haha... MSN-VIRUS

[LM-Z]

 

Nu sitter man med skägget i brevlåda. Fick en "rolig" länk på MSN som jag klickade på ( http:\\msnmedia.ohost.de/video.php?= ).

 

Såg att EldRaven fick hjälp i en annan tråd och undrar om ngn kan förbarma sig över mig och min datamaskin.

 

Bifogar log

 

[log]Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 22:21:55, on 2008-12-09

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\acs.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\ATK0100\HControl.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\igfxpers.exe

C:\WINDOWS\RTHDCPL.EXE

C:\Program\ASUS\Power4 Gear\BatteryLife.exe

C:\Program\Wireless Console 2\wcourier.exe

C:\Program\Synaptics\SynTP\SynTPEnh.exe

C:\WINDOWS\sm56hlpr.exe

C:\Program\ASUS WLAN Adapter\ACU.exe

C:\Program\Java\jre1.6.0_02\bin\jusched.exe

C:\Program\QuickTime\qttask.exe

C:\Program\Delade filer\Real\Update_OB\realsched.exe

C:\Program\HP\HP Software Update\HPWuSchd2.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program\ASUS\Net4Switch\Net4Switch.exe

C:\Program\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\WINDOWS\service.exe

C:\Program\Asus\Asus ChkMail\ChkMail.exe

C:\Program\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program\Personal\bin\Personal.exe

C:\Program\HP\Digital Imaging\bin\hpqimzone.exe

C:\WINDOWS\ATK0100\ATKOSD.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\wscntfy.exe

C:\Program\HP\Digital Imaging\bin\hpqSTE08.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program\Java\jre1.6.0_02\bin\jucheck.exe

C:\WINDOWS\system32\taskmgr.exe

C:\Program\Internet Explorer\iexplore.exe

C:\Documents and Settings\Olof\Skrivbord\blandmapp\HiJackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.se/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre1.6.0_02\bin\ssv.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program\google\googletoolbar1.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program\google\googletoolbar1.dll

O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe

O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM\..\Run: [ASUS Live Update] C:\Program\ASUS\ASUS Live Update\ALU.exe

O4 - HKLM\..\Run: [Power_Gear] C:\Program\ASUS\Power4 Gear\BatteryLife.exe 1

O4 - HKLM\..\Run: [Wireless Console 2] C:\Program\Wireless Console 2\wcourier.exe

O4 - HKLM\..\Run: [synTPEnh] C:\Program\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [sMSERIAL] C:\WINDOWS\sm56hlpr.exe

O4 - HKLM\..\Run: [ABLKSR] C:\WINDOWS\ABLKSR\ABLKSR.exe

O4 - HKLM\..\Run: [ACU] "C:\Program\ASUS WLAN Adapter\ACU.exe" -nogui

O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program\Java\jre1.6.0_02\bin\jusched.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [TkBellExe] "C:\Program\Delade filer\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [HP Software Update] C:\Program\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [Windows Service] service.exe

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [Net4Switch] C:\Program\ASUS\Net4Switch\Net4Switch.exe

O4 - HKCU\..\Run: [swg] C:\Program\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJÄNST')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: ASUS ChkMail.lnk = C:\Program\Asus\Asus ChkMail\ChkMail.exe

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: HP Photosmart Premier Snabbstart.lnk = C:\Program\HP\Digital Imaging\bin\hpqthb08.exe

O4 - Global Startup: Personal.lnk = C:\Program\Personal\bin\Personal.exe

O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1

O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\Program\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_02\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_02\bin\ssv.dll

O9 - Extra button: Referensinformation - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com

O15 - Trusted Zone: *.cdon.com

O15 - Trusted Zone: *.cdon.se

O15 - Trusted Zone: *.viasat.se

O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} (DjVuCtl Class) - http://www.lizardtech.com/download/files/win/djvuplugin/sv_SV/DjVuControl_sv_SV.cab

O23 - Service: ASUS Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

 

--

End of file - 6697 bytes

[/log]

 

[Brynäsarn]

