Hi Everyone,
This morning booting up my PC Avast popped-up a virus-found message with sisytj32.exe malware in windows startup folder.
Put it to Avast trash than reboot and remove.
After that run a scan with updated Malware bites and found some files that could be related to that:
[i]Voci infette nei dati di registro: (infected reg. data)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) → Bad: (1) Good: (0)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) → Bad: (1) Good: (0)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) → Bad: (1) Good: (0)
File infetti: (infected files)
C:\WINDOWS\Temp~TM289D.tmp (Trojan.Agent)
C:\Documents and Settings-MY USER NAME-\Dati applicazioni\avdrn.dat (Malware.Trace)
C:\WINDOWS\system32\config\systemprofile\Menu Avvio\Programmi\Esecuzione automatica\ntuser_mssec.exe (Trojan.VirTool)[/i]
Malware bites remove every voice without any problem.
Also run a scan with spybot and found nothing else than usually cookie related issues.
Now running a full sys scan with new avast freshly upgraded (before I was still with blue-icon avast, yes with defs always updated)
Now… Need I to do more scans? Am I safe now?
Thanks and have a good day