Individuato trojan! Che faccio?

[arcofreccia]

Ciao, avira mi ha trovato un trojan, in questi casi oltre la scansione con l'antivirus cosa è consigliato fare?

[wjmat]

ciao
ci carichi un log/report di antivir

[arcofreccia]

Codice:

Version information:
BUILD.DAT     : 8.1.0.331      16934 Bytes  12/08/2008 11:46:00
AVSCAN.EXE    : 8.1.4.7       315649 Bytes  26/07/2008 18:03:47
AVSCAN.DLL    : 8.1.4.0        40705 Bytes  26/07/2008 18:03:47
LUKE.DLL      : 8.1.4.5       164097 Bytes  26/07/2008 18:03:47
LUKERES.DLL   : 8.1.4.0        12033 Bytes  26/07/2008 18:03:47
ANTIVIR0.VDF  : 6.40.0.0    11030528 Bytes  18/07/2007 20:36:17
ANTIVIR1.VDF  : 7.0.5.1      8182784 Bytes  24/06/2008 18:35:50
ANTIVIR2.VDF  : 7.0.7.12     4066816 Bytes  08/10/2008 12:35:14
ANTIVIR3.VDF  : 7.0.7.25      105984 Bytes  10/10/2008 12:23:39
Engineversion : 8.1.1.35  
AEVDF.DLL     : 8.1.0.5       102772 Bytes  15/04/2008 11:32:42
AESCRIPT.DLL  : 8.1.0.76      319867 Bytes  19/09/2008 19:08:38
AESCN.DLL     : 8.1.0.23      119156 Bytes  26/07/2008 18:03:48
AERDL.DLL     : 8.1.1.2       438644 Bytes  19/09/2008 19:08:37
AEPACK.DLL    : 8.1.2.3       364918 Bytes  25/09/2008 19:22:38
AEOFFICE.DLL  : 8.1.0.25      196986 Bytes  19/09/2008 19:08:36
AEHEUR.DLL    : 8.1.0.59     1438071 Bytes  19/09/2008 19:08:34
AEHELP.DLL    : 8.1.0.15      115063 Bytes  30/05/2008 11:13:00
AEGEN.DLL     : 8.1.0.36      315764 Bytes  19/08/2008 08:20:17
AEEMU.DLL     : 8.1.0.7       430452 Bytes  31/07/2008 18:45:46
AECORE.DLL    : 8.1.1.11      172406 Bytes  04/09/2008 18:32:46
AEBB.DLL      : 8.1.0.1        53617 Bytes  26/07/2008 18:03:48
AVWINLL.DLL   : 1.0.0.12       15105 Bytes  26/07/2008 18:03:47
AVPREF.DLL    : 8.0.2.0        38657 Bytes  26/07/2008 18:03:47
AVREP.DLL     : 8.0.0.2        98344 Bytes  31/07/2008 18:45:43
AVREG.DLL     : 8.0.0.1        33537 Bytes  26/07/2008 18:03:47
AVARKT.DLL    : 1.0.0.23      307457 Bytes  15/04/2008 11:32:41
AVEVTLOG.DLL  : 8.0.0.16      119041 Bytes  26/07/2008 18:03:47
SQLITE3.DLL   : 3.3.17.1      339968 Bytes  15/04/2008 11:32:41
SMTPLIB.DLL   : 1.2.0.23       28929 Bytes  26/07/2008 18:03:48
NETNT.DLL     : 8.0.0.1         7937 Bytes  15/04/2008 11:32:41
RCIMAGE.DLL   : 8.0.0.51     2371841 Bytes  26/07/2008 18:03:44
RCTEXT.DLL    : 8.0.52.0       86273 Bytes  26/07/2008 18:03:44

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: d:\programmi\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: C:, D:, 
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: venerdì 10 ottobre 2008  15:55

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'usnsvc.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'COCIManager.exe' - '1' Module(s) have been scanned
Scan process 'mpbtn.exe' - '1' Module(s) have been scanned
Scan process 'NMIndexStoreSvr.exe' - '1' Module(s) have been scanned
Scan process 'NMIndexingService.exe' - '1' Module(s) have been scanned
Scan process 'iPodService.exe' - '1' Module(s) have been scanned
Scan process 'PCLEScheduler.exe' - '1' Module(s) have been scanned
Scan process 'LGSyncManager.exe' - '1' Module(s) have been scanned
Scan process 'TeaTimer.exe' - '1' Module(s) have been scanned
Scan process 'NMBgMonitor.exe' - '1' Module(s) have been scanned
Scan process 'GoogleUpdate.exe' - '1' Module(s) have been scanned
Scan process 'msmsgs.exe' - '1' Module(s) have been scanned
Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned
Scan process 'Quickcam.exe' - '1' Module(s) have been scanned
Scan process 'Communications_Helper.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'LVComSer.exe' - '1' Module(s) have been scanned
Scan process 'MotiveSB.exe' - '1' Module(s) have been scanned
Scan process 'ADeck.exe' - '1' Module(s) have been scanned
Scan process 'CALMAIN.exe' - '1' Module(s) have been scanned
Scan process 'WZCSLDR2.exe' - '1' Module(s) have been scanned
Scan process 'AirPlusCFG.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'WanMiniport1st_srv.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'srvany.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'LVComSer.exe' - '1' Module(s) have been scanned
Scan process 'AGRSMMSG.exe' - '1' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'SOUNDMAN.EXE' - '1' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'a2service.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'LVPrcSrv.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
55 processes with 55 modules were scanned

Start scanning boot sectors:
Boot sector 'C:\'
    [INFO]      No virus was found!
Boot sector 'D:\'
    [INFO]      No virus was found!

Starting to scan the registry.
The registry was scanned ( '69' files ).


Starting the file scan:

Begin scan in 'C:\'
Begin scan in 'D:\'
D:\hiberfil.sys
    [WARNING]   The file could not be opened!


End of the scan: venerdì 10 ottobre 2008  16:56
Used time:  1:01:04 Hour(s)

The scan has been done completely.

   7821 Scanning directories
 403950 Files were scanned
      0 viruses and/or unwanted programs were found
      0 Files were classified as suspicious:
      0 files were deleted
      0 files were repaired
      0 files were moved to quarantine
      0 files were renamed
      1 Files cannot be scanned
 403949 Files not concerned
   3046 Archives were scanned
      1 Warnings
      0 Notes

[wjmat]

mi sembra pulito

[arcofreccia]

eppure mi aveva dato tre avvisi di trojan. vabbè meglio cosi dai

[wjmat]

se vuoi fare una scansione approfondita per toglierti ogni dubbio segui la guida alla disinfezione e ci carichi i log secondo le modalità

[xcdegasp]

ma legegre le regole di sezione è troppo difficile?