -uninstall
QuickTime-->MsiExec.exe /I{3D9892BB-A751-4E48-ADC8-E4289956CE1D}
Raccolta foto di Windows Live-->MsiExec.exe /X{257D6090-2EAC-4FFE-A1B5-1DE7B65275FD}
Real Alternative 1.9.0-->"C:\Program Files\Video Convert Master\codec\real\unins000.exe"
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
Safari-->MsiExec.exe /I{EAFEF30E-3789-49C7-A6D9-77C12E005BAC}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
SMSC Fast Infrared Driver-->C:\Program Files\InstallShield Installation Information\{1AEC7728-1640-4E98-AABC-5EBE3FB57FE4}\setup.exe -runfromtemp -l0x0010 -removeonly
Sony Ericsson Media Manager 1.1-->MsiExec.exe /X{4A27B6AA-D139-4B69-97E0-B65B225E0673}
SweetIM For Internet Explorer 3.0b-->MsiExec.exe /X{F6D63A65-BD23-46F3-B9A3-87F442423481}
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
Video Convert Master 10.0.10.2089-->"C:\Program Files\Video Convert Master\unins000.exe"
VLC media player 0.9.8a-->C:\Program Files\VideoLAN\VLC\uninstall.exe
WIDCOMM Bluetooth Software 6.0.1.3100-->MsiExec.exe /X{A13E07E1-A423-44FB-9DEE-B24C75C1BAF2}
Windows Live Mail-->MsiExec.exe /I{7FDEE06E-736C-4515-9476-EF4CB0186E6D}
Windows Live OneCare safety scanner-->"C:\Program Files\Windows Live Safety Center\UnInstall.exe"
Windows Live OneCare safety scanner-->MsiExec.exe /X{FE0646A7-19D0-41B4-A2BB-2C35D644270D}
Windows Live Toolbar-->"C:\Program Files\Windows Live Toolbar\UnInstall.exe" {800B96E6-7359-441D-A367-9C0CFC5DCD1A}
Windows Live Toolbar-->MsiExec.exe /X{800B96E6-7359-441D-A367-9C0CFC5DCD1A}
Windows Live Writer-->MsiExec.exe /X{BA0DE1F0-BC4C-4F90-A114-15BE51AFB4BB}
======Security center information======
AV: Norton Internet Security (outdated)
FW: Norton Internet Security (disabled)
AS: Windows Defender
AS: Norton Internet Security (outdated)
=====Application event log=====
Computer Name: PC-lina
Event Code: 9002
Message: Impossibile avviare Gestione finestre desktop
Record Number: 11573
Source Name: Desktop Window Manager
Time Written: 20080201154214.000000-000
Event Type: Informazioni
User:
Computer Name: PC-lina
Event Code: 103
Message: msnmsgr (4512) \\.\C:\Users\lina\AppData\Local\Microsoft\Messenger\eli-princi@hotmail.it\SharingMetadata\Working\database_FC90_1056_9010_19AA\dfsr.db: Il modulo del database ha interrotto l'istanza (0).
Record Number: 11572
Source Name: ESENT
Time Written: 20080201141017.000000-000
Event Type: Informazioni
User:
Computer Name: PC-lina
Event Code: 508
Message: msnmsgr (4512) \\.\C:\Users\lina\AppData\Local\Microsoft\Messenger\eli-princi@hotmail.it\SharingMetadata\Working\database_FC90_1056_9010_19AA\dfsr.db: Tentativo di scrittura sul file "\\.\C:\Users\lina\AppData\Local\Microsoft\Messenger\eli-princi@hotmail.it\SharingMetadata\Working\database_FC90_1056_9010_19AA\fsr.log" all'offset 115200 (0x000000000001c200) per 512 (0x00000200) byte riuscito, ma con un tempo di completamento della richiesta da parte del sistema operativo insolitamente lungo (4804 secondi). Il problema è probabilmente dovuto a un guasto hardware. Rivolgersi al fornitore dell'hardware per ulteriore assistenza nella diagnosi del problema.
Record Number: 11571
Source Name: ESENT
Time Written: 20080201141001.000000-000
Event Type: Avviso
User:
Computer Name: PC-lina
Event Code: 507
Message: msnmsgr (4512) \\.\C:\Users\lina\AppData\Local\Microsoft\Messenger\eli-princi@hotmail.it\SharingMetadata\Working\database_FC90_1056_9010_19AA\dfsr.db: Tentativo di lettura dal file "\\.\C:\Users\lina\AppData\Local\Microsoft\Messenger\eli-princi@hotmail.it\SharingMetadata\Working\database_FC90_1056_9010_19AA\dfsr.db" all'offset 319488 (0x000000000004e000) per 8192 (0x00002000) soddisfatta, ma con un tempo di completamento della richiesta da parte del sistema operativo insolitamente lungo (4804 secondi). Il problema è probabilmente dovuto a un guasto hardware. Rivolgersi al fornitore dell'hardware per ulteriore assistenza nella diagnosi del problema.
Record Number: 11570
Source Name: ESENT
Time Written: 20080201141001.000000-000
Event Type: Avviso
User:
Computer Name: PC-lina
Event Code: 102
Message: msnmsgr (4512) \\.\C:\Users\lina\AppData\Local\Microsoft\Messenger\eli-princi@hotmail.it\SharingMetadata\Working\database_FC90_1056_9010_19AA\dfsr.db: Il modulo di gestione di database (6.00.6000.0000) ha avviato una nuova istanza (0).
Record Number: 11569
Source Name: ESENT
Time Written: 20080201123109.000000-000
Event Type: Informazioni
User:
=====Security event log=====
Computer Name: thomas
Event Code: 4907
Message: Le impostazioni di controllo per l'oggetto sono cambiate.
Soggetto:
ID protezione: S-1-5-18
Nome account: THOMAS$
Dominio account: MSHOME
ID accesso: 0x3e7
Oggetto:
Server dell'oggetto: Security
Tipo di oggetto: File
Nome oggetto: C:\Windows\System32\DriverStore\it-IT\msmouse.inf_loc
ID handle: 0x18
Informazioni sul processo:
ID processo: 0x1630
Nome processo: C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6001.18000_none_095f6148c74a7a64\poqexec.exe
Impostazioni di controllo:
Descrittore di protezione originale:
Nuovo descrittore di protezione: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 45152
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20081106222403.520400-000
Event Type: Controllo riuscito
User:
Computer Name: thomas
Event Code: 4907
Message: Le impostazioni di controllo per l'oggetto sono cambiate.
Soggetto:
ID protezione: S-1-5-18
Nome account: THOMAS$
Dominio account: MSHOME
ID accesso: 0x3e7
Oggetto:
Server dell'oggetto: Security
Tipo di oggetto: File
Nome oggetto: C:\Windows\System32\DriverStore\it-IT\iastorv.inf_loc
ID handle: 0x18
Informazioni sul processo:
ID processo: 0x1630
Nome processo: C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6001.18000_none_095f6148c74a7a64\poqexec.exe
Impostazioni di controllo:
Descrittore di protezione originale:
Nuovo descrittore di protezione: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 45151
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20081106222403.504800-000
Event Type: Controllo riuscito
User:
Computer Name: thomas
Event Code: 4907
Message: Le impostazioni di controllo per l'oggetto sono cambiate.
Soggetto:
ID protezione: S-1-5-18
Nome account: THOMAS$
Dominio account: MSHOME
ID accesso: 0x3e7
Oggetto:
Server dell'oggetto: Security
Tipo di oggetto: File
Nome oggetto: C:\Windows\System32\DriverStore\it-IT\adpu320.inf_loc
ID handle: 0x18
Informazioni sul processo:
ID processo: 0x1630
Nome processo: C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6001.18000_none_095f6148c74a7a64\poqexec.exe
Impostazioni di controllo:
Descrittore di protezione originale:
Nuovo descrittore di protezione: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 45150
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20081106222403.208400-000
Event Type: Controllo riuscito
User:
Computer Name: thomas
Event Code: 4907
Message: Le impostazioni di controllo per l'oggetto sono cambiate.
Soggetto:
ID protezione: S-1-5-18
Nome account: THOMAS$
Dominio account: MSHOME
ID accesso: 0x3e7
Oggetto:
Server dell'oggetto: Security
Tipo di oggetto: File
Nome oggetto: C:\Windows\System32\DriverStore\it-IT\ql2300.inf_loc
ID handle: 0x18
Informazioni sul processo:
ID processo: 0x1630
Nome processo: C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6001.18000_none_095f6148c74a7a64\poqexec.exe
Impostazioni di controllo:
Descrittore di protezione originale:
Nuovo descrittore di protezione: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 45149
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20081106222403.114800-000
Event Type: Controllo riuscito
User:
Computer Name: thomas
Event Code: 4907
Message: Le impostazioni di controllo per l'oggetto sono cambiate.
Soggetto:
ID protezione: S-1-5-18
Nome account: THOMAS$
Dominio account: MSHOME
ID accesso: 0x3e7
Oggetto:
Server dell'oggetto: Security
Tipo di oggetto: File
Nome oggetto: C:\Windows\System32\DriverStore\it-IT\lsi_sas.inf_loc
ID handle: 0x18
Informazioni sul processo:
ID processo: 0x1630
Nome processo: C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6001.18000_none_095f6148c74a7a64\poqexec.exe
Impostazioni di controllo:
Descrittore di protezione originale:
Nuovo descrittore di protezione: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 45148
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20081106222403.083600-000
Event Type: Controllo riuscito
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 6, GenuineIntel
"PROCESSOR_REVISION"=0f06
"NUMBER_OF_PROCESSORS"=2
"asl.log"=Destination=file;OnFirstLog=command,environment,parent
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"SAFEBOOT_OPTION"=NETWORK
-----------------EOF-----------------