菜鸟求助求助，跪求杀毒方法啊~~~

显示全部楼层 · 发表于 2007-12-7 01:29:52

Logfile of HijackThis v1.99.1
Scan saved at 1:25:28, on 2000-12-7
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\TxHMoU.Exe
C:\WINDOWS\system32\conime.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\3SvTh.exe
D:\新建文件夹\HijackThis.exe
C:\WINDOWS\system32\8SvTh.exe
C:\WINDOWS\system32\9SvTh.exe
C:\WINDOWS\system32\10SvTh.exe
O2 - BHO: Thunder AtOnce - {01443AEC-0FD1-40fd-9C87-E93D1494C233} - D:\迅雷\Thunder\ComDlls\TDAtOnce_Now.dll
O2 - BHO: ThunderBHO - {889D2FEB-5411-4565-8998-1DD2C5261283} - D:\迅雷\Thunder\ComDlls\xunleiBHO_Now.dll
O2 - BHO: (no name) - {9963387B-212E-4643-B207-82DAEA0E713D} - C:\Program Files\Internet Explorer\PLUGINS\Wn_Sys8x.Sys
O2 - BHO: SafeMon Class - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} - F:\杀毒\360safe\safemon\safemon.dll
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [360Safetray] F:\杀毒\360safe\safemon\360Tray.exe /start
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
O4 - HKLM\..\Run: [crsss] C:\WINDOWS\system32\TxHMoU.Exe
O4 - HKLM\..\Run: [KVP] C:\WINDOWS\system32\drivers\svchost.exe
O4 - HKLM\..\Run: [WinSysW] C:\WINDOWS\75976L.exe
O4 - HKLM\..\Run: [GenProtect] C:\WINDOWS\GenProtect.exE
O4 - HKLM\..\Run: [upxdnd] C:\WINDOWS\upxdnd.exe
O4 - HKLM\..\Run: [WinSysM] C:\WINDOWS\75976M.exe
O4 - HKLM\..\Run: [cmdbcs] C:\WINDOWS\cmdbcs.exe
O4 - HKLM\..\Run: [DbgHlp32] C:\WINDOWS\DbgHlp32.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - Startup: QQ游戏启动加速程序.lnk = D:\QQ2007\QQGAME\Accel.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &使用快车(FlashGet)下载 - F:\shan\FlashGet\ComDlls\Bholink.htm
O8 - Extra context menu item: &使用快车(FlashGet)下载全部链接 - F:\shan\FlashGet\ComDlls\Bhoall.htm
O8 - Extra context menu item: 使用迅雷下载 - D:\迅雷\Thunder\Program\GetUrl.htm
O8 - Extra context menu item: 使用迅雷下载全部链接 - D:\迅雷\Thunder\Program\GetAllUrl.htm
O8 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: 启动迅雷5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - D:\迅雷\Thunder\Thunder.exe
O9 - Extra 'Tools' menuitem: 启动迅雷5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - D:\迅雷\Thunder\Thunder.exe
O9 - Extra button: Web反病毒统计 - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: 创建移动收藏... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.microsoft.com/
O16 - DPF: {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} (AxInputControl Class) - https://mybank.icbc.com.cn/icbc/perbank/AxSafeControls.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{85038AC8-6F0F-4C44-9ED3-FD9B64B97340}: NameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{85038AC8-6F0F-4C44-9ED3-FD9B64B97340}: NameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{85038AC8-6F0F-4C44-9ED3-FD9B64B97340}: NameServer = 192.168.1.1
O18 - Protocol: KuGoo - {6AC4FBC7-AA38-45EC-9634-D6D20B679EFC} - C:\WINDOWS\system32\KuGoo3DownXControl.ocx
O18 - Protocol: KuGoo3 - {6AC4FBC7-AA38-45EC-9634-D6D20B679EFC} - C:\WINDOWS\system32\KuGoo3DownXControl.ocx
O20 - AppInit_DLLs: kvdxjma.dll
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O23 - Service: 卡巴斯基反病毒6.0个人版 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

显示全部楼层 · 发表于 2007-12-7 01:45:10

卡巴激活被它弄成错误，病毒自己杀不了，哎，只能上来求助各位高手啊！！！

显示全部楼层 · 发表于 2007-12-7 02:25:18

建议换个标准的SRENG扫描
然后如上贴出来,真正懂这个太少,不通行.呵呵不知道我这样说对不对?

显示全部楼层 · 发表于 2007-12-7 02:35:55

TxHMoU.Exe病毒解决方案
http://www.virusoft.org.cn/post/TxHMoU.html

显示全部楼层 · 发表于 2007-12-7 02:37:22

目前只发现这个TxHMoU.Exe是病毒,参考用吧
困了,解决后如果有其他问题,继续讨论

显示全部楼层 · 发表于 2007-12-7 12:42:18

万分感谢，MS已经清除了，呵呵~~~

显示全部楼层 · 发表于 2007-12-7 17:00:17

楼主真客气~
大家到这里来就是相互帮助的
实话的说,你能解决问题,我也很开心~