【求助】系统中招了，找不到原因，这是日志，请高手诊断一下下 bbs.ikaka.com

zhenren1 - 2006-5-20 9:50:00

Logfile of HijackThis v1.99.1
Scan saved at 9:42:27, on 2006-5-20
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Lenovo\TimerService\LenovoTimer.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lenovo\Legend Standard Keyboard\skdaemon.exe
C:\Program Files\联想(北京)有限公司\幸福飞梭\Shuttle.exe
C:\Program Files\Lenovo\RemoteControlCenter\ControlCenter.exe
C:\Program Files\MUSE\RmtService.exe
C:\Program Files\MUSE\lightCtrl.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Common Files\Lenovo\Happyhome\Commondll\MyDevice.exe
C:\Program Files\Lenovo\TimerService\TimerClient.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Conexant\AccessRunner ADSL\CnxDslTb.exe
C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
D:\Nokia PC Suite 6\LaunchApplication.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\下载程序\杀毒\HijackThis.exe

O2 - BHO: ThunderIEHelper - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINDOWS\system32\xunleibho_v14.dll
O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} - D:\下载程序\2004，8，28----qq\Tencent\QQ\QQIEHelper.dll (file missing)
O2 - BHO: IEHlprObj Class - {C5E5DB7E-46B1-47E6-8447-2E517F269925} - C:\Program Files\Xplus\GETIE.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (file missing)
O3 - Toolbar: 金山快译(&K) - {6C3797D2-3FEF-4cd4-B654-D3AE55B4128C} - E:\fanyi\IEBand.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] ; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SKDaemon] C:\Program Files\Lenovo\Legend Standard Keyboard\skdaemon.exe
O4 - HKLM\..\Run: [Shuttle.exe] C:\Program Files\联想(北京)有限公司\幸福飞梭\Shuttle.exe
O4 - HKLM\..\Run: [ControlCenter.exe] "C:\Program Files\Lenovo\RemoteControlCenter\ControlCenter.exe"
O4 - HKLM\..\Run: [RmtService ] C:\Program Files\MUSE\RmtService.exe
O4 - HKLM\..\Run: [LightCtrl ] C:\Program Files\MUSE\lightCtrl.exe
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE Lenovo L350 USB PC Camera
O4 - HKLM\..\Run: [MyDevice.exe] "C:\Program Files\Common Files\Lenovo\Happyhome\Commondll\MyDevice.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [TimerClient.exe] "C:\Program Files\Lenovo\TimerService\TimerClient.exe"
O4 - HKLM\..\Run: [IMSCMig] C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [KAVPersonal50] "D:\杀毒程序\卡巴斯基\卡巴斯基\2005,8,31安装\Kaspersky Anti-Virus Personal\kav.exe" /minimize
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [CnxDslTaskBar] C:\Program Files\Conexant\AccessRunner ADSL\CnxDslTb.exe
O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] D:\Nokia PC Suite 6\LaunchApplication.exe -onlytray
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Startup: 腾讯QQ.lnk = ?
O8 - Extra context menu item: &使用迅雷下载 - D:\下载程序\迅雷\迅雷安装后\geturl.htm
O8 - Extra context menu item: &使用迅雷下载全部链接 - D:\下载程序\迅雷\迅雷安装后\getallurl.htm
O8 - Extra context menu item: 上传到QQ网络硬盘 - D:\下载程序\2004，8，28----qq\Tencent\QQ\AddToNetDisk.htm
O8 - Extra context menu item: 使用影音传送带下载 - D:\下载程序\影音传送带2004，8，28\NetTransport 2\NTAddLink.html
O8 - Extra context menu item: 添加到QQ自定义面板 - D:\下载程序\2004，8，28----qq\Tencent\QQ\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - D:\下载程序\2004，8，28----qq\Tencent\QQ\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - D:\下载程序\2004，8，28----qq\Tencent\QQ\SendMMS.htm
O9 - Extra button: 联想 - {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} - http://www.lenovo.com (file missing)
O9 - Extra button: 信息检索 - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\下载程序\OFFICE11\REFIEBAR.DLL (file missing)
O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - D:\下载程序\2004，8，28----qq\Tencent\QQ\QQ.EXE (file missing)
O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - D:\下载程序\2004，8，28----qq\Tencent\QQ\QQ.EXE (file missing)
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - D:\下载程序\2004，8，28----qq\Tencent\QQ\QQIEHelper.dll (file missing)
O9 - Extra 'Tools' menuitem: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - D:\下载程序\2004，8，28----qq\Tencent\QQ\QQIEHelper.dll (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.lenovo.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O17 - HKLM\System\CCS\Services\Tcpip\..\{ECFD7964-E348-46A4-BAAB-75FABA06BA96}: NameServer = 202.99.224.8 202.99.224.68
O23 - Service: kavsvc - Kaspersky Lab - D:\杀毒程序\卡巴斯基\卡巴斯基\2005,8,31安装\Kaspersky Anti-Virus Personal\kavsvc.exe
O23 - Service: LenovoTimerService - Unknown owner - C:\Program Files\Lenovo\TimerService\LenovoTimer.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

同时伴有：1、打开网页慢得要死；
2、关机不正常，出现蓝屏，一大堆英文字母
3、自动关闭杀毒软件

文物2 - 2006-5-20 11:55:00

引用:

