Just nu i M3-nätverket
Jump to content

Smittad av MSN-virus


jennie1001

Recommended Posts

Min lillebror råkade klicka på en länk som någon skickade över MSN och nu har vår dator drabbats av virus. Kan någon vänlig själ hjälpa mig med detta? Jag vore evigt tacksam i så fall!

 

Nedan kommer en logg-fil från HijackThis:

 

[log]Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 19:30:57, on 2008-12-22

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16762)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program\Avira\AntiVir PersonalEdition Classic\sched.exe

C:\Program\Avira\AntiVir PersonalEdition Classic\avguard.exe

C:\Program\Windows Live\Family Safety\fsssvc.exe

C:\Program\CA\SharedComponents\iTechnology\igateway.exe

C:\Program\CA\eTrustITM\InoRpc.exe

C:\Program\CA\eTrustITM\InoRT.exe

C:\Program\CA\eTrustITM\InoTask.exe

C:\Program\CA\SharedComponents\PPRealtime\bin\ITMRTSVC.exe

C:\Program\Java\jre6\bin\jqs.exe

C:\Program\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\CCM\CcmExec.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\igfxtray.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\igfxpers.exe

C:\WINDOWS\RTHDCPL.EXE

C:\WINDOWS\system32\igfxsrvc.exe

C:\Program\CA\eTrustITM\realmon.exe

C:\Program\Java\jre6\bin\jusched.exe

C:\Program\Delade filer\Real\Update_OB\realsched.exe

C:\Program\Logitech\Video\LogiTray.exe

C:\Program\Windows Live\Family Safety\fsui.exe

C:\Program\Avira\AntiVir PersonalEdition Classic\avgnt.exe

C:\WINDOWS\system32\rundll32.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program\InterVideo\Common\Bin\WinCinemaMgr.exe

C:\Program\WiFiConnector\NintendoWFCReg.exe

C:\Program\Personal\bin\Personal.exe

C:\WINDOWS\system32\LVComS.exe

C:\Program\Internet Explorer\iexplore.exe

C:\Program\Windows Live\Toolbar\wltuser.exe

C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

C:\Program\Trend Micro\HijackThis\HijackThis.exe

C:\Program\CA\eTrustITM\ppcl.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aftonbladet.se/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157'>http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896'>http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program\google\googletoolbar1.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program\Windows Live\Toolbar\wltcore.dll

O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM\..\Run: [Realtime Monitor] "C:\Program\CA\eTrustITM\realmon.exe" -s

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program\Delade filer\Ahead\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Program\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions

O4 - HKLM\..\Run: [TkBellExe] "C:\Program\Delade filer\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program\Google\Google Desktop Search\GoogleDesktop.exe" /startup

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program\Logitech\Video\ISStart.exe

O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program\Logitech\Video\LogiTray.exe

O4 - HKLM\..\Run: [fssui] "C:\Program\Windows Live\Family Safety\fsui.exe" -autorun

O4 - HKLM\..\Run: [Windows UDP Control Center] fxstaller.exe

O4 - HKLM\..\Run: [avgnt] "C:\Program\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min

O4 - HKLM\..\Run: [0c7d5271] rundll32.exe "C:\WINDOWS\system32\oifceypy.dll",b

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program\Windows Live\Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [swg] C:\Program\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [A00F53669.exe] C:\DOCUME~1\Bengt\LOKALA~1\Temp\_A00F53669.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJÄNST')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program\InterVideo\Common\Bin\WinCinemaMgr.exe

O4 - Global Startup: Kör Registreringsverktyg.lnk = C:\Program\WiFiConnector\NintendoWFCReg.exe

O4 - Global Startup: Personal.lnk = C:\Program\Personal\bin\Personal.exe

O9 - Extra button: Blogga detta - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Blogga detta i Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O16 - DPF: {C8CE8EAB-8B03-484B-B348-A2442D38E7AF} (Intermezzon Player Control) - http://download.intermezzon.com/3.3/designerplayer.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = kholm

O17 - HKLM\Software\..\Telephony: DomainName = kholm

O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = kholm

O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = kholm

O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program\Avira\AntiVir PersonalEdition Classic\sched.exe

O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program\Avira\AntiVir PersonalEdition Classic\avguard.exe

O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program\Google\Google Desktop Search\GoogleDesktop.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: iTechnology iGateway 4.2 (iGateway) - CA, Inc. - C:\Program\CA\SharedComponents\iTechnology\igateway.exe

O23 - Service: eTrust ITM RPC Service (InoRPC) - CA - C:\Program\CA\eTrustITM\InoRpc.exe

O23 - Service: eTrust Antivirus Realtime Service (InoRT) - CA - C:\Program\CA\eTrustITM\InoRT.exe

O23 - Service: eTrust ITM Job Service (InoTask) - CA - C:\Program\CA\eTrustITM\InoTask.exe

O23 - Service: CA Pest Patrol Realtime Protection Service (ITMRTSVC) - CA, Inc. - C:\Program\CA\SharedComponents\PPRealtime\bin\ITMRTSVC.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program\Java\jre6\bin\jqs.exe

 

--

End of file - 8630 bytes[/log]

 

Link to comment
Share on other sites

Ladda ner ComboFix till Skrivbordet:

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

 

Dra ur internetanslutningen och stäng av alla program du ser inklusive antivirusprogram, antispionprogram och brandvägg.

Kör ComboFix och följ anvisningarna som visas.

Om det kommer upp en fråga om du vill installera återställningskonsolen så svara ja.

 

VIKTIGT! Klicka inte på ComboFix-fönstret med musen när den körs annars kan den hänga upp sig.

 

När den är färdig så ska en logg komma upp, bifoga den till ditt svar. Kontrollera att antivirusprogram och brandvägg är igång innan du ansluter till internet.

 

I ditt svar bifogar du ComboFix-loggen på detta sätt:

Tryck på LOG-knappen i Besvara-fönstret

Klistra in loggen

Tryck igen på LOG-knappen

 

Om du får problem med att komma ut på internet:

Kontrollpanelen - Nätverksanslutningar

högerklicka på din internetanslutning och välj Reparera och/eller starta om datorn.

 

Varning! ComboFix förhindrar automatisk körning av CD, disketter och USB-enheter för att göra det lättare att rensa datorn och skydda datorn mot infektioner i framtiden. Det kan bli problem t ex om datorn har internet via ett USB-modem eller USB-nätverkskort. Säg då till i stället för att köra ComboFix.

 

Bifoga en ny HijackThis-logg också

 

Link to comment
Share on other sites

[log]ComboFix 08-12-21.04 - Bengt 2008-12-22 21:48:36.1 - NTFSx86

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1053.18.2037.1386 [GMT 1:00]

Körs från: c:\documents and settings\Bengt\Skrivbord\ComboFix.exe

* Skapade en ny återställningspunkt

.

 

((((((((((((((((((((((((((((((((((((((( Andra raderingar ))))))))))))))))))))))))))))))))))))))))))))))))))

.

 

c:\documents and settings\Bengt\Lokala inställningar\Temporary Internet Files\__IZD_EMPTYFILE.SWF

c:\windows\system32\awtqqnkK.dll

c:\windows\system32\awtsSiig.dll

c:\windows\system32\byxuVPfg.dll

c:\windows\system32\cmndnr.dll

c:\windows\system32\ddcAtrqn.dll

c:\windows\system32\ddCSIBtQ.dll

c:\windows\system32\edasliih.ini

c:\windows\system32\efcBrRHb.dll

c:\windows\system32\elgdjb.dll

c:\windows\system32\fccaBUoM.dll

c:\windows\system32\fccbYspP.dll

c:\windows\system32\fccdecAr.dll

c:\windows\system32\hgGaxvww.dll

c:\windows\system32\hgGwVNef.dll

c:\windows\system32\jkkIARhe.dll

c:\windows\system32\khfCstsp.dll

c:\windows\system32\khfDuUOE.dll

c:\windows\system32\khfFULdD.dll

c:\windows\system32\ljJCsQiH.dll

c:\windows\system32\mdm.exe

c:\windows\system32\mlJDtttq.dll

c:\windows\system32\mlJDUNFx.dll

c:\windows\system32\nnNFVLeD.dll

c:\windows\system32\oifceypy.dll

c:\windows\system32\opnkHwVP.dll

c:\windows\system32\opnmlIxy.dll

c:\windows\system32\opnnnnom.dll

c:\windows\system32\pmnNhHxx.dll

c:\windows\system32\PpsYbccf.ini

c:\windows\system32\PpsYbccf.ini2

c:\windows\system32\qoMgdaAp.dll

c:\windows\system32\rqRhGyaW.dll

c:\windows\system32\rqRIaWmM.dll

c:\windows\system32\rqRJDvvV.dll

c:\windows\system32\snyrwjpr.dll

c:\windows\system32\ssqPjkIb.dll

c:\windows\system32\tcjqotei.dll

c:\windows\system32\tjpnxcvu.ini

c:\windows\system32\tuvVMEwX.dll

c:\windows\system32\urQKAPhe.dll

c:\windows\system32\urqOHYpN.dll

c:\windows\system32\vtUkhfgF.dll

c:\windows\system32\vtUmKdCS.dll

c:\windows\system32\vtUmMfDt.dll

c:\windows\system32\wvUmjJbb.dll

c:\windows\system32\xxyvvSji.dll

c:\windows\system32\yaYrQgFW.dll

c:\windows\system32\ypyecfio.ini

 

.

((((((((((((((((((((( Filer Skapade från 2008-11-22 till 2008-12-22 ))))))))))))))))))))))))))))))))))))

.

 

2008-12-22 19:30 . 2008-12-22 19:30 <KAT> d-------- c:\program\Trend Micro

2008-12-21 14:48 . 2008-12-21 14:48 <KAT> d-------- c:\program\Avira

2008-12-21 14:48 . 2008-12-21 14:48 <KAT> d-------- c:\documents and settings\All Users\Application Data\Avira

2008-12-20 18:51 . 2008-12-20 18:51 69,632 --a------ C:\amrei.exe

2008-12-19 21:43 . 2008-12-08 17:01 55,136 --a------ c:\windows\system32\drivers\fssfltr_tdi.sys

2008-12-19 21:42 . 2008-12-19 21:42 <KAT> d-------- c:\program\Microsoft Sync Framework

2008-12-19 21:39 . 2008-12-19 21:39 <KAT> d-------- c:\program\Windows Live SkyDrive

2008-12-19 21:38 . 2008-12-19 21:37 410,984 --a------ c:\windows\system32\deploytk.dll

2008-12-19 21:32 . 2008-12-19 21:32 236 --a------ C:\sqmdata05.sqm

2008-12-19 21:32 . 2008-12-19 21:32 200 --a------ C:\sqmnoopt05.sqm

2008-12-19 21:25 . 2008-12-19 21:25 <KAT> d-------- c:\program\Logitech

2008-12-19 21:24 . 2008-12-19 21:24 <KAT> d-------- c:\program\Delade filer\Labtec

2008-12-19 21:24 . 2004-01-21 02:14 5,915 --a------ c:\windows\system32\drivers\lv302af.sys

2008-12-19 21:24 . 2008-12-19 21:24 260 --a------ c:\windows\_delis32.ini

2008-12-19 21:19 . 2004-01-21 02:26 360,448 -ra------ c:\windows\system32\LVUI2RC.dll

2008-12-13 22:47 . 2008-12-13 22:47 236 --a------ C:\sqmdata04.sqm

2008-12-13 22:47 . 2008-12-13 22:47 200 --a------ C:\sqmnoopt04.sqm

2008-12-06 21:01 . 2008-12-06 21:01 <KAT> d-------- c:\program\WiFiConnector

2008-12-06 20:59 . 2007-11-29 14:21 163,328 --a------ c:\windows\system32\drivers\rt25usbap.sys

2008-12-06 20:59 . 2007-12-03 09:29 4,350 --a------ c:\windows\system32\drivers\RT25USBAP.CAT

2008-12-04 23:04 . 2008-12-04 23:04 308,072 --a------ c:\windows\WLXPGSS.SCR

2008-12-02 22:37 . 2008-12-02 22:37 49,480 --a------ c:\windows\system32\sirenacm.dll

2008-11-29 08:28 . 2008-11-29 08:28 236 --a------ C:\sqmdata03.sqm

2008-11-29 08:28 . 2008-11-29 08:28 200 --a------ C:\sqmnoopt03.sqm

 

.

(((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-12-21 19:18 --------- d-----w c:\program\Windows Live

2008-12-21 17:03 --------- d-----w c:\program\Delade filer\Symantec Shared

2008-12-21 17:00 --------- d-----w c:\program\Norton Security Scan

2008-12-21 13:55 --------- d-----w c:\documents and settings\Bengt\Application Data\gtk-2.0

2008-12-19 20:37 --------- d-----w c:\program\Java

2008-11-18 16:49 --------- d-----w c:\program\Microsoft SQL Server Compact Edition

2008-11-18 16:48 --------- d-----w c:\program\Windows Live Toolbar

2008-11-18 16:47 --------- d-----w c:\program\Microsoft

2008-11-18 16:40 --------- d-----w c:\program\Delade filer\Windows Live

2008-11-06 17:17 --------- d-----w c:\program\Delade filer\Adobe

2008-11-02 16:54 --------- d-----w c:\documents and settings\Bengt\Application Data\Move Networks

2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys

2008-10-23 12:43 286,720 ----a-w c:\windows\system32\gdi32.dll

2008-10-16 20:33 826,368 ----a-w c:\windows\system32\wininet.dll

2008-10-16 13:13 202,776 ----a-w c:\windows\system32\wuweb.dll

2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll

2008-10-16 13:12 561,688 ----a-w c:\windows\system32\wuapi.dll

2008-10-16 13:12 323,608 ----a-w c:\windows\system32\wucltui.dll

2008-10-16 13:09 92,696 ----a-w c:\windows\system32\cdm.dll

2008-10-16 13:09 51,224 ----a-w c:\windows\system32\wuauclt.exe

2008-10-16 13:09 43,544 ----a-w c:\windows\system32\wups2.dll

2008-10-16 13:08 34,328 ----a-w c:\windows\system32\wups.dll

2008-10-16 13:06 268,648 ----a-w c:\windows\system32\mucltui.dll

2008-10-16 13:06 208,744 ----a-w c:\windows\system32\muweb.dll

2008-10-03 10:04 247,326 ----a-w c:\windows\system32\strmdll.dll

2008-09-30 15:43 1,286,152 ----a-w c:\windows\system32\msxml4.dll

1999-04-26 12:30 99,840 ----a-w c:\program\Delade filer\IRAABOUT.DLL

1998-12-08 19:53 70,144 ----a-w c:\program\Delade filer\IRAMDMTR.DLL

1998-12-08 19:53 48,640 ----a-w c:\program\Delade filer\IRALPTTR.DLL

1998-12-08 19:53 31,744 ----a-w c:\program\Delade filer\IRAWEBTR.DLL

1998-12-08 19:53 186,368 ----a-w c:\program\Delade filer\IRAREG.DLL

1998-12-08 19:53 17,920 ----a-w c:\program\Delade filer\IRASRIAL.DLL

2008-09-19 13:01 32,768 --sha-w c:\windows\system32\config\systemprofile\Lokala inställningar\Tidigare\History.IE5\MSHist012008091920080920\index.dat

.

 

(((((((((((((((((((((((((((((((((((( Startpunkter i registret )))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Not* tomma poster & legitima standardposter visas inte

REGEDIT4

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

"swg"="c:\program\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-09-15 68856]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-06-27 141848]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-06-27 162328]

"Persistence"="c:\windows\system32\igfxpers.exe" [2007-06-27 137752]

"Realtime Monitor"="c:\program\CA\eTrustITM\realmon.exe" [2007-01-16 407632]

"SunJavaUpdateSched"="c:\program\Java\jre6\bin\jusched.exe" [2008-12-19 136600]

"NeroFilterCheck"="c:\program\Delade filer\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]

"QuickTime Task"="c:\program\QuickTime\qttask.exe" [2007-10-19 286720]

"Sony Ericsson PC Suite"="c:\program\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2007-05-28 528384]

"TkBellExe"="c:\program\Delade filer\Real\Update_OB\realsched.exe" [2008-08-19 185896]

"Google Desktop Search"="c:\program\Google\Google Desktop Search\GoogleDesktop.exe" [2008-09-05 29744]

"Adobe Reader Speed Launcher"="c:\program\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]

"LogitechVideoRepair"="c:\program\Logitech\Video\ISStart.exe" [2004-02-12 188416]

"LogitechVideoTray"="c:\program\Logitech\Video\LogiTray.exe" [2004-02-12 77824]

"fssui"="c:\program\Windows Live\Family Safety\fsui.exe" [2008-12-08 453984]

"avgnt"="c:\program\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]

"RTHDCPL"="RTHDCPL.EXE" [2007-06-13 c:\windows\RTHDCPL.exe]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

 

c:\documents and settings\All Users\Start-meny\Program\AutostartInterVideo WinCinema Manager.lnk - c:\program\InterVideo\Common\Bin\WinCinemaMgr.exe [2008-01-14 278528]

K”r Registreringsverktyg.lnk - c:\program\WiFiConnector\NintendoWFCReg.exe [2008-12-06 1179648]

Personal.lnk - c:\program\Personal\bin\Personal.exe [2008-05-30 894504]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"msacm.enc"= ITIG726.acm

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ComputerAssociatesAntiVirus]

"DisableMonitoring"=dword:00000001

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program\\CA\\eTrustITM\\Realmon.exe"=

"c:\\Program\\Windows Live\\Sync\\WindowsLiveSync.exe"=

 

R2 fssfltr;FssFltr;c:\windows\system32\DRIVERS\fssfltr_tdi.sys [2008-12-19 55136]

R2 fsssvc;Windows Live Family Safety;"c:\program\Windows Live\Family Safety\fsssvc.exe" [2008-12-08 533344]

R2 SeaPort;SeaPort;"c:\program\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe" [2008-12-04 226640]

R3 IFXTPM;IFXTPM;c:\windows\system32\DRIVERS\IFXTPM.SYS [2008-01-11 41216]

S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245;"c:\program\Google\Google Desktop Search\GoogleDesktop.exe" [2008-08-19 29744]

S3 kwwalpgr;kwwalpgr;\??\c:\docume~1\Bengt\LOKALA~1\Temp\kwwalpgr.sys []

S3 s716bus;Sony Ericsson Device 716 driver (WDM);c:\windows\system32\DRIVERS\s716bus.sys [2008-06-02 83208]

S3 s716mdfl;Sony Ericsson Device 716 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s716mdfl.sys [2008-06-02 15112]

S3 s716mdm;Sony Ericsson Device 716 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s716mdm.sys [2008-06-02 108552]

S3 s716mgmt;Sony Ericsson Device 716 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s716mgmt.sys [2008-06-02 100360]

S3 s716nd5;Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (NDIS);c:\windows\system32\DRIVERS\s716nd5.sys [2008-06-02 23176]

S3 s716obex;Sony Ericsson Device 716 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s716obex.sys [2008-06-02 98568]

S3 s716unic;Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (WDM);c:\windows\system32\DRIVERS\s716unic.sys [2008-06-02 98952]

.

Innehållet i mappen 'Schemalagda aktiviteter'

 

2008-12-21 c:\windows\Tasks\Norton Security Scan for Bengt.job

- c:\program\Norton Security Scan\Nss.exe [2008-09-19 04:18]

 

2008-12-22 c:\windows\Tasks\zxfpafli.job

- c:\windows\system32\rundll32.exe [2008-04-14 17:05]

.

- - - - FÖRÄLDRALÖSA POSTER SOM TAGITS BORT - - - -

 

BHO-{8F97DFF2-25E7-44CC-B3EB-568144A7A2F0} - c:\windows\system32\fccbYspP.dll

BHO-{ca093653-e3db-40a6-8a4c-67346443152d} - c:\windows\system32\cmndnr.dll

HKCU-Run-MsnMsgr - c:\program\Windows Live\Messenger\MsnMsgr.Exe

Notify-__c00802C - c:\windows\system32\__c00802C.dat

 

 

.

------- Extra genomsökning -------

.

uStart Page = hxxp://www.aftonbladet.se/

uSearchURL,(Default) = hxxp://www.google.com/keyword/%s

 

c:\windows\system32\Macromed\Flash\Flash9e.ocx - c:\windows\system32\mfc42.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\olepro32.dll

O16 -: {C8CE8EAB-8B03-484B-B348-A2442D38E7AF}

hxxp://download.intermezzon.com/3.3/designerplayer.cab

c:\windows\Downloaded Program Files\PlayDesigned.inf

.

 

**************************************************************************

 

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2008-12-22 21:52:49

Windows 5.1.2600 Service Pack 3 NTFS

 

genomsöker dolda processer ...

 

genomsöker dolda autostartpunkter ...

 

genomsöker dolda filer ...

 

genomsökningen avslutades lyckosamt

dolda filer: 0

 

**************************************************************************

.

--------------------- DLLer installerade under pågående processer ---------------------

 

- - - - - - - > 'winlogon.exe'(732)

c:\program\CA\SharedComponents\PPRealtime\bin\CACheck.dll

c:\program\CA\SharedComponents\PPRealtime\bin\CAHook.dll

c:\program\CA\SharedComponents\PPRealtime\bin\CAServer.dll

.

------------------------ Andra pågående processer ------------------------

.

c:\program\Avira\AntiVir PersonalEdition Classic\sched.exe

c:\program\Avira\AntiVir PersonalEdition Classic\avguard.exe

c:\program\CA\SharedComponents\iTechnology\igateway.exe

c:\program\CA\eTrustITM\InoRpc.exe

c:\program\CA\eTrustITM\InoRT.exe

c:\program\CA\eTrustITM\InoTask.exe

c:\program\CA\SharedComponents\PPRealtime\bin\ITMRTSVC.exe

c:\program\Java\jre6\bin\jqs.exe

c:\windows\system32\CCM\CcmExec.exe

c:\program\CA\eTrustITM\Ppcl.exe

c:\program\CA\eTrustITM\Ppcl.exe

c:\windows\system32\msiexec.exe

c:\windows\system32\igfxsrvc.exe

c:\windows\system32\LVComS.exe

c:\program\Delade filer\Teleca Shared\Generic.exe

c:\program\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe

.

**************************************************************************

.

Sluttid: 2008-12-22 21:59:16 - datorn startades om

ComboFix-quarantined-files.txt 2008-12-22 20:58:58

 

Före genomsökningen: 64 887 128 064 byte ledigt

Efter genomsökningen: 65,011,625,984 byte ledigt

 

WindowsXP-KB310994-SP2-Pro-BootDisk-SVE.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

 

246 --- E O F --- 2008-12-18 13:08:20

[/log]

 

[log]Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 22:03:15, on 2008-12-22

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16762)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program\Avira\AntiVir PersonalEdition Classic\sched.exe

C:\Program\Avira\AntiVir PersonalEdition Classic\avguard.exe

C:\Program\Windows Live\Family Safety\fsssvc.exe

C:\Program\CA\SharedComponents\iTechnology\igateway.exe

C:\Program\CA\eTrustITM\InoRpc.exe

C:\Program\CA\eTrustITM\InoRT.exe

C:\Program\CA\eTrustITM\InoTask.exe

C:\Program\CA\SharedComponents\PPRealtime\bin\ITMRTSVC.exe

C:\Program\Java\jre6\bin\jqs.exe

C:\Program\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\CCM\CcmExec.exe

C:\Program\CA\eTrustITM\ppcl.exe

C:\Program\CA\eTrustITM\ppcl.exe

C:\WINDOWS\system32\msiexec.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\igfxtray.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\igfxpers.exe

C:\WINDOWS\system32\igfxsrvc.exe

C:\WINDOWS\RTHDCPL.EXE

C:\Program\Java\jre6\bin\jusched.exe

C:\Program\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe

C:\Program\Delade filer\Real\Update_OB\realsched.exe

C:\Program\Google\Google Desktop Search\GoogleDesktop.exe

C:\Program\Logitech\Video\LogiTray.exe

C:\Program\Windows Live\Family Safety\fsui.exe

C:\Program\Avira\AntiVir PersonalEdition Classic\avgnt.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program\InterVideo\Common\Bin\WinCinemaMgr.exe

C:\Program\WiFiConnector\NintendoWFCReg.exe

C:\Program\Personal\bin\Personal.exe

C:\WINDOWS\system32\LVComS.exe

C:\Program\Google\Google Desktop Search\GoogleDesktop.exe

C:\Program\Delade filer\Teleca Shared\Generic.exe

C:\Program\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe

C:\WINDOWS\explorer.exe

C:\WINDOWS\system32\notepad.exe

C:\WINDOWS\system32\rundll32.exe

C:\Program\internet explorer\iexplore.exe

C:\Program\Windows Live\Toolbar\wltuser.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program\Trend Micro\HijackThis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aftonbladet.se/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157'>http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896'>http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre6\bin\ssv.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program\google\googletoolbar1.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program\google\googletoolbar1.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program\Windows Live\Toolbar\wltcore.dll

O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [Realtime Monitor] "C:\Program\CA\eTrustITM\realmon.exe" -s

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program\Delade filer\Ahead\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Program\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions

O4 - HKLM\..\Run: [TkBellExe] "C:\Program\Delade filer\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program\Google\Google Desktop Search\GoogleDesktop.exe" /startup

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program\Logitech\Video\ISStart.exe

O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program\Logitech\Video\LogiTray.exe

O4 - HKLM\..\Run: [fssui] "C:\Program\Windows Live\Family Safety\fsui.exe" -autorun

O4 - HKLM\..\Run: [avgnt] "C:\Program\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [swg] C:\Program\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program\InterVideo\Common\Bin\WinCinemaMgr.exe

O4 - Global Startup: Kör Registreringsverktyg.lnk = C:\Program\WiFiConnector\NintendoWFCReg.exe

O4 - Global Startup: Personal.lnk = C:\Program\Personal\bin\Personal.exe

O9 - Extra button: Blogga detta - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Blogga detta i Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O9 - Extra button: (no name) - Cmdmapping - (no file) (HKCU)

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O16 - DPF: {C8CE8EAB-8B03-484B-B348-A2442D38E7AF} (Intermezzon Player Control) - http://download.intermezzon.com/3.3/designerplayer.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = kholm

O17 - HKLM\Software\..\Telephony: DomainName = kholm

O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = kholm

O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = kholm

O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program\Avira\AntiVir PersonalEdition Classic\sched.exe

O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program\Avira\AntiVir PersonalEdition Classic\avguard.exe

O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program\Google\Google Desktop Search\GoogleDesktop.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: iTechnology iGateway 4.2 (iGateway) - CA, Inc. - C:\Program\CA\SharedComponents\iTechnology\igateway.exe

O23 - Service: eTrust ITM RPC Service (InoRPC) - CA - C:\Program\CA\eTrustITM\InoRpc.exe

O23 - Service: eTrust Antivirus Realtime Service (InoRT) - CA - C:\Program\CA\eTrustITM\InoRT.exe

O23 - Service: eTrust ITM Job Service (InoTask) - CA - C:\Program\CA\eTrustITM\InoTask.exe

O23 - Service: CA Pest Patrol Realtime Protection Service (ITMRTSVC) - CA, Inc. - C:\Program\CA\SharedComponents\PPRealtime\bin\ITMRTSVC.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program\Java\jre6\bin\jqs.exe

 

--

End of file - 9266 bytes

[/log]

 

Link to comment
Share on other sites

Surfa till http://www.virustotal.com (fungerar bäst med Internet Explorer) klistra in ett av följande filnamn i rutan, tryck på Skicka Fil och vänta tills resultatet är klart (Närvarande status blir genomförd). Klistra in resultatet från de olika antivirusprogrammen (inte Övrig information) här. Upprepa med nästa filnamn.

C:\amrei.exe

c:\windows\system32\drivers\fssfltr_tdi.sys

c:\windows\system32\drivers\lv302af.sys

 

Hur är det med Windows-uppdateringar i datorn egentligen? Det syns inte att vare sig novembers eller decembers säkerhetsuppdateringar är gjorda.

 

Det är inte bra med två antivirusprogram igång i datorn, avinstallera antingen Avira Antivir eller CA eTrust.

 

Link to comment
Share on other sites

C:\amrei.exe

[log]Antivirus Version Senaste Uppdatering Resultat

AhnLab-V3 2008.12.19.0 2008.12.19 -

AntiVir 7.9.0.45 2008.12.18 -

Authentium 5.1.0.4 2008.12.18 -

Avast 4.8.1281.0 2008.12.18 -

AVG 8.0.0.199 2008.12.18 -

BitDefender 7.2 2008.12.19 -

CAT-QuickHeal 10.00 2008.12.18 -

ClamAV 0.94.1 2008.12.18 -

Comodo 771 2008.12.17 -

DrWeb 4.44.0.09170 2008.12.18 -

eSafe 7.0.17.0 2008.12.18 -

eTrust-Vet 31.6.6268 2008.12.18 -

Ewido 4.0 2008.12.18 -

F-Prot 4.4.4.56 2008.12.18 -

F-Secure 8.0.14332.0 2008.12.19 -

Fortinet 3.117.0.0 2008.12.18 -

GData 19 2008.12.19 -

Ikarus T3.1.1.45.0 2008.12.19 -

K7AntiVirus 7.10.557 2008.12.18 -

Kaspersky 7.0.0.125 2008.12.19 -

McAfee 5468 2008.12.18 -

McAfee+Artemis 5468 2008.12.18 -

Microsoft 1.4205 2008.12.18 -

NOD32 3704 2008.12.18 -

Norman 5.80.02 2008.12.18 -

Panda 9.0.0.4 2008.12.18 -

PCTools 4.4.2.0 2008.12.18 -

Prevx1 V2 2008.12.19 -

Rising 21.08.32.00 2008.12.18 -

SecureWeb-Gateway 6.7.6 2008.12.18 -

Sophos 4.37.0 2008.12.19 -

Sunbelt 3.2.1801.2 2008.12.11 -

TheHacker 6.3.1.4.191 2008.12.17 -

TrendMicro 8.700.0.1004 2008.12.18 -

VBA32 3.12.8.10 2008.12.18 -

ViRobot 2008.12.18.1525 2008.12.18 -

VirusBuster 4.5.11.0 2008.12.18 -

[/log]

 

c:\windows\system32\drivers\fssfltr_tdi.sys

[log]Antivirus Version Senaste Uppdatering Resultat

AhnLab-V3 2008.12.19.3 2008.12.21 -

AntiVir 7.9.0.45 2008.12.19 -

Authentium 5.1.0.4 2008.12.21 -

Avast 4.8.1281.0 2008.12.20 -

AVG 8.0.0.199 2008.12.20 -

BitDefender 7.2 2008.12.21 -

CAT-QuickHeal 10.00 2008.12.20 -

ClamAV 0.94.1 2008.12.20 -

Comodo 783 2008.12.20 -

DrWeb 4.44.0.09170 2008.12.21 -

eSafe 7.0.17.0 2008.12.18 -

eTrust-Vet 31.6.6271 2008.12.20 -

Ewido 4.0 2008.12.21 -

F-Prot 4.4.4.56 2008.12.21 -

F-Secure 8.0.14332.0 2008.12.21 -

Fortinet 3.117.0.0 2008.12.21 -

GData 19 2008.12.21 -

Ikarus T3.1.1.45.0 2008.12.21 -

K7AntiVirus 7.10.560 2008.12.20 -

Kaspersky 7.0.0.125 2008.12.21 -

McAfee 5470 2008.12.20 -

McAfee+Artemis 5470 2008.12.20 -

Microsoft 1.4205 2008.12.21 -

NOD32 3709 2008.12.20 -

Norman 5.80.02 2008.12.19 -

Panda 9.0.0.4 2008.12.21 -

PCTools 4.4.2.0 2008.12.21 -

Prevx1 V2 2008.12.21 -

Rising 21.08.62.00 2008.12.21 -

SecureWeb-Gateway 6.7.6 2008.12.19 -

Sophos 4.37.0 2008.12.21 -

Sunbelt 3.2.1801.2 2008.12.11 -

TheHacker 6.3.1.4.195 2008.12.20 -

TrendMicro 8.700.0.1004 2008.12.19 -

VBA32 3.12.8.10 2008.12.20 -

ViRobot 2008.12.20.1528 2008.12.21 -

VirusBuster 4.5.11.0 2008.12.20 -

[/log]

 

c:\windows\system32\drivers\lv302af.sys

[log]Antivirus Version Senaste Uppdatering Resultat

AhnLab-V3 2008.12.22.0 2008.12.23 -

AntiVir 7.9.0.45 2008.12.22 -

Authentium 5.1.0.4 2008.12.23 -

Avast 4.8.1281.0 2008.12.23 -

AVG 8.0.0.199 2008.12.22 -

BitDefender 7.2 2008.12.23 -

CAT-QuickHeal 10.00 2008.12.23 -

ClamAV 0.94.1 2008.12.22 -

Comodo 800 2008.12.22 -

DrWeb 4.44.0.09170 2008.12.23 -

eSafe 7.0.17.0 2008.12.21 -

eTrust-Vet 31.6.6271 2008.12.20 -

Ewido 4.0 2008.12.22 -

F-Prot 4.4.4.56 2008.12.22 -

F-Secure 8.0.14332.0 2008.12.23 -

Fortinet 3.117.0.0 2008.12.23 -

GData 19 2008.12.23 -

Ikarus T3.1.1.45.0 2008.12.23 -

K7AntiVirus 7.10.562 2008.12.22 -

Kaspersky 7.0.0.125 2008.12.23 -

McAfee 5472 2008.12.22 -

McAfee+Artemis 5472 2008.12.22 -

Microsoft 1.4205 2008.12.23 -

NOD32 3712 2008.12.22 -

Norman 5.80.02 2008.12.22 -

Panda 9.0.0.4 2008.12.22 -

PCTools 4.4.2.0 2008.12.22 -

Prevx1 V2 2008.12.23 -

Rising 21.09.11.00 2008.12.23 -

SecureWeb-Gateway 6.7.6 2008.12.23 -

Sophos 4.37.0 2008.12.23 -

Sunbelt 3.2.1809.2 2008.12.22 -

Symantec 10 2008.12.23 -

TheHacker 6.3.1.4.195 2008.12.20 -

TrendMicro 8.700.0.1004 2008.12.23 -

VBA32 3.12.8.10 2008.12.22 -

ViRobot 2008.12.23.1531 2008.12.23 -

VirusBuster 4.5.11.0 2008.12.22 -

[/log]

 

Datorn ska automatiskt kolla efter windows-uppdateringar. För säkerhetsskull sökte jag efter de senaste uppdateringarna, men det fanns inga. Jag har dessutom avinstallerat Antivir nu.

 

Link to comment
Share on other sites

Det såg ju bra ut, men för säkerhets skull så så skanna C:\amrei.exe en gång till och så trycker du på knappen för att göra en ny skanning i stället för knappen att visa resultatet.

 

Hur fungerar datorn nu?

 

Link to comment
Share on other sites

Så här såg det ut då:

 

[log]Antivirus Version Senaste Uppdatering Resultat

AhnLab-V3 2008.12.22.0 2008.12.23 -

AntiVir 7.9.0.45 2008.12.23 -

Authentium 5.1.0.4 2008.12.23 -

Avast 4.8.1281.0 2008.12.23 -

AVG 8.0.0.199 2008.12.22 -

BitDefender 7.2 2008.12.23 -

CAT-QuickHeal 10.00 2008.12.23 -

ClamAV 0.94.1 2008.12.23 -

Comodo 800 2008.12.22 -

DrWeb 4.44.0.09170 2008.12.23 -

eSafe 7.0.17.0 2008.12.21 -

eTrust-Vet 31.6.6274 2008.12.22 -

Ewido 4.0 2008.12.22 -

F-Prot 4.4.4.56 2008.12.22 -

F-Secure 8.0.14332.0 2008.12.23 -

Fortinet 3.117.0.0 2008.12.23 -

GData 19 2008.12.23 -

Ikarus T3.1.1.45.0 2008.12.23 -

K7AntiVirus 7.10.562 2008.12.22 -

Kaspersky 7.0.0.125 2008.12.23 -

McAfee 5472 2008.12.22 -

McAfee+Artemis 5472 2008.12.22 -

Microsoft 1.4205 2008.12.23 -

NOD32 3712 2008.12.22 -

Norman 5.80.02 2008.12.22 -

Panda 9.0.0.4 2008.12.23 -

PCTools 4.4.2.0 2008.12.22 -

Prevx1 V2 2008.12.23 -

Rising 21.09.11.00 2008.12.23 -

SecureWeb-Gateway 6.7.6 2008.12.23 -

Sophos 4.37.0 2008.12.23 -

Sunbelt 3.2.1809.2 2008.12.22 -

Symantec 10 2008.12.23 -

TheHacker 6.3.1.4.195 2008.12.20 -

TrendMicro 8.700.0.1004 2008.12.23 -

VBA32 3.12.8.10 2008.12.22 -

ViRobot 2008.12.23.1532 2008.12.23 -

VirusBuster 4.5.11.0 2008.12.22 -

[/log]

 

Min dator kanske har blivit botad från viruset då? Jag har inte märkt av några konstigheter idag i alla fall.

 

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.



×
×
  • Create New...