Aiutamici Forum
Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » Windows Installer non dispone di privilegi sufficienti per modificare questo file

2 pages: 1 [2]
Windows Installer non dispone di privilegi sufficienti per modificare questo file Opzioni
Topic Precedente · Topic Sucessivo
aurum
Inviato: Sunday, December 01, 2013 11:46:18 AM
Rank: AiutAmico

Iscritto dal : 9/21/2008
Posts: 36
Grazie ho seguito tutte le indicazioni, ma comunque le cartelle sulla partizione R: sono bloccate. E' spuntata l'opzione sola lettura e non me la fa cambiare, se provo ad eliminare un file mi dice che non ho i requisiti e non mi da neanche i permessi . L'altro giorno dopo la procedura di r16 invece si era sbloccato tutto, booooooo
Torna in alto
 
r16
Inviato: Sunday, December 01, 2013 3:16:57 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Segui queste indicazioni:

scarica Windows Repair (All In One)

http://www.majorgeeks.com/mg/getmirror/tweaking_com_windows_repair,1.html

Installalo.


Avvia il programma Repair_Windows con diritti amministrativi (tasto destro, Esegui come Amministratore).

Clicca sulla scheda "Start Repairs".

Ti chiederà di fare un Backup.

Clicca no.


Clicca su "Start".

Metti la spunta a: (se trovi le caselline tutte spuntate clicca su : "Unselect All")

Reset Registry Permissions
Reset File Permissions
Register System Files
Repair WMI
Repair Windows Firewall
Remove Policies Set By Infections
Repair MDAC & MS Jet
Remove Temp Files
Set Windows Services To default startup.

Ora, nella parte in basso a destra, seleziona la casella "Restart / Shutdown System When Finished"

Quindi assicurarsi che il pulsante di opzione "Restart System" sia abilitato. (se manca la spunta, la metti)

Clicca "Start".

Aspetta pazientemente che le eventuali riparazioni siano effettuate.

Aspetta che il pc si riavvii automaticamente.

Importante:
Assicurati di non avere programmi in esecuzione, durante le riparazioni.
Torna in alto
 
aurum
Inviato: Sunday, December 01, 2013 6:10:48 PM
Rank: AiutAmico

Iscritto dal : 9/21/2008
Posts: 36
_Windows_Repair_Log.txt

Remove_Temp_Files.txt

Repair_Windows_Firewall.txt

Repair_WMI.txt

purtroppo il problema persiste
Torna in alto
 
r16
Inviato: Sunday, December 01, 2013 6:40:18 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Ho notato che hai installato AVG in R:
Perchè non lo hai installato in C: dove risiede il Sistema Operativo?
In pratica, una parte di AVG si trova in R: e un'altra parte in C:
Esempio:
Commenta:
O4 - HKLM..\Run: [AVG_UI] R:\Programmi Scaricati\avgui.exe (AVG Technologies CZ, s.r.o.)

C:\Windows\SysNative\drivers\avgmfx64.sys (AVG Technologies CZ, s.r.o.)


Devi provare a disistallarlo.
Non è che i problemi sono sorti dopo l'installazione dell'antivirus?
Torna in alto
 
aurum
Inviato: Sunday, December 01, 2013 7:25:24 PM
Rank: AiutAmico

Iscritto dal : 9/21/2008
Posts: 36
r16 ha scritto:
Ho notato che hai installato AVG in R:
Perchè non lo hai installato in C: dove risiede il Sistema Operativo?
In pratica, una parte di AVG si trova in R: e un'altra parte in C:
Esempio:
Commenta:
O4 - HKLM..\Run: [AVG_UI] R:\Programmi Scaricati\avgui.exe (AVG Technologies CZ, s.r.o.)

C:\Windows\SysNative\drivers\avgmfx64.sys (AVG Technologies CZ, s.r.o.)


Devi provare a disistallarlo.
Non è che i problemi sono sorti dopo l'installazione dell'antivirus?



Il fatto è che su C sono quasi piena
Torna in alto
 
r16
Inviato: Sunday, December 01, 2013 8:10:27 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
aurum ha scritto:

Il fatto è che su C sono quasi piena

E allora?
Non riesci a disistallarlo?
Torna in alto
 
aurum
Inviato: Sunday, December 01, 2013 8:27:46 PM
Rank: AiutAmico

Iscritto dal : 9/21/2008
Posts: 36
r16 ha scritto:
aurum ha scritto:

Il fatto è che su C sono quasi piena

E allora?
Non riesci a disistallarlo?


disinstallato senza problemi , sembra che il problema sia risolto...speriamo che duri.
Ora lo devo reinstalare in c ? C'è qualche antivirus free migliore di Avg ?
Torna in alto
 
r16
Inviato: Sunday, December 01, 2013 9:13:25 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Meglio se mi fai una scansione con OTL e mi posti il log.
Voglio vedere se ci sono rimasugli di AVG.
Torna in alto
 
aurum
Inviato: Sunday, December 01, 2013 9:49:13 PM
Rank: AiutAmico

Iscritto dal : 9/21/2008
Posts: 36
OTL.Txt
Torna in alto
 
r16
Inviato: Sunday, December 01, 2013 9:57:01 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
E' illeggibile.
Prova a ripostarlo seguendo queste indicazioni:
Collegati ad internet e vai alla pagina WikiSend:
http://www.wikisend.com/
Clicca sul bottone "Sfoglia"
Seleziona il file appena salvato
Clicca su Upload file
Dopo qualche secondo, vieni spostato su una nuova pagina con il link in diversi formati:
Download Link / Forum Link
Seleziona Forum Link, copialo e incollalo in un nuovo messaggio per il forum.
Torna in alto
 
aurum
Inviato: Sunday, December 01, 2013 10:18:17 PM
Rank: AiutAmico

Iscritto dal : 9/21/2008
Posts: 36
OTL.Txt

non so perchè non lo visualizza bene boooo te lo posto così


OTL logfile created on: 01/12/2013 21:24:52 - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Rita\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16736)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy

1,99 Gb Total Physical Memory | 0,85 Gb Available Physical Memory | 42,49% Memory free
3,98 Gb Paging File | 2,37 Gb Available in Paging File | 59,56% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 39,53 Gb Total Space | 10,29 Gb Free Space | 26,03% Space Free | Partition Type: NTFS
Drive E: | 39,06 Gb Total Space | 24,59 Gb Free Space | 62,95% Space Free | Partition Type: NTFS
Drive R: | 70,46 Gb Total Space | 30,14 Gb Free Space | 42,78% Space Free | Partition Type: NTFS

Computer Name: RITA-PC | User Name: Rita | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Rita\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\revouninstaller.exe (VS Revo Group)
PRC - C:\Programmi\Sony\VAIO Care\VCSpt.exe (Sony Corporation)
PRC - C:\Programmi\Sony\VAIO Care\listener.exe (Sony of America Corporation)
PRC - C:\Program Files (x86)\SITECOM\150N USB Wireless LAN Utility\RtWlan.exe (Realtek Semiconductor Corp.)
PRC - C:\Program Files (x86)\SITECOM\150N USB Wireless LAN Utility\RtlService.exe (Realtek)
PRC - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe (Sony Corporation)
PRC - C:\Programmi\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation)


========== Modules (No Company Name) ==========

MOD - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\pdf.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\libglesv2.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\libegl.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\ffmpegsumo.dll ()


========== Services (SafeList) ==========

SRV:64bit: - (SampleCollector) -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe (Sony Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (NitroReaderDriverReadSpool3) -- C:\Programmi\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe (Nitro PDF Software)
SRV - (wlidsvc) -- C:\Programmi\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (Realtek11nSU) -- C:\Program Files (x86)\SITECOM\150N USB Wireless LAN Utility\RtlService.exe (Realtek)
SRV - (Vcsw) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation)
SRV - (VAIO Entertainment TV Device Arbitration Service) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation)
SRV - (VzCdbSvc) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation)
SRV - (VCFw) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation)
SRV - (VAIO Event Service) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
SRV - (VcmIAlzMgr) -- C:\Programmi\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (usb_rndisx) -- C:\Windows\SysNative\drivers\usb8023x.sys (Microsoft Corporation)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (NETwLv64) -- C:\Windows\SysNative\drivers\NETwLv64.sys (Intel Corporation)
DRV:64bit: - (SFEP) -- C:\Windows\SysNative\drivers\SFEP.sys (Sony Corporation)
DRV:64bit: - (TFsExDisk) -- C:\Windows\SysNative\drivers\TFsExDisk.sys (Teruten Inc)
DRV:64bit: - (sscdmdm) -- C:\Windows\SysNative\drivers\sscdmdm.sys (MCCI Corporation)
DRV:64bit: - (sscdbus) -- C:\Windows\SysNative\drivers\sscdbus.sys (MCCI Corporation)
DRV:64bit: - (sscdmdfl) -- C:\Windows\SysNative\drivers\sscdmdfl.sys (MCCI Corporation)
DRV:64bit: - (RTL8192su) -- C:\Windows\SysNative\drivers\rtl8192su.sys (Realtek Semiconductor Corporation )
DRV:64bit: - (jrdusbser) -- C:\Windows\SysNative\drivers\jrdusbser.sys (TCT International Mobile Ltd)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (SrvHsfV92) -- C:\Windows\SysNative\drivers\VSTDPV6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (SrvHsfWinac) -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (SrvHsfHDA) -- C:\Windows\SysNative\drivers\VSTAZL6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell)
DRV:64bit: - (netw5v64) -- C:\Windows\SysNative\drivers\netw5v64.sys (Intel Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (USBModem) -- C:\Windows\SysNative\drivers\lgx64modem.sys (LG Electronics Inc.)
DRV:64bit: - (UsbDiag) -- C:\Windows\SysNative\drivers\lgx64diag.sys (LG Electronics Inc.)
DRV:64bit: - (usbbus) -- C:\Windows\SysNative\drivers\lgx64bus.sys (LG Electronics Inc.)
DRV:64bit: - (NETw4v64) -- C:\Windows\SysNative\drivers\NETw4v64.sys (Intel Corporation)
DRV:64bit: - (tifm21) -- C:\Windows\SysNative\drivers\tifm21.sys (Texas Instruments)
DRV - (TFsExDisk) -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys (Teruten Inc)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7


IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-425062280-239751658-1021620070-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKU\S-1-5-21-425062280-239751658-1021620070-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKU\S-1-5-21-425062280-239751658-1021620070-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKU\S-1-5-21-425062280-239751658-1021620070-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-425062280-239751658-1021620070-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-425062280-239751658-1021620070-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = it
IE - HKU\S-1-5-21-425062280-239751658-1021620070-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 41 BB C6 AD 1C 3F CB 01 [binary data]
IE - HKU\S-1-5-21-425062280-239751658-1021620070-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-425062280-239751658-1021620070-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKU\S-1-5-21-425062280-239751658-1021620070-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-425062280-239751658-1021620070-1000\..\SearchScopes\{771F6606-9272-48DC-BC54-17BEA5DCE3C1}: "URL" = http://search.ebay.it/{searchTerms}_W0QQfromZR40
IE - HKU\S-1-5-21-425062280-239751658-1021620070-1000\..\SearchScopes\{B750956C-7188-42B1-90FF-610F4FF3AC68}: "URL" = http://it.wikipedia.org/wiki/{searchTerms}
IE - HKU\S-1-5-21-425062280-239751658-1021620070-1000\..\SearchScopes\{D0D8C1CA-E6BE-4F62-BF65-29F9F8CE069E}: "URL" = http://www.google.it/search?hl=it&q={searchTerms}&meta=&rlz=1I7GGLL_it
IE - HKU\S-1-5-21-425062280-239751658-1021620070-1000\..\SearchScopes\{DD03204B-6FD5-41AE-BA0A-35B22C7B271F}: "URL" = http://home.altervista.org/site/search.php?domains=www.altervista.org&sitesearch=&client=pub-0820544532937748&forid=1&ie=ISO-8859-1&oe=ISO-8859-1&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3AFFFFFF%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BLH%3A50%3BLW%3A191%3BL%3Ahttp%3A%2F%2Fwww.zonagratis.it%2Fimages%2Flogo.jpg%3BS%3Ahttp%3A%2F%2F%3BFORID%3A11&hl=it&q={searchTerms}
IE - HKU\S-1-5-21-425062280-239751658-1021620070-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.1: R:\Programmi Scaricati\VLC\npvlc.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll (Nitro PDF)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.0: R:\Programmi Scaricati\VLC\npvlc.dll File not found


