www.MegaLab.it

[[Claudio]]

per piacere smettiamola una volta e per tutte con questa leggenda metropolitana,che ormai sono anni che gira questa voce che combofix fà danni al pc tutto falso..

Constato che hai la pessima abitudine (e la seconda volta in due reply in due discussioni diverse, che ti poni con questo atteggiamento) di dare "libera interpretazione" al pensiero altrui.
Non mai detto che Combofix faccia danni, ho sottolineato che ne viene fatto un abuso indiscriminato (come in questo caso, dal mio punto di vista).

[Windows XP the best]

Fatta scansione con Combofix

ComboFix 13-06-08.02 - Acer 10/06/2013 14:08:23.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.39.1040.18.4076.2740 [GMT 2:00]
Eseguito da: c:\users\Acer\Desktop\abc.exe
AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: COMODO Firewall *Disabled* {7DB03214-694B-060B-1600-BD4715C36DBB}
SP: COMODO Defense+ *Disabled/Updated* {FEEA52D5-051E-08DD-07EF-2F009097607D}
SP: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Creato nuovo punto di ripristino
.
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Common Files\Temp
c:\program files (x86)\Common Files\Temp\63\Setup.exe
c:\program files (x86)\Common Files\Temp\63\unins000.dat
c:\program files (x86)\Common Files\Temp\63\unins000.exe
c:\users\Acer\AdwCleaner.exe
c:\users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Copia di Printkey2000.exe
c:\users\Acer\HitmanPro_x64.exe
c:\users\Acer\tdsskiller.exe
.
.
((((((((((((((((((((((((((((((((((((((( Driver/Servizi )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_NPF
.
.
((((((((((((((((((((((((( Files Creati Da 2013-05-10 al 2013-06-10 )))))))))))))))))))))))))))))))))))
.
.
2013-06-10 12:14 . 2013-06-10 12:16 -------- d-----w- c:\users\Lorenzo\AppData\Local\temp
2013-06-10 12:14 . 2013-06-10 12:14 -------- d-----w- c:\users\Guest\AppData\Local\temp
2013-06-10 12:14 . 2013-06-10 12:14 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-06-10 12:14 . 2013-06-10 12:14 -------- d-----w- c:\users\carolina.Aspire\AppData\Local\temp
2013-06-09 19:13 . 2013-06-09 19:13 -------- d-----w- c:\program files\HitmanPro
2013-06-09 19:13 . 2013-06-09 19:53 -------- d-----w- c:\programdata\HitmanPro
2013-06-08 18:18 . 2013-06-08 18:18 -------- d-----w- C:\FI50809
2013-06-08 17:21 . 2013-06-08 17:21 -------- d-----w- c:\program files (x86)\Auslogics
2013-06-08 11:56 . 2013-06-08 11:56 -------- d-----w- c:\programdata\AVAST Software
2013-06-07 06:07 . 2013-05-13 06:37 9460464 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8E428995-54A0-454B-AF40-6A9764416167}\mpengine.dll
2013-06-03 12:12 . 2013-06-03 12:12 -------- d-----w- c:\users\Maria Luisa\AppData\Local\Macromedia
2013-06-03 12:11 . 2013-06-03 12:11 -------- d-----w- c:\users\Maria Luisa\AppData\Local\Mozilla
2013-06-01 20:33 . 2013-06-01 20:33 -------- d-----w- c:\users\Acer\AppData\Local\Macromedia
2013-06-01 18:32 . 2013-06-01 18:33 -------- d-----w- c:\users\Lorenzo\.freemind
2013-05-31 23:55 . 2013-05-31 23:55 -------- d-----w- c:\users\Acer\AppData\Local\ElevatedDiagnostics
2013-05-30 14:59 . 2013-06-06 13:41 -------- d-----w- c:\users\Acer\AppData\Roaming\Nitro PDF
2013-05-29 19:55 . 2013-05-29 19:55 -------- d-----w- c:\program files (x86)\VS Revo Group
2013-05-29 13:20 . 2013-05-29 13:20 -------- d-----w- c:\users\Maria Luisa\AppData\Roaming\Nitro
2013-05-29 13:20 . 2013-05-29 13:20 -------- d-----w- c:\users\Maria Luisa\AppData\Roaming\FileOpen
2013-05-29 13:04 . 2013-05-01 05:52 29712 ----a-w- c:\windows\system32\nitrolocalmon2.dll
2013-05-29 13:04 . 2013-05-01 05:52 17936 ----a-w- c:\windows\system32\nitrolocalui2.dll
2013-05-29 13:04 . 2013-05-29 13:04 -------- d-----w- c:\program files\Common Files\Nitro
2013-05-29 13:04 . 2013-05-29 13:04 -------- d-----w- c:\program files (x86)\Nitro
2013-05-29 13:04 . 2013-05-29 13:04 -------- d-----w- c:\program files (x86)\Common Files\Nitro
2013-05-26 13:15 . 2013-05-26 15:35 -------- d-----w- c:\users\TEMP.Aspire
2013-05-26 12:57 . 2013-05-26 12:57 -------- d-----w- c:\users\Lorenzo\AppData\Local\Macromedia
2013-05-26 12:52 . 2013-05-26 12:52 -------- d-----w- c:\users\Lorenzo\AppData\Local\Mozilla
2013-05-26 11:42 . 2013-05-26 11:42 -------- d-----w- c:\users\Acer\AppData\Local\FreeOCR
2013-05-26 11:41 . 2013-05-26 11:41 -------- d-----w- C:\FreeOCR
