Your Ad Here

Monday, March 2, 2009

Should I remove ?

Hi all,
Today I scan my computer and found something in Hijackthis log

C:WINDOWSsystem32S24EvMon.exe
C:WINDOWSsystem32ZCfgSvc.exe
C:WINDOWSsystem321XConfig.exe

they are fine ?
here is my full Hijackthis log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:19:42 PM, on 3/2/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18372)
Boot mode: Normal

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32S24EvMon.exe
C:WINDOWSsystem32ZCfgSvc.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSExplorer.EXE
C:Program FilesLavasoftAd-Awareaawservice.exe
C:WINDOWSsystem321XConfig.exe
C:WINDOWSsystem32spoolsv.exe
C:Program FilesCommon FilesAcronisSchedule2schedul2.exe
C:AppServApache2.2binhttpd.exe
C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe
C:PROGRA~1AVGAVG8avgwdsvc.exe
C:Program FilesIObitAdvanced WindowsCare 3 Betaawcservice.exe
C:PROGRA~1AVGAVG8avgrsx.exe
C:PROGRA~1AVGAVG8avgnsx.exe
C:Program FilesBonjourmDNSResponder.exe
C:Program FilescFosSpeedspd.exe
C:Program FilesJavajre6binjqs.exe
C:AppServMySQLbinmysqld-nt.exe
C:WINDOWSsystem32RegSrvc.exe
C:Program FilesSpyware Terminatorsp_rsser.exe
C:AppServApache2.2binhttpd.exe
C:WINDOWSsystem32svchost.exe
C:PROGRA~1AVGAVG8avgemc.exe
C:WINDOWSsystem32SearchIndexer.exe
C:Program FilesAVGAVG8avgcsrvx.exe
C:PROGRA~1AVGAVG8avgtray.exe
C:Program FilesTweakNow PowerPack 2006CDAuto.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilescFosSpeedcfosspeed.exe
C:WINDOWSsystem32SearchProtocolHost.exe
D:hijackthisHijackThis.exe
C:Program FilesMozilla Firefoxfirefox.exe
C:Program FilesYahoo!MessengerYahooMessenger.exe

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = about:blank
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCUSoftwareMicrosoftInternet Connection Wizard,ShellNext = http://www.filehippo.com
R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:Program FilesInternet Download ManagerIDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:Program FilesAVGAVG8avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:PROGRA~1SPYBOT~1SDHelper.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:PROGRA~1AVGAVG8AVGTOO~1.DLL
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program FilesJavajre6binjp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:Program FilesJavajre6libdeployjqsiejqs_plugin.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEFavClient.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:PROGRA~1AVGAVG8AVGTOO~1.DLL
O4 - HKLM..Run: [AVG8_TRAY] C:PROGRA~1AVGAVG8avgtray.exe
O4 - HKLM..Run: [CD Autorun] C:Program FilesTweakNow PowerPack 2006CDAuto.exe
O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 - HKUSS-1-5-19..RunOnce: [nlpo_01] cmd.exe /c md "%SystemDrive%Temp" (User LOCAL SERVICE)
O4 - HKUSS-1-5-19..RunOnce: [nlpo_02] rundll32 advpack.dll,LaunchINFSection nlite.inf,nLiteReg (User LOCAL SERVICE)
O4 - HKUSS-1-5-19..RunOnce: [nlpo_03] rundll32 advpack.dll,LaunchINFSection nlite.inf,S (User LOCAL SERVICE)
O4 - HKUSS-1-5-20..RunOnce: [nlpo_01] cmd.exe /c md "%SystemDrive%Temp" (User NETWORK SERVICE)
O4 - Startup: cfos.lnk = C:Program FilescFosSpeedcfosspeed.exe
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Download all links with IDM - C:Program FilesInternet Download ManagerIEGetAll.htm
O8 - Extra context menu item: Download FLV video content with IDM - C:Program FilesInternet Download ManagerIEGetVL.htm
O8 - Extra context menu item: Download with IDM - C:Program FilesInternet Download ManagerIEExt.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:PROGRA~1MICROS~3OFFICE11EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~1MICROS~2OFFICE11REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:PROGRA~1SPYBOT~1SDHelper.dll
O9 - Extra Tools menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:PROGRA~1SPYBOT~1SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O9 - Extra Tools menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O9 - Extra button: iSiloX Clipper - {C86027A6-12A1-4298-B6EA-A42AC6EE6C7C} - C:Program FilesiSiloiSiloXiSiloXIE.dll (HKCU)
O9 - Extra Tools menuitem: iSiloX Clipper... - {C86027A6-12A1-4298-B6EA-A42AC6EE6C7C} - C:Program FilesiSiloiSiloXiSiloXIE.dll (HKCU)
O17 - HKLMSystemCCSServicesTcpip..{46B720C6-25FB-4877-A9F4-A1CB9C78A6F1}: NameServer = 172.16.202.1,202.89.66.6
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:Program FilesAVGAVG8avgpp.dll
O20 - AppInit_DLLs: acaptuser32.dll
O20 - Winlogon Notify: avgrsstarter - C:WINDOWSSYSTEM32avgrsstx.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:Program FilesLavasoftAd-Awareaawservice.exe
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:Program FilesCommon FilesAcronisSchedule2schedul2.exe
O23 - Service: Apache2.2 - Apache Software Foundation - C:AppServApache2.2binhttpd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:Program FilesCommon FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:WINDOWSsystem32Ati2evxx.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:PROGRA~1AVGAVG8avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:PROGRA~1AVGAVG8avgwdsvc.exe
O23 - Service: Advanced WindowsCare Boost Service (AwcService) - IObit - C:Program FilesIObitAdvanced WindowsCare 3 Betaawcservice.exe
O23 - Service: Bonjour Service - Apple Inc. - C:Program FilesBonjourmDNSResponder.exe
O23 - Service: cFosSpeed System Service (cFosSpeedS) - cFos Software GmbH - C:Program FilescFosSpeedspd.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:Program FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe
O23 - Service: iPod Service - Apple Inc. - C:Program FilesiPodbiniPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:Program FilesJavajre6binjqs.exe
O23 - Service: mysql - Unknown owner - C:AppServMySQLbinmysqld-nt.exe
O23 - Service: NBService - Nero AG - C:Program FilesNeroNero 7Nero BackItUpNBService.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:Program FilesIntelNCSSyncNetSvc.exe
O23 - Service: RegSrvc - Intel Corporation - C:WINDOWSsystem32RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:WINDOWSsystem32S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:Program FilesPC Connectivity SolutionServiceLayer.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:Program FilesSpyware Terminatorsp_rsser.exe

--
End of file - 9285 bytes

Should I remove something ? Need help.
Thanks

Read More...

[Source: Webmaster Forum - Posted by FreeAutoBlogger]
Your Ad Here

No comments: