Ciao a tutti,
un contatto di MSN mi ha inviato un virus che Avast rileva ma non riesce ad "ammazzare".
Ho fatto girare tutto quello che c'è nella guida di questo forum, oltre a vari altri programmi come AVG Anti-Spyware, Ad-Aware, CCleaner, Norman Malware, ATF_Cleaner, Sophos, Combofix , Avenger e molti altri.
Molti non rilevano neppure il virus, mentre Avast lo visualizza.
Poi ho installato Prevx CSI che individua:
c/windows/system32/vobuquydiz.exe
c/windows/system32/luzoosog.exe
Questo invece è il file di hijackthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:07, on 2008-07-17
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Lavasoft\Ad-Aware\aawservice.exe
C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmi\Alwil Software\Avast4\ashServ.exe
C:\Programmi\HPQ\IAM\bin\asghost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Analog Devices\Core\smax4pnp.exe
C:\Programmi\Java\jre1.6.0_05\bin\jusched.exe
C:\Programmi\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE
C:\Programmi\Hp\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Programmi\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Programmi\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\WINDOWS\SMINST\Scheduler.exe
C:\Programmi\QuickTime\qttask.exe
C:\Programmi\File comuni\Real\Update_OB\realsched.exe
C:\PROGRA~1\Garzanti Linguistica\Francese Clic\vb\Trayicon.exe
C:\Programmi\SPAMfighter\SFAgent.exe
C:\Programmi\ScanSoft\PaperPort\pptd40nt.exe
C:\Programmi\Brother\ControlCenter2\brctrcen.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Google\GoogleToolbarNotifier\GoogleTo olbarNotifier.exe
C:\Programmi\Picasa2\PicasaMediaDetector.exe
C:\Programmi\ICQ6\ICQ.exe
C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe
C:\Programmi\a-squared Free\a2service.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\PrevxCSI\prevxcsi.exe
C:\Programmi\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Programmi\PrevxCSI\prevxcsi.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\File comuni\LightScribe\LSSrvc.exe
C:\Programmi\SPAMfighter\sfus.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\HPQ\Shared\HPQTOA~1.EXE
C:\Programmi\Outlook Express\msimn.exe
C:\Programmi\Messenger\msmsgs.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\Programmi\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Programmi\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Programmi\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Programmi\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Programmi\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Programmi\Avira\AntiVir PersonalEdition Classic\avcenter.exe
C:\Programmi\Avira\AntiVir PersonalEdition Classic\avscan.exe
C:\Programmi\Trend Micro\HijackThis\HijackThis.exe
C:\Programmi\Trend Micro\HijackThis\HijackThis.exe
O23 - Service: SigmaTel Audio Service (yoyaoiyatmb0) - Unknown owner - C:\WINDOWS\system32\vobuquydiz.exe (file missing)
--
End of file - 3039 bytes
Cosa posso fare?
Grazie!
Rispondi quotando