Logfile of HijackThis v1.99.1
Scan saved at 17:30:43, on 2005-10-26
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
d:\program files\rising\rfw\rfwsrv.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\system32\drivers\CDAC11BA.EXE
C:\WINNT\System32\svchost.exe
C:\WINNT\System32\NMSSvc.exe
C:\WINNT\System32\nvsvc32.exe
C:\WINNT\system32\regsvc.exe
C:\PROGRAM FILES\RISING\RAV\CCENTER.EXE
C:\PROGRAM FILES\RISING\RAV\Ravmond.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\Rundll32.exe
C:\Program Files\Rising\Rav\RavMon.exe
D:\Program Files\rising\Rfw\rfwmain.exe
C:\WINNT\system32\ctfmon.exe
D:\Program Files\DreamMail3\DreamMail.exe
C:\WINNT\system32\conime.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
c:\program files\rising\rav\RAVTIMER.EXE
C:\Program Files\MwIE2005\MwIE.exe
D:\反设置修改\灰鸽子专杀\HijackThis.exe

O1 - Hosts: 202.114.68.70 bbs.whu.edu.cn
O1 - Hosts: 218.199.102.210 www.5qblog.com
O1 - Hosts: 217.167.24.32 www.amse-modeling.org
O1 - Hosts: 61.131.57.138 club.excelhome.net
O1 - Hosts: 210.51.2.153 bbs.sinoaec.com
O1 - Hosts: 210.73.195.54 www.crsky.com
O1 - Hosts: 211.91.135.83 www.51lrc.com
O1 - Hosts: 67.18.225.83 forum.friends6.com
O1 - Hosts: 211.160.73.26 www.btchina.net
O1 - Hosts: 202.103.69.70 www.aoxue.org
O1 - Hosts: 129.170.29.64 bbs.dartmouth.edu
O1 - Hosts: 202.118.250.111 combust.hit.edu.cn
O1 - Hosts: 218.58.68.20 www.caxls.com
O1 - Hosts: 195.37.77.138 tetgen.berlios.de
O1 - Hosts: 171.67.16.120 www.stanford.edu
O1 - Hosts: 18.7.22.69 web.mit.edu
O1 - Hosts: 220.181.31.82 www.gpszx.com
O1 - Hosts: 61.152.251.206 www.xdcad.net
O1 - Hosts: 218.5.72.122 www.slrjzx.com
O1 - Hosts: 210.51.25.156 okok.org
O1 - Hosts: 218.75.111.82 www.chinaspx.com
O1 - Hosts: 202.103.254.129 www.ymcn.gx.cn
O1 - Hosts: 61.152.104.90 www.dastu.com
O1 - Hosts: 202.107.194.252 www.lunw.com
O1 - Hosts: 132.250.86.51 www.aic.nrl.navy.mil
O1 - Hosts: 147.188.192.42 www.cs.bham.ac.uk
O1 - Hosts: 147.188.192.42 www.cs.bham.ac.uk
O1 - Hosts: 161.58.27.226 www.brainyencyclopedia.com
O1 - Hosts: 144.212.100.10 www.mathtools.net
O1 - Hosts: 216.157.4.121 www.geatbx.com
O1 - Hosts: 66.221.219.91 www.geneticprogramming.com
O1 - Hosts: 128.16.6.8 www.cs.ucl.ac.uk
O1 - Hosts: 193.252.114.11 www.rennard.org
O1 - Hosts: 64.241.242.253 www.findarticles.com
O1 - Hosts: 61.200.81.143 www.fs.fed.us
O1 - Hosts: 159.226.47.108 www.bossh.net
O1 - Hosts: 210.21.119.18 www.madio.net
O1 - Hosts: 211.90.248.135 www.mjtd.com
O1 - Hosts: 210.192.122.151 www.matwav.com
O1 - Hosts: 210.192.122.152 bbs.matwav.com
O1 - Hosts: 61.152.188.70 www.bioon.com
O1 - Hosts: 220.169.127.176 www.2nsoft.com
O1 - Hosts: 220.181.31.3 wzz999.nease.net
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [RavTimer] C:\PROGRA~1\RISING\RAV\RAVTIMER.EXE
O4 - HKLM\..\Run: [RavMon] C:\Program Files\Rising\Rav\RavMon.exe -system
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [RfwMain] d:\Program Files\rising\Rfw\rfwmain.exe
O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: 使用网际快车下载 - D:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: 使用网际快车下载全部链接 - D:\Program Files\FlashGet\jc_all.htm
O16 - DPF: {1F831FA1-42FC-11D4-95A6-0080AD30DCE1} (InstaFred) - file://D:\Program Files\AutoCAD 2002\InstFred.ocx
O16 - DPF: {AE563722-B4F5-11D4-A415-00108302FDFD} (NOXLATE-BANR) - file://D:\Program Files\AutoCAD 2002\InstBanr.ocx
O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (AcPreview 控件) - file://D:\Program Files\AutoCAD 2002\AcPreview.ocx
O17 - HKLM\System\CCS\Services\Tcpip\..\{75776266-F4CB-4AB0-A156-5ADEC3C070C8}: NameServer = 202.114.96.1,202.114.96.2
O17 - HKLM\System\CS1\Services\Tcpip\..\{75776266-F4CB-4AB0-A156-5ADEC3C070C8}: NameServer = 202.114.96.1,202.114.96.2
O17 - HKLM\System\CS2\Services\Tcpip\..\{75776266-F4CB-4AB0-A156-5ADEC3C070C8}: NameServer = 202.114.96.1,202.114.96.2
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINNT\system32\drivers\CDAC11BA.EXE
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: MATLAB Server (matlabserver) - Unknown owner - C:\MATLAB6p5\webserver\bin\win32\matlabserver.exe
O23 - Service: Intel(R) NMS (NMSSvc) - Intel Corporation - C:\WINNT\System32\NMSSvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINNT\System32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINNT\system32\oodag.exe
O23 - Service: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Corporation Limited - d:\program files\rising\rfw\rfwsrv.exe
O23 - Service: Rising Process Communication Center (RsCCenter) - rising - C:\PROGRAM FILES\RISING\RAV\CCENTER.EXE
O23 - Service: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\PROGRAM FILES\RISING\RAV\Ravmond.exe


这是我的扫描记录
今天已经别灰鸽子给整惨了
在网上下载了专用的软件
并且在安全模式下用瑞星重新查毒
尚未发现病毒
不过在任务管理器中有3个svchost.exe进程
不知道是咋回事

帅哥们
二楼的和三楼的有点矛盾啊
再给点提示呗
这两天都查了好几次毒了
^_^
倒是长了不少对灰鸽子的见识