2013-05-26 11:18 . 2013-05-26 11:18 -------- d-----w- c:\users\Acer\AppData\Local\Mozilla
2013-05-26 11:18 . 2013-05-26 11:18 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2013-05-25 19:21 . 2013-06-08 17:11 -------- d-----w- c:\users\Acer\.VirtualBox
2013-05-15 12:10 . 2013-02-27 05:52 14172672 ----a-w- c:\windows\system32\shell32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-29 17:25 . 2012-06-13 13:17 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-29 17:25 . 2011-07-11 04:09 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-08 08:17 . 2010-06-24 18:33 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-03 14:15 . 2012-06-06 09:59 75016696 ----a-w- c:\windows\system32\MRT.exe
2013-05-02 00:06 . 2010-11-21 03:27 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-04-13 05:49 . 2013-05-15 12:10 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-15 12:10 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-15 12:10 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-15 12:10 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-15 12:10 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-15 12:10 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-04-12 14:45 . 2013-04-24 08:43 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-12 09:41 . 2013-04-20 20:30 237840 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2013-04-12 09:41 . 2013-04-12 09:41 131856 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
2013-04-12 09:40 . 2013-04-20 20:30 120080 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2013-04-12 09:40 . 2013-04-12 09:40 146704 ----a-w- c:\windows\system32\drivers\VBoxNetFlt.sys
2013-04-12 09:40 . 2013-04-12 09:40 204048 ----a-w- c:\windows\system32\VBoxNetFltNobj.dll
2013-04-04 12:50 . 2012-06-11 20:44 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-03-19 06:04 . 2013-04-10 09:49 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-19 05:46 . 2013-04-10 09:49 43520 ----a-w- c:\windows\system32\csrsrv.dll
2013-03-19 05:04 . 2013-04-10 09:49 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04 . 2013-04-10 09:49 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47 . 2013-04-10 09:49 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2013-03-19 03:06 . 2013-04-10 09:49 112640 ----a-w- c:\windows\system32\smss.exe
2013-03-13 13:08 . 2013-03-13 13:08 73728 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-03-13 13:08 . 2013-03-13 13:08 719360 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-03-13 13:08 . 2013-03-13 13:08 61952 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-03-13 13:08 . 2013-03-13 13:08 523264 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-03-13 13:08 . 2013-03-13 13:08 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-03-13 13:08 . 2013-03-13 13:08 38400 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-03-13 13:08 . 2013-03-13 13:08 361984 ----a-w- c:\windows\SysWow64\html.iec
2013-03-13 13:08 . 2013-03-13 13:08 226304 ----a-w- c:\windows\system32\elshyph.dll
2013-03-13 13:08 . 2013-03-13 13:08 185344 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-03-13 13:08 . 2013-03-13 13:08 158720 ----a-w- c:\windows\SysWow64\msls31.dll
2013-03-13 13:08 . 2013-03-13 13:08 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-03-13 13:08 . 2013-03-13 13:08 1441280 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2013-03-13 13:08 . 2013-03-13 13:08 138752 ----a-w- c:\windows\SysWow64\wextract.exe
2013-03-13 13:08 . 2013-03-13 13:08 137216 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-03-13 13:08 . 2013-03-13 13:08 12800 ----a-w- c:\windows\SysWow64\mshta.exe
2013-03-13 13:08 . 2013-03-13 13:08 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-03-13 13:08 . 2013-03-13 13:08 1054720 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-03-13 13:08 . 2013-03-13 13:08 97280 ----a-w- c:\windows\system32\mshtmled.dll
2013-03-13 13:08 . 2013-03-13 13:08 92160 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-03-13 13:08 . 2013-03-13 13:08 905728 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-03-13 13:08 . 2013-03-13 13:08 81408 ----a-w- c:\windows\system32\icardie.dll
2013-03-13 13:08 . 2013-03-13 13:08 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-03-13 13:08 . 2013-03-13 13:08 762368 ----a-w- c:\windows\system32\ieapfltr.dll
