Logfile of HijackThis v1.99.1
Scan saved at 2:29:51, on 2007-7-1
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Ahead\ODD Toolkit\DVDTray.exe
C:\WINDOWS\ZSSnp211.exe
C:\WINDOWS\Domino.exe
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
D:\工具\jiajia\jj4\jiajiasr.exe
D:\工具\qq\QQ.exe
D:\工具\qq\TIMPlatform.exe
C:\Program Files\JiangMin\AntiVirus\KVWSC.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\Administrator\Local Settings\Temp\QQSC.exe
C:\WINDOWS\system32\conime.exe
C:\PROGRA~1\TENCENT\QQGAME\TETRIS\TETRIS.EXE
C:\Program Files\Ringz Studio\Storm Codec\mplayerc.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\JiangMin\AntiVirus\kvxp.kxp
C:\Program Files\360safe\360Safe.exe
D:\安装程序\HijackThis.exe
R3 - URLSearchHook: Tencent SearchHook - {DB8B2393-7A6C-4C76-88CE-6B1F6FF6FFE9} - C:\Program Files\TENCENT\SSPlus\SAddr.dll
O2 - BHO: ThunderBHO - {01443AE8-0FD1-40FD-9C87-E93D1494C233} - D:\工具\讯雷\ComDlls\xunleiBHO_Now.dll
O2 - BHO: QQCycloneHelper Class - {01443AE9-0FD1-40FD-9C87-E93D1494C233} - D:\工具\超级旋风\QQIEHelper01.dll
O2 - BHO: Thunder AtOnce - {01443AEC-0FD1-40fd-9C87-E93D1494C233} - D:\工具\讯雷\ComDlls\TDAtOnce_Now.dll
O2 - BHO: Tencent Browser Helper - {0C7C23EF-A848-485B-873C-0ED954731014} - C:\Program Files\TENCENT\SSPlus\SAddr.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: BrowseHelper Class - {80BF4637-D65B-43F3-BB60-C5DD3D5FB7B9} - C:\Program Files\JiangMin\AntiVirus\KVshell.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: 江民杀毒工具栏 - {B5A34A93-D538-43A7-8371-864CB6148D12} - C:\Program Files\JiangMin\AntiVirus\KVshell.dll
O4 - HKLM\..\Run: [StormCodec_Helper] "C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [DVDTray] C:\Program Files\Ahead\ODD Toolkit\DVDTray.exe
O4 - HKLM\..\Run: [ZSSnp211] C:\WINDOWS\ZSSnp211.exe
O4 - HKLM\..\Run: [Domino] C:\WINDOWS\Domino.exe
O4 - HKLM\..\Run: [stup.exe] Rundll32.exe C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll,Rundll32 R
O4 - HKLM\..\Run: [KVMON] C:\Program Files\JiangMin\AntiVirus\KVMonXP.kxp
O4 - HKLM\..\Run: [Storm2Set] C:\WINDOWS\system32\rundll32.exe "C:\PROGRA~1\StormII\StormSet.dll",CheckEnv
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [bgswitch] C:\WINDOWS\system32\bgswitch.exe
O4 - HKCU\..\Run: [QQDownload] "D:\工具\超级旋风\QQDownload.exe" autostart
O4 - HKCU\..\Run: [jiajiasr] D:\工具\jiajia\jj4\jiajiasr.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Startup: 腾讯QQ.lnk = ?
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: &使用超级旋风下载 - D:\工具\超级旋风\geturl.htm
O8 - Extra context menu item: &使用超级旋风下载全部链接 - D:\工具\超级旋风\getAllurl.htm
O8 - Extra context menu item: 使用迅雷下载 - D:\工具\讯雷\Program\geturl.htm
O8 - Extra context menu item: 使用迅雷下载全部链接 - D:\工具\讯雷\Program\getallurl.htm
O8 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: 添加到QQ表情 - D:\工具\qq\AddEmotion.htm
O9 - Extra button: 启动迅雷5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - D:\工具\讯雷\Thunder.exe
O9 - Extra 'Tools' menuitem: 启动迅雷5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - D:\工具\讯雷\Thunder.exe
O11 - Options group: [TBH] 中文搜搜
O14 - IERESET.INF: START_PAGE_URL=http://qwh.9126.com
O16 - DPF: {2375BEE5-F175-4F1C-81EC-8E4E2E72E2DD} (PhotoDraw Class) -
http://photo.qq.com/qzone_v4/QzoneMediaTools.cabO17 - HKLM\System\CCS\Services\Tcpip\..\{6FF30F8A-5340-4064-8A6F-A46B7D86269C}: NameServer = 202.98.198.168 202.98.192.68
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: KVSrvXP - Jiangmin Co., Ltd. - C:\Program Files\JiangMin\AntiVirus\kvsrvxp.exe
O23 - Service: KVWSC - Jiangmin Co.,Ltd - C:\Program Files\JiangMin\AntiVirus\KVWSC.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe