==============================================================
        金山清理专家系统诊断报告

该诊断报告由金山清理专家提供 http://www.duba.net 
==============================================================

诊断时间:            2008-09-06, 22:40 
诊断平台:            Windows XP [5.1.2600] Service Pack 2 
IE版本:              Internet Explorer V6.0.2180.2900 
计算机物理内存:      1014(MB) 
当前可用内存:        582(MB) 
硬盘总大小:          74(GB) 
硬盘可用空间:        62(GB) 
清理专家版本:        2008.06.13.404 
恶意软件库版本:      2008.06.03.1 
漏洞库版本:          2008.05.27.1 




==============================================================
        常规启动项
==============================================================

该项来源: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

        [RavTask]             <"C:\Program Files\Rising\Rav\RavTask.exe" -system>
        文件路径: C:\Program Files\Rising\Rav\RavTask.exe [服务器忙]

        [HBService]           <explore.exe>

        [360Safetray]         <c:\Program Files\360safe\safemon\360tray.exe /start>


==============================================================
        延迟加载
==============================================================

该项来源: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad

        [dpvvoxmh.dll]        <C:\WINDOWS\system32\dpvvoxmh.dll>

        [tscfgwmijxsj.dll]    <C:\WINDOWS\system32\tscfgwmijxsj.dll>

        [dispexcb.dll]        <C:\WINDOWS\system32\dispexcb.dll>

        [xolehlpjh.dll]       <C:\WINDOWS\system32\xolehlpjh.dll>

        [adsntzt.dll]         <C:\WINDOWS\system32\adsntzt.dll>

        [imgutilhx2.dll]      <C:\WINDOWS\system32\imgutilhx2.dll>

        [lweurqhx.dll]        <C:\WINDOWS\system32\lweurqhx.dll>

        [cohqervo.dll]        <C:\WINDOWS\system32\unqqcnqn.dll>

        [nwapi32dj.dll]       <C:\WINDOWS\system32\nwapi32dj.dll>

        [kbdgrms.dll]         <C:\WINDOWS\system32\kbdgrms.dll>

        [certmgrkd.dll]       <C:\WINDOWS\system32\certmgrkd.dll>

        [bootvidgj.dll]       <C:\WINDOWS\system32\bootvidgj.dll>

        [cliconfgzx.dll]      <C:\WINDOWS\system32\cliconfgzx.dll>

        [excrythu.dll]        <C:\WINDOWS\system32\unqqcnqn.dll>

        [bvkkyglz.dll]        <C:\WINDOWS\system32\unqqcnqn.dll>

        [fuywdlcj.dll]        <C:\WINDOWS\system32\unqqcnqn.dll>

        [pjmqvpqu.dll]        <C:\WINDOWS\system32\unqqcnqn.dll>

        [unqqcnqn.dll]        <C:\WINDOWS\system32\unqqcnqn.dll>


==============================================================
        执行挂钩
==============================================================

该项来源: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks

        <{9E8287B0-0F3A-48ae-99C5-A6E0AAC36BC5}>            <C:\WINDOWS\system32\certmgrkd.dll>

--------------------------------------------------------------
该项来源: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks

        <{7A6DF30E-D0F2-446f-B4F0-BF4232D60E07}>            <C:\WINDOWS\system32\cliconfgzx.dll>

--------------------------------------------------------------
该项来源: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks

        <{D3112B69-A745-4805-874E-ABD480EA1299}>            <C:\WINDOWS\system32\bootvidgj.dll>

--------------------------------------------------------------
该项来源: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks

        <{2876D76C-CAAA-4313-AF97-8D1D9A2A1087}>            <C:\WINDOWS\system32\dpvvoxmh.dll>

--------------------------------------------------------------
该项来源: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks

        <{A2C3BA54-DF75-4881-8EB3-E54B26BBBBC9}>            <C:\WINDOWS\system32\nwapi32dj.dll>

--------------------------------------------------------------
该项来源: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks

        <{E0F3526A-4165-4589-80CD-50B6FBAC3BDA}>            <C:\WINDOWS\system32\adsntzt.dll>

--------------------------------------------------------------
该项来源: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks

        <{F0930A2F-D971-4828-8209-B7DFD266ED44}>            <C:\WINDOWS\system32\xolehlpjh.dll>

--------------------------------------------------------------
该项来源: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks

        <{DA56B183-A731-402b-9235-2CB8803E212D}>            <C:\WINDOWS\system32\imgutilhx2.dll>

--------------------------------------------------------------
该项来源: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks

        <{21BE5FDF-D4CB-4850-AD99-21E68B50BF3F}>            <C:\WINDOWS\system32\unqqcnqn.dll>

--------------------------------------------------------------
该项来源: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks

        <{2CB77746-8ECC-40ca-8217-10CA8BE5EFC8}>            <C:\WINDOWS\system32\tscfgwmijxsj.dll>

--------------------------------------------------------------
该项来源: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks

        <{76D44356-B494-443a-BEDC-AA68DE4255E6}>            <C:\WINDOWS\system32\dispexcb.dll>

--------------------------------------------------------------
该项来源: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks

        <{65056902-6E7B-4bd7-95BA-688DB5FA5BEB}>            <C:\WINDOWS\system32\mstimewd.dll>

--------------------------------------------------------------
该项来源: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks

        <{E560642D-A32D-432c-9E7E-9A135CC37E0F}>            <C:\WINDOWS\system32\kbdgrms.dll>

--------------------------------------------------------------
该项来源: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks

        <{71A78CD4-E470-4a18-8457-E0E0283DD507}>            <C:\WINDOWS\system32\lweurqhx.dll>


==============================================================
        启动文件夹位置
==============================================================

Common Startup:      C:\Documents and Settings\All Users\「开始」菜单\程序\启动
Startup:             C:\Documents and Settings\Administrator\「开始」菜单\程序\启动
Common Startup:      %ALLUSERSPROFILE%\「开始」菜单\程序\启动

==============================================================
        开始菜单启动项
==============================================================

<彩虹QQ显IP.lnk>  <C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\彩虹QQ显IP.lnk>
文件路径:  [残留信息]

--------------------------------------------------------------
<TL-WN322G_WN322G+客户端应用程序.lnk>  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\TL-WN322G_WN322G+客户端应用程序.lnk>
文件路径: D:\Program Files\ZDWlan.exe  [服务器忙]


==============================================================
        Host File
==============================================================

<html><head><meta http-equiv="content-type" content="text/html; charset=gb2312"><title>瑞星个人防火墙</title><style type="text/css"><!-- .p14 {	font-size: 14px;	line-height: 26px;} --></style></head><body><span class="p14"><font color="#ac2637">瑞星个人防火墙禁止了您对当前网站的访问。<br></font>您访问的网站可能存在高风险或您已经将该网站添加到『网站访问规则』的『黑名单』中。</span><p class="p14">若您确认该网站正常且无安全风险，您可以通过以下方式进行处理<br>1：向瑞星公司申诉该网站无风险 链接地址：<a href="http://tool.ikaka.com/ssinfo.asp" target="_blank">http://tool.ikaka.com/ssinfo.asp</a><br>2：将该网站的链接地址添加到『网站访问规则』的『白名单』列表中<br>操作步骤：打开防火墙主界面→『设置』→『详细设置』→『网站访问规则』→『白名单』</p></body></html>

==============================================================
        系统服务
==============================================================

该项来源: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services

        [HidServ] [已禁用]             <%SystemRoot%\System32\hidserv.dll>

        [IDriverT] [已启用]            <"C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe">
        文件路径: C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [服务器忙]

        [Ntfrs] [已启用]               <C:\WINDOWS\system32\ntfrs.exe>
        文件路径: C:\WINDOWS\system32\ntfrs.exe [服务器忙]

        [O&O Defrag] [已启用]          <C:\WINDOWS\system32\oodag.exe>
        文件路径: C:\WINDOWS\system32\oodag.exe [服务器忙]

        [O2Flash] [已启用]             <C:\WINDOWS\system32\o2flash.exe>
        文件路径: C:\WINDOWS\system32\o2flash.exe [服务器忙]

        [RsCCenter] [已启用]           <"C:\Program Files\Rising\Rav\CCenter.exe">
        文件路径: C:\Program Files\Rising\Rav\CCenter.exe [服务器忙]

        [RsRavMon] [已启用]            <"C:\PROGRAM FILES\RISING\RAV\Ravmond.exe">
        文件路径: C:\PROGRAM FILES\RISING\RAV\Ravmond.exe [服务器忙]

        [WLSetupSvc] [已启用]          <"C:\Program Files\Windows Live\installer\WLSetupSvc.exe">
        文件路径: C:\Program Files\Windows Live\installer\WLSetupSvc.exe [服务器忙]


==============================================================
        驱动程序
==============================================================

该项来源: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32

        [vidc.iv50] [已启用]           <ir50_32.dll>
        文件路径: C:\WINDOWS\system32\ir50_32.dll [服务器忙]

        [vidc.ffds] [已启用]           <ff_vfw.dll>
        文件路径: C:\WINDOWS\system32\ff_vfw.dll [服务器忙]

        [msacm.vorbis] [已启用]        <vorbis.acm>
        文件路径: C:\WINDOWS\system32\vorbis.acm [服务器忙]

        [msacm.voxacm160] [已启用]     <vct3216.acm>
        文件路径: C:\WINDOWS\system32\vct3216.acm [服务器忙]

        [vidc.VP60] [已启用]           <vp6vfw.dll>
        文件路径: C:\WINDOWS\system32\vp6vfw.dll [服务器忙]

        [vidc.VP61] [已启用]           <vp6vfw.dll>
        文件路径: C:\WINDOWS\system32\vp6vfw.dll [服务器忙]

        [vidc.VP62] [已启用]           <vp6vfw.dll>
        文件路径: C:\WINDOWS\system32\vp6vfw.dll [服务器忙]

        [vidc.vp70] [已启用]           <vp7vfw.dll>
        文件路径: C:\WINDOWS\system32\vp7vfw.dll [服务器忙]

        [vidc.XVID] [已启用]           <xvidvfw.dll>
        文件路径: C:\WINDOWS\system32\xvidvfw.dll [服务器忙]

--------------------------------------------------------------
该项来源: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services

        [001766b9] [已启用]            <\??\C:\WINDOWS\system32\Drivers\001766b9.sys>

        [ATSpy] [已启用]               <\??\C:\WINDOWS\system32\ATSpy.sys>

        [BaseTDI] [已启用]             <System32\DRIVERS\BaseTDI.SYS>
        文件路径: C:\WINDOWS\system32\DRIVERS\BaseTDI.SYS [服务器忙]

        [BRGSp50] [已启用]             <System32\Drivers\BRGSp50.sys>
        文件路径: C:\WINDOWS\system32\Drivers\BRGSp50.sys [服务器忙]

        [ExpScaner] [已启用]           <\??\C:\PROGRAM FILES\RISING\RAV\ExpScan.sys>
        文件路径: C:\PROGRAM FILES\RISING\RAV\ExpScan.sys [服务器忙]

        [HBKernel] [已启用]            <system32\DRIVERS\HBKernel.sys>

        [HookCont] [已启用]            <\??\C:\PROGRAM FILES\RISING\RAV\HOOKCONT.sys>
        文件路径: C:\PROGRAM FILES\RISING\RAV\HOOKCONT.sys [服务器忙]

        [HookReg] [已启用]             <\??\C:\PROGRAM FILES\RISING\RAV\HookReg.sys>
        文件路径: C:\PROGRAM FILES\RISING\RAV\HookReg.sys [服务器忙]

        [HookSys] [已启用]             <\??\C:\PROGRAM FILES\RISING\RAV\HookSys.sys>
        文件路径: C:\PROGRAM FILES\RISING\RAV\HookSys.sys [服务器忙]

