估计小弟我已经中了灰鸽子0025,ha_hijackthis_1991的扫描日志吧,高分感谢,不够再加

估计我已经中了灰鸽子0025,请高手看看ha_hijackthis_1991的扫描日志吧,高分感谢,不够再加!
Logfile   of   HijackThis   v1.99.1
Scan   saved   at   8:51:18,   on   2007-3-28
Platform:   Windows   XP   SP2   (WinNT   5.01.2600)
MSIE:   Internet   Explorer   v6.00   SP2   (6.00.2900.2180)

Running   processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program   Files\木马杀客\mmsk.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program   Files\360safe\360Safe.exe
C:\Documents   and   Settings\jinli\Desktop\ha_hijackthis_1991\HijackThis.exe

R3   -   Default   URLSearchHook   is   missing
O2   -   BHO:   mslogin   linker   -   {74BC093A-540E-4340-897B-4653A8EB2F47}   -   C:\WINDOWS\system32\mslink\mslink.dll
O2   -   BHO:   NavigatMon   Class   -   {B69F34DD-F0F9-42DC-9EDD-957187DA688D}   -   C:\Program   Files\360safe\safemon\safemon.dll
O4   -   HKLM\..\Run:   [TPHOTKEY]   C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
O4   -   HKLM\..\Run:   [TPKMAPHELPER]   C:\Program   Files\ThinkPad\Utilities\TpKmapAp.exe   -helper
O4   -   HKLM\..\Run:   [SoundMAX]   "C:\Program   Files\Analog   Devices\SoundMAX\Smax4.exe "   /tray
O4   -   HKLM\..\Run:   [SoundMAXPnP]   C:\Program   Files\Analog   Devices\SoundMAX\SMax4PNP.exe
O4   -   HKLM\..\Run:   [EZEJMNAP]   C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
O4   -   HKLM\..\Run:   [SynTPLpr]   C:\Program   Files\Synaptics\SynTP\SynTPLpr.exe
O4   -   HKLM\..\Run:   [SynTPEnh]   C:\Program   Files\Synaptics\SynTP\SynTPEnh.exe
O4   -   HKLM\..\Run:   [NeroFilterCheck]   C:\WINDOWS\system32\NeroCheck.exe
O4   -   HKLM\..\Run:   [OfficeScanNT   Monitor]   "C:\Program   Files\Trend   Micro\OfficeScan   Client\pccntmon.exe "   -HideWindow
O4   -   HKLM\..\Run:   [360Safetray]   C:\Program   Files\360safe\safemon\360tray.exe
O4   -   HKLM\..\Run:   [TPKBDLED]   C:\WINDOWS\system32\TpScrLk.exe
O4   -   HKLM\..\Run:   [TP4EX]   tp4ex.exe
O4   -   HKLM\..\Run:   [runeip]   C:\Program   Files\Rising\AntiSpyware\runiep.exe
O4   -   HKLM\..\RunOnce:   [360Safe]   Rundll32.exe   C:\PROGRA~1\360safe\AntiAdwa.dll,KillAdware
O4   -   HKCU\..\Run:   [ctfmon.exe]   C:\WINDOWS\system32\ctfmon.exe
O4   -   Global   Startup:   Digital   Line   Detect.lnk   =   C:\Program   Files\Digital   Line   Detect\DLG.exe
O4   -   Global   Startup:   SnagIt   8.lnk   =   C:\Program   Files\TechSmith\SnagIt   8\SnagIt32.exe
O4   -   Global   Startup:   木马杀客2007.Lnk   =   ?
O9   -   Extra   button:   Software   Installer   -   {D1A4DEBD-C2EE-449f-B9FB-E8409F9A0BC5}   -   C:\Program   Files\ThinkPad\PkgMgr\\PkgMgr.exe
O9   -   Extra   button:   访问瑞星网站   -   {FF2DE7A6-ECB1-4CBC-9C0E-D92A9E66E444}   -   http://www.rising.com.cn/?u=RSTB   (file   missing)
O9   -   Extra   button:   访问卡卡社区   -   {FF2DE7A6-ECB1-4CBC-9C0E-D92A9E66E445}   -   http://www.ikaka.com/?u=RSTB   (file   missing)

