Logfile of HijackThis v1.99.1
Scan saved at 8:48:18, on 2006-2-16
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Rising\Rav\CCenter.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Rising\Rav\Ravmond.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Rising\Rav\RavStub.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\feidian\service\UITray.exe
C:\Program Files\Rising\Rav\RavTask.exe
C:\Program Files\Rising\Rav\Ravmon.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Real\Update_OB\rnathchk.exe
C:\WINDOWS\System32\drivers\trcboot.exe
C:\WINDOWS\system32\conime.exe
C:\WINDOWS\System32\drivers\appnnode.exe
C:\Program Files\IBM\CICS Universal Client\TCP62\PCS_AGNT.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\feidian\service\NodeManagerService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE

O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [UITray] C:\Program Files\feidian\service\UITray.exe
O4 - HKLM\..\Run: [RavTask] "C:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe -osboot
O4 - HKLM\..\Run: [StormCodec_Helper] "C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: 自动关机.bat
O4 - Startup: 1.bat
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Download by NetAnts - D:\NETANTS\NAGet.htm
O8 - Extra context menu item: Download &All by NetAnts - D:\NETANTS\NAGetAll.htm
O9 - Extra button: NetAnts - {57E91B47-F40A-11D1-B792-444553540000} - D:\NETANTS\NetAnts.exe
O9 - Extra 'Tools' menuitem: &NetAnts - {57E91B47-F40A-11D1-B792-444553540000} - D:\NETANTS\NetAnts.exe
O9 - Extra button: 易趣购物 - {DE607141-AC19-421e-860A-0D70ABDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=5 (file missing)
O9 - Extra 'Tools' menuitem: 易趣购物 - {DE607141-AC19-421e-860A-0D70ABDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=5 (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{B6FDD249-E9BF-4D8F-8307-31A08B7B4EE9}: NameServer = 172.17.40.1,202.96.69.38
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AppnNode - Unknown owner - C:\WINDOWS\System32\drivers\appnnode.exe
O23 - Service: IBM CICS Universal Client (CICSClient) - Unknown owner - C:\Program Files\IBM\CICS Universal Client\BIN\CCLSERV.EXE
O23 - Service: Disk Manager server (dmser) - Unknown owner - C:\WINDOWS\taskmg.exe
O23 - Service: lass - Unknown owner - C:\WINDOWS\svchost.exe
O23 - Service: NodeManagerService - Unknown owner - C:\Program Files\feidian\service\NodeManagerService.exe
O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\CCenter.exe
O23 - Service: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\Ravmond.exe
O23 - Service: TrcBoot - Unknown owner - C:\WINDOWS\System32\drivers\trcboot.exe
O23 - Service: winxp - Unknown owner - C:\WINDOWS\wins.exe

谢谢你!

还有,看这个进程有什么经验吗?