瑞星杀毒软件、奇虎360杀毒软件、360卫士、百度卫士联手，搞不定弹出广告 & 恶意广告图标

　　一位网友说他的电脑近期出了问题：开机后桌面和任务栏上的高速启动栏会出现恶意图标。删除了下次开机又会出现；使用电脑过程中每分钟都会弹出广告。他为电脑安装了瑞星杀毒软件、奇虎360杀毒软件、360卫士、百度卫士。以及广告神盾，都不能解决这个问题。如今电脑开机时须要几分钟才干进入桌面。请求帮忙。

　　这些恶意广告图标pe_xscan扫描log中的相关项目：

hao123_网址导航_Internet.lnk -> http://www.hao123.com/?tn=90618383_hao_pg
Inteent Exploror.lnk ->

tn=98868055_hao_pg" target="_blank">http://www.hao123.com/?tn=98868055_hao_pg
Intronnt HaoDao.lnk -> http://www.hao123.com/?tn=98868055_hao_pg
lentent Epxlroer.lnk -> http://www.3600.com/?src=lm&ls=n525187378f
今日黄历.lnk -> C:\Documents and Settings\Administrator\Application Data\nlcal\nlcal.exe
折子购物.lnk -> C:\Program Files\zhezi\app\zhezi\zhezi.exe
极速抢票入口.lnk -> http://www.hao123.com/?tn=93947501_hao_pg
爱淘宝.lnk -> http://t.cn/Rv8Fg27

　在QQ上远程协助，依次用奇虎360杀毒软件、360卫士、瑞星杀毒软件、百度卫士进行扫描查杀，确认桌面和任务栏上的高速启动栏会出现恶意广告图标都删除了。

然后重新启动电脑一看，这些图标又出来了。

　　用pe_xscan扫描log并分析：

pe_xscan 11-03-17 by Purple Endurer
2014-7-10 9:27:11
Windows XP Service Pack 3(5.1.2600)
MSIE:8.0.6001.18702
管理员用户组
正常模式
[System Process] * 0 |$X
    C:\Program Files\Rising\RAV\rsmgr.dll |$Beijing Rising Information Technology Corporation Limited | 2014-4-17 20:7:23
    C:\Program Files\Rising\RAV\wbprotect.dll |$Beijing Rising Information Technology Corporation Limited | 2014-2-27 17:52:42
    C:\Program Files\广告神盾\0707150103\adhkdll.dll |$Guangzhou Feiwu Network Science and Technology Co., Ltd. | 2014-5-22 20:31:42
C:\Program Files\baidu\BaiduAn\2.1.0.1214\BaiduAnSvc.exe * 1200 |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:16
    C:\Program Files\Baidu\BaiduAn\2.1.0.1214\BDLogicUtils.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:17
    C:\Program Files\Baidu\BaiduAn\2.1.0.1214\BDMSkin.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:17
    C:\Program Files\Baidu\BaiduAn\2.1.0.1214\bdmantivirus\BDMAVEng.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:16
    C:\Program Files\Baidu\BaiduAn\2.1.0.1214\BDMReport.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:17
    C:\Program Files\Baidu\BaiduAn\2.1.0.1214\bdmantivirus\bduf.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:16
    C:\Program Files\Baidu\BaiduAn\2.1.0.1214\BDMNet.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:17
    C:\Program Files\Baidu\BaiduAn\2.1.0.1214\plugins\RTPPlugins\BDMSOAccServicePlugin.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:15
    C:\Program Files\Baidu\BaiduAn\2.1.0.1214\FTSOManager\BDMProcessRunningTime.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:15
    C:\Program Files\Baidu\BaiduAn\2.1.0.1214\plugins\RTPPlugins\HIPS.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-7-2 8:3:11
    C:\Program Files\Baidu\BaiduAn\2.1.0.1214\DriverManager.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:17
    C:\Program Files\Baidu\BaiduAn\2.1.0.1214\ad.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-7-2 8:3:9
    C:\Program Files\Baidu\BaiduAn\2.1.0.1214\bdmantivirus\BDKitUtils.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:16
    C:\Program Files\Baidu\BaiduAn\2.1.0.1214\bdmantivirus\TrustAndIso.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:16
    C:\Documents and Settings\All Users\Application Data\zhezi\bin2\h\ximvdemx.dll |$北京精益求德科技有限公司 | 2014-7-10 8:5:18
C:\WINDOWS\system32\svchost.exe * 1232 |$M$ | 2008-6-2 8:0:0
    C:\Documents and Settings\All Users\Application Data\zhezi\bin2\h\ximvdemx.dll |$北京精益求德科技有限公司 | 2014-7-10 8:5:18
C:\Program Files\Rising\RSD\RsMgrSvc.exe * 1476 |$Beijing Rising Information Technology Corporation Limited | 2013-11-17 22:14:37
    C:\Program Files\Rising\RSD\comx3.dll |$Beijing Rising Information Technology Corporation Limited | 2013-11-17 22:14:37
    C:\Program Files\Rising\RSD\Syslay.dll |$Beijing Rising Information Technology Corporation Limited | 2013-11-17 22:14:37
C:\Program Files\Rising\RAV\ravmond.exe * 1492 |$Beijing Rising Information Technology Corporation Limited | 2014-5-15 14:57:11
C:\WINDOWS\system32\svchost.exe * 1528 |$M$ | 2008-6-2 8:0:0
    C:\Documents and Settings\All Users\Application Data\zhezi\bin2\h\ximvdemx.dll |$北京精益求德科技有限公司 | 2014-7-10 8:5:18
    C:\Program Files\Rising\RAV\ravscrch.dll |$Beijing Rising Information Technology Corporation Limited | 2014-5-26 14:59:59
C:\WINDOWS\system32\svchost.exe * 1664 |$M$ | 2008-6-2 8:0:0
    C:\Documents and Settings\All Users\Application Data\zhezi\bin2\h\ximvdemx.dll |$北京精益求德科技有限公司 | 2014-7-10 8:5:18
C:\WINDOWS\system32\svchost.exe * 1736 |$M$ | 2008-6-2 8:0:0
    C:\Documents and Settings\All Users\Application Data\zhezi\bin2\h\ximvdemx.dll |$北京精益求德科技有限公司 | 2014-7-10 8:5:18
C:\Program Files\stickynotes\stickynotes.exe * 1776 |$Beijing Panshi Yongye Investment Co.,Ltd. | 2014-7-4 14:41:8
    C:\Program Files\stickynotes\stickynotes.dll |$Beijing Panshi Yongye Investment Co.,Ltd. | 2014-7-4 14:41:10
C:\Program Files\360\360Safe\deepscan\ZhuDongFangYu.exe * 1848 |$Qihoo 360 Software (Beijing) Company Limited | 2014-5-27 22:0:44
    C:\Program Files\360\360Safe\360base.dll |$Qihoo 360 Software (Beijing) Company Limited | 2014-4-22 11:48:30
    C:\Program Files\360\360Safe\360util.dll |$Qihoo 360 Software (Beijing) Company Limited | 2014-6-18 12:6:38
    C:\Program Files\360\360Safe\360conf.dll |$Qihoo 360 Software (Beijing) Company Limited | 2014-4-22 11:48:38
    C:\Program Files\360\360Safe\deepscan\cloudcom2.dll |$Qihoo 360 Software (Beijing) Company Limited | 2014-6-26 15:30:12
    C:\Program Files\360\360Safe\360leakfixplugin.dll |$Qihoo 360 Software (Beijing) Company Limited | 2014-4-22 11:51:0
    C:\Program Files\360\360Safe\SoftMgr\360SoftMgrS.dll |$Qihoo 360 Software (Beijing) Company Limited | 2014-4-15 9:25:38
    C:\Program Files\360\360Safe\360NetBase.dll |$Qihoo 360 Software (Beijing) Company Limited | 2014-5-28 18:22:42
    C:\Program Files\360\360Safe\deepscan\heavygate.dll |$Qihoo 360 Software (Beijing) Company Limited | 2014-4-22 11:50:6
    C:\Program Files\360\360Safe\deepscan\qutmload.dll |$Qihoo 360 Software (Beijing) Company Limited | 2014-5-6 14:22:12
    C:\Program Files\360\360Safe\deepscan\bapi.dll |$Qihoo 360 Software (Beijing) Company Limited | 2014-4-16 19:23:34
    C:\Program Files\360\360Safe\SoftMgr\360OptExt.dll |$Qihoo 360 Software (Beijing) Company Limited | 2014-4-24 10:58:46
    C:\Program Files\360\360Safe\sweeper\CleanSoft.dll |$Qihoo 360 Software (Beijing) Company Limited | 2014-6-25 16:27:44
    C:\Program Files\360\360Safe\sweeper\CleanSoftEng.dll |$Qihoo 360 Software (Beijing) Company Limited | 2014-6-12 12:50:50
C:\WINDOWS\system32\spoolsv.exe * 264 |$M$ | 2011-6-15 17:8:54
    C:\Documents and Settings\All Users\Application Data\zhezi\bin2\h\ximvdemx.dll |$北京精益求德科技有限公司 | 2014-7-10 8:5:18
C:\WINDOWS\explorer.exe * 1836 |$M$ | 2008-6-2 8:0:0
    D:\Program Files\360\360sd\ShellIco.dll |$Qihoo 360 Software (Beijing) Company Limited | 2014-2-20 20:7:5
    C:\Program Files\360\360Safe\safemon\360UDiskGuard.dll |$Qihoo 360 Software (Beijing) Company Limited | 2014-5-6 10:53:58
    C:\Program Files\Rising\RAV\rsmgr.dll |$Beijing Rising Information Technology Corporation Limited | 2014-4-17 20:7:23
    C:\Program Files\Rising\RAV\wbshld.dll |$Beijing Rising Information Technology Corporation Limited | 2014-5-30 15:7:51
    C:\Program Files\Rising\RAV\wbprotect.dll |$Beijing Rising Information Technology Corporation Limited | 2014-2-27 17:52:42
    C:\Program Files\360\360Safe\SoftMgr\SML\SMLLauncher.dll |$Qihoo 360 Software (Beijing) Company Limited | 2014-4-17 18:34:36
    C:\Program Files\360\360Safe\360Base.dll |$Qihoo 360 Software (Beijing) Company Limited | 2014-4-22 11:48:30
    C:\Program Files\360\360Safe\safemon\safemon.dll |$Qihoo 360 Software (Beijing) Company Limited | 2014-5-13 17:24:40
    C:\Program Files\360\360Safe\safemon\Safehmpg.dll |$Qihoo 360 Software (Beijing) Company Limited | 2014-4-17 14:51:8
    C:\Program Files\360\360Safe\safemon\iNetSafe.dll |$Qihoo 360 Software (Beijing) Company Limited | 2014-5-6 12:18:52
    C:\Program Files\360\360Safe\safemon\wdexhelper.dll |$Qihoo 360 Software (Beijing) Company Limited | 2014-4-17 16:23:14
    C:\Program Files\WinRAR\rarext.dll |$X | 2013-1-4 14:36:24| ?| ?

| ?| ?| ?| ?| ?| ?| ?

d:\Program Files\360\360sd\MenuEx.dll |$Qihoo 360 Software (Beijing) Company Limited | 2014-2-20 20:7:19
    C:\Program Files\360\360Safe\Utils\shell360ext.dll |$Qihoo 360 Software (Beijing) Company Limited | 2014-5-9 18:20:6
    C:\WINDOWS\system32\ravext.dll |$Beijing Rising Information Technology Corporation Limited | 2014-1-5 9:4:41
    C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.DLL |$X | 2012-8-17 16:27:58 | Microsoft? Visual Studio?

2005 | 8.00.50727.4053 | ATL Module for Windows (Unicode) | ? Microsoft Corporation. All rights reserved. | 8.00.50727.4053 | Microsoft Corporation| ? | ATL80.DLL | ATL80.DLL
    C:\Program Files\广告神盾\0707150103\adhkdll.dll |$Guangzhou Feiwu Network Science and Technology Co., Ltd. | 2014-5-22 20:31:42
    C:\WINDOWS\system32\diactkf.dll |$X | 2014-7-1 8:5:3 | TK | 1.01.0006 |   | (C) Microsoft Corporation. All rights reserved. | 1.01.0006 | TK| ? | TuKu | TuKu.dll
    C:\WINDOWS\system32\SGWPShe32.dll |$Sogou.com | 2014-5-26 17:7:30
    C:\Program Files\360\360Safe\SoftMgr\SoftMgrExt.dll |$Qihoo 360 Software (Beijing) Company Limited | 2014-5-7 11:16:36
    C:\WINDOWS\system32\shellfire.dll |$PPLive Corporation | 2014-7-2 15:29:30
    C:\Documents and Settings\Administrator\Application Data\Wandoujia2\Applications\2.67.0.4980\wandoujia_shlext_dll.dll |$Wandou Technology Ltd | 2013-11-25 20:8:12
C:\Program Files\XCFaXian\lssvr.exe * 2292 |$北京趣找电子商务有限公司 | 2014-6-26 14:5:28
C:\Program Files\SogouInput\Components\AddressSearch\OmniAddr\OmniAddrService.exe * 2500 |$Sogou.com | 2014-5-14 8:29:48
    C:\Program Files\SogouInput\Components\AddressSearch\OmniAddr\OmniAddrService.exe |$Sogou.com | 2014-5-14 8:29:48
    C:\Documents and Settings\All Users\Application Data\zhezi\bin2\h\ximvdemx.dll |$北京精益求德科技有限公司 | 2014-7-10 8:5:18
C:\Program Files\Rising\RAV\rstray.exe * 2648 |$Beijing Rising Information Technology Corporation Limited | 2014-5-15 14:57:13
C:\Program Files\广告神盾\0707150103\ADShendun32.exe * 2748 |$Guangzhou Feiwu Network Science and Technology Co., Ltd. | 2014-6-23 14:27:34
    C:\Program Files\广告神盾\0707150103\ADShendun32.exe |$Guangzhou Feiwu Network Science and Technology Co., Ltd. | 2014-6-23 14:27:34
    C:\Program Files\Rising\RAV\rsmgr.dll |$Beijing Rising Information Technology Corporation Limited | 2014-4-17 20:7:23
    C:\Program Files\Rising\RAV\wbprotect.dll |$Beijing Rising Information Technology Corporation Limited | 2014-2-27 17:52:42
    C:\Program Files\Rising\RAV\ravscrch.dll |$Beijing Rising Information Technology Corporation Limited | 2014-5-26 14:59:59
    C:\Documents and Settings\All Users\Application Data\zhezi\bin2\h\ximvdemx.dll |$北京精益求德科技有限公司 | 2014-7-10 8:5:18
    C:\Program Files\广告神盾\0707150103\adhkdll.dll |$Guangzhou Feiwu Network Science and Technology Co., Ltd. | 2014-5-22 20:31:42
C:\Program Files\yyfm0529\2014071008\yymusic05.exe * 3272 |$GuangxiNanningshi Shengjuguangzaixian Info Tech Co.,LTD. | 2014-6-6 1:53:58
    C:\Program Files\yyfm0529\2014071008\yymusic05.exe |$GuangxiNanningshi Shengjuguangzaixian Info Tech Co.,LTD. | 2014-6-6 1:53:58
    C:\Program Files\yyfm0529\2014071008\avcore.dll |$GuangxiNanningshi Shengjuguangzaixian Info Tech Co.,LTD. | 2014-6-6 1:54:0
    C:\Program Files\yyfm0529\2014071008\audio.dll |$GuangxiNanningshi Shengjuguangzaixian Info Tech Co.,LTD. | 2014-6-6 1:54:0
    C:\Program Files\yyfm0529\2014071008\libav.dll |$GuangxiNanningshi Shengjuguangzaixian Info Tech Co.,LTD. | 2014-6-6 1:54:6
    C:\Program Files\yyfm0529\2014071008\pthreadGC2.dll |$GuangxiNanningshi Shengjuguangzaixian Info Tech Co.,LTD. | 2014-6-6 1:53:54
    C:\Program Files\yyfm0529\2014071008\swresample-0.dll |$GuangxiNanningshi Shengjuguangzaixian Info Tech Co.,LTD. | 2014-6-6 1:53:56
    C:\Program Files\yyfm0529\2014071008\avutil-52.dll |$GuangxiNanningshi Shengjuguangzaixian Info Tech Co.,LTD. | 2014-6-6 1:54:4
    C:\Program Files\yyfm0529\2014071008\avformat-54.dll |$GuangxiNanningshi Shengjuguangzaixian Info Tech Co.,LTD. | 2014-6-6 1:54:2
    C:\Program Files\yyfm0529\2014071008\avcodec-54.dll |$GuangxiNanningshi Shengjuguangzaixian Info Tech Co.,LTD. | 2014-6-6 1:54:0
    C:\Program Files\yyfm0529\2014071008\source.dll |$GuangxiNanningshi Shengjuguangzaixian Info Tech Co.,LTD. | 2014-6-6 1:53:54
    C:\Program Files\yyfm0529\2014071008\DuiLib.dll |$GuangxiNanningshi Shengjuguangzaixian Info Tech Co.,LTD. | 2014-6-6 1:54:6
    C:\Program Files\Rising\RAV\rsmgr.dll |$Beijing Rising Information Technology Corporation Limited | 2014-4-17 20:7:23
    C:\Program Files\Rising\RAV\wbprotect.dll |$Beijing Rising Information Technology Corporation Limited | 2014-2-27 17:52:42
    C:\Documents and Settings\All Users\Application Data\zhezi\bin2\h\ximvdemx.dll |$北京精益求德科技有限公司 | 2014-7-10 8:5:18
    C:\Program Files\广告神盾\0707150103\adhkdll.dll |$Guangzhou Feiwu Network Science and Technology Co., Ltd. | 2014-5-22 20:31:42
C:\Program Files\XCFaXian\XCFaXian.exe * 3424 |$北京趣找电子商务有限公司 | 2014-6-26 14:5:28
    C:\Program Files\XCFaXian\XCFaXian.exe |$北京趣找电子商务有限公司 | 2014-6-26 14:5:28
    C:\Program Files\Rising\RAV\rsmgr.dll |$Beijing Rising Information Technology Corporation Limited | 2014-4-17 20:7:23
    C:\Program Files\Rising\RAV\wbprotect.dll |$Beijing Rising Information Technology Corporation Limited | 2014-2-27 17:52:42
    C:\Documents and Settings\All Users\Application Data\zhezi\bin2\h\ximvdemx.dll |$北京精益求德科技有限公司 | 2014-7-10 8:5:18
    C:\Program Files\广告神盾\0707150103\adhkdll.dll |$Guangzhou Feiwu Network Science and Technology Co., Ltd. | 2014-5-22 20:31:42
    C:\Program Files\360\360Safe\safemon\safemon.dll |$Qihoo 360 Software (Beijing) Company Limited | 2014-5-13 17:24:40
C:\Program Files\Rising\RSD\popwndexe.exe * 3448 |$Beijing Rising Information Technology Corporation Limited | 2013-11-17 22:14:37
    C:\Program Files\Rising\RSD\popwndexe.exe |$Beijing Rising Information Technology Corporation Limited | 2013-11-17 22:14:37
    C:\Program Files\Rising\RSD\rsdk.dll |$Beijing Rising Information Technology Corporation Limited | 2013-11-17 22:14:37
    C:\Program Files\Rising\RSD\rsmginfo.dll |$Beijing Rising Information Technology Corporation Limited | 2013-11-17 22:14:37
    C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL |$Microsoft Corporation | 2013-1-4 14:36:22
    C:\Program Files\广告神盾\0707150103\adhkdll.dll |$Guangzhou Feiwu Network Science and Technology Co., Ltd. | 2014-5-22 20:31:42
    C:\Program Files\Rising\RAV\rsmgr.dll |$Beijing Rising Information Technology Corporation Limited | 2014-4-17 20:7:23
    C:\Program Files\Rising\RAV\wbprotect.dll |$Beijing Rising Information Technology Corporation Limited | 2014-2-27 17:52:42
    C:\Program Files\Rising\RAV\ravscrch.dll |$Beijing Rising Information Technology Corporation Limited | 2014-5-26 14:59:59
    C:\Documents and Settings\All Users\Application Data\zhezi\bin2\h\ximvdemx.dll |$北京精益求德科技有限公司 | 2014-7-10 8:5:18
C:\Documents and Settings\Administrator\Application Data\nlcal\nlcal.exe * 3892 |$深圳亿纬科技有限公司 | 2014-7-10 8:4:58
    C:\Documents and Settings\Administrator\Application Data\nlcal\nlcal.exe |$深圳亿纬科技有限公司 | 2014-7-10 8:4:58
    C:\Program Files\Rising\RAV\rsmgr.dll |$Beijing Rising Information Technology Corporation Limited | 2014-4-17 20:7:23
    C:\Program Files\Rising\RAV\wbprotect.dll |$Beijing Rising Information Technology Corporation Limited | 2014-2-27 17:52:42
    C:\Documents and Settings\All Users\Application Data\zhezi\bin2\h\ximvdemx.dll |$北京精益求德科技有限公司 | 2014-7-10 8:5:18
    C:\Program Files\360\360Safe\safemon\safemon.dll |$Qihoo 360 Software (Beijing) Company Limited | 2014-5-13 17:24:40
    C:\Program Files\Rising\RAV\ravscrch.dll |$Beijing Rising Information Technology Corporation Limited | 2014-5-26 14:59:59
    C:\Program Files\广告神盾\0707150103\adhkdll.dll |$Guangzhou Feiwu Network Science and Technology Co., Ltd. | 2014-5-22 20:31:42
C:\WINDOWS\system32\rundll32.exe * 1956 |$M$ | 2008-6-2 8:0:0
    C:\Program Files\Rising\RAV\rsmgr.dll |$Beijing Rising Information Technology Corporation Limited | 2014-4-17 20:7:23
    C:\Program Files\Rising\RAV\wbprotect.dll |$Beijing Rising Information Technology Corporation Limited | 2014-2-27 17:52:42
    C:\Program Files\360\360Safe\safemon\safemon.dll |$Qihoo 360 Software (Beijing) Company Limited | 2014-5-13 17:24:40
    C:\Program Files\广告神盾\0707150103\adhkdll.dll |$Guangzhou Feiwu Network Science and Technology Co., Ltd. | 2014-5-22 20:31:42
C:\WINDOWS\system32\ctfmon.exe * 436 |$M$ | 2008-6-2 8:0:0
    C:\Program Files\Rising\RAV\rsmgr.dll |$Beijing Rising Information Technology Corporation Limited | 2014-4-17 20:7:23
    C:\Program Files\Rising\RAV\wbprotect.dll |$Beijing Rising Information Technology Corporation Limited | 2014-2-27 17:52:42
    C:\Program Files\广告神盾\0707150103\adhkdll.dll |$Guangzhou Feiwu Network Science and Technology Co., Ltd. | 2014-5-22 20:31:42
C:\Program Files\baidu\BaiduAn\2.1.0.1214\BaiduAnTray.exe * 976 |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:16
    C:\Program Files\Baidu\BaiduAn\2.1.0.1214\baiduanTray.exe |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:16
    C:\Program Files\Baidu\BaiduAn\2.1.0.1214\BDMSkin.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:17
    C:\Program Files\Baidu\BaiduAn\2.1.0.1214\BDLogicUtils.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:17
    C:\Program Files\Rising\RAV\rsmgr.dll |$Beijing Rising Information Technology Corporation Limited | 2014-4-17 20:7:23
    C:\Program Files\Rising\RAV\wbprotect.dll |$Beijing Rising Information Technology Corporation Limited | 2014-2-27 17:52:42
    C:\Program Files\Baidu\BaiduAn\2.1.0.1214\Plugins\BDMPatcherPlugins\BDMConnect.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-7-2 8:3:5
    C:\Program Files\Baidu\BaiduAn\2.1.0.1214\Plugins\bdmtrayplugins\BDMTrayTipsPlugin.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:15
    C:\Program Files\Baidu\BaiduAn\2.1.0.1214\Plugins\BDMTrayPlugins\BDMSusPlugin.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:15
    C:\Program Files\Baidu\BaiduAn\2.1.0.1214\plugins\bdmsusplugins\BDMSOAccSusPlugin.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:15
    C:\Program Files\Baidu\BaiduAn\2.1.0.1214\plugins\bdmsusplugins\BDMNetMonSusPlugin.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:15
    C:\Program Files\Baidu\BaiduAn\2.1.0.1214\FTSOManager\BDMSOLiveAccMgr.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:15
    C:\Program Files\Baidu\BaiduAn\2.1.0.1214\FTSOManager\BDMSOLiveAccStrategyMgr.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:15
    C:\Program Files\Baidu\BaiduAn\2.1.0.1214\FTSOManager\BDMSOLiveAccEngine.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:15
    C:\Program Files\Baidu\BaiduAn\2.1.0.1214\FTSOManager\BDMNetMonMgrDll.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:15
    C:\Program Files\Baidu\BaiduAn\2.1.0.1214\BDMReport.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:17
    C:\Program Files\Baidu\BaiduAn\2.1.0.1214\BDMNet.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:17
    C:\Documents and Settings\All Users\Application Data\zhezi\bin2\h\ximvdemx.dll |$北京精益求德科技有限公司 | 2014-7-10 8:5:18
    C:\Program Files\Baidu\BaiduAn\2.1.0.1214\Plugins\bdmtrayplugins\BDMSOAccTrayPlugin.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:15
    C:\Program Files\Baidu\BaiduAn\2.1.0.1214\FTSOManager\SysAccMgrDll.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:15
    C:\Program Files\Baidu\BaiduAn\2.1.0.1214\bdmantivirus\BDKitUtils.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:16
    C:\Program Files\Baidu\BaiduAn\2.1.0.1214\Plugins\bdmtrayplugins\BDMSOCleanerTrayPlugin.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:15
    C:\Program Files\Baidu\BaiduAn\2.1.0.1214\BDMUpdate.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:17
    C:\Program Files\360\360Safe\safemon\safemon.dll |$Qihoo 360 Software (Beijing) Company Limited | 2014-5-13 17:24:40
    C:\Program Files\Baidu\BaiduAn\2.1.0.1214\BDMDownload.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:17
    C:\Program Files\广告神盾\0707150103\adhkdll.dll |$Guangzhou Feiwu Network Science and Technology Co., Ltd. | 2014-5-22 20:31:42
C:\Documents and Settings\Administrator\Application Data\nlcal\nlcalQuick.exe * 3936 |$深圳亿纬科技有限公司 | 2014-7-10 8:4:58
    C:\Documents and Settings\Administrator\Application Data\nlcal\nlcalQuick.exe |$深圳亿纬科技有限公司 | 2014-7-10 8:4:58
    C:\Program Files\Rising\RAV\rsmgr.dll |$Beijing Rising Information Technology Corporation Limited | 2014-4-17 20:7:23
    C:\Program Files\Rising\RAV\wbprotect.dll |$Beijing Rising Information Technology Corporation Limited | 2014-2-27 17:52:42
    C:\Documents and Settings\Administrator\Application Data\nlcal\AssistModule.dll |$深圳亿纬科技有限公司 | 2014-7-10 8:4:58
    C:\Documents and Settings\All Users\Application Data\zhezi\bin2\h\ximvdemx.dll |$北京精益求德科技有限公司 | 2014-7-10 8:5:18
    C:\Program Files\360\360Safe\safemon\safemon.dll |$Qihoo 360 Software (Beijing) Company Limited | 2014-5-13 17:24:40
    C:\Program Files\Rising\RAV\ravscrch.dll |$Beijing Rising Information Technology Corporation Limited | 2014-5-26 14:59:59
    C:\Program Files\广告神盾\0707150103\adhkdll.dll |$Guangzhou Feiwu Network Science and Technology Co., Ltd. | 2014-5-22 20:31:42
C:\Program Files\Common Files\Baidu\BDDownload\107\bddownloader.exe * 3168 |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:20
    c:\program files\common files\baidu\bddownload\107\bddownloader.exe |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:20
    C:\Program Files\360\360Safe\safemon\safemon.dll |$Qihoo 360 Software (Beijing) Company Limited | 2014-5-13 17:24:40
    C:\Program Files\Rising\RAV\rsmgr.dll |$Beijing Rising Information Technology Corporation Limited | 2014-4-17 20:7:23
    C:\Program Files\Rising\RAV\wbprotect.dll |$Beijing Rising Information Technology Corporation Limited | 2014-2-27 17:52:42
    c:\program files\common files\baidu\bddownload\107\dl.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:20
    C:\Documents and Settings\All Users\Application Data\zhezi\bin2\h\ximvdemx.dll |$北京精益求德科技有限公司 | 2014-7-10 8:5:18
    C:\Program Files\广告神盾\0707150103\adhkdll.dll |$Guangzhou Feiwu Network Science and Technology Co., Ltd. | 2014-5-22 20:31:42
C:\Program Files\广告神盾\0707150103\server\ADShendunProxy32.exe * 5500 |$Guangzhou Feiwu Network Science and Technology Co., Ltd. | 2014-6-9 22:7:10
    C:\Documents and Settings\All Users\Application Data\zhezi\bin2\h\ximvdemx.dll |$北京精益求德科技有限公司 | 2014-7-10 8:5:18
C:\Program Files\baidu\BaiduAn\2.1.0.1214\BaiduAn.exe * 5896 |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:16
    C:\Program Files\360\360Safe\safemon\safemon.dll |$Qihoo 360 Software (Beijing) Company Limited | 2014-5-13 17:24:40
    C:\Program Files\Rising\RAV\rsmgr.dll |$Beijing Rising Information Technology Corporation Limited | 2014-4-17 20:7:23
    C:\Program Files\Rising\RAV\wbprotect.dll |$Beijing Rising Information Technology Corporation Limited | 2014-2-27 17:52:42
    C:\Program Files\Baidu\BaiduAn\2.1.0.1214\BDMMainframe.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:17
    C:\Program Files\Baidu\BaiduAn\2.1.0.1214\BDLogicUtils.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:17
    C:\Program Files\Baidu\BaiduAn\2.1.0.1214\BDMSkin.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:17
    C:\Program Files\广告神盾\0707150103\adhkdll.dll |$Guangzhou Feiwu Network Science and Technology Co., Ltd. | 2014-5-22 20:31:42
    C:\Program Files\Baidu\BaiduAn\2.1.0.1214\Plugins\BDMSOManagerPlugins\BDMSOCleanerPlugin.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:15
    C:\Program Files\Baidu\BaiduAn\2.1.0.1214\Plugins\BDMSOManagerPlugins\BDMSOAcceleratorPlugin.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:15
    C:\Program Files\Baidu\BaiduAn\2.1.0.1214\FTSOManager\SYSCleaner.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:15
    C:\Program Files\Baidu\BaiduAn\2.1.0.1214\BDMScriptVM.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:17
    C:\Program Files\Baidu\BaiduAn\2.1.0.1214\GCScriptBind.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:17
    C:\Program Files\Baidu\BaiduAn\2.1.0.1214\BDMWindowsLib.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:18
    C:\Program Files\Baidu\BaiduAn\2.1.0.1214\FTSOManager\SysAccMgrDll.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:15
    C:\Program Files\Baidu\BaiduAn\2.1.0.1214\bdmantivirus\BDKitUtils.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:16
    C:\Program Files\Baidu\BaiduAn\2.1.0.1214\FTSOManager\BDMSOLiveAccMgr.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:15
    C:\Program Files\Baidu\BaiduAn\2.1.0.1214\FTSOManager\BDMSOLiveAccStrategyMgr.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:15
    C:\Program Files\Baidu\BaiduAn\2.1.0.1214\FTSOManager\BDMSOLiveAccEngine.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:15
    C:\Program Files\Baidu\BaiduAn\2.1.0.1214\FTSOManager\BDMNetMonMgrDll.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:15
    C:\Program Files\Baidu\BaiduAn\2.1.0.1214\Plugins\bdmmainframeplugins\BDMSWManagerFrame.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:15
    C:\Program Files\Baidu\BaiduAn\2.1.0.1214\BDMSWNestCore.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:17
    C:\Program Files\Baidu\BaiduAn\2.1.0.1214\Plugins\bdmmainframeplugins\BDMSafePlugin.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:15
    C:\Program Files\Baidu\BaiduAn\2.1.0.1214\Plugins\bdmsafeplugins\BDMKVMainPlugin.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:15
    C:\Program Files\Baidu\BaiduAn\2.1.0.1214\Plugins\BDMSafePlugins\BDMPatcherPlugin.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-7-2 8:3:15
    C:\Program Files\Baidu\BaiduAn\2.1.0.1214\Plugins\bdmsafeplugins\BDMSysFixerPlugin.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:15
    C:\Program Files\Baidu\BaiduAn\2.1.0.1214\Plugins\BDMPatcherPlugins\BDMConnect.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-7-2 8:3:5
    C:\Program Files\Baidu\BaiduAn\2.1.0.1214\BDMReport.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:17
    C:\Program Files\Baidu\BaiduAn\2.1.0.1214\BDMNet.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:17
    C:\Documents and Settings\All Users\Application Data\zhezi\bin2\h\ximvdemx.dll |$北京精益求德科技有限公司 | 2014-7-10 8:5:18
    C:\Program Files\Baidu\BaiduAn\2.1.0.1214\FTSysFixer\SysFixer.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:16
    C:\Program Files\Baidu\BaiduAn\2.1.0.1214\BDMSWParseDetect.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:18
    C:\Program Files\Baidu\BaiduAn\2.1.0.1214\Plugins\bdmkvscanplugin\BDMKVScanPlugin.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:15
    C:\Program Files\Baidu\BaiduAn\2.1.0.1214\bdmantivirus\CompatibilityChecker.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:16
    C:\Program Files\Baidu\BaiduAn\2.1.0.1214\bdmantivirus\BDMRepMgr.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:16
    C:\Program Files\Baidu\BaiduAn\2.1.0.1214\bdmantivirus\BDMRepBase.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:16
    C:\Program Files\Baidu\BaiduAn\2.1.0.1214\bdmantivirus\BDMAVEng.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:16
    C:\Program Files\Baidu\BaiduAn\2.1.0.1214\bdmantivirus\TrustAndIso.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:16
C:\Program Files\baidu\BaiduAn\2.1.0.1214\BDALeakfixer.exe * 4608 |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:16
    C:\Program Files\Baidu\BaiduAn\2.1.0.1214\BDALeakfixer.exe |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:16
    C:\Program Files\Baidu\BaiduAn\2.1.0.1214\BDLogicUtils.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:17
    C:\Program Files\Baidu\BaiduAn\2.1.0.1214\BDMSkin.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:17
    C:\Program Files\360\360Safe\safemon\safemon.dll |$Qihoo 360 Software (Beijing) Company Limited | 2014-5-13 17:24:40
    C:\Program Files\Rising\RAV\rsmgr.dll |$Beijing Rising Information Technology Corporation Limited | 2014-4-17 20:7:23
    C:\Program Files\Rising\RAV\wbprotect.dll |$Beijing Rising Information Technology Corporation Limited | 2014-2-27 17:52:42
    C:\Program Files\Baidu\BaiduAn\2.1.0.1214\Plugins\BDMPatcherPlugins\BDMPatcher.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-7-2 8:3:13
    C:\Program Files\Baidu\BaiduAn\2.1.0.1214\Plugins\BDMPatcherPlugins\BDMConnect.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-7-2 8:3:5
    C:\Program Files\Baidu\BaiduAn\2.1.0.1214\BDMReport.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:17
    C:\Program Files\Baidu\BaiduAn\2.1.0.1214\BDMNet.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:17
    C:\Program Files\Baidu\BaiduAn\2.1.0.1214\BDMDownload.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:17
    C:\Documents and Settings\All Users\Application Data\zhezi\bin2\h\ximvdemx.dll |$北京精益求德科技有限公司 | 2014-7-10 8:5:18
C:\Program Files\Rising\RAV\rsmain.exe * 340 |$Beijing Rising Information Technology Corporation Limited | 2013-11-17 22:15:1
C:\Program Files\XCFaXian\XCFaXian.exe * 4384 |$北京趣找电子商务有限公司 | 2014-6-26 14:5:28
    C:\Program Files\XCFaXian\XCFaXian.exe |$北京趣找电子商务有限公司 | 2014-6-26 14:5:28
    C:\Program Files\360\360Safe\safemon\safemon.dll |$Qihoo 360 Software (Beijing) Company Limited | 2014-5-13 17:24:40
    C:\Program Files\Rising\RAV\rsmgr.dll |$Beijing Rising Information Technology Corporation Limited | 2014-4-17 20:7:23
    C:\Program Files\Rising\RAV\wbprotect.dll |$Beijing Rising Information Technology Corporation Limited | 2014-2-27 17:52:42
    C:\Documents and Settings\All Users\Application Data\zhezi\bin2\h\ximvdemx.dll |$北京精益求德科技有限公司 | 2014-7-10 8:5:18
    C:\Program Files\Rising\RAV\ravscrch.dll |$Beijing Rising Information Technology Corporation Limited | 2014-5-26 14:59:59
    C:\Program Files\广告神盾\0707150103\adhkdll.dll |$Guangzhou Feiwu Network Science and Technology Co., Ltd. | 2014-5-22 20:31:42
    C:\WINDOWS\system32\Macromed\Flash\Flash32_14_0_0_145.ocx |$Adobe Systems Incorporated | 2014-7-9 8:2:30
O2 - IeAddOn(360sdbho Class) - {0F4BF955-A127-41B7-A998-369904AA2578}
   = D:\Program Files\360\360sd\360sdbho.dll |$Qihoo 360 Software (Beijing) Company Limited | 2014-2-20 18:29:58
O2 - IeAddOn(广告神盾IE插件) - {5AC58093-0F4D-4D65-A40B-007DDD7A79CF}
   = C:\Program Files\广告神盾\0707150103\ieplugin32.dll |$Guangzhou Feiwu Network Science and Technology Co., Ltd. | 2014-5-22 20:32:0
O2 - IeAddOn(SafeMon Class) - {B69F34DD-F0F9-42DC-9EDD-957187DA688D}
   = C:\Program Files\360\360Safe\safemon\safemon.dll |$Qihoo 360 Software (Beijing) Company Limited | 2014-5-13 17:24:40
O2 - IeAddOn(搜狗输入法地址栏搜索) - {0C3ED74B-8703-4003-A1F4-2B2A0C450DD2}
   = C:\Program Files\SogouInput\Components\AddressSearch\OmniAddr\OmniAddr.dll |$Sogou.com | 2014-5-14 8:29:47
O2 - IeAddOn(360sdbho Class) - {0F4BF955-A127-41B7-A998-369904AA2578}
   = D:\Program Files\360\360sd\360sdbho.dll |$Qihoo 360 Software (Beijing) Company Limited | 2014-2-20 18:29:58
O2 - IeAddOn(广告神盾IE插件) - {5AC58093-0F4D-4D65-A40B-007DDD7A79CF}
   = C:\Program Files\广告神盾\0707150103\ieplugin32.dll |$Guangzhou Feiwu Network Science and Technology Co., Ltd. | 2014-5-22 20:32:0
O2 - IeAddOn(360SafeLive) - {87515F61-A66C-4319-A0E0-D416CB8059E3}
   = C:\Program Files\360\360Safe\Safelive.dll |$Qihoo 360 Software (Beijing) Company Limited | 2014-5-5 18:46:50
O2 - IeAddOn(SetupCtrl Class) - {8C891026-0BE9-434E-B807-118E6E5EA3B6}
   = C:\WINDOWS\Downloaded Program Files\276828\BaiduSetupAx_0.dll |$Baidu (China) Co., Ltd. | 2012-12-26 15:34:22
O2 - IeAddOn(SafeMon Class) - {B69F34DD-F0F9-42DC-9EDD-957187DA688D}
   = C:\Program Files\360\360Safe\safemon\safemon.dll |$Qihoo 360 Software (Beijing) Company Limited | 2014-5-13 17:24:40
O2 - IeAddOn(BDBProtocolHelperImpl Class) - {E1819698-0CD0-435C-AE0D-F288924C40A1}
   = C:\Program Files\baidu\BaiduPlayer\3.9.3.12\bdbph.dll |$Baidu (China) Co., Ltd. | 2014-6-13 15:36:28
O4 - HKCU\..\run: [360sd] "D:\Program Files\360\360sd\360sd.exe" /autorun
O4 - HKCU\..\run: [XCFaXian] "C:\Program Files\XCFaXian\XCFaXian.exe" /A
O4 - HKLM\..\run: [360Safetray] "C:\Program Files\360\360Safe\safemon\360Tray.exe" /start
O4 - HKLM\..\run: [RavTRAY] "C:\Program Files\Rising\RAV\RSTRAY.EXE" -system
O4 - HKLM\..\run: [ADSD0707150103] "C:\Program Files\广告神盾\0707150103\ADShendun32.exe" tray
O4 - HKLM\..\run: [yyfm0529_2014071008] "C:\Program Files\yyfm0529\2014071008\yymusic05.exe" -mini
O4 - HKLM\..\run: [yyfm0529_News_2014071008] "C:\Program Files\yyfm0529\2014071008\YFMSever.exe" -mini
O4 - HKLM\..\run: [nlcal] C:\Documents and Settings\Administrator\Application Data\nlcal\nlcal.exe /start
O4 - HKLM\..\run: [BaiduAnTray] "C:\Program Files\Baidu\BaiduAn\2.1.0.1214\BaiduAnTray.exe" -stmd=3
BaiduBrowserUpdater.job -> C:\Program Files\Baidu\BaiduBrowser\bdupdate.exe --check --type=auto --fromautorun
游戏盒子版本号更新检測.job -> C:\Documents and Settings\All Users\Application Data\GBX2014710\GameBox.exe /check_update
O10 - LSP: npzz over [MSAFD Tcpip [TCP/IP]] = C:\Documents and Settings\All Users\Application Data\zhezi\bin2\h\ximvdemx.dll |$北京精益求德科技有限公司 | 2014-7-10 8:5:18
O10 - LSP: npzz over [MSAFD Tcpip [UDP/IP]] = C:\Documents and Settings\All Users\Application Data\zhezi\bin2\h\ximvdemx.dll |$北京精益求德科技有限公司 | 2014-7-10 8:5:18
O10 - LSP: npzz = C:\Documents and Settings\All Users\Application Data\zhezi\bin2\h\ximvdemx.dll |$北京精益求德科技有限公司 | 2014-7-10 8:5:18
O23 - 服务: 360AntiHacker (360Safe Anti Hacker Service) - System32\Drivers\360AntiHacker.sys |$Qihoo 360 Software (Beijing) Company Limited | 2014-4-18 16:7:8(系统)
O23 - 服务: 360AvFlt (360AvFlt mini-filter driver) - system32\DRIVERS\360AvFlt.sys |$Qihoo 360 Software (Beijing) Company Limited | 2014-2-26 11:29:55(手动)
O23 - 服务: 360Box (360Box mini-filter driver) - system32\DRIVERS\360Box.sys |$Qihoo 360 Software (Beijing) Company Limited | 2014-5-27 17:3:12(系统)
O23 - 服务: 360Camera (360Safe Camera Filter Service) - System32\Drivers\360Camera.sys |$Qihoo 360 Software (Beijing) Company Limited | 2014-4-18 16:30:26(手动)
O23 - 服务: 360netmon (360netmon) - C:\WINDOWS\system32\drivers\360netmon.sys |$Qihoo 360 Software (Beijing) Company Limited | 2014-2-27 11:1:50(系统)
O23 - 服务: 360qpesv (360qpesv driver) - C:\WINDOWS\system32\drivers\360qpesv.sys |$Qihoo 360 Software (Beijing) Company Limited | 2014-6-29 20:27:0(系统)
O23 - 服务: 360rp (360 杀毒实时防护载入服务) - "D:\Program Files\360\360sd\360rps.exe" |$Qihoo 360 Software (Beijing) Company Limited | 2014-2-24 10:40:33(自己主动)
O23 - 服务: 360SelfProtection (360SelfProtection) - system32\drivers\360SelfProtection.sys |$Qihoo 360 Software (Beijing) Company Limited | 2014-4-21 21:17:58(系统)
O23 - 服务: BAPIDRV (BAPIDRV) - system32\DRIVERS\BAPIDRV.sys |$Qihoo 360 Software (Beijing) Company Limited | 2014-4-18 15:33:16(系统)
O23 - 服务: bd0001 (bd0001) - system32\DRIVERS\bd0001.sys |$Beijing baidu Netcom science and technology co.ltd | 2014-6-13 16:38:54(系统)
O23 - 服务: bd0002 (bd0002) - system32\DRIVERS\bd0002.sys |$Beijing baidu Netcom science and technology co.ltd | 2014-3-11 17:36:8(系统)
O23 - 服务: bd0004 (bd0004) - system32\DRIVERS\bd0004.sys |$Beijing baidu Netcom science and technology co.ltd | 2014-7-2 7:58:15(系统)
O23 - 服务: BDArKit (BDArKit) - system32\DRIVERS\BDArKit.sys |$Beijing baidu Netcom science and technology co.ltd | 2014-7-2 8:3:11(手动)
O23 - 服务: BDMNetMon (BDMNetMon) - system32\DRIVERS\BDMNetMon.sys |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:21(自己主动)
O23 - 服务: BDMRTP (BDMRTP Service) - "C:\Program Files\Baidu\BaiduAn\2.1.0.1214\baiduanSvc.exe" -r |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:16(自己主动)
O23 - 服务: BDMWrench (BDMWrench) - system32\DRIVERS\BDMWrench.sys |$Beijing baidu Netcom science and technology co.ltd | 2014-7-8 14:26:44(系统)
O23 - 服务: BDSGRTP (BDSGRTP Service) - "C:\Program Files\Common Files\Baidu\BaiduProtect\1