1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Do I got virus?

Discussion in 'Virus & Other Malware Removal' started by PriXxOr, Jul 9, 2007.

Thread Status:
Not open for further replies.
  1. PriXxOr

    PriXxOr Thread Starter

    Joined:
    Sep 20, 2006
    Messages:
    30
    Hello,
    I just wonder if I got virus. So I'll post a Hijacklogg.




    Logfile of HijackThis v1.99.1
    Scan saved at 13:21:43, on 2007-07-09
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16473)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\Program\CyberLink\PowerDVD\DVDLauncher.exe
    C:\Program\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
    C:\Program\GAOV\Mysee Alert\Mysee Alert.exe
    C:\Program\Delade filer\Real\Update_OB\realsched.exe
    C:\Program\com hem security\Common\FSM32.EXE
    C:\Program\QuickTime\qttask.exe
    C:\Program\Java\jre1.6.0_01\bin\jusched.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program\MSN Messenger\msnmsgr.exe
    C:\Program\Steam\Steam.exe
    C:\Program\ECP\ESC2\esc2.exe
    C:\Program\COMHEM~1\backweb\8910145\Program\SERVIC~1.EXE
    C:\Program\com hem security\Anti-Virus\fsgk32st.exe
    C:\Program\com hem security\backweb\8910145\program\fsbwsys.exe
    C:\Program\com hem security\Anti-Virus\FSGK32.EXE
    C:\Program\com hem security\Common\FSMA32.EXE
    C:\Program\com hem security\Anti-Virus\fssm32.exe
    C:\Program\com hem security\backweb\8910145\Program\fspex.exe
    C:\Program\Delade filer\Hogia\HKHub\HKHub.exe
    C:\Program\com hem security\Common\FSMB32.EXE
    C:\WINDOWS\system32\svchost.exe
    C:\Program\com hem security\Common\FCH32.EXE
    C:\Program\com hem security\Common\FAMEH32.EXE
    C:\Program\com hem security\FSPC\fspc.exe
    C:\Program\com hem security\FWES\Program\fsdfwd.exe
    C:\Program\com hem security\Anti-Virus\fsav32.exe
    C:\Program\com hem security\FSGUI\fsguiexe.exe
    C:\Program\MSN Messenger\usnsvc.exe
    C:\Program\Mozilla Firefox\firefox.exe
    C:\Program\Internet Explorer\IEXPLORE.EXE
    C:\Program\MSN Messenger\msvs.exe
    C:\Documents and Settings\Hing Yau\Mina dokument\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre1.6.0_01\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program\Yahoo!\Companion\Installs\cpn\yt.dll
    O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [DVDLauncher] "C:\Program\CyberLink\PowerDVD\DVDLauncher.exe"
    O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
    O4 - HKLM\..\Run: [Mysee Alert] "C:\Program\GAOV\Mysee Alert\Mysee Alert.exe" -notray
    O4 - HKLM\..\Run: [BearShare] "C:\Program\BearShare\BearShare.exe" /pause
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program\Delade filer\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program\com hem security\Common\FSM32.EXE" /splash
    O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program\com hem security\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
    O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program\com hem security\FSGUI\FSSW.EXE" /reboot
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program\Java\jre1.6.0_01\bin\jusched.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program\MSN Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [BitTorrent] "C:\Program\BitTorrent\bittorrent.exe" --force_start_minimized
    O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart
    O4 - HKCU\..\Run: [Steam] "C:\Program\Steam\Steam.exe" -silent
    O4 - HKCU\..\Run: [updateMgr] "C:\Program\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1
    O4 - HKCU\..\Run: [E-Sport Client 2] "C:\Program\ECP\ESC2\esc2.exe"
    O4 - Startup: SpeedRO.lnk = C:\Program\Gravity\RO\SpeedRO.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\Program\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra button: Webbfilter - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program\com hem security\FSPC\fspcmsie.dll
    O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program\com hem security\FSPC\fspcmsie.dll
    O9 - Extra 'Tools' menuitem: Visa &lista över webbplatser - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program\com hem security\FSPC\fspcmsie.dll
    O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F02} - C:\Program\com hem security\FSPC\fspcmsie.dll
    O9 - Extra 'Tools' menuitem: &Inaktivera webbsidefilter - {200DB664-75B5-47c0-8B45-A44ACCF73F02} - C:\Program\com hem security\FSPC\fspcmsie.dll
    O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F03} - C:\Program\com hem security\FSPC\fspcmsie.dll
    O9 - Extra 'Tools' menuitem: &Blockera den här webbplatsen - {200DB664-75B5-47c0-8B45-A44ACCF73F03} - C:\Program\com hem security\FSPC\fspcmsie.dll
    O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F04} - C:\Program\com hem security\FSPC\fspcmsie.dll
    O9 - Extra 'Tools' menuitem: &Tillåt den här webbplatsen - {200DB664-75B5-47c0-8B45-A44ACCF73F04} - C:\Program\com hem security\FSPC\fspcmsie.dll
    O9 - Extra button: Referensinformation - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
    O10 - Broken Internet access because of LSP provider 'winsflt.dll' missing
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program\MSNMES~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O23 - Service: com hem security (BackWeb Plug-in - 8910145) - Unknown owner - C:\Program\COMHEM~1\backweb\8910145\Program\SERVIC~1.EXE
    O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program\com hem security\Anti-Virus\fsgk32st.exe
    O23 - Service: fsbwsys - F-Secure Corp. - C:\Program\com hem security\backweb\8910145\program\fsbwsys.exe
    O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program\com hem security\FWES\Program\fsdfwd.exe
    O23 - Service: F-Secure HTTP Server (fshttps) - F-Secure Corporation - C:\Program\com hem security\FSPC\fshttps\fshttps.exe
    O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program\com hem security\Common\FSMA32.EXE
    O23 - Service: Hogia Hub (HKHub) - Hogia Redovisning & Revision AB - C:\Program\Delade filer\Hogia\HKHub\HKHub.exe
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/593546

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice