Xem giùm thèn em với

[phamtienquan92]

Logfile of HijackThis v1.99.1

Scan saved at 5[IMG]http://www.*******************/img/smile/38.gif[/IMG]44 PM, on 5/11/2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)



Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\explorer.exe

C:\WINDOWS\system32\dllcache\explorer.exe

C:\PROGRA~1\IEACCE~1\IEAccelerator.exe

C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\G oogleToolbarNotifier.exe

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\censtat.exe

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\xdict.exe

C:\Documents and Settings\Net328\Local Settings\Temporary Internet Files\Content.IE5\CSCUS6JB\0[1].exe

C:\Documents and Settings\Net328\Local Settings\Temporary Internet Files\Content.IE5\CSCUS6JB\0[1].exe

D:\AppServ\Apache2.2\bin\httpd.exe

C:\WINDOWS\CTIServ.exe

C:\WINDOWS\SoundMan.exe

D:\AppServ\Apache2.2\bin\httpd.exe

D:\AppServ\MySQL\bin\mysqld-nt.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\wdfmgr.exe

C:\WINDOWS\system32\cmd.exe

C:\WINDOWS\system32\find.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\cmd.exe

C:\WINDOWS\system32\Microsoft\svchost.exe

C:\WINDOWS\system32\cmd.exe

C:\WINDOWS\system32
et.exe

C:\WINDOWS\system32
et1.exe

C:\TDdownload\BHome1651.exe

C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe

C:\WINDOWS\system32\cmd.exe

C:\WINDOWS\system32\cmd.exe

C:\WINDOWS\system32
et.exe

C:\WINDOWS\system32
et1.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\WINDOWS\system32\ping.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\TDdownload\hijackthis.exe



R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://nhacso.net/

F2 - REG:system.ini: UserInit=Userinit.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx

O2 - BHO: GigagetIEHelper - {111CAA23-6F4F-42AC-8555-B48C1D87BBAB} - C:\WINDOWS\system32\gigagetbho_v10.dll

O2 - BHO: yxcsbhlp.dll - {25671234-7890-ABCD-CDEF-567801237652} - C:\WINDOWS\system32\yxcsbhlp.dll

O2 - BHO: mndscsrv.dll - {37FD640A-158F-48AC-FD14-1597F14A9773} - C:\WINDOWS\system32\mndscsrv.dll

O2 - BHO: (no name) - {398C9B84-4EF7-47B5-9862-DE29543B3C42} - (no file)

O2 - BHO: oohxbbyt.dll - {3B1AEF69-DDAE-FDAD-DCAB-698F026ABDB3} - C:\WINDOWS\system32\oohxbbyt.dll

O2 - BHO: mnmhcsrv.dll - {3C8D1401-A58D-A81C-CD24-A5915C4517C3} - C:\WINDOWS\system32\mnmhcsrv.dll

O2 - BHO: zptlbsys.dll - {40940F85-F015-14F1-A05F-F69858AC6D04} - C:\WINDOWS\system32\zptlbsys.dll

O2 - BHO: ypcqchlp.dll - {40AF1289-F140-A140-D012-C1458759FC04} - C:\WINDOWS\system32\ypcqchlp.dll

O2 - BHO: zywmdime.dll - {4319A1F1-9410-9654-3201-345FFA349134} - C:\WINDOWS\system32\zywmdime.dll

O2 - BHO: zxmsbwin.dll - {5A041F13-A111-12A3-B0CF-F99818AA68A5} - C:\WINDOWS\system32\zxmsbwin.dll

O2 - BHO: zyzxeime.dll - {5A59145F-315D-BC23-AC1F-145DF81A34A5} - C:\WINDOWS\system32\zyzxeime.dll

O2 - BHO: ypdjebmp.dll - {71954FAC-1023-154F-895A-1458258AD817} - C:\WINDOWS\system32\ypdjebmp.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll

O4 - HKLM\..\Run: [IE Accelerator] C:\PROGRA~1\IEACCE~1\IEAccelerator.exe /Auto

O4 - HKLM\..\Run: [KillPorn] D:\KillPorn\KillPorn.exe

O4 - HKLM\..\Run: [Gigaget] "D:\Giganology\Gigaget\GigagetShell.exe" /s

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKLM\..\Run: [fmsiocps] C:\WINDOWS\fmsiocps.exe

O4 - HKLM\..\Run: [anistio] C:\WINDOWS\anistio.exE

O4 - HKLM\..\Run: [issms32] C:\WINDOWS\issms32.exe

O4 - HKLM\..\Run: [dionpis] C:\WINDOWS\dionpis.exe

O4 - HKLM\..\Run: [hefcndy] C:\WINDOWS\hefcndy.exe

O4 - HKLM\..\Run: [dbhlp32] C:\WINDOWS\dbhlp32.exe

O4 - HKLM\..\Run: [fmsjhif] C:\WINDOWS\fmsjhif.exe

O4 - HKLM\..\Run: [xlmdtbzw] C:\WINDOWS\ldbwibto.exe

O4 - HKLM\..\Run: [ptshell] C:\WINDOWS\ptshell.exe

O4 - HKLM\..\Run: [huifitc] C:\WINDOWS\huifitc.exe

O4 - HKLM\..\Run: [mfchlp64] C:\WINDOWS\mfchlp64.exe

O4 - HKLM\..\Run: [dndsioc] C:\WINDOWS\dndsioc.exe

O4 - HKLM\..\Run: [cinfonmc] C:\WINDOWS\cinfonmc.exe

O4 - HKLM\..\Run: [SoundMan] SoundMan.exe

O4 - HKLM\..\Run: [BkavFw] C:\Program Files\Bkav2006\Bkav2006.exe TASKBAR

O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\G oogleToolbarNotifier.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet

O4 - Global Startup: censtat.exe

O4 - Global Startup: xdict.exe

O8 - Extra context menu item: &Download All by Gigaget - D:\Giganology\Gigaget\getallurl.htm

O8 - Extra context menu item: &Download by Gigaget - D:\Giganology\Gigaget\geturl.htm

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: English<->Vietnamese - C:\Program Files\LingvoSoft\LingvoSoft Talking Dictionary 2007 (English-Vietnamese) for Windows\Plugins\IE.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin
pjpi150_02.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin
pjpi150_02.dll

O9 - Extra button: English<->Vietnamese - {0DC44B85-F904-0741-8EAE-A8CCC73AC982} - C:\Program Files\LingvoSoft\LingvoSoft Talking Dictionary 2007 (English-Vietnamese) for Windows\Plugins\IE.htm

O9 - Extra 'Tools' menuitem: English<->Vietnamese - {0DC44B85-F904-0741-8EAE-A8CCC73AC982} - C:\Program Files\LingvoSoft\LingvoSoft Talking Dictionary 2007 (English-Vietnamese) for Windows\Plugins\IE.htm

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\YAHOO!\MESSEN~1\YAHOOM~1.EXE

O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\YAHOO!\MESSEN~1\YAHOOM~1.EXE

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {48884C41-EFAC-433D-958A-9FADAC41408E} (EGamesPlugin Class) - http://www.bro.vn/com/EGamesPlugin.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{662EF261-6801-4F9F-A87B-47BBEE702739}: NameServer = 203.162.0.181,203.162.0.11

O20 - AppInit_DLLs: ghynjr.dll,dgxsrr.dll,dfhtrhy.dll,ghjkdr.dll,sefaw e.dll,frntrn.dll,qrhhb.dll,drg

hszd.dll,fngn.dll,gjjte.dll,xgnfn.dll,xfgnhcgfm.dl l,serger.dll,bnxnb.dll,fxgnfx.

d

ll,jzijj.dll,xfgnfx.dll,serghjm.dll,thsddh.dll,xbc vxb.dll,zfdzb.dll,xdndn.dll,xd

f

ntt.dll,hgfhk.dll,dnteh.dll,xfng.dll,njritc.dll,ch mfcmh.dll,jwlah.dll,gmnait.dll

,

hfjg.dll,thurh.dll,mgmgmm.dll,oqrthc.dll,dgxsrr.dl l,jyjlt.dll,ijatnaw.dll,sehhte

r

.dll,fhjfg.dll,zdbdb.dll,ydgn.dll,dbfb.dll,fjnbv.d ll,ghjdtry.dll,setrhes.dll,cdx

b

fxdb.dll,xfgnxfn.dll,gjkhj.dll,xdhdg.dll,rhs.dll,m rjhtjd.dll,zdbfbd.dll,fjyjy.dl

l

,fxnfnh.dll,bjrvm.dll,ektvm.dll,rdthr.dll,rgfjj.dl l,dscef.dll,crugd.dll,lariytrz

.

dll,hjaiq.dll,kduy.dll,hkfgh.dll,awef.dll,dfhsh.dl l,ethsh.dll,stehs.dll,sthth.dl

l

,wfhyt.dll,rgghjj.dll,fdght.dll,,msosping01.dll,ms osdrop01.dll,msosptfs01.dll,ms

o

smnsf01.dll,msoscqit01.dll

O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll

O23 - Service: Apache2.2 - Unknown owner - D:\AppServ\Apache2.2\bin\httpd.exe" -k runservice (file missing)

O23 - Service: AutoComplete Service (Autocomplete) - Acesoft - C:\Program Files\Acesoft\Tracks Eraser Pro\autocomp.exe

O23 - Service: ctiserv - Centurion Technologies, Inc. - C:\WINDOWS\CTIServ.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Help and Support (helpsvc) - Unknown owner - C:\WINDOWS\system32\interne.exe (file missing)

O23 - Service: mysql - Unknown owner - D:\AppServ\MySQL\bin\mysqld-nt.exe

O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe

[hoahuongduong]

HijackThis



Cái gì vậy ta, hix nhìn vào mà ***ng hết cả mặt, k0 biết tiếng anh khổ thế đấy [IMG]http://www.*******************/dd/public/style_emoticons/<#EMO_DIR#>/53.gif[/IMG]



ý bạn là hỏi xem máy có gián điệp k0 à