        [MEMSCAN] [已启用]             <\??\C:\PROGRAM FILES\RISING\RAV\MEMSCAN.sys>
        文件路径: C:\PROGRAM FILES\RISING\RAV\MEMSCAN.sys [服务器忙]

        [RsNTGDI] [已启用]             <system32\Drivers\RsNTGdi.sys>
        文件路径: C:\WINDOWS\system32\Drivers\RsNTGdi.sys [服务器忙]

        [RSPPSYS] [已启用]             <\??\C:\PROGRAM FILES\RISING\RAV\RSPPSYS.sys>
        文件路径: C:\PROGRAM FILES\RISING\RAV\RSPPSYS.sys [服务器忙]

        [UnlockerDriver5] [已禁用]     <\??\d:\Program Files\Unlocker\UnlockerDriver5.sys>
        文件路径: d:\Program Files\Unlocker\UnlockerDriver5.sys [服务器忙]

        [ZD1211BU(TP-LINK)] [已启用]   <system32\DRIVERS\zd1211Bu.sys/TL-WN322G>
        文件路径: C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys [服务器忙]

        [ZDPSp50] [已启用]             <System32\Drivers\ZDPSp50.sys>
        文件路径: C:\WINDOWS\system32\Drivers\ZDPSp50.sys [服务器忙]


==============================================================
        当前进程
==============================================================

名称:     CCenter.exe  [已启用]
命令行:   "C:\Program Files\Rising\Rav\CCenter.exe"
文件路径: C:\Program Files\Rising\Rav\CCenter.exe  [服务器忙] (Beijing Rising Technology Co.. Ltd.)
模块文件: C:\WINDOWS\system32\ntdll.dll                 (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\kernel32.dll              (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\USER32.dll                (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\GDI32.dll                 (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\ADVAPI32.dll              (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\RPCRT4.dll                (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\Secur32.dll               (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\IMM32.DLL                 (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\LPK.DLL                   (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\USP10.dll                 (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\msvcrt.dll                (Microsoft Corporation)
模块文件: C:\Program Files\Rising\Rfw\ijt_base.dll      (Beijing Rising Information Technology Co.. Ltd.)
模块文件: C:\WINDOWS\system32\SHELL32.dll               (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\SHLWAPI.dll               (Microsoft Corporation)
模块文件: C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\comctl32.dll              (Microsoft Corporation)
模块文件: C:\Program Files\Rising\Rfw\olemon.dll        (Beijing Rising Information Technology Co.. Ltd.)
模块文件: C:\WINDOWS\system32\uxtheme.dll               (Microsoft Corporation)

名称:     Ravmond.exe  [已启用]
命令行:   "C:\PROGRAM FILES\RISING\RAV\Ravmond.exe"
文件路径: C:\PROGRAM FILES\RISING\RAV\Ravmond.exe  [服务器忙] (Beijing Rising Technology Co.. Ltd.)
模块文件: C:\WINDOWS\system32\ntdll.dll                 (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\kernel32.dll              (Microsoft Corporation)
模块文件: C:\PROGRAM FILES\RISING\RAV\BWList.dll        (Beijing Rising Technology Co.. Ltd.)
模块文件: C:\WINDOWS\system32\MFC42.DLL                 (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\msvcrt.dll                (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\GDI32.dll                 (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\USER32.dll                (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\ADVAPI32.dll              (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\RPCRT4.dll                (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\Secur32.dll               (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\SHELL32.dll               (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\SHLWAPI.dll               (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\MSVCP60.dll               (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\WSOCK32.dll               (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\WS2_32.dll                (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\WS2HELP.dll               (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\OLEAUT32.dll              (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\ole32.dll                 (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\VERSION.dll               (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\IMM32.DLL                 (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\LPK.DLL                   (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\USP10.dll                 (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\MFC42LOC.DLL              (Microsoft Corporation)
模块文件: C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\comctl32.dll              (Microsoft Corporation)
模块文件: C:\PROGRAM FILES\RISING\RAV\RsCommX.dll       (rising)
模块文件: C:\PROGRAM FILES\RISING\RAV\rfwctrl.dll       (Beijing Rising Technology Co.. Ltd.)
模块文件: C:\WINDOWS\system32\USERENV.dll               (Microsoft Corporation)
模块文件: C:\PROGRAM FILES\RISING\RAV\RsPPsys.dll       (Beijing Rising Technology Co.. Ltd.)
模块文件: C:\Program Files\Rising\Rfw\ijt_base.dll      (Beijing Rising Information Technology Co.. Ltd.)
模块文件: C:\Program Files\Rising\Rfw\olemon.dll        (Beijing Rising Information Technology Co.. Ltd.)
模块文件: C:\PROGRAM FILES\RISING\RAV\RSAPPMGR.DLL      (Beijing Rising Technology Co.. Ltd.)
模块文件: C:\PROGRAM FILES\RISING\RAV\CfgDll.dll        (Beijing Rising Technology Co.. Ltd.)
模块文件: C:\PROGRAM FILES\RISING\RAV\RSCOMMON.DLL      (Beijing Rising Technology Co.. Ltd.)
模块文件: C:\PROGRAM FILES\RISING\RAV\RsLog.dll         (Beijing Rising Technology Co.. Ltd.)
模块文件: C:\PROGRAM FILES\RISING\RAV\HOOKSYS.dll       (Beijing Rising Technology Co.. Ltd.)
模块文件: C:\Program Files\Rising\Rav\Scanner.dll       (Beijing Rising Technology Co.. Ltd.)
模块文件: C:\Program Files\Rising\Rav\libload.dll       (Beijing Rising Technology Co.. Ltd.)
模块文件: C:\Program Files\Rising\Rav\VirusLib.dll      (Beijing Rising Technology Co.. Ltd.)
模块文件: C:\PROGRAM FILES\RISING\RAV\regmon.dll        (Beijing Rising Technology Co.. Ltd.)
模块文件: C:\PROGRAM FILES\RISING\RAV\psapi.dll         (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\IMAGEHLP.dll              (Microsoft Corporation)
模块文件: C:\PROGRAM FILES\RISING\RAV\HookWeb.dll       (Beijing Rising Technology Co.. Ltd.)
模块文件: C:\PROGRAM FILES\RISING\RAV\MemMon.dll        (Beijing Rising Technology Co.. Ltd.)
模块文件: C:\PROGRAM FILES\RISING\RAV\expscan.dll       (Beijing Rising Technology Co.. Ltd.)
模块文件: C:\PROGRAM FILES\RISING\RAV\mPorts.dll        (Beijing Rising Technology Co.. Ltd.)
模块文件: C:\WINDOWS\system32\iphlpapi.dll              (Microsoft Corporation)
模块文件: C:\PROGRAM FILES\RISING\RAV\HookCont.dll      (Rising)
模块文件: C:\Program Files\Rising\Rav\SpamEng.dll
模块文件: C:\Program Files\Rising\Rav\engine.dll        (Beijing Rising Technology Co.. Ltd.)
模块文件: C:\WINDOWS\system32\mswsock.dll               (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\hnetcfg.dll               (Microsoft Corporation)
模块文件: C:\WINDOWS\System32\wshtcpip.dll              (Microsoft Corporation)
模块文件: C:\Program Files\Rising\Rav\PostTrt.dll       (Beijing Rising Technology Co.. Ltd.)
模块文件: C:\WINDOWS\system32\uxtheme.dll               (Microsoft Corporation)
模块文件: C:\Program Files\Rising\Rav\UnExe.dll         (Beijing Rising Technology Co.. Ltd.)
模块文件: C:\Program Files\Rising\Rav\ScanExec.dll      (Beijing Rising Technology Co.. Ltd.)
模块文件: C:\Program Files\Rising\Rav\ScanEx.dll        (Beijing Rising Technology Co.. Ltd.)
模块文件: C:\Program Files\Rising\Rav\ExtFile.dll       (Beijing Rising Technology Co.. Ltd.)
模块文件: C:\Program Files\Rising\Rav\NvFile.dll        (Beijing Rising Technology Co.. Ltd.)
模块文件: C:\Program Files\Rising\Rav\ScanMac.dll       (Beijing Rising Technology Co.. Ltd.)
模块文件: C:\Program Files\Rising\Rav\ScanSct.dll       (Beijing Rising Technology Co.. Ltd.)
模块文件: C:\WINDOWS\system32\CLBCATQ.DLL               (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\COMRes.dll                (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\xpsp2res.dll              (Microsoft Corporation)
模块文件: C:\Program Files\Rising\Rav\ScanPack.dll      (Beijing Rising Technology Co.. Ltd.)
模块文件: C:\Program Files\Rising\Rav\RsVM.dll
模块文件: C:\Program Files\Rising\Rav\Uroutine.dll      (Beijing Rising Technology Co.. Ltd.)
模块文件: C:\WINDOWS\system32\perfproc.dll              (Microsoft Corporation)
模块文件: C:\Program Files\Rising\Rav\Uscript.dll       (Beijing Rising Technology Co.. Ltd.)
模块文件: C:\Program Files\Rising\Rav\ExtOLE.dll        (Beijing Rising Technology Co.. Ltd.)

