PDA

View Full Version : AVG: Tracking cookies...e trojan?!

Nebelmeer
26-05-2012, 21:17
Ciao a tutti!
Ebbene sì...sono infetto anch'io! :cry:

Ultimamente, ad ogni sessione del mio pc AVG rileva dei tracking cookies quando apro un'applicazione (Windows Live Messenger, Windows Live Mail, Chrome ecc.), sempre con la stessa finestra di dialogo.

Un'altra cosa che vi riporto - che mi preoccupa molto - è questa: nelle ultime scansioni dell'intero computer, AVG mi rileva vari trojan :(

Il problema è che, non essendo né rimossi né risolti, questi files non possono essere spostati in quarantena; quando seleziono l'opzione "sposta in quarantena" appare la scritta "File non accessibile."

Ho provato ad utilizzare Combofix, Malwarebytes ed Emsisoft Anti-Malware...ma il problema persiste :(




Ecco il risultato dell'ultima scansione di AVG:

"";"F:\Programmi\uTorrent\uTorrent.exe (3648)";"Trojan PSW.Agent.AUES";"Eliminato"
"";"F:\Programmi\iTunes\iTunesHelper.exe (2292)";"Trojan PSW.Agent.AUES";"Eliminato"
"";"F:\DAEMON Tools Lite\DTLite.exe (1892)";"Trojan PSW.Agent.AUES";"Eliminato"
"";"C:\WINDOWS\system32\winlogon.exe (1824)";"Trojan PSW.Agent.AUET";"Eliminato"
"";"C:\WINDOWS\system32\wbem\wmiapsrv.exe (4668)";"Trojan PSW.Agent.AUES";"Eliminato"
"";"C:\WINDOWS\system32\svchost.exe (520)";"Trojan PSW.Agent.AUES";"Eliminato"
"";"C:\WINDOWS\system32\svchost.exe (4048)";"Trojan PSW.Agent.AUES";"Eliminato"
"";"C:\WINDOWS\system32\svchost.exe (340)";"Trojan PSW.Agent.AUES";"Eliminato"
"";"C:\WINDOWS\system32\svchost.exe (2632)";"Trojan PSW.Agent.AUES";"Eliminato"
"";"C:\WINDOWS\system32\services.exe (1876)";"Trojan PSW.Agent.ARMW";"Eliminato"
"";"C:\WINDOWS\system32\searchindexer.exe (4008)";"Trojan PSW.Agent.AUES";"Eliminato"
"";"C:\WINDOWS\system32\rundll32.exe (1088)";"Trojan PSW.Agent.AUES";"Eliminato"
"";"C:\WINDOWS\system32\nvsvc32.exe (2940)";"Trojan PSW.Agent.AUES";"Eliminato"
"";"C:\WINDOWS\system32\LEXPPS.EXE (1272)";"Trojan PSW.Agent.AUES";"Eliminato"
"";"C:\WINDOWS\explorer.exe (940)";"Trojan PSW.Agent.AUES";"Eliminato"
"";"C:\Programmi\Windows Desktop Search\WindowsSearch.exe (4052)";"Trojan PSW.Agent.AUES";"Eliminato"
"";"C:\Programmi\Vtune\TBPANEL.exe (2656)";"Trojan PSW.Agent.AUES";"Eliminato"
"";"C:\Programmi\Skype\Phone\Skype.exe (3728)";"Trojan PSW.Agent.AUES";"Eliminato"
"";"C:\Programmi\Messenger\msmsgs.exe (3832)";"Trojan PSW.Agent.AUES";"Eliminato"
"";"C:\Programmi\Malwarebytes' Anti-Malware\mbamservice.exe (3580)";"Trojan PSW.Agent.AUES";"Eliminato"
"";"C:\Programmi\Java\jre6\bin\jqs.exe (2608)";"Trojan PSW.Agent.AUES";"Eliminato"
"";"C:\Programmi\iPod\bin\iPodService.exe (5800)";"Trojan PSW.Agent.AUES";"Eliminato"
"";"C:\Programmi\Google\Google Talk\googletalk.exe (3960)";"Trojan PSW.Agent.AUES";"Eliminato"
"";"C:\Programmi\File comuni\Protexis\License Service\PsiService_2.exe (3448)";"Trojan PSW.Agent.AUES";"Eliminato"
"";"C:\Programmi\File comuni\Java\Java Update\jusched.exe (2096)";"Trojan PSW.Agent.AUES";"Eliminato"
"";"C:\Programmi\File comuni\Java\Java Update\jucheck.exe (4344)";"Trojan PSW.Agent.AUES";"Eliminato"
"";"C:\Programmi\File comuni\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe (1160)";"Trojan PSW.Agent.AUES";"Eliminato"
