Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. 
Join 
This topic is locked
Logfile of HijackThis v1.99.1
Scan saved at 4:05:27 PM, on 5/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\dllcache\explorer.exe
C:\PROGRA~1\IEACCE~1\IEAccelerator.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\censtat.exe
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\xdict.exe
C:\Documents and Settings\Net328\Local Settings\Temporary Internet Files\Content.IE5\CSCUS6JB\0[1].exe
C:\Documents and Settings\Net328\Local Settings\Temporary Internet Files\Content.IE5\CSCUS6JB\0[1].exe
D:\AppServ\Apache2.2\bin\httpd.exe
C:\WINDOWS\CTIServ.exe
C:\WINDOWS\SoundMan.exe
D:\AppServ\Apache2.2\bin\httpd.exe
D:\AppServ\MySQL\bin\mysqld-nt.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\find.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\Microsoft\svchost.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\net.exe
C:\WINDOWS\system32\net1.exe
D:\Giganology\Gigaget\Gigaget.exe
C:\TDdownload\BHome1651.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\net.exe
C:\WINDOWS\system32\net1.exe
C:\WINDOWS\system32\cmd.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\popo.exe
C:\TDdownload\hijackthis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://nhacso.net/
F2 - REG:system.ini: UserInit=Userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: GigagetIEHelper - {111CAA23-6F4F-42AC-8555-B48C1D87BBAB} - C:\WINDOWS\system32\gigagetbho_v10.dll
O2 - BHO: yxcsbhlp.dll - {25671234-7890-ABCD-CDEF-567801237652} - C:\WINDOWS\system32\yxcsbhlp.dll
O2 - BHO: mndscsrv.dll - {37FD640A-158F-48AC-FD14-1597F14A9773} - C:\WINDOWS\system32\mndscsrv.dll
O2 - BHO: (no name) - {398C9B84-4EF7-47B5-9862-DE29543B3C42} - (no file)
O2 - BHO: oohxbbyt.dll - {3B1AEF69-DDAE-FDAD-DCAB-698F026ABDB3} - C:\WINDOWS\system32\oohxbbyt.dll
O2 - BHO: mnmhcsrv.dll - {3C8D1401-A58D-A81C-CD24-A5915C4517C3} - C:\WINDOWS\system32\mnmhcsrv.dll
O2 - BHO: zptlbsys.dll - {40940F85-F015-14F1-A05F-F69858AC6D04} - C:\WINDOWS\system32\zptlbsys.dll
O2 - BHO: ypcqchlp.dll - {40AF1289-F140-A140-D012-C1458759FC04} - C:\WINDOWS\system32\ypcqchlp.dll
O2 - BHO: zywmdime.dll - {4319A1F1-9410-9654-3201-345FFA349134} - C:\WINDOWS\system32\zywmdime.dll
O2 - BHO: zxmsbwin.dll - {5A041F13-A111-12A3-B0CF-F99818AA68A5} - C:\WINDOWS\system32\zxmsbwin.dll
O2 - BHO: zyzxeime.dll - {5A59145F-315D-BC23-AC1F-145DF81A34A5} - C:\WINDOWS\system32\zyzxeime.dll
O2 - BHO: ypdjebmp.dll - {71954FAC-1023-154F-895A-1458258AD817} - C:\WINDOWS\system32\ypdjebmp.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [IE Accelerator] C:\PROGRA~1\IEACCE~1\IEAccelerator.exe /Auto
O4 - HKLM\..\Run: [KillPorn] D:\KillPorn\KillPorn.exe
O4 - HKLM\..\Run: [Gigaget] "D:\Giganology\Gigaget\GigagetShell.exe" /s
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [fmsiocps] C:\WINDOWS\fmsiocps.exe
O4 - HKLM\..\Run: [anistio] C:\WINDOWS\anistio.exE
O4 - HKLM\..\Run: [issms32] C:\WINDOWS\issms32.exe
O4 - HKLM\..\Run: [dionpis] C:\WINDOWS\dionpis.exe
O4 - HKLM\..\Run: [hefcndy] C:\WINDOWS\hefcndy.exe
O4 - HKLM\..\Run: [dbhlp32] C:\WINDOWS\dbhlp32.exe
O4 - HKLM\..\Run: [fmsjhif] C:\WINDOWS\fmsjhif.exe
O4 - HKLM\..\Run: [xlmdtbzw] C:\WINDOWS\ldbwibto.exe
