Errore win32 - problemi con spybot

**100%SC** · 15-10-2010, 16:16

Fatto tutto, ecco qui il log di combofix

ComboFix 10-10-14.01 - brenno 15/10/2010 14.58.23.1.1 - FAT32x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.39.1040.18.511.296 [GMT 1:00]
Eseguito da: c:\documents and settings\brenno\Desktop\abc.exe.exe
* Creato nuovo punto di ripristino
.

((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))) )
.

c:\documents and settings\brenno\Impostazioni locali\Dati applicazioni\kmgga_navfx.dat
c:\windows\ST6UNST.000

La copia infetta di c:\windows\system32\drivers\pciide.sys è stata trovata e disinfettata
ipristinata copia da - Kitty had a snack

.
((((((((((((((((((((((((((((((((((((((( Driver/Servizi )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_NPF

((((((((((((((((((((((((( Files Creati Da 2010-09-15 al 2010-10-15 )))))))))))))))))))))))))))))))))))
.

2010-10-07 08:35 . 2010-10-07 08:35 -------- d-----w- c:\programmi\IObit
2010-10-07 08:35 . 2010-10-07 08:35 -------- d-----w- c:\documents and settings\brenno\Dati applicazioni\IObit
2010-10-07 07:28 . 2010-10-07 07:28 -------- d-----w- c:\windows\system32\wbem\Repository
2010-10-06 15:32 . 2010-10-06 15:32 -------- d-----w- C:\FOUND.004
2010-10-06 13:56 . 2010-10-06 13:56 -------- d-----w- c:\documents and settings\brenno\Dati applicazioni\TeamViewer
2010-10-06 08:52 . 2010-10-06 08:52 -------- d-----w- c:\programmi\Avira
2010-10-06 08:52 . 2010-10-06 08:52 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Avira
2010-10-06 07:26 . 2010-10-06 07:26 -------- d-----w- c:\documents and settings\brenno\DoctorWeb
2010-09-29 07:12 . 2008-06-10 01:32 73728 ----a-w- c:\windows\system32\javacpl.cpl
2010-09-24 08:09 . 2010-09-24 08:09 -------- d-----w- c:\programmi\CDex
2010-09-24 07:41 . 2010-09-24 07:41 -------- d-----w- c:\programmi\Conduit
2010-09-23 16:03 . 2010-09-23 16:03 -------- d-----w- c:\documents and settings\NetworkService\Impostazioni locali\Dati applicazioni\Google
2010-09-23 15:36 . 2010-09-23 15:36 -------- d-----w- c:\documents and settings\brenno\Impostazioni locali\Dati applicazioni\Temp
2010-09-23 15:32 . 2010-09-23 15:32 -------- d-----w- c:\documents and settings\LocalService\Impostazioni locali\Dati applicazioni\Google
2010-09-23 15:29 . 2010-07-17 04:00 423656 ----a-w- c:\programmi\Mozilla Firefox\plugins\npdeployJava1.dll
2010-09-23 15:29 . 2010-07-17 04:00 423656 ----a-w- c:\windows\system32\deployJava1.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) )
.
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"LightScribe Control Panel"="c:\programmi\File comuni\LightScribe\LightScribeControlPanel.exe" [2007-07-18 451872]
"MsnMsgr"="c:\programmi\Windows Live\Messenger\MsnMsgr.Exe" [2009-07-26 3883856]
"SpybotSD TeaTimer"="c:\programmi\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"Advanced SystemCare 3"="c:\programmi\IObit\Advanced SystemCare 3\AWC.exe" [2010-08-10 2349776]
"eMuleAutoStart"="d:\emule\emule.exe" [2009-02-22 5668864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"LaunchApp"="Alaunch" [X]
"SynTPLpr"="c:\programmi\Synaptics\SynTP\SynTPLpr. exe" [2004-01-09 98304]
"SynTPEnh"="c:\programmi\Synaptics\SynTP\SynTPEnh. exe" [2004-01-09 491520]
"SoundMan"="SOUNDMAN.EXE" [2003-12-19 65024]
"LtMoh"="c:\programmi\ltmoh\Ltmoh.exe" [2003-04-28 184320]
"LManager"="c:\progra~1\LAUNCH~1\CPLBCL53.EXE" [2003-12-15 262144]
"ATIPTA"="c:\programmi\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-03-22 335872]
"ATIModeChange"="Ati2mdxx.exe" [2001-09-04 28672]
"AGRSMMSG"="AGRSMMSG.exe" [2003-07-25 88363]
"SunJavaUpdateSched"="c:\programmi\Java\jre1.6.0_0 7\bin\jusched.exe" [2008-06-10 144784]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\brenno\Menu Avvio\Programmi\Esecuzione automatica\
OpenOffice.org 2.4.lnk - c:\programmi\OpenOffice.org 2.4\program\quickstart.exe [2008-1-21 393216]

c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\
Button Manager I.lnk - c:\programmi\Sharp\Button Manager I\btnman.exe [2007-1-25 106496]
Adobe Reader Speed Launch.lnk - c:\programmi\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-4-23 29696]