O14   -   IERESET.INF:   SEARCH_PAGE_URL=
O14   -   IERESET.INF:   START_PAGE_URL=
O17   -   HKLM\System\CCS\Services\Tcpip\Parameters:   Domain   =   ncs.corp.int-ads
O17   -   HKLM\Software\..\Telephony:   DomainName   =   ncs.corp.int-ads
O17   -   HKLM\System\CS1\Services\Tcpip\Parameters:   Domain   =   ncs.corp.int-ads
O17   -   HKLM\System\CS2\Services\Tcpip\Parameters:   Domain   =   ncs.corp.int-ads
O20   -   Winlogon   Notify:   ACNotify   -   ACNotify.dll   (file   missing)
O20   -   Winlogon   Notify:   tpfnf2   -   C:\WINDOWS\SYSTEM32\notifyf2.dll
O20   -   Winlogon   Notify:   tphotkey   -   C:\WINDOWS\SYSTEM32\tphklock.dll
O20   -   Winlogon   Notify:   WgaLogon   -   C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23   -   Service:   Ac   Profile   Manager   Service   (AcPrfMgrSvc)   -   Unknown   owner   -   C:\Program   Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
O23   -   Service:   Access   Connections   Main   Service   (AcSvc)   -   Lenovo   -   C:\Program   Files\ThinkPad\ConnectUtilities\AcSvc.exe
O23   -   Service:   Ati   HotKey   Poller   -   ATI   Technologies   Inc.   -   C:\WINDOWS\system32\Ati2evxx.exe
O23   -   Service:   Intel(R)   PROSet/Wireless   Event   Log   (EvtEng)   -   Intel   Corporation   -   C:\Program   Files\Intel\Wireless\Bin\EvtEng.exe
O23   -   Service:   ewido   anti-spyware   4.0   guard   -   Anti-Malware   Development   a.s.   -   d:\Program   Files\ewido   anti-spyware   4.0\guard.exe
O23   -   Service:   HEWPSOOMRTNSB   -   Sysinternals   -   www.sysinternals.com   -   C:\DOCUME~1\jlcao\LOCALS~1\Temp\HEWPSOOMRTNSB.exe
O23   -   Service:   IBM   Rapid   Restore   Ultra   Service   -   Unknown   owner   -   C:\Program   Files\IBM\IBM   Rapid   Restore   Ultra\rrpcsb.exe
O23   -   Service:   ThinkPad   PM   Service   (IBMPMSVC)   -   Unknown   owner   -   C:\WINDOWS\system32\ibmpmsvc.exe
O23   -   Service:   InstallDriver   Table   Manager   (IDriverT)   -   Macrovision   Corporation   -   C:\Program   Files\Common   Files\InstallShield\Driver\1050\Intel   32\IDriverT.exe
O23   -   Service:   MySql   -   Unknown   owner   -   E:/DB/mysql/bin/mysqld-nt.exe   (file   missing)
O23   -   Service:   Intel   NCS   NetService   (NetSvc)   -   Intel(R)   Corporation   -   C:\Program   Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23   -   Service:   OfficeScanNT   RealTime   Scan   (ntrtscan)   -   Trend   Micro   Inc.   -   C:\Program   Files\Trend   Micro\OfficeScan   Client\ntrtscan.exe
O23   -   Service:   OfficeScanNT   Personal   Firewall   (OfcPfwSvc)   -   Trend   Micro   Inc.   -   C:\Program   Files\Trend   Micro\OfficeScan   Client\OfcPfwSvc.exe
O23   -   Service:   IBM   PSA   Access   Driver   Control   (PsaSrv)   -   Unknown   owner   -   C:\WINDOWS\system32\PsaSrv.exe
O23   -   Service:   Intel(R)   PROSet/Wireless   Registry   Service   (RegSrvc)   -   Intel   Corporation   -   C:\Program   Files\Intel\Wireless\Bin\RegSrvc.exe

O23   -   Service:   Intel(R)   PROSet/Wireless   Service   (S24EventMonitor)   -   Intel   Corporation     -   C:\Program   Files\Intel\Wireless\Bin\S24EvMon.exe
O23   -   Service:   SoundMAX   Agent   Service   (SoundMAX   Agent   Service   (default))   -   Analog   Devices,   Inc.   -   C:\Program   Files\Analog   Devices\SoundMAX\SMAgent.exe
O23   -   Service:   System   Update   (SUService)   -       -   c:\program   files\lenovo\system   update\suservice.exe
O23   -   Service:   OfficeScanNT   Listener   (tmlisten)   -   Trend   Micro   Inc.   -   C:\Program   Files\Trend   Micro\OfficeScan   Client\tmlisten.exe
O23   -   Service:   Apache   Tomcat   (Tomcat5)   -   Unknown   owner   -   e:\Tomcat   5.0\bin\tomcat5.exe "   //RS//Tomcat5   (file   missing)
O23   -   Service:   ThinkPad   HDD   APS   Logging   Service   (TPHDEXLGSVC)   -   Lenovo.   -   C:\WINDOWS\System32\TPHDEXLG.exe
O23   -   Service:   TVT   Scheduler   -   Lenovo   Group   Limited   -   C:\Program   Files\Common   Files\Lenovo\Scheduler\tvtsched.exe
O23   -   Service:   Windows   Login   -   Unknown   owner   -   C:\WINDOWS\system32\mslogin.exe



[解决办法]
haha,我也中这个了，原来是灰鸽啊，瑞星好像有专杀，下载一个试试看。
[解决办法]
你直接上灰鸽子网站，首面有一个灰鸽子清理的软件，下载下来用吧。
[解决办法]
会不会是safe360，误报呢？
我用灰鸽子官方网站提供的工具，竟然没有杀到有灰鸽子！！！
[解决办法]
你直接上灰鸽子网站 http://www.huigezi.net/
上面有一个灰鸽子清理的软件
[解决办法]
鸽子07 基本已经被消灭了
最早 金山出的 专杀
其他的杀毒公司都拖后

你可以去金山看看
[解决办法]
没错，我用金山的专杀，在安全模式下删除了。一共是三个文件！

现在开机进入正常模式，safe360还是会提示，说有灰鸽子！

而且时常会跳出一个mslink.dll文件要“动作”，然后给safe360发现，提示我是否允许！！