O4 - HKLM\..\Run: [ptshell] C:\WINDOWS\ptshell.exe
O4 - HKLM\..\Run: [huifitc] C:\WINDOWS\huifitc.exe
O4 - HKLM\..\Run: [mfchlp64] C:\WINDOWS\mfchlp64.exe
O4 - HKLM\..\Run: [dndsioc] C:\WINDOWS\dndsioc.exe
O4 - HKLM\..\Run: [cinfonmc] C:\WINDOWS\cinfonmc.exe
O4 - HKLM\..\Run: [SoundMan] SoundMan.exe
O4 - HKLM\..\Run: [BkavFw] C:\Program Files\Bkav2006\Bkav2006.exe TASKBAR
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - Global Startup: censtat.exe
O4 - Global Startup: xdict.exe
O8 - Extra context menu item: &Download All by Gigaget - D:\Giganology\Gigaget\getallurl.htm
O8 - Extra context menu item: &Download by Gigaget - D:\Giganology\Gigaget\geturl.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: English<->Vietnamese - C:\Program Files\LingvoSoft\LingvoSoft Talking Dictionary 2007 (English-Vietnamese) for Windows\Plugins\IE.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: English<->Vietnamese - {0DC44B85-F904-0741-8EAE-A8CCC73AC982} - C:\Program Files\LingvoSoft\LingvoSoft Talking Dictionary 2007 (English-Vietnamese) for Windows\Plugins\IE.htm
O9 - Extra 'Tools' menuitem: English<->Vietnamese - {0DC44B85-F904-0741-8EAE-A8CCC73AC982} - C:\Program Files\LingvoSoft\LingvoSoft Talking Dictionary 2007 (English-Vietnamese) for Windows\Plugins\IE.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\YAHOO!\MESSEN~1\YAHOOM~1.EXE
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\YAHOO!\MESSEN~1\YAHOOM~1.EXE
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {48884C41-EFAC-433D-958A-9FADAC41408E} (EGamesPlugin Class) - http://www.bro.vn/com/EGamesPlugin.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{662EF261-6801-4F9F-A87B-47BBEE702739}: NameServer = 203.162.0.181,203.162.0.11
O20 - AppInit_DLLs: gfcfg.dll,drthte.dll,yjrfe.dll,uksuk.dll,thrtgth.dll,hujfgt.dll,rhdhj.dll,jmkcgt
.dll,hfther.dll,segtrgh.dll,frntrn.dll,qrhhb.dll,drghszd.dll,fngn.dll,gnfctt.dll
,
xgnfn.dll,xfgnhcgfm.dll,serger.dll,bnxnb.dll,fxgnfx.dll,jzijj.dll,xfgnfx.dll,ser
g
hjm.dll,thsddh.dll,xbcvxb.dll,zfdzb.dll,xdndn.dll,xdfntt.dll,hgfhk.dll,dnteh.dll
,
xfng.dll,njritc.dll,chmfcmh.dll,jwlah.dll,gmnait.dll,hfjg.dll,thurh.dll,mgmgmm.d
l
l,oqrthc.dll,gfhynrth.dll,jyjlt.dll,ijatnaw.dll,sehhter.dll,fhjfg.dll,zdbdb.dll,
y
dgn.dll,dbfb.dll,fjnbv.dll,rthderr.dll,setrhes.dll,cdxbfxdb.dll,xfgnxfn.dll,gjkh
j
.dll,xdhdg.dll,rhs.dll,mrjhtjd.dll,zdbfbd.dll,fjyjy.dll,fxnfnh.dll,bjrvm.dll,ekt
v
m.dll,rdthr.dll,rgfjj.dll,dscef.dll,crugd.dll,lariytrz.dll,hjaiq.dll,kduy.dll,hk
f
gh.dll,awef.dll,dfhsh.dll,ethsh.dll,stehs.dll,sthth.dll,wfhyt.dll,rgghjj.dll,ghj
k
dr.dll,hnfgs.dll,
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O23 - Service: Apache2.2 - Unknown owner - D:\AppServ\Apache2.2\bin\httpd.exe" -k runservice (file missing)
O23 - Service: AutoComplete Service (Autocomplete) - Acesoft - C:\Program Files\Acesoft\Tracks Eraser Pro\autocomp.exe
O23 - Service: ctiserv - Centurion Technologies, Inc. - C:\WINDOWS\CTIServ.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Help and Support (helpsvc) - Unknown owner - C:\WINDOWS\system32\interne.exe (file missing)
O23 - Service: mysql - Unknown owner - D:\AppServ\MySQL\bin\mysqld-nt.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
Have anyone help me now?PLz