【zhenren1的贴子】Logfile of HijackThis v1.99.1
Scan saved at 9:42:27, on 2006-5-20
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Lenovo\TimerService\LenovoTimer.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lenovo\Legend Standard Keyboard\skdaemon.exe
C:\Program Files\联想(北京)有限公司\幸福飞梭\Shuttle.exe
C:\Program Files\Lenovo\RemoteControlCenter\ControlCenter.exe
C:\Program Files\MUSE\RmtService.exe
C:\Program Files\MUSE\lightCtrl.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Common Files\Lenovo\Happyhome\Commondll\MyDevice.exe
C:\Program Files\Lenovo\TimerService\TimerClient.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Conexant\AccessRunner ADSL\CnxDslTb.exe
C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
D:\Nokia PC Suite 6\LaunchApplication.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\下载程序\杀毒\HijackThis.exe

O2 - BHO: ThunderIEHelper - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINDOWS\system32\xunleibho_v14.dll
O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} - D:\下载程序\2004，8，28----qq\Tencent\QQ\QQIEHelper.dll (file missing)
O2 - BHO: IEHlprObj Class - {C5E5DB7E-46B1-47E6-8447-2E517F269925} - C:\Program Files\Xplus\GETIE.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (file missing)
O3 - Toolbar: 金山快译(&K) - {6C3797D2-3FEF-4cd4-B654-D3AE55B4128C} - E:\fanyi\IEBand.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] ; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SKDaemon] C:\Program Files\Lenovo\Legend Standard Keyboard\skdaemon.exe
O4 - HKLM\..\Run: [Shuttle.exe] C:\Program Files\联想(北京)有限公司\幸福飞梭\Shuttle.exe
O4 - HKLM\..\Run: [ControlCenter.exe] "C:\Program Files\Lenovo\RemoteControlCenter\ControlCenter.exe"
O4 - HKLM\..\Run: [RmtService ] C:\Program Files\MUSE\RmtService.exe
O4 - HKLM\..\Run: [LightCtrl ] C:\Program Files\MUSE\lightCtrl.exe
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE Lenovo L350 USB PC Camera
O4 - HKLM\..\Run: [MyDevice.exe] "C:\Program Files\Common Files\Lenovo\Happyhome\Commondll\MyDevice.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [TimerClient.exe] "C:\Program Files\Lenovo\TimerService\TimerClient.exe"
O4 - HKLM\..\Run: [IMSCMig] C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [KAVPersonal50] "D:\杀毒程序\卡巴斯基\卡巴斯基\2005,8,31安装\Kaspersky Anti-Virus Personal\kav.exe" /minimize
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [CnxDslTaskBar] C:\Program Files\Conexant\AccessRunner ADSL\CnxDslTb.exe
O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] D:\Nokia PC Suite 6\LaunchApplication.exe -onlytray
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Startup: 腾讯QQ.lnk = ?
O8 - Extra context menu item: &使用迅雷下载 - D:\下载程序\迅雷\迅雷安装后\geturl.htm
O8 - Extra context menu item: &使用迅雷下载全部链接 - D:\下载程序\迅雷\迅雷安装后\getallurl.htm
O8 - Extra context menu item: 上传到QQ网络硬盘 - D:\下载程序\2004，8，28----qq\Tencent\QQ\AddToNetDisk.htm
O8 - Extra context menu item: 使用影音传送带下载 - D:\下载程序\影音传送带2004，8，28\NetTransport 2\NTAddLink.html
O8 - Extra context menu item: 添加到QQ自定义面板 - D:\下载程序\2004，8，28----qq\Tencent\QQ\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - D:\下载程序\2004，8，28----qq\Tencent\QQ\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - D:\下载程序\2004，8，28----qq\Tencent\QQ\SendMMS.htm
O9 - Extra button: 联想 - {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} - http://www.lenovo.com (file missing)
O9 - Extra button: 信息检索 - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\下载程序\OFFICE11\REFIEBAR.DLL (file missing)
O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - D:\下载程序\2004，8，28----qq\Tencent\QQ\QQ.EXE (file missing)
O9 - Extra ''Tools'' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - D:\下载程序\2004，8，28----qq\Tencent\QQ\QQ.EXE (file missing)O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra ''Tools'' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - D:\下载程序\2004，8，28----qq\Tencent\QQ\QQIEHelper.dll (file missing)
O9 - Extra ''Tools'' menuitem: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - D:\下载程序\2004，8，28----qq\Tencent\QQ\QQIEHelper.dll (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra ''Tools'' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.lenovo.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O17 - HKLM\System\CCS\Services\Tcpip\..\{ECFD7964-E348-46A4-BAAB-75FABA06BA96}: NameServer = 202.99.224.8 202.99.224.68
O23 - Service: kavsvc - Kaspersky Lab - D:\杀毒程序\卡巴斯基\卡巴斯基\2005,8,31安装\Kaspersky Anti-Virus Personal\kavsvc.exe
O23 - Service: LenovoTimerService - Unknown owner - C:\Program Files\Lenovo\TimerService\LenovoTimer.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

同时伴有：1、打开网页慢得要死；
2、关机不正常，出现蓝屏，一大堆英文字母
3、自动关闭杀毒软件
...........................

变色修复,

瑞星卡卡安全论坛