Hỏi các bạn về hijackthis??

Hỏi các bạn về hijackthis??

Bạn có thể xem hộ xem có gì bất thường trong cái này không, giúp tớ với


Logfile of HijackThis v1.99.1
Scan saved at 1:49:43 PM, on 7/24/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWS hanhnguyen.exe
Crogram FilesSoftwinBitDefender10dmcon.exe
Crogram FilesSoftwinBitDefender10dagent.exe
Crogram FilesAnalog DevicesCoresmax4pnp.exe
Crogram FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
C:WINDOWSsystem32CAP2RSK.EXE
Crogram FilesMessengermsmsgs.exe
Crogram FilesYourWare SolutionsFreeRAM XP ProFreeRAM XP Pro.exe
C:WINDOWSSYSTEM32SPOOLDRIVERSW32X863CAP2SWK.EXE
Crogram FilesAdobeAcrobat 6.0Distillracrotray.exe
C:WINDOWSsystem32spooldriversw32x863CAP2LAK.EXE
C:WINDOWSATKKBService.exe
Crogram FilesBonjourmDNSResponder.exe
C:Netserverinstablemysqlinmysqld.exe
C:WINDOWSsystem32
vsvc32.exe
Crogram FilesCommon FilesSoftwinBitDefender Communicatorxcommsvr.exe
Crogram FilesCommon FilesSoftwinBitDefender Update Servicelivesrv.exe
C:WINDOWSsystem32wscntfy.exe
C:WINDOWSSystem32svchost.exe
Crogram FilesKernel for OutlookKernel for Outlook.exe
Crogram FilesMicrosoft OfficeOFFICE11OUTLOOK.EXE
Crogram FilesYahoo!MessengerYahooMessenger.exe
C:WINDOWSsystem32svchost.exe
Crogram FilesInternet ExplorerIEXPLORE.EXE
Crogram FilesSkypePhoneSkype.exe
Crogram FilesSkypePlugin ManagerskypePM.exe
Crogram FilesAdobeAdobe Photoshop CS2Photoshop.exe
COCUME~1THANHN~1LOCALS~1TempAdobelm_Cleanup.0001
Crogram FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe
COCUME~1THANHN~1LOCALS~1TempAdobelm_Cleanup.0001
Crogram FilesCommon FilesSoftwinBitDefender Scan Serverdss.exe
Crogram FilesSoftwinBitDefender10vsserv.exe
C:WINDOWSsystem32
undll32.exe
Dhan mem tien ichgiet virus hijackhijackthisHijackThis.exe