2013-03-13 13:08 . 2013-03-13 13:08 62976 ----a-w- c:\windows\system32\pngfilt.dll
2013-03-13 13:08 . 2013-03-13 13:08 599552 ----a-w- c:\windows\system32\vbscript.dll
2013-03-13 13:08 . 2013-03-13 13:08 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-03-13 13:08 . 2013-03-13 13:08 51200 ----a-w- c:\windows\system32\imgutil.dll
2013-03-13 13:08 . 2013-03-13 13:08 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-03-13 13:08 . 2013-03-13 13:08 452096 ----a-w- c:\windows\system32\dxtmsft.dll
2013-03-13 13:08 . 2013-03-13 13:08 441856 ----a-w- c:\windows\system32\html.iec
2013-03-13 13:08 . 2013-03-13 13:08 281600 ----a-w- c:\windows\system32\dxtrans.dll
2013-03-13 13:08 . 2013-03-13 13:08 27648 ----a-w- c:\windows\system32\licmgr10.dll
2013-03-13 13:08 . 2013-03-13 13:08 270848 ----a-w- c:\windows\system32\iedkcs32.dll
2013-03-13 13:08 . 2013-03-13 13:08 247296 ----a-w- c:\windows\system32\webcheck.dll
2013-03-13 13:08 . 2013-03-13 13:08 235008 ----a-w- c:\windows\system32\url.dll
2013-03-13 13:08 . 2013-03-13 13:08 23040 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-03-13 13:08 . 2013-03-13 13:08 216064 ----a-w- c:\windows\system32\msls31.dll
2013-03-13 13:08 . 2013-03-13 13:08 197120 ----a-w- c:\windows\system32\msrating.dll
2013-03-13 13:08 . 2013-03-13 13:08 173568 ----a-w- c:\windows\system32\ieUnatt.exe
2013-03-13 13:08 . 2013-03-13 13:08 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-03-13 13:08 . 2013-03-13 13:08 1509376 ----a-w- c:\windows\system32\inetcpl.cpl
2013-03-13 13:08 . 2013-03-13 13:08 149504 ----a-w- c:\windows\system32\occache.dll
2013-03-13 13:08 . 2013-03-13 13:08 144896 ----a-w- c:\windows\system32\wextract.exe
2013-03-13 13:08 . 2013-03-13 13:08 1400416 ----a-w- c:\windows\system32\ieapfltr.dat
2013-03-13 13:08 . 2013-03-13 13:08 13824 ----a-w- c:\windows\system32\mshta.exe
2013-03-13 13:08 . 2013-03-13 13:08 136192 ----a-w- c:\windows\system32\iepeers.dll
2013-03-13 13:08 . 2013-03-13 13:08 135680 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-03-13 13:08 . 2013-03-13 13:08 12800 ----a-w- c:\windows\system32\msfeedssync.exe
2013-03-13 13:08 . 2013-03-13 13:08 102912 ----a-w- c:\windows\system32\inseng.dll
.
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2012-06-11 39408]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2010-11-21 73216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\guard32.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 athrusb;Atheros Wireless LAN USB device driver;c:\windows\system32\DRIVERS\athrxusb.sys;c:\windows\SYSNATIVE\DRIVERS\athrxusb.sys [x]
R3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys;c:\windows\SYSNATIVE\drivers\dgderdrv.sys [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jucdcacm.sys [x]
R3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\DRIVERS\ew_juextctrl.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juextctrl.sys [x]
R3 huawei_wwanecm;huawei_wwanecm;c:\windows\system32\DRIVERS\ew_juwwanecm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juwwanecm.sys [x]
R3 MatSvc;Microsoft Automated Troubleshooting Service;c:\program files\Microsoft Fix it Center\Matsvc.exe;c:\program files\Microsoft Fix it Center\Matsvc.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys;c:\windows\SYSNATIVE\DRIVERS\RTL8192su.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Servizio Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WSDScan;Supporto digitalizzazione WSD tramite UMB;c:\windows\system32\DRIVERS\WSDScan.sys;c:\windows\SYSNATIVE\DRIVERS\WSDScan.sys [x]
R4 BrYNSvc;BrYNSvc;c:\program files (x86)\Browny02\BrYNSvc.exe;c:\program files (x86)\Browny02\BrYNSvc.exe [x]
R4 cbVSCService11;Cobian Backup 11 Servizio Volume Shadow Copy;c:\program files (x86)\Cobian Backup 11\cbVSCService11.exe;c:\program files (x86)\Cobian Backup 11\cbVSCService11.exe [x]
R4 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
R4 NitroReaderDriverReadSpool3;NitroPDFReaderDriverCreatorReadSpool3;c:\program files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe;c:\program files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [x]
R4 SamsungAllShareV2.0;Samsung AllShare PC;c:\program files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe;c:\program files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe [x]