Ser i Hijack-loggen att det finns en gammal java-version med säkerhetshål

i datorn.Jag rekommenderar att du laddar hem och installerar uppdaterad

version http://www.java.com/sv/ Avinstallera därefter den gamla i

Kontrollpanelen Lägg till eller ta bort program (ingen webläsare igång)

 

[LM-Z]

OK, jag börjar där. Tack

 

[LM-Z]

Nu är java-situationen ordnad

 

[LM-Z]

 

En till log om det kan hjälpa

 

 

[log]ComboFix 08-12-07.04 - Olof 2008-12-09 22:50:42.1 - FAT32x86

Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1053.18.159 [GMT 1:00]

Körs från: c:\documents and settings\Olof\Skrivbord\blandmapp\ComboFix.exe

* Skapade en ny återställningspunkt

 

VARNINIG -ÅTERSTÄLLNINGSKONSOLEN (THE RECOVERY CONSOLE) ÄR INTE INSTALLERAD PÅ DEN HÄR DATORN !!

.

 

((((((((((((((((((((((((((((((((((((((( Andra raderingar ))))))))))))))))))))))))))))))))))))))))))))))))))

.

 

c:\program\INSTALL.LOG

c:\windows\admintxt.txt

c:\windows\service.exe

 

.

((((((((((((((((((((( Filer Skapade från 2008-11-09 till 2008-12-09 ))))))))))))))))))))))))))))))))))))

.

 

2008-12-09 21:45 . 2008-12-09 21:45 30,856 --a------ c:\windows\system32\drivers\fsbts.sys

2008-11-30 22:40 . 2008-11-30 22:40 54,156 --ah----- c:\windows\QTFont.qfn

2008-11-30 22:40 . 2008-11-30 22:40 1,409 --a------ c:\windows\QTFont.for

2008-11-16 23:49 . 2008-11-16 23:49 <KAT> d-------- c:\program\SonbergBudget

2008-11-16 23:27 . 2008-11-16 23:27 <KAT> d-------- c:\program\PerssonsSoftware

2008-11-16 23:27 . 2008-11-16 23:27 <KAT> d-------- c:\program\Borland

2008-11-16 23:27 . 2001-06-20 15:02 183,808 --a------ c:\windows\system32\BDEADMIN.CPL

2008-11-16 23:27 . 2008-11-16 23:33 13,030 --a------ C:\PDOXUSRS.NET

2008-11-16 23:26 . 1998-02-06 21:41 301,568 --a------ c:\windows\unin041d.exe

2008-11-16 22:49 . 2008-11-16 22:50 <KAT> d-------- c:\program\gnucash

2008-11-11 14:50 . 2008-11-11 14:50 <KAT> d-------- c:\documents and settings\Olof\cbt

 

.

(((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-10-30 21:04 --------- d-----w c:\program\uTorrent

2008-10-30 21:04 --------- d-----w c:\documents and settings\Olof\Application Data\uTorrent

2008-10-24 11:10 453,632 ----a-w c:\windows\system32\drivers\mrxsmb.sys

2008-10-24 11:10 453,632 ------w c:\windows\system32\dllcache\mrxsmb.sys

2008-10-22 23:39 --------- d-----w c:\program\MSXML 4.0

2008-10-22 14:21 --------- d-----w c:\documents and settings\Olof\Application Data\HP

2008-10-22 14:21 --------- d-----w c:\documents and settings\All Users\Application Data\HP

2008-10-22 14:17 --------- d-----w c:\program\Delade filer\Sonic Shared

2008-10-22 14:17 --------- d-----w c:\documents and settings\All Users\Application Data\Sonic