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = 207.216.16.113:3128
R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local
F2 - REG:system.ini: Shell=thanhnguyen.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - Crogram FilesAdobeAcrobat 6.0AcrobatActiveXAcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - Crogram FilesSkypeToolbarsInternet ExplorerSkypeIEPlugin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - crogram filesgooglegoogletoolbar1.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - Crogram FilesAdobeAcrobat 6.0AcrobatAcroIEFa***ient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - Crogram FilesGoogleGoogleToolbarNotifier2.0.301.7164swg.dll
O2 - BHO: NTIECatcher Class - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - Crogram FilesXiNetTransport 2NTIEHelper.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - crogram filesgooglegoogletoolbar1.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Crogram FilesAdobeAcrobat 6.0AcrobatAcroIEFa***ient.dll
O4 - HKLM..Run: [IMJPMIG8.1] "C:WINDOWSIMEimjp8_1IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM..Run: [MSPY2002] C:WINDOWSsystem32IMEPINTLGNTImScInst.exe /SYNC
O4 - HKLM..Run: [PHIME2002ASync] C:WINDOWSsystem32IMETINTLGNTTINTSETP.EXE /SYNC
O4 - HKLM..Run: [PHIME2002A] C:WINDOWSsystem32IMETINTLGNTTINTSETP.EXE /IMEName
O4 - HKLM..Run: [BDMCon] "Crogram FilesSoftwinBitDefender10dmcon.exe" /reg
O4 - HKLM..Run: [BDAgent] "Crogram FilesSoftwinBitDefender10dagent.exe"
O4 - HKLM..Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM..Run: [SoundMAXPnP] Crogram FilesAnalog DevicesCoresmax4pnp.exe
O4 - HKLM..Run: [SoundMAX] "Crogram FilesAnalog DevicesSoundMAXSmax4.exe" /tray
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [nwiz] nwiz.exe /install
O4 - HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSsystem32NvMcTray.dll,NvTaskbarInit
O4 - HKLM..Run: [CAP2ON] C:WINDOWSsystem32SpoolDriversw32x863CAP2ONN.EXE
O4 - HKCU..Run: [Skype] "Crogram FilesSkypePhoneSkype.exe" /nosplash /minimized
O4 - HKCU..Run: [swg] Crogram FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
O4 - HKCU..Run: [Yahoo! Pager] "Crogram FilesYahoo!MessengerYahooMessenger.exe" -quiet
O4 - HKCU..Run: [MSMSGS] "Crogram FilesMessengermsmsgs.exe" /background
O4 - HKCU..Run: [FreeRAM XP] "Crogram FilesYourWare SolutionsFreeRAM XP ProFreeRAM XP Pro.exe" -win
O4 - Startup: Adobe Gamma.lnk = Crogram FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe
O4 - Global Startup: Acrobat Assistant.lnk = Crogram FilesAdobeAcrobat 6.0Distillracrotray.exe
O4 - Global Startup: Canon LASER SHOT LBP-1210 ª¬ºAµøµ¡.LNK = C:WINDOWSsystem32spooldriversw32x863CAP2LAK.EXE
O8 - Extra context menu item: Download all by Net Transport - Crogram FilesXiNetTransport 2NTAddList.html
O8 - Extra context menu item: Download by Net Transport - Crogram FilesXiNetTransport 2NTAddLink.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://CROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - Crogram FilesWinHTTrackWinHTTrackIEBar.dll
O9 - Extra ''Tools'' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - Crogram FilesWinHTTrackWinHTTrackIEBar.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - Crogram FilesSkypeToolbarsInternet ExplorerSkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - CROGRA~1MICROS~2OFFICE11REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%Network Diagnosticxpnetdiag.exe (file missing)
O9 - Extra ''Tools'' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%Network Diagnosticxpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - Crogram FilesMessengermsmsgs.exe
O9 - Extra ''Tools'' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - Crogram FilesMessengermsmsgs.exe
O10 - Unknown file in Winsock LSP: crogram filesonjourmdnsnsp.dll
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {F9043C85-F6F2-101A-A3C9-08002B2F49FB} (Microsoft Common Dialog Control, version 6.0 (SP6)) - file:///C:/Program%20Files/OpenCube/Visual%20Infinite%20Menus/comdlg32.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - CROGRA~1COMMON~1SkypeSKYPE4~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - Crogram FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe
O23 - Service: Apache - Unknown owner - C:Netserverinstableapacheapache.exe" -k runservice (file missing)
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:WINDOWSATKKBService.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - Crogram FilesCommon FilesSoftwinBitDefender Scan Serverdss.exe" /service (file missing)
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - Crogram FilesBonjourmDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - Crogram FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - Crogram FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - Crogram FilesCommon FilesSoftwinBitDefender Update Servicelivesrv.exe" /service (file missing)
O23 - Service: MySQL - Unknown owner - C:Netserverinstablemysqlinmysqld.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:WINDOWSsystem32
vsvc32.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - Crogram FilesSoftwinBitDefender10vsserv.exe" /service (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - Crogram FilesCommon FilesSoftwinBitDefender Communicatorxcommsvr.exe" /service (file missing)


THankssssss

http://hijackthis.de/
1.em chỉ thấy 1 điều là có quá nhiều file chạy ngầm định và nhiều lỗi registry
2.theo cái kết quả bác lấy ra ý bác đang chạy cùng 1 lúc : Pho to shop CS + Bit10 + skype <--của nợ skyper chạy lúc đầu ko sao , nhưng càng nói chuyện lâu thì nó ngốn ram càng ác

Tớ chả thấy gì
Nếu ko vào http://hijackthis.de/
Up file log lên để nó check xem .

tớ nhìn là cũng ko thấy vấn đề gì thật, đang dùng uniblue repair registry roài ...
có lẽ là do virtual memory set không đc ngon lắm ...các bạn có tư vấn set minimum và maximum như thế nào cho hợp lý không nhỉ.

Khuyên bác thế này nhé
bác tick tất những cái bác không biết đi
trừ những cái hệ thống và cái bác cài như BIT thôi
như thế là tốt nhất
Em thấy trong log của bác có nhiều cái linh tinh lắm
Vi du :
F2 - REG:system.ini: Shell=thanhnguyen.exe