R4 ServUpdater;Serv Updater;c:\users\Acer\AppData\Local\ServUpdater\ServiceUpd.exe;c:\users\Acer\AppData\Local\ServUpdater\ServiceUpd.exe [x]
R4 SimpleSlideShowServer;SimpleSlideShowServer;c:\program files (x86)\Samsung\AllShare\AllShareSlideShowService.exe;c:\program files (x86)\Samsung\AllShare\AllShareSlideShowService.exe [x]
R4 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
R4 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [x]
R4 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys;c:\windows\SYSNATIVE\DRIVERS\cmdguard.sys [x]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys;c:\windows\SYSNATIVE\DRIVERS\cmdhlp.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxDrv.sys [x]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxUSBMon.sys [x]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [x]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfpr.sys [x]
S3 BrSerIb;Brother Serial Interface Driver(WDM);c:\windows\system32\DRIVERS\BrSerIb.sys;c:\windows\SYSNATIVE\DRIVERS\BrSerIb.sys [x]
S3 BrUsbSIb;Brother Serial USB Driver(WDM);c:\windows\system32\DRIVERS\BrUsbSIb.sys;c:\windows\SYSNATIVE\DRIVERS\BrUsbSIb.sys [x]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys;c:\windows\SYSNATIVE\Drivers\EtronHub3.sys [x]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys;c:\windows\SYSNATIVE\Drivers\EtronXHCI.sys [x]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
S3 PAC207;Trust WB-1300N Webcam Live;c:\windows\system32\DRIVERS\PFC027.SYS;c:\windows\SYSNATIVE\DRIVERS\PFC027.SYS [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
.
.
Contenuto della cartella 'Scheduled Tasks'
.
2013-05-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-13 17:25]
.
2013-06-10 c:\windows\Tasks\GlaryInitialize.job
- c:\program files (x86)\Glary Utilities\initialize.exe [2012-06-12 14:51]
.
2013-05-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-11 20:51]
.
2013-05-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-11 20:51]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2011-01-14 2918656]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2012-11-07 9577680]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\guard64.dll
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&sporta in Microsoft Excel - c:\progra~2\MICROS~4\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{664C8A96-1EAE-4B50-9C6C-21C6C99D8C1A}: NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{664C8A96-1EAE-4B50-9C6C-21C6C99D8C1A}\3596475636F6D6: NameServer = 176.31.229.24,176.31.229.25
TCP: Interfaces\{664C8A96-1EAE-4B50-9C6C-21C6C99D8C1A}\3596475636F6D6444324443483: NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{664C8A96-1EAE-4B50-9C6C-21C6C99D8C1A}\9614E64627F6964602D4F64656D6: NameServer = 176.31.229.24,176.31.229.25
TCP: Interfaces\{6A85B5F9-549A-4133-A4B9-5591C574EC70}: NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{98738032-D6CC-4874-A783-FB179422B6BB}: NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{9C8433FE-CEC5-40B6-A771-29B212631130}: NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{BB8E68B8-A129-4624-B1AF-713F785A00CE}: NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{BF2D793E-69A9-4DD4-A170-872B1A1DE9B1}: NameServer = 8.8.8.8,8.8.4.4
FF - ProfilePath - c:\users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\vdlyyfiv.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.it/
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
.
Toolbar-Locked - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
AddRemove-All rights reserved_is1 - c:\program files (x86)\Common Files\Temp\63\unins000.exe
AddRemove-{7D94C35B-61F1-6FCC-7C63-732C0BD34010} - c:\progra~3\INSTAL~2\{062D5~1\Setup.exe
.
.
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
[HKEY_LOCAL_MACHINE\SYSTEM\VritualRoot\cIOSInstallerXr19_downloader_by_FileTrip.exe\MACHINE\Software\Classes\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\windows\SysWOW64\DllHost.exe
.
**************************************************************************
.
Ora fine scansione: 2013-06-10 14:34:15 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2013-06-10 12:34
.
Pre-Run: 268.221.407.232 byte disponibili
Post-Run: 268.518.895.616 byte disponibili
.
- - End Of File - - 998CF313E4A8257483467C0548E42F8A
D41D8CD98F00B204E9800998ECF8427E