[2010/08/19 00:08:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rita\AppData\Roaming\mozilla\Extensions
[2013/11/28 20:21:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rita\AppData\Roaming\mozilla\Firefox\Profiles\xajk6te4.default\extensions
[2012/09/26 13:51:00 | 000,000,000 | ---D | M] ("ColorfulTabs") -- C:\Users\Rita\AppData\Roaming\mozilla\Firefox\Profiles\xajk6te4.default\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}
[2011/06/04 11:53:19 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\Rita\AppData\Roaming\mozilla\Firefox\Profiles\xajk6te4.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2011/07/04 17:13:08 | 000,000,000 | ---D | M] (New Tab Homepage) -- C:\Users\Rita\AppData\Roaming\mozilla\Firefox\Profiles\xajk6te4.default\extensions\{66E978CD-981F-47DF-AC42-E3CF417C1467}
[2010/09/27 19:02:53 | 000,001,650 | ---- | M] () -- C:\Users\Rita\AppData\Roaming\mozilla\firefox\profiles\xajk6te4.default\searchplugins\componenti-aggiuntivi-per-firefox.xml
[2010/09/27 19:01:45 | 000,004,140 | ---- | M] () -- C:\Users\Rita\AppData\Roaming\mozilla\firefox\profiles\xajk6te4.default\searchplugins\youtube.xml
File not found (No name found) -- C:\PROGRAMDATA\AVG SECURE SEARCH\12.2.5.34
File not found (No name found) -- C:\USERS\RITA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XAJK6TE4.DEFAULT\EXTENSIONS\{09152F0B-739C-4DEC-A245-1AA8A37594F1}

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - Extension: Google Wallet = C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_1\

O1 HOSTS File: ([2013/12/01 18:14:40 | 000,000,855 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKU\S-1-5-21-425062280-239751658-1021620070-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-425062280-239751658-1021620070-1000..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-425062280-239751658-1021620070-1000\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programmi\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programmi\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0A0027C5-24AE-4D55-9018-5B1C8F14EDDA}: DhcpNameServer = 193.70.152.15 193.70.152.25
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9F17B209-350D-4972-9D54-1694B7BC8E92}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B13E801B-736D-4770-A5CA-047A973D7E18}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\Windows\SysWow64\VESWinlogon.dll (Sony Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKU\S-1-5-21-425062280-239751658-1021620070-1000\...com [@ = comfile] -- Reg Error: Key error. File not found
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 60 Days ==========

[2013/12/01 20:53:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VS Revo Group
[2013/12/01 20:53:23 | 000,000,000 | ---D | C] -- C:\Users\Rita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2013/12/01 17:52:28 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013/12/01 17:24:22 | 000,181,064 | ---- | C] (Sysinternals) -- C:\Windows\PSEXESVC.EXE
[2013/11/30 19:37:39 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/11/29 19:36:47 | 000,000,000 | ---D | C] -- C:\Users\Rita\AppData\Roaming\vlc
[2013/11/28 20:33:22 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013/11/28 20:15:59 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/11/28 12:57:19 | 000,000,000 | ---D | C] -- C:\Users\Rita\AppData\Roaming\Apple Computer
[2013/11/28 12:57:19 | 000,000,000 | ---D | C] -- C:\Users\Rita\AppData\Local\Apple Computer
[2013/11/28 12:51:25 | 000,000,000 | ---D | C] -- C:\Users\Rita\AppData\Roaming\EMCO
[2013/11/28 11:53:41 | 000,000,000 | ---D | C] -- C:\Users\Rita\AppData\Local\Fuze Zip
[2013/11/28 11:53:17 | 000,000,000 | ---D | C] -- C:\Users\Rita\AppData\Local\FuzeZip
[2013/11/28 10:24:44 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2013/11/24 22:32:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2013/11/24 21:00:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nitro
[2013/11/24 20:12:09 | 000,000,000 | ---D | C] -- C:\Users\Rita\AppData\Roaming\JAM Software
[2013/11/24 20:10:03 | 003,350,608 | ---- | C] (JAM Software ) -- C:\Users\Rita\Desktop\TreeSizeFreeSetup.exe
[2013/11/24 17:25:10 | 000,000,000 | ---D | C] -- C:\Users\Rita\AppData\Roaming\AVG2014
[2013/11/24 17:23:12 | 000,000,000 | ---D | C] -- C:\$AVG
[2013/11/24 17:17:22 | 000,000,000 | ---D | C] -- C:\Users\Rita\AppData\Local\Avg2014
[2013/11/16 23:05:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2013/11/16 23:05:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013/11/16 23:05:18 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013/11/16 23:05:05 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013/11/16 23:05:05 | 000,174,504 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013/11/16 23:05:05 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013/11/16 23:05:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2013/11/15 09:52:38 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/11/15 09:52:37 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/11/15 09:52:36 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/11/15 09:52:35 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/11/15 09:52:35 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/11/15 09:52:35 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/11/15 09:52:35 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/11/15 09:52:35 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/11/15 09:52:35 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/11/15 09:52:35 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/11/15 09:52:35 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/11/15 09:52:31 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/11/15 09:52:31 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/11/15 09:52:30 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/11/15 09:52:29 | 003,959,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/11/14 08:45:12 | 001,474,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2013/11/14 08:45:02 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2013/11/14 08:45:02 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2013/11/14 08:45:01 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\credui.dll
[2013/11/14 08:45:01 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SmartcardCredentialProvider.dll
[2013/11/14 08:45:01 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SmartcardCredentialProvider.dll
[2013/11/14 08:44:53 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2013/11/14 08:44:53 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2013/11/14 08:44:52 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2013/11/14 08:44:52 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2013/11/14 08:44:52 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2013/11/14 08:44:47 | 000,404,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2013/11/14 08:44:45 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FWPUCLNT.DLL
[2013/11/14 08:44:44 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nshwfp.dll
[2013/11/14 08:44:44 | 000,656,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nshwfp.dll
[2013/11/14 08:44:44 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FWPUCLNT.DLL
[2013/11/09 18:30:16 | 000,000,000 | R--D | C] -- C:\Users\Rita\Dropbox
[2013/11/09 18:25:47 | 000,000,000 | ---D | C] -- C:\Users\Rita\AppData\Roaming\Dropbox
[2013/10/17 19:57:18 | 000,000,000 | ---D | C] -- C:\OptSmartHub
[2013/10/09 12:09:16 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2013/10/09 12:09:16 | 000,007,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2013/10/09 12:09:12 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll
[2013/10/09 12:09:07 | 000,368,128 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2013/10/09 12:09:07 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2013/10/09 12:09:07 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2013/10/09 12:09:07 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2013/10/09 12:09:07 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lpk.dll
[2013/10/09 12:09:07 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dciman32.dll
[2013/10/09 12:09:06 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2013/10/09 12:09:06 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2013/10/09 12:09:00 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys
[2013/10/09 12:08:59 | 000,032,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidparse.sys
[2013/10/09 12:08:27 | 000,124,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2013/10/09 12:08:27 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2013/10/09 12:08:22 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll
[2013/10/09 12:08:08 | 005,549,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013/10/09 12:08:07 | 003,969,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013/10/09 12:08:07 | 000,878,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\advapi32.dll
[2013/10/09 12:08:05 | 003,914,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013/10/09 12:08:05 | 000,859,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdh.dll
[2013/10/09 12:08:04 | 001,732,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2013/10/09 12:08:04 | 000,619,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdh.dll
[2013/10/09 12:08:02 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2013/10/09 12:08:01 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013/10/09 12:08:01 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013/10/09 12:08:01 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013/10/09 12:08:01 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013/10/09 12:08:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013/10/09 12:07:36 | 000,461,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scavengeui.dll
[2013/10/04 14:01:01 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2014