2008-10-22 14:10 --------- d-----w c:\program\Hewlett-Packard

2008-10-22 14:09 --------- d-----w c:\program\Delade filer\HP

2008-10-22 14:03 --------- d-----w c:\program\HP

2008-10-16 13:13 202,776 ----a-w c:\windows\system32\wuweb.dll

2008-10-16 13:13 202,776 ----a-w c:\windows\system32\dllcache\wuweb.dll

2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll

2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\dllcache\wuaueng.dll

2008-10-16 13:12 561,688 ----a-w c:\windows\system32\wuapi.dll

2008-10-16 13:12 561,688 ----a-w c:\windows\system32\dllcache\wuapi.dll

2008-10-16 13:12 323,608 ----a-w c:\windows\system32\wucltui.dll

2008-10-16 13:12 323,608 ----a-w c:\windows\system32\dllcache\wucltui.dll

2008-10-16 13:09 92,696 ----a-w c:\windows\system32\dllcache\cdm.dll

2008-10-16 13:09 92,696 ----a-w c:\windows\system32\cdm.dll

2008-10-16 13:09 51,224 ----a-w c:\windows\system32\wuauclt.exe

2008-10-16 13:09 51,224 ----a-w c:\windows\system32\dllcache\wuauclt.exe

2008-10-16 13:09 43,544 ----a-w c:\windows\system32\wups2.dll

2008-10-16 13:08 34,328 ----a-w c:\windows\system32\wups.dll

2008-10-16 13:08 34,328 ----a-w c:\windows\system32\dllcache\wups.dll

2008-10-15 18:01 332,800 ----a-w c:\windows\system32\dllcache\netapi32.dll

2008-10-10 01:24 120 ----a-w C:\drmHeader.bin

2008-09-30 15:43 1,286,152 ----a-w c:\windows\system32\msxml4.dll

2008-09-15 16:41 1,846,016 ----a-w c:\windows\system32\win32k.sys

2008-09-15 16:41 1,846,016 ----a-w c:\windows\system32\dllcache\win32k.sys

2002-10-25 09:02 11,197 ----a-w c:\program\UNWISE.INI

2002-07-26 16:02 153,088 ----a-w c:\program\UNWISE.EXE

.

 

(((((((((((((((((((((((((((((((((((( Startpunkter i registret )))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Not* tomma poster & legitima standardposter visas inte

REGEDIT4

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]

"Net4Switch"="c:\program\ASUS\Net4Switch\Net4Switch.exe" [2006-03-02 1101824]

"swg"="c:\program\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-09-03 68856]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"HControl"="c:\windows\ATK0100\HControl.exe" [2006-04-17 110592]

"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-11-27 98304]

"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-11-27 77824]

"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-11-27 118784]

"ASUS Live Update"="c:\program\ASUS\ASUS Live Update\ALU.exe" [2006-02-21 180224]

"Power_Gear"="c:\program\ASUS\Power4 Gear\BatteryLife.exe" [2006-03-06 86016]

"Wireless Console 2"="c:\program\Wireless Console 2\wcourier.exe" [2005-10-17 987136]

"SynTPEnh"="c:\program\Synaptics\SynTP\SynTPEnh.exe" [2005-10-20 761945]

"SMSERIAL"="c:\windows\sm56hlpr.exe" [2006-03-21 544768]

"ABLKSR"="c:\windows\ABLKSR\ABLKSR.exe" [2006-01-02 61440]

"ACU"="c:\program\ASUS WLAN Adapter\ACU.exe" [2006-04-14 307200]

"SunJavaUpdateSched"="c:\program\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 132496]

"QuickTime Task"="c:\program\QuickTime\qttask.exe" [2006-10-25 282624]

"TkBellExe"="c:\program\Delade filer\Real\Update_OB\realsched.exe" [2007-09-30 185632]

"HP Software Update"="c:\program\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 49152]

"RTHDCPL"="RTHDCPL.EXE" [2006-02-10 c:\windows\RTHDCPL.exe]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360]

 

c:\documents and settings\All Users\Start-meny\Program\AutostartASUS ChkMail.lnk - c:\program\Asus\Asus ChkMail\ChkMail.exe [2006-09-25 32768]

Adobe Reader Speed Launch.lnk - c:\program\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696]

Adobe Gamma Loader.lnk - c:\program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe [2007-10-18 113664]

HP Digital Imaging Monitor.lnk - c:\program\HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 288472]

HP Photosmart Premier Snabbstart.lnk - c:\program\HP\Digital Imaging\bin\hpqthb08.exe [2006-02-10 73728]