[Windows XP the best]

Fatta tutta la guida di Geronimo.

[GERONIMO*]

[Claudio]
a me i grilil parlanti non piacciono
e se permetti le mie abitudini non le lascio giudicare dall'ultimo arrivato
chiudo OT

Windows XP the best
rimuovi questo DNS 176.31.229.24,176.31.229.25 così
Start
Tutti i programmi
Accessori
posizioniatii sulla voce Prompt dei comandi
clic con il tasto destro del mouse su Prompt dei comandi e scegli
Esegui come amministratore: per aprire la finestra del prompt dei comandi

Nella finestra del prompt
copia\incolla i seguenti comandi: uno per volta e dai INVIO sulla tastiera ad ogni comando
net start dnscache
ipconfig /flushdns

Attendi la fine delle operazioni

poi
scarica questo file di Registro sul Desktop
http://download.bleepingcomputer.com/reg/FixNCR.reg
fare doppio clic su FixNCR per unirlo al registro
confermare l’operazione cliccando su Si
RIAVVIA IL PC

aggiorna la situazione,fai sapere se si installano i programmi

[Windows XP the best]

Ora non sono casa, appena possa faccio ciò che mi hai detto.
Provando a installare Skype adesso mi da l'errore 1601/1603, mentre il setup di Itunes non parte proprio, segnalando la mancanza del file msi.dll Provando a seguire la guida dell' altro utente, nel passo dei comandi dos, in tutti comandi che inserisco la risposta è mancanza del file. Ora proverò gli altri punti. Secondo me forse manca proprio Windows Installer, che ho scaricato e provato ad installare dal sito Microsoft, ma mi riporta l' errore memoria insufficiente.

[GERONIMO*]

si questa chiave di registro http://download.bleepingcomputer.com/reg/FixNCR.reg
mette a posto l'esecuzione dei programmi..quando il registro viene colpito da virus

per windows installer
dopo prova anche questo..anche perché non sparisce all'improvviso windows installer,potrebbe essere stato attaccato da un virus

[Windows XP the best]

Fatto tutto. Tutto uguale a prima. All'avvio del pc mi dice che manca il file msi.dll, la stessa cosa succede anche provando ad installare Itunes, mentre su Skype compare l'errore 1601. Ho provato ad installare Ghostscrip (scelto a caso), stranamente si è installato correttamente senza dare nessun errore. Andando in pannello di controllo, non mi fa accedere alla pagina di disinstallazione dei programmi, mentre ho guardato con CCleaner, Windows Installer non risulta installato.

[GERONIMO*]

prova anche con il fix,non sò se già hai provato
http://support.microsoft.com/mats/Progr ... _Uninstall

[Windows XP the best]

Formatterò, anche se non voglio, le ho provate tutte, ma niente.

[[Claudio]]

Formatterò, anche se non voglio, le ho provate tutte, ma niente.

Scusa se mi ri-intrometto (non volevo disturbare), ma perché prima di pensare al format:

Il problema è probabilmente legato a Windows Installer; qui trovi alcuni suggerimenti, prova a seguirli.

Poi fai come credi, ci mancherebbe altro

[Windows XP the best]

provato anche quello niente, il file msi.dll è mancante.
Provato a installare Windows Installer, non me lo fa installare , memoria insufficiente.
Con 4gb di ram e niente aperto

[[Claudio]]

Provato a installare Windows Installer, non me lo fa installare , memoria insufficiente.

Prova d aumentare la dimensione della memoria virtuale:
http://windows.microsoft.com/it-it/wind ... ual-memory

[[Claudio]]

O ancora, scarica l'installer di Windows Installer e prova l'installazione avviando il computer in modalità provvisoria.

[Windows XP the best]

In provvisoria non Windows non fa installare nessun programma (su tutti i pc, non solo sul mio), ho provato lo stesso ma niente

[GERONIMO*]

scarica questo file http://www.mediafire.com/?1i3x0urms6y5lmj

mettilo in C:/Windows/System32

Riavvia il pc

vedi se riesci ad installare i programmi

[Windows XP the best]

Sono fuori, appena posso faccio.

Grazie per l'aiuto.

[[Claudio]]

In provvisoria non Windows non fa installare nessun programma (su tutti i pc, non solo sul mio), ho provato lo stesso ma niente

Non esattamente .... ma in questo caso devo darti ragione .... senza windows installer effettivamente non è possibile (mi do del pirla da solo).
Questa guida non vale solo per le disinstallazioni in modalità provvisoria, ma anche per le installazioni.

Ancora una cosa: hai controllato nei Servizi se il servizio Windows Installer non sia, per qualche ragione, disabilitato? (in "tipo di avvio" dovrebbe essere impostato su Manuale).

[GERONIMO*]

O ancora, scarica l'installer di Windows Installer e prova l'installazione avviando il computer in modalità provvisoria.

Attenzione questo Windows installer non è compatibile con windows 7
Sistema operativo supportato

Windows Server 2003; Windows Server 2008; Windows Vista; Windows XP
The Windows Installer 4.5 redistributable can be installed on Windows XP Service Pack 2, Windows XP Service Pack 3, Windows Server 2003 Service Pack 1, Windows Server 2003 Service Pack 2, Windows Vista, Windows Vista Service Pack 1, and Windows Server 2008 in X86, X64 and IA64 flavors.

[Windows XP the best]

Ho inserito il file msi.dll ed anche il file msiexec.exe che mancava. Riavviato, non compare più l'errore msi.dll.
Ora l'installazione dei programmi parte, ma tutti dicono di riuscire ad accedere al servizio di Windows installer
Il pannello di controllo\disinstallazione programmi è ritornato a funzionare, anche il servizio Windows installer parte.
Ci stiamo avvicinando alla soluzione(spero)
Dovrebbe bastare installere Windows ibstaller

[GERONIMO*]

scusa,non ti seguo..se dici che ora tutto funziona
cosa non funziona ancora?