========== Files - Modified Within 60 Days ==========

[2013/12/01 21:15:00 | 000,000,978 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/12/01 20:53:24 | 000,001,264 | ---- | M] () -- C:\Users\Rita\Desktop\Revo Uninstaller.lnk
[2013/12/01 20:41:00 | 000,001,146 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/12/01 20:41:00 | 000,001,142 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/12/01 19:47:55 | 000,017,136 | ---- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/12/01 19:47:55 | 000,017,136 | ---- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/12/01 19:45:00 | 001,541,618 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/12/01 19:45:00 | 000,685,882 | ---- | M] () -- C:\Windows\SysNative\perfh010.dat
[2013/12/01 19:45:00 | 000,612,448 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/12/01 19:45:00 | 000,123,682 | ---- | M] () -- C:\Windows\SysNative\perfc010.dat
[2013/12/01 19:45:00 | 000,102,828 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/12/01 19:39:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/12/01 19:39:05 | 1603,084,288 | -HS- | M] () -- C:\hiberfil.sys
[2013/12/01 18:22:12 | 000,181,064 | ---- | M] (Sysinternals) -- C:\Windows\PSEXESVC.EXE
[2013/12/01 18:14:40 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013/12/01 17:55:30 | 004,876,256 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/11/30 19:38:47 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts_bak_970
[2013/11/28 00:02:17 | 000,003,724 | ---- | M] () -- C:\test.xml
[2013/11/24 21:00:47 | 000,002,003 | ---- | M] () -- C:\Users\Public\Desktop\Nitro Reader.lnk
[2013/11/24 20:10:17 | 003,350,608 | ---- | M] (JAM Software ) -- C:\Users\Rita\Desktop\TreeSizeFreeSetup.exe
[2013/11/13 23:24:55 | 000,218,472 | ---- | M] () -- C:\Users\Rita\Desktop\Bookingbologna.pdf
[2013/10/15 15:28:58 | 000,094,428 | ---- | M] () -- C:\Users\Rita\Desktop\tickets Susanna-Alia.pdf
[2013/10/12 09:45:44 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/10/12 09:43:56 | 000,603,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/10/12 09:43:37 | 003,959,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/10/12 09:43:37 | 000,855,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/10/12 09:43:32 | 000,526,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/10/12 09:43:32 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/10/12 09:43:32 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/10/12 09:43:32 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/10/12 08:02:33 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/10/12 08:02:29 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/10/12 08:02:29 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/10/12 08:02:29 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/10/12 08:02:29 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/10/12 06:44:38 | 000,089,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/10/12 06:15:39 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/10/12 03:30:42 | 000,830,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\nshwfp.dll
[2013/10/12 03:29:08 | 000,324,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\FWPUCLNT.DLL
[2013/10/12 03:03:08 | 000,656,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\nshwfp.dll
[2013/10/12 03:01:25 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\FWPUCLNT.DLL
[2013/10/11 15:01:55 | 000,076,820 | ---- | M] () -- C:\Users\Rita\Desktop\conto.png
[2013/10/09 15:16:08 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/10/09 15:16:08 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/10/08 09:43:01 | 002,831,696 | ---- | M] () -- C:\Users\Rita\Desktop\CIMG4492.JPG
[2013/10/08 07:50:37 | 000,096,168 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013/10/08 07:46:52 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013/10/08 07:46:47 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013/10/08 07:46:23 | 000,174,504 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013/10/05 21:25:35 | 001,474,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2013/10/04 03:28:31 | 000,190,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SmartcardCredentialProvider.dll
[2013/10/04 03:25:17 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\credui.dll
[2013/10/04 03:24:49 | 001,930,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2013/10/04 02:58:50 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SmartcardCredentialProvider.dll
[2013/10/04 02:56:00 | 001,796,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2013/10/03 03:23:48 | 000,404,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll

========== Files Created - No Company Name ==========

[2013/12/01 20:53:24 | 000,001,264 | ---- | C] () -- C:\Users\Rita\Desktop\Revo Uninstaller.lnk
[2013/11/24 21:00:47 | 000,002,003 | ---- | C] () -- C:\Users\Public\Desktop\Nitro Reader.lnk
[2013/11/13 23:24:55 | 000,218,472 | ---- | C] () -- C:\Users\Rita\Desktop\Bookingbologna.pdf
[2013/10/15 15:28:57 | 000,094,428 | ---- | C] () -- C:\Users\Rita\Desktop\tickets Susanna-Alia.pdf
[2013/10/11 15:01:54 | 000,076,820 | ---- | C] () -- C:\Users\Rita\Desktop\conto.png
[2013/10/08 07:49:02 | 002,831,696 | ---- | C] () -- C:\Users\Rita\Desktop\CIMG4492.JPG
[2012/09/25 14:18:09 | 000,000,181 | ---- | C] () -- C:\Windows\WININIT.INI
[2012/08/13 11:33:44 | 000,013,903 | ---- | C] () -- C:\Program Files (x86)\readme.html
[2012/05/08 14:15:36 | 000,000,005 | ---- | C] () -- C:\Program Files (x86)\basis-link
[2012/01/21 23:20:31 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE
[2012/01/10 20:00:43 | 000,000,132 | ---- | C] () -- C:\Users\Rita\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2011/12/23 21:54:02 | 000,109,216 | ---- | C] () -- C:\Windows\SysWow64\EasyHook64.dll
[2011/12/23 21:54:02 | 000,084,480 | ---- | C] () -- C:\Windows\SysWow64\EasyHook32.dll
[2011/07/15 20:25:01 | 000,001,456 | ---- | C] () -- C:\Users\Rita\AppData\Local\Adobe Salva per Web e dispositivi 12.0 Prefs
[2010/10/25 01:02:32 | 000,002,134 | ---- | C] () -- C:\Users\Rita\.recently-used.xbel
[2010/10/14 20:58:29 | 000,033,134 | ---- | C] () -- C:\Users\Rita\AppData\Roaming\UserTile.png
[2010/08/23 12:26:05 | 000,000,000 | ---- | C] () -- C:\Users\Rita\AppData\Local\prvlcl.dat

========== ZeroAccess Check ==========

[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = c:\windows\syswow64\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/11/28 11:03:13 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\AVG2014
[2012/10/13 16:48:01 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\TuneUp Software
[2012/10/13 16:48:01 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\TuneUp Software
[2012/10/13 16:48:01 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\TuneUp Software
[2010/10/19 02:43:48 | 000,000,000 | ---D | M] -- C:\Users\Rita\AppData\Roaming\Auslogics
[2013/11/24 17:25:10 | 000,000,000 | ---D | M] -- C:\Users\Rita\AppData\Roaming\AVG2014
[2012/11/10 15:46:00 | 000,000,000 | ---D | M] -- C:\Users\Rita\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/06/05 14:31:27 | 000,000,000 | ---D | M] -- C:\Users\Rita\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2010/10/15 15:22:33 | 000,000,000 | ---D | M] -- C:\Users\Rita\AppData\Roaming\DeviceDoctorSoftware
[2013/11/24 16:27:24 | 000,000,000 | ---D | M] -- C:\Users\Rita\AppData\Roaming\Downloaded Installations
[2013/11/27 18:25:45 | 000,000,000 | ---D | M] -- C:\Users\Rita\AppData\Roaming\Dropbox
[2010/12/01 22:19:19 | 000,000,000 | ---D | M] -- C:\Users\Rita\AppData\Roaming\elefundesktops
[2013/11/28 12:51:25 | 000,000,000 | ---D | M] -- C:\Users\Rita\AppData\Roaming\EMCO
[2013/05/27 12:46:05 | 000,000,000 | ---D | M] -- C:\Users\Rita\AppData\Roaming\FileOpen
[2010/08/18 23:10:12 | 000,000,000 | ---D | M] -- C:\Users\Rita\AppData\Roaming\Foxit
[2011/12/28 21:31:33 | 000,000,000 | ---D | M] -- C:\Users\Rita\AppData\Roaming\Foxreal
[2011/12/28 21:17:24 | 000,000,000 | ---D | M] -- C:\Users\Rita\AppData\Roaming\GetRightToGo
[2010/09/28 11:53:43 | 000,000,000 | ---D | M] -- C:\Users\Rita\AppData\Roaming\IrfanView
[2013/12/01 20:43:41 | 000,000,000 | ---D | M] -- C:\Users\Rita\AppData\Roaming\JAM Software
[2010/11/10 00:02:24 | 000,000,000 | ---D | M] -- C:\Users\Rita\AppData\Roaming\ML
[2012/10/09 19:33:29 | 000,000,000 | ---D | M] -- C:\Users\Rita\AppData\Roaming\MusicNet
[2013/05/27 12:46:05 | 000,000,000 | ---D | M] -- C:\Users\Rita\AppData\Roaming\Nitro
[2013/11/27 18:36:54 | 000,000,000 | ---D | M] -- C:\Users\Rita\AppData\Roaming\Nitro PDF
[2010/08/22 19:00:32 | 000,000,000 | ---D | M] -- C:\Users\Rita\AppData\Roaming\OpenOffice.org
[2012/09/25 18:40:04 | 000,000,000 | ---D | M] -- C:\Users\Rita\AppData\Roaming\Samsung
[2010/10/19 19:57:52 | 000,000,000 | ---D | M] -- C:\Users\Rita\AppData\Roaming\SolidDocuments
[2012/02/03 22:20:48 | 000,000,000 | ---D | M] -- C:\Users\Rita\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012/10/04 14:27:55 | 000,000,000 | ---D | M] -- C:\Users\Rita\AppData\Roaming\TuneUp Software
[2013/11/18 20:06:35 | 000,000,000 | ---D | M] -- C:\Users\Rita\AppData\Roaming\uTorrent

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:553CA6CA

< End of report >
Torna in alto
 
r16
Inviato: Monday, December 02, 2013 9:39:20 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Avvia OTL.

Sotto "Custom Scans\Fixes" copia-incolla questo codice:

Code:
:OTL
[2013/11/24 17:25:10 | 000,000,000 | ---D | M] -- C:\Users\Rita\AppData\Roaming\AVG2014
[2013/11/24 17:23:12 | 000,000,000 | ---D | C] -- C:\$AVG

:Files
C:\PROGRAMDATA\AVG SECURE SEARCH\12.2.5.34
C:\PROGRAMDATA\AVG SECURE SEARCH
C:\Users\Rita\AppData\Local\Avg2014
C:\ProgramData\AVG2014

:commands
[emptytemp]


Clicca sul pulsante RUN FIX.
Lascia fare la scansione senza interferire.
Posta il log.
Torna in alto
 
Utenti presenti in questo topic
Guest

2 pages: 1 [2]

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » Windows Installer non dispone di privilegi sufficienti per modificare questo file


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.