Personal.lnk - c:\program\Personal\bin\Personal.exe [2006-10-02 438272]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"VIDC.I420"= i263_32.drv

"vidc.asv2"= asusasv2.dll

"msacm.g723"= g723.acm

"vidc.I263"= I263_32.drv

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program\\DC++\\DCPlusPlus.exe"=

"c:\\Program\\BitLord\\BitLord.exe"=

"c:\\Program\\uTorrent\\uTorrent.exe"=

"c:\\Program\\gnucash\\bin\\gnucash-bin.exe"=

"c:\\Program\\gnucash\\bin\\gconfd-2.exe"=

 

S3 ipswuio;ipswuio;c:\windows\system32\DRIVERS\ipswuio.sys [2006-09-25 34944]

S4 L80ddntnu;L80ddntnu; []

 

*Newly Created Service* - FSBTS

*Newly Created Service* - PROCEXP90

.

Innehållet i mappen 'Schemalagda aktiviteter'

 

2008-12-01 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program\Apple Software Update\SoftwareUpdate.exe [2006-10-10 17:13]

.

- - - - FÖRÄLDRALÖSA POSTER SOM TAGITS BORT - - - -

 

HKCU-Run-MsnMsgr - c:\program\MSN Messenger\MsnMsgr.Exe

HKLM-Run-Logitech Hardware Abstraction Layer - KHALMNPR.EXE

 

 

.

------- Extra genomsökning -------

.

uStart Page = hxxp://www.google.se/

uSearch Page = hxxp://www.google.com

uSearch Bar = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

IE: E&xportera till Microsoft Excel - c:\program\MICROS~2\OFFICE11\EXCEL.EXE/3000

Trusted Zone: *.cdon.com

Trusted Zone: *.cdon.se

Trusted Zone: *.viasat.se

FireFox -: Profile - c:\documents and settings\Olof\Application Data\Mozilla\Firefox\Profiles\puaiuww3.default.

 

**************************************************************************

 

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-12-09 22:51:53

Windows 5.1.2600 Service Pack 2 FAT NTAPI

 

genomsöker dolda processer ...

 

genomsöker dolda autostartpunkter ...

 

genomsöker dolda filer ...

 

genomsökningen avslutades lyckosamt

dolda filer: 0

 

**************************************************************************

.

--------------------- DLLer installerade under pågående processer ---------------------

 

- - - - - - - > 'winlogon.exe'(512)

c:\windows\system32\igfxdev.dll

.

Sluttid: 2008-12-09 22:52:17

ComboFix-quarantined-files.txt 2008-12-09 21:52:16

 

Före genomsökningen: 4,281,434,112 byte ledigt

Efter genomsökningen: 5,488,181,248 byte ledigt

 

156 --- E O F --- 2008-11-12 21:33:40

[/log]

 

[Cecilia]

Var håller antivirusprogrammet hus som kunde ha stoppat MSN-masken från att komma in i datorn?

 

Surfa till http://www.virustotal.com klistra in ett av följande filnamn i rutan, tryck på Skicka Fil och vänta tills resultatet är klart (Närvarande status blir genomförd). Klistra in resultatet från de olika antivirusprogrammen (inte Övrig information) här. Upprepa med nästa filnamn.

c:\windows\system32\drivers\fsbts.sys

c:\windows\system32\DRIVERS\ipswuio.sys

 

 

[LM-Z]

