前几天我同学在我电脑上玩了一下就中了灰鸽子,我不太清楚有没有删干净了,但是我自己感觉电脑里还有病毒,下面是我用HijackThis1.99.1扫描了(谢谢红夜鬼1提供的软件),还请大家帮忙教我怎么彻底杀毒
下面是日志
Logfile of HijackThis v1.99.1
Scan saved at 13:49:13, on 2006-12-9
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\McAfee\Common Framework\FrameworkService.exe
C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
C:\Program Files\McAfee\Common Framework\naPrdMgr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Thunder Network\WebThunder\WebThunder.exe
C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\chris\LOCALS~1\Temp\Rar$EX00.625\HijackThis.exe
R3 - URLSearchHook: (no name) - {CA3EB689-8F09-4026-AA10-B9534C691CE0} - (no file)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptcl.dll
O3 - Toolbar: Abobe Flash Play 9 - {0C1E6CF3-2894-4E6A-B91D-DDC52F021206} - (no file)
O4 - HKLM\..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [IMSCMIG40W] C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40W\IMSCMIG.EXE /SetPreload /Log
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [Microsoft Pinyin IME Migration] C:\PROGRA~1\COMMON~1\MICROS~1\IME12\IMESC\IMSCMIG.EXE /INSTALL
O4 - HKLM\..\Run: [WebThunder] C:\Program Files\Thunder Network\WebThunder\WebThunder.exe
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [StormCodec_Helper] ; "C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti
O4 - HKLM\..\Run: [!ewido] ; "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKLM\..\Run: [91cast] ;
O4 - HKLM\..\Run: [ATICCC] ; "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [CdnCtr] ; C:\Program Files\CNNIC\Cdn\cdnup.exe
O4 - HKLM\..\Run: [KernelFaultCheck] ; %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [McAfeeUpdaterUI] ; "C:\Program Files\McAfee\Common Framework\UdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [sdmmrnm] ; D;]XJOEPXT]ufnq]te263/fyf
O4 - HKLM\..\Run: [UserFaultCheck] ; %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [wdfmgr32.exe] ; C:\WINDOWS\system32\wdfmgr32.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] ; C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] ; "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] ; C:\Program Files\Google\GoogleToolbarNotifier\1.2.911.3380\GoogleToolbarNotifier.exe
O8 - Extra context menu item: Add to QQ Customized Panel - F:\QQ2005En\AddPanel.htm
O8 - Extra context menu item: Add to QQ Emotions - F:\QQ2005En\AddEmotion.htm
O8 - Extra context menu item: Upload to QQ Network Hard Disk - F:\QQ2005En\AddToNetDisk.htm
O8 - Extra context menu item: 上传到QQ网络硬盘 - C:\Program Files\Tencent\AddToNetDisk.htm
O8 - Extra context menu item: 使用Web迅雷下载 - C:\Program Files\Thunder Network\WebThunder\GetUrl.htm
O8 - Extra context menu item: 使用Web迅雷下载全部链接 - C:\Program Files\Thunder Network\WebThunder\GetAllUrl.htm
O9 - Extra button: 启动Web迅雷 - {962EFB8E-2683-42d4-AC74-AAA4C759B9C6} - http://my.xunlei.com (file missing)
O9 - Extra 'Tools' menuitem: 启动Web迅雷 - {962EFB8E-2683-42d4-AC74-AAA4C759B9C6} - http://my.xunlei.com (file missing)
O10 - Unknown file in Winsock LSP: c:\windows\system32\mssock.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\mssock.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\mssock.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\mssock.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\mssock.dll
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {05C1004E-2596-48E5-8E26-39362985EEB9} (MMCPlayer Class) - http://p3p.sogou.com/MMCShell.cab
O16 - DPF: {E787FD25-8D7C-4693-AE67-9406BC6E22DF} (CPasswordEditCtrl
Object) - https://www.tenpay.com/download/qqedit.cab
O18 - Protocol: KuGoo3 - {6AC4FBC7-AA38-45EC-9634-D6D20B679EFC} - F:\PROGRA~1\KuGoo3\InExtend\KUGOO3~1.OCX
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Unknown owner - C:\Program Files\McAfee\Common Framework\FrameworkService.exe" /ServiceStart (file missing)
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
O23 - Service: Net Work Serivces - Unknown owner - C:\WINDOWS\ntkernel
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