"";"C:\Programmi\File comuni\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe (3164)";"Trojan PSW.Agent.AUES";"Eliminato"
"";"C:\Programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe (4044)";"Trojan PSW.Agent.AUES";"Eliminato"
"";"C:\Programmi\Emsisoft Anti-Malware\a2service.exe (140)";"Trojan PSW.Agent.AUES";"Eliminato"
"";"C:\Programmi\Cisco Systems\VPN Client\cvpnd.exe (2404)";"Trojan PSW.Agent.AUES";"Eliminato"
"";"C:\Programmi\AVG\AVG2012\avgwdsvc.exe (3248)";"Trojan PSW.Agent.AUES";"Eliminato"
"";"C:\Programmi\AVG\AVG2012\avgui.exe (5940)";"Trojan PSW.Agent.AUES";"Eliminato"
"";"C:\Programmi\AVG\AVG2012\avgtray.exe (1028)";"Trojan PSW.Agent.AUES";"Eliminato"
"";"C:\Programmi\AVG\AVG2012\AVGIDSAgent.exe (5752)";"Trojan PSW.Agent.AUES";"Eliminato"
"";"C:\Programmi\AVG\AVG2012\avgfws.exe (796)";"Trojan PSW.Agent.AUES";"Eliminato"
"";"C:\Programmi\AVG\AVG PC Tuneup\BoostSpeed.exe (2912)";"Trojan PSW.Agent.AUES";"Eliminato"
"";"C:\Programmi\AVG Secure Search\vprot.exe (1052)";"Trojan PSW.Agent.AUES";"Eliminato"
"";"C:\Documents and Settings\matteo\Impostazioni locali\Dati applicazioni\Akamai\netsession_win.exe (3556)";"Trojan PSW.Agent.AUES";"Eliminato"
"";"C:\Documents and Settings\matteo\Impostazioni locali\Dati applicazioni\Akamai\netsession_win.exe (2796)";"Trojan PSW.Agent.AUES";"Eliminato"
"";"F:\Programmi\uTorrent\uTorrent.exe (3648):\memory_02d80000";"Trojan PSW.Agent.AUES";"Infetto"
"";"F:\Programmi\iTunes\iTunesHelper.exe (2292):\memory_02280000";"Trojan PSW.Agent.AUES";"Infetto"
"";"F:\DAEMON Tools Lite\DTLite.exe (1892):\memory_011d0000";"Trojan PSW.Agent.AUES";"Infetto"
"";"C:\WINDOWS\system32\winlogon.exe (1824):\memory_011a0000";"Trojan PSW.Agent.AUET";"Infetto"
"";"C:\WINDOWS\system32\wbem\wmiapsrv.exe (4668):\memory_00cd0000";"Trojan PSW.Agent.AUES";"Infetto"
"";"C:\WINDOWS\system32\svchost.exe (520):\memory_01760000";"Trojan PSW.Agent.AUET";"Infetto"
"";"C:\WINDOWS\system32\svchost.exe (520):\memory_01660000";"Trojan PSW.Agent.AUES";"Infetto"
"";"C:\WINDOWS\system32\svchost.exe (4048):\memory_016e0000";"Trojan PSW.Agent.AUET";"Infetto"
"";"C:\WINDOWS\system32\svchost.exe (4048):\memory_01620000";"Trojan PSW.Agent.AUES";"Infetto"
"";"C:\WINDOWS\system32\svchost.exe (340):\memory_00ce0000";"Trojan PSW.Agent.AUET";"Infetto"
"";"C:\WINDOWS\system32\svchost.exe (340):\memory_00ab0000";"Trojan PSW.Agent.AUES";"Infetto"
"";"C:\WINDOWS\system32\svchost.exe (2632):\memory_00ec0000";"Trojan PSW.Agent.AUET";"Infetto"
"";"C:\WINDOWS\system32\svchost.exe (2632):\memory_00c50000";"Trojan PSW.Agent.AUES";"Infetto"
"";"C:\WINDOWS\system32\services.exe (1876):\memory_01060000";"Trojan PSW.Agent.ARMW";"Infetto"
"";"C:\WINDOWS\system32\searchindexer.exe (4008):\memory_0c080000";"Trojan PSW.Agent.AUES";"Infetto"
"";"C:\WINDOWS\system32\rundll32.exe (1088):\memory_00fa0000";"Trojan PSW.Agent.AUES";"Infetto"
"";"C:\WINDOWS\system32\nvsvc32.exe (2940):\memory_003e0000";"Trojan PSW.Agent.AUES";"Infetto"
"";"C:\WINDOWS\system32\LEXPPS.EXE (1272):\memory_008f0000";"Trojan PSW.Agent.AUES";"Infetto"
"";"C:\WINDOWS\explorer.exe (940):\memory_02120000";"Trojan PSW.Agent.AUET";"Infetto"
"";"C:\WINDOWS\explorer.exe (940):\memory_01f00000";"Trojan PSW.Agent.AUES";"Infetto"
"";"C:\Programmi\Windows Desktop Search\WindowsSearch.exe (4052):\memory_018f0000";"Trojan PSW.Agent.AUES";"Infetto"
"";"C:\Programmi\Vtune\TBPANEL.exe (2656):\memory_01420000";"Trojan PSW.Agent.AUES";"Infetto"
"";"C:\Programmi\Skype\Phone\Skype.exe (3728):\memory_096f0000";"Trojan PSW.Agent.AUES";"Infetto"
"";"C:\Programmi\Messenger\msmsgs.exe (3832):\memory_00f00000";"Trojan PSW.Agent.AUES";"Infetto"
"";"C:\Programmi\Malwarebytes' Anti-Malware\mbamservice.exe (3580):\memory_01ad0000";"Trojan PSW.Agent.AUES";"Infetto"
"";"C:\Programmi\Java\jre6\bin\jqs.exe (2608):\memory_01cd0000";"Trojan PSW.Agent.AUES";"Infetto"
"";"C:\Programmi\iPod\bin\iPodService.exe (5800):\memory_00b30000";"Trojan PSW.Agent.AUES";"Infetto"
"";"C:\Programmi\Google\Google Talk\googletalk.exe (3960):\memory_01970000";"Trojan PSW.Agent.AUES";"Infetto"
"";"C:\Programmi\File comuni\Protexis\License Service\PsiService_2.exe (3448):\memory_00ae0000";"Trojan PSW.Agent.AUES";"Infetto"
"";"C:\Programmi\File comuni\Java\Java Update\jusched.exe (2096):\memory_00b90000";"Trojan PSW.Agent.AUES";"Infetto"
"";"C:\Programmi\File comuni\Java\Java Update\jucheck.exe (4344):\memory_00fa0000";"Trojan PSW.Agent.AUES";"Infetto"
"";"C:\Programmi\File comuni\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe (1160):\memory_01410000";"Trojan PSW.Agent.AUES";"Infetto"
"";"C:\Programmi\File comuni\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe (3164):\memory_00940000";"Trojan PSW.Agent.AUES";"Infetto"
"";"C:\Programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe (4044):\memory_01ca0000";"Trojan PSW.Agent.AUES";"Infetto"
"";"C:\Programmi\Emsisoft Anti-Malware\a2service.exe (140):\memory_078f0000";"Trojan PSW.Agent.AUES";"Infetto"
"";"C:\Programmi\Cisco Systems\VPN Client\cvpnd.exe (2404):\memory_01490000";"Trojan PSW.Agent.AUES";"Infetto"
"";"C:\Programmi\AVG\AVG2012\avgwdsvc.exe (3248):\memory_03fa0000";"Trojan PSW.Agent.AUES";"Infetto"
"";"C:\Programmi\AVG\AVG2012\avgui.exe (5940):\memory_01530000";"Trojan PSW.Agent.AUES";"Infetto"
"";"C:\Programmi\AVG\AVG2012\avgtray.exe (1028):\memory_038c0000";"Trojan PSW.Agent.AUES";"Infetto"
"";"C:\Programmi\AVG\AVG2012\AVGIDSAgent.exe (5752):\memory_01d50000";"Trojan PSW.Agent.AUES";"Infetto"
"";"C:\Programmi\AVG\AVG2012\avgfws.exe (796):\memory_04180000";"Trojan PSW.Agent.AUES";"Infetto"
"";"C:\Programmi\AVG\AVG PC Tuneup\BoostSpeed.exe (2912):\memory_05b50000";"Trojan PSW.Agent.AUES";"Infetto"
"";"C:\Programmi\AVG Secure Search\vprot.exe (1052):\memory_016c0000";"Trojan PSW.Agent.AUES";"Infetto"
"";"C:\Documents and Settings\matteo\Impostazioni locali\Dati applicazioni\Akamai\netsession_win.exe (3556):\memory_02100000";"Trojan PSW.Agent.AUES";"Infetto"
"";"C:\Documents and Settings\matteo\Impostazioni locali\Dati applicazioni\Akamai\netsession_win.exe (2796):\memory_01310000";"Trojan PSW.Agent.AUES";"Infetto"

Avete a che fare con un imbranato cronico, siate pazienti con me :)
Chill-Out
28-05-2012, 09:13
Ciao, allega in formato testo .txt su uno dei Server Remoti qui indicati http://www.hwupgrade.it/forum/showthread.php?t=1751598

i log di: Combofix - MBAM - Emsi AntiMalware