[log]Antivirus Version Senaste Uppdatering Resultat

AhnLab-V3 2008.11.14.3 2008.11.14 -

AntiVir 7.9.0.31 2008.11.14 -

Authentium 5.1.0.4 2008.11.14 -

Avast 4.8.1281.0 2008.11.14 -

AVG 8.0.0.199 2008.11.14 -

BitDefender 7.2 2008.11.14 -

CAT-QuickHeal 10.00 2008.11.13 -

ClamAV 0.94.1 2008.11.14 -

DrWeb 4.44.0.09170 2008.11.14 -

eSafe 7.0.17.0 2008.11.13 -

eTrust-Vet 31.6.6208 2008.11.13 -

Ewido 4.0 2008.11.14 -

F-Prot 4.4.4.56 2008.11.13 -

F-Secure 8.0.14332.0 2008.11.14 -

Fortinet 3.117.0.0 2008.11.14 -

GData 19 2008.11.14 -

Ikarus T3.1.1.45.0 2008.11.14 -

K7AntiVirus 7.10.524 2008.11.13 -

Kaspersky 7.0.0.125 2008.11.14 -

McAfee 5433 2008.11.13 -

Microsoft 1.4104 2008.11.14 -

NOD32 3613 2008.11.14 -

Norman 5.80.02 2008.11.14 -

Panda 9.0.0.4 2008.11.14 -

PCTools 4.4.2.0 2008.11.14 -

Prevx1 V2 2008.11.14 -

Rising 21.03.42.00 2008.11.14 -

SecureWeb-Gateway 6.7.6 2008.11.14 -

Sophos 4.35.0 2008.11.14 -

Sunbelt 3.1.1801.2 2008.11.14 -

Symantec 10 2008.11.14 -

TheHacker 6.3.1.1.152 2008.11.13 -

TrendMicro 8.700.0.1004 2008.11.14 -

VBA32 3.12.8.9 2008.11.14 -

ViRobot 2008.11.14.1468 2008.11.14 -

VirusBuster 4.5.11.0 2008.11.13 -

[/log]

 

[log]Antivirus Version Senaste Uppdatering Resultat

AhnLab-V3 2008.11.28.2 2008.11.29 -

AntiVir 7.9.0.36 2008.11.29 -

Authentium 5.1.0.4 2008.11.30 -

Avast 4.8.1281.0 2008.11.29 -

AVG 8.0.0.199 2008.11.29 -

BitDefender 7.2 2008.11.30 -

CAT-QuickHeal 10.00 2008.11.29 -

ClamAV 0.94.1 2008.11.30 -

DrWeb 4.44.0.09170 2008.11.30 -

eSafe 7.0.17.0 2008.11.30 -

eTrust-Vet 31.6.6234 2008.11.28 -

Ewido 4.0 2008.11.30 -

F-Prot 4.4.4.56 2008.11.29 -

F-Secure 8.0.14332.0 2008.11.30 -

Fortinet 3.117.0.0 2008.11.30 -

GData 19 2008.11.30 -

Ikarus T3.1.1.45.0 2008.11.30 -

K7AntiVirus 7.10.538 2008.11.29 -

Kaspersky 7.0.0.125 2008.11.30 -

McAfee 5449 2008.11.29 -

McAfee+Artemis 5449 2008.11.29 -

Microsoft 1.4104 2008.11.30 -

NOD32 3651 2008.11.30 -

Norman 5.80.02 2008.11.28 -

Panda 9.0.0.4 2008.11.30 -

PCTools 4.4.2.0 2008.11.30 -

Prevx1 V2 2008.11.30 -

Rising 21.05.62.00 2008.11.30 -

SecureWeb-Gateway 6.7.6 2008.11.29 -

Sophos 4.36.0 2008.11.30 -

Sunbelt 3.1.1832.2 2008.11.27 -

Symantec 10 2008.11.30 -

TheHacker 6.3.1.1.169 2008.11.29 -

TrendMicro 8.700.0.1004 2008.11.28 -

VBA32 3.12.8.9 2008.11.29 -

ViRobot 2008.11.29.1492 2008.11.29 -

VirusBuster 4.5.11.0 2008.11.29 -

[/log]

 

[Cecilia]

Verkar ju vara ofarliga filer. ComboFix tog bort några filer, förhoppningsvis så räcker det med det. Men installera ett antivirusprogram, t ex gratis Avast, och sök igenom datorn för det kan ligga någon fil någonstans och lura.

 

Efter det så får du provköra MSN försiktigt och se om problemet har upphört. Om det kvarstår så får vi söka vidare.

 

Här kan du läsa mina vanliga råd för en säkrare dator, men det är så klart viktigt att man använder sitt förnuft också.

http://ceblstockholm.googlepages.com/home

 

 

[LM-Z]

Tackar och bockar, dubbelguld!

 

[Cecilia]

Tack för poängen!