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmi\\Mozilla Firefox\\firefox.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"d:\\eMule\\emule.exe"=
"c:\\Programmi\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Programmi\\Skype\\Phone\\Skype.exe"=

R0 sonyhcb;Sony Digital Imaging Base;c:\windows\system32\drivers\sonyhcb.sys [25/06/2005 20.14.43 6097]
S0 IoloFilter;IoloFilter;c:\windows\system32\drivers\ IoloFltr.sys --> c:\windows\system32\drivers\IoloFltr.sys [?]
S2 gupdate;Servizio di Google Update (gupdate);c:\programmi\Google\Update\GoogleUpdate. exe [23/09/2010 16.31.48 135664]
S3 iMSPCLOj;iMSPCLOj;\??\c:\docume~1\brenno\IMPOST~1\ Temp\iMSPCLOj.sys --> c:\docume~1\brenno\IMPOST~1\Temp\iMSPCLOj.sys [?]
S3 MCHPUSB;MCHPUSB;c:\windows\system32\drivers\mchpus b.sys [29/01/2009 11.52.22 53760]
S3 sonyhcs;Sony Digital Imaging Video;c:\windows\system32\drivers\sonyhcs.sys [25/06/2005 20.14.43 299923]
S3 USBKey;USB Security Key;c:\windows\system32\drivers\usbkey.sys [17/04/2009 8.23.09 12700]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-07-18 16:53 451872 ----a-w- c:\programmi\File comuni\LightScribe\LSRunOnce.exe
.
Contenuto della cartella 'Scheduled Tasks'

2010-10-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2010-09-23 15:31]

2010-10-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programmi\Google\Update\GoogleUpdate.exe [2010-09-23 15:31]
.
.
------- Scansione supplementare -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.micros oft:en-US&ie=utf8&oe=utf8
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Google Sidewiki... - c:\programmi\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8 574934B26AC4.dll/cmsidewiki.html
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
FF - ProfilePath - c:\documents and settings\brenno\Dati applicazioni\Mozilla\Firefox\Profiles\5hl6mny3.def ault\
FF - prefs.js: browser.search.selectedEngine - GoogleCOM
FF - prefs.js: browser.startup.homepage - hxxp://go.microsoft.com/fwlink/?LinkId=69157
FF - prefs.js: keyword.URL - hxxp://www.ffsearching.com/search/?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=
FF - plugin: c:\programmi\Google\Update\1.2.183.13\npGoogleOneC lick8.dll
FF - plugin: c:\programmi\Java\jre6\bin\new_plugin\npdeployJava 1.dll
FF - plugin: c:\programmi\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: c:\programmi\Windows Live\Photo Gallery\NPWLPG.dll

---- FIREFOX POLICIES ----

FF - user.js: browser.search.selectedEngine - GoogleCOM
FF - user.js: keyword.URL - hxxp://www.ffsearching.com/search/?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=
.
- - - - CHIAVI ORFANE RIMOSSE - - - -

Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

.
--------------------- Dlls caricate dai processi in esecuzione ---------------------

- - - - - - - > 'explorer.exe'(2732)
c:\windows\system32\WININET.dll
c:\windows\system32\webcheck.dll
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\windows\System32\Ati2evxx.exe
c:\windows\SOUNDMAN.EXE
c:\windows\AGRSMMSG.exe
c:\programmi\OpenOffice.org 2.4\program\soffice.exe
c:\programmi\OpenOffice.org 2.4\program\soffice.BIN
c:\programmi\Canon\IJPLM\IJPLMSVC.EXE
c:\programmi\File comuni\LightScribe\LSSrvc.exe
c:\programmi\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\windows\System32\wdfmgr.exe
c:\windows\system32\wscntfy.exe
.
************************************************** ************************
.
Ora fine scansione: 2010-10-15 15:14:08 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2010-10-15 14:14

Pre-Run: 1.639.694.336 byte disponibili
Post-Run: 1.866.956.800 byte disponibili

WindowsXP-KB310994-SP2-Home-BootDisk-ITA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOW S
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Micro soft Windows XP Home Edition" /fastdetect /NoExecute=OptIn

- - End Of File - - 651F75E2471EAFF7C7C1BD430EBF12AE

Discussione: Errore win32 - problemi con spybot

Strumenti discussione

Ricerca discussione

Visualizza

Visualizzazione discussione

Permessi di invio