名称:     RavTask.exe  [已启用]
命令行:   "C:\Program Files\Rising\Rav\RavTask.exe" -system
文件路径: C:\Program Files\Rising\Rav\RavTask.exe  [服务器忙] (Beijing Rising Technology Co.. Ltd.)
模块文件: C:\WINDOWS\system32\ntdll.dll                 (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\kernel32.dll              (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\USER32.dll                (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\GDI32.dll                 (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\ADVAPI32.dll              (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\RPCRT4.dll                (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\Secur32.dll               (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\COMCTL32.dll              (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\IMM32.DLL                 (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\LPK.DLL                   (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\USP10.dll                 (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\msvcrt.dll                (Microsoft Corporation)
模块文件: C:\Program Files\Rising\Rav\RSCOMMON.DLL      (Beijing Rising Technology Co.. Ltd.)
模块文件: C:\Program Files\Rising\Rav\RSAPPMGR.DLL      (Beijing Rising Technology Co.. Ltd.)
模块文件: C:\Program Files\Rising\Rav\CfgDll.dll        (Beijing Rising Technology Co.. Ltd.)
模块文件: C:\WINDOWS\system32\ole32.dll                 (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\OLEAUT32.dll              (Microsoft Corporation)
模块文件: C:\Program Files\Rising\Rav\RsCommX.dll       (rising)
模块文件: C:\WINDOWS\system32\uxtheme.dll               (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\msctfime.ime              (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\MSCTF.dll                 (Microsoft Corporation)
模块文件: C:\Program Files\Rising\Rfw\ijt_base.dll      (Beijing Rising Information Technology Co.. Ltd.)
模块文件: C:\WINDOWS\system32\SHELL32.dll               (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\SHLWAPI.dll               (Microsoft Corporation)
模块文件: C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll (Microsoft Corporation)
模块文件: C:\Program Files\Rising\Rfw\olemon.dll        (Beijing Rising Information Technology Co.. Ltd.)
模块文件: C:\WINDOWS\system32\ODBC32.dll                (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\comdlg32.dll              (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\odbcint.dll               (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\odbccp32.dll              (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\VERSION.dll               (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\CLBCATQ.DLL               (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\COMRes.dll                (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\VBAJET32.DLL              (Microsoft Corporation)

名称:     Ravmon.exe  [已启用]
命令行:   "C:\Program Files\Rising\Rav\Ravmon.exe" -SYSTEM
文件路径: C:\Program Files\Rising\Rav\Ravmon.exe  [服务器忙] (Beijing Rising Technology Co.. Ltd.)
模块文件: C:\WINDOWS\system32\ntdll.dll                 (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\kernel32.dll              (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\RPCRT4.dll                (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\ADVAPI32.dll              (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\Secur32.dll               (Microsoft Corporation)
模块文件: C:\Program Files\Rising\Rav\RsGuiLib.dll      (Beijing Rising Technology Co.. Ltd.)
模块文件: C:\WINDOWS\system32\MFC42.DLL                 (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\msvcrt.dll                (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\GDI32.dll                 (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\USER32.dll                (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\COMCTL32.dll              (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\MSVCP60.dll               (Microsoft Corporation)
模块文件: C:\Program Files\Rising\Rav\BWList.dll        (Beijing Rising Technology Co.. Ltd.)
模块文件: C:\WINDOWS\system32\SHELL32.dll               (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\SHLWAPI.dll               (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\WSOCK32.dll               (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\WS2_32.dll                (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\WS2HELP.dll               (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\VERSION.dll               (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\IMM32.DLL                 (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\LPK.DLL                   (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\USP10.dll                 (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\MFC42LOC.DLL              (Microsoft Corporation)
模块文件: C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll (Microsoft Corporation)
模块文件: C:\Program Files\Rising\Rav\RSAPPMGR.DLL      (Beijing Rising Technology Co.. Ltd.)
模块文件: C:\Program Files\Rising\Rav\CfgDll.dll        (Beijing Rising Technology Co.. Ltd.)
模块文件: C:\WINDOWS\system32\ole32.dll                 (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\OLEAUT32.dll              (Microsoft Corporation)
模块文件: C:\Program Files\Rising\Rav\RSCOMMON.DLL      (Beijing Rising Technology Co.. Ltd.)
模块文件: C:\Program Files\Rising\Rav\RsCommX.dll       (rising)
模块文件: C:\Program Files\Rising\Rav\RsXML.dll         (Beijing Rising Technology Co.. Ltd.)
模块文件: C:\Program Files\Rising\Rav\PngDll.dll        (Beijing Rising Technology Co.. Ltd.)
模块文件: C:\WINDOWS\system32\uxtheme.dll               (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\MSCTF.dll                 (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\msctfime.ime              (Microsoft Corporation)
模块文件: C:\Program Files\Rising\Rfw\ijt_base.dll      (Beijing Rising Information Technology Co.. Ltd.)
模块文件: C:\Program Files\Rising\Rfw\olemon.dll        (Beijing Rising Information Technology Co.. Ltd.)
模块文件: C:\WINDOWS\system32\perfproc.dll              (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\wtsapi32.dll              (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\WINSTA.dll                (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\NETAPI32.dll              (Microsoft Corporation)

名称:     ntfrs.exe  [已启用]
文件路径: C:\WINDOWS\system32\ntfrs.exe  [服务器忙]         (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\ntdll.dll                 (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\kernel32.dll              (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\ADVAPI32.dll              (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\RPCRT4.dll                (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\Secur32.dll               (Microsoft Corporation)
模块文件: C:\Program Files\Rising\Rfw\ijt_base.dll      (Beijing Rising Information Technology Co.. Ltd.)
模块文件: C:\WINDOWS\system32\SHELL32.dll               (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\GDI32.dll                 (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\USER32.dll                (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\msvcrt.dll                (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\SHLWAPI.dll               (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\IMM32.DLL                 (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\LPK.DLL                   (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\USP10.dll                 (Microsoft Corporation)
模块文件: C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\comctl32.dll              (Microsoft Corporation)
模块文件: C:\Program Files\Rising\Rfw\olemon.dll        (Beijing Rising Information Technology Co.. Ltd.)

名称:     ZDWlan.exe  [已启用]
命令行:   "D:\Program Files\ZDWlan.exe" -SETWZCD 35
文件路径: D:\Program Files\ZDWlan.exe  [服务器忙]           (深圳市普联技术有限公司)
模块文件: C:\WINDOWS\system32\ntdll.dll                 (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\kernel32.dll              (Microsoft Corporation)
模块文件: D:\Program Files\dot1x_dll.dll
模块文件: D:\Program Files\W32N55.dll                   (Printing Communications Assoc.. Inc. (PCAUSA))
模块文件: C:\WINDOWS\system32\USER32.dll                (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\GDI32.dll                 (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\ADVAPI32.dll              (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\RPCRT4.dll                (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\Secur32.dll               (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\WS2_32.dll                (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\msvcrt.dll                (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\WS2HELP.dll               (Microsoft Corporation)
模块文件: D:\Program Files\SSLEAY32.dll                 (The OpenSSL Project. http://www.openssl.org/)
模块文件: D:\Program Files\LIBEAY32.dll                 (The OpenSSL Project. http://www.openssl.org/)
模块文件: C:\WINDOWS\system32\WSOCK32.dll               (Microsoft Corporation)
模块文件: D:\Program Files\MSVCR71.dll                  (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\CRYPT32.dll               (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\MSASN1.dll                (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\COMCTL32.dll              (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\SHLWAPI.dll               (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\WINSPOOL.DRV              (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\OLEACC.dll                (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\MSVCP60.dll               (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\ole32.dll                 (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\OLEAUT32.dll              (Microsoft Corporation)
模块文件: D:\Program Files\ZDWLAN.dll
模块文件: D:\Program Files\MFC42.DLL                    (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\iphlpapi.dll              (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\OLEPRO32.DLL              (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\IMM32.DLL                 (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\LPK.DLL                   (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\USP10.dll                 (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\MFC42LOC.DLL              (Microsoft Corporation)
模块文件: C:\Program Files\Rising\Rfw\ijt_base.dll      (Beijing Rising Information Technology Co.. Ltd.)
模块文件: C:\WINDOWS\system32\SHELL32.dll               (Microsoft Corporation)
模块文件: C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll (Microsoft Corporation)
模块文件: C:\Program Files\Rising\Rfw\olemon.dll        (Beijing Rising Information Technology Co.. Ltd.)
模块文件: C:\WINDOWS\system32\uxtheme.dll               (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\MSCTF.dll                 (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\msctfime.ime              (Microsoft Corporation)

名称:     oodag.exe  [已启用]
文件路径: C:\WINDOWS\system32\oodag.exe  [服务器忙]         (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\ntdll.dll                 (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\kernel32.dll              (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\ADVAPI32.dll              (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\RPCRT4.dll                (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\Secur32.dll               (Microsoft Corporation)
模块文件: C:\Program Files\Rising\Rfw\ijt_base.dll      (Beijing Rising Information Technology Co.. Ltd.)
模块文件: C:\WINDOWS\system32\SHELL32.dll               (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\GDI32.dll                 (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\USER32.dll                (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\msvcrt.dll                (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\SHLWAPI.dll               (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\IMM32.DLL                 (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\LPK.DLL                   (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\USP10.dll                 (Microsoft Corporation)
模块文件: C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\comctl32.dll              (Microsoft Corporation)
模块文件: C:\Program Files\Rising\Rfw\olemon.dll        (Beijing Rising Information Technology Co.. Ltd.)

名称:     o2flash.exe  [已启用]
文件路径: C:\WINDOWS\system32\o2flash.exe  [服务器忙]
模块文件: C:\WINDOWS\system32\ntdll.dll                 (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\kernel32.dll              (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\ADVAPI32.dll              (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\RPCRT4.dll                (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\Secur32.dll               (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\CFGMGR32.dll              (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\setupapi.dll              (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\msvcrt.dll                (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\GDI32.dll                 (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\USER32.dll                (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\IMM32.DLL                 (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\LPK.DLL                   (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\USP10.dll                 (Microsoft Corporation)
模块文件: C:\Program Files\Rising\Rfw\ijt_base.dll      (Beijing Rising Information Technology Co.. Ltd.)
模块文件: C:\WINDOWS\system32\SHELL32.dll               (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\SHLWAPI.dll               (Microsoft Corporation)
模块文件: C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\comctl32.dll              (Microsoft Corporation)
模块文件: C:\Program Files\Rising\Rfw\olemon.dll        (Beijing Rising Information Technology Co.. Ltd.)