机器巨慢,发现ravmond.exe占cpu较多,但此进程无法停止,使得整个机器的cpu一直在44%左右,启动icesword机器马上自动重启。
附日志
当前运行的进程:
C:\WIN\System32\smss.exe
C:\WIN\system32\winlogon.exe
C:\WIN\system32\services.exe
C:\WIN\system32\lsass.exe
C:\WIN\system32\svchost.exe
C:\Program Files\Rising\Rav\1\CCenter.exe
C:\WIN\System32\svchost.exe
C:\Program Files\Rising\Rav\1\Ravmond.exe
C:\WIN\Explorer.EXE
C:\WIN\system32\LEXBCES.EXE
C:\WIN\system32\LEXPPS.EXE
C:\WIN\system32\spoolsv.exe
C:\Program Files\Rising\Rav\1\RavTask.exe
C:\Program Files\Panasonic\Device Monitor\dmwakeup.exe
C:\Program Files\Panasonic\KX-FLB800_FLM650系列\ResPcDev.exe
C:\Program Files\Rising\Rav\1\Ravmon.exe
C:\Program Files\Rising\Rav\1\RavStub.exe
C:\WIN\system32\ctfmon.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\PROGRA~1\PANASO~1\LocalCom\lmsrvnt.exe
C:\PROGRA~1\PANASO~1\TRAPMO~1\Trapmnnt.exe
C:\WIN\System32\svchost.exe
C:\WIN\system32\wscntfy.exe
C:\WIN\system32\wuauclt.exe
C:\新建文件夹 (2)\专杀\Hijackthis1991zww\HijackThis1991zww.exe
O2 - BHO: MyIEHelper Class - {16B770A0-0E87-4278-B748-2460D64A8386} - C:\Documents and Settings\All Users.WIN\Application Data\Microsoft\IEHelper\IEHelper_4890.dll (file missing)
O2 - BHO: (no name) - {16B770A0-0E87-4278-B748-2460D64A8386}? - (no file)
O2 - BHO: 卡卡上网安全助手 - {AFF6E516-CBE5-4F8A-9C2F-38A68013E766} - C:\WIN\system32\kakatool.dll
O3 - IE工具栏增项: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WIN\system32\kakatool.dll
O4 - 启动项HKLM\\Run: [IMJPMIG8.1] ; "C:\WIN\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - 启动项HKLM\\Run: [PHIME2002ASync] ; C:\WIN\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - 启动项HKLM\\Run: [PHIME2002A] ; C:\WIN\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - 启动项HKLM\\Run: [IgfxTray] ; C:\WIN\system32\igfxtray.exe
O4 - 启动项HKLM\\Run: [HotKeysCmds] ; C:\WIN\system32\hkcmd.exe
O4 - 启动项HKLM\\Run: [RavTask] "C:\Program Files\Rising\Rav\1\RavTask.exe" -system
O4 - 启动项HKLM\\Run: [TkBellExe] ; "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - 启动项HKLM\\Run: [Panasonic Device Monitor Wakeup] C:\Program Files\Panasonic\Device Monitor\dmwakeup.exe
O4 - 启动项HKLM\\Run: [Panasonic Device Manager for KX-FLB800/FLM650 Series] C:\Program Files\Panasonic\KX-FLB800_FLM650系列\ResPcDev.exe
O4 - 启动项HKLM\\Run: [Panasonic PCFAX for KX-FLB800/FLM650 Series] C:\Program Files\Panasonic\KX-FLB800_FLM650系列\KmPcFax.exe -1
O4 - 启动项HKLM\\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [ctfmon.exe] C:\WIN\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] ; "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Microsoft Office.lnk = C:\Microsoft Office\Office10\OSA.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O16 - DPF: {52A05F4B-9F0C-4752-BB78-9B6DFD2DE9D5} (HdwCode Control) - http://www.chinaacc.com/plugin/HdwCode.cab
O16 - DPF: {E020D23A-3F8A-44D0-8E5F-5338817C70E4} (X1Client Control) - http://10.72.128.25/xclient.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{4D84C3C4-2F40-43EE-BA0D-6A29A727DDCB}: NameServer = 202.106.0.20,202.106.196.115
O18 - 列举现有的协议: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - 列举现有的协议: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WIN\SYSTEM32\igfxsrvc.dll
O23 - NT 服务: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WIN\system32\LEXBCES.EXE
O23 - NT 服务: Panasonic Local Printer Service - Panasonic Communications Co., Ltd. - C:\PROGRA~1\PANASO~1\LocalCom\lmsrvnt.exe
O23 - NT 服务: Panasonic Trap Monitor Service - Panasonic - C:\PROGRA~1\PANASO~1\TRAPMO~1\Trapmnnt.exe
O23 - NT 服务: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\1\CCenter.exe
O23 - NT 服务: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\1\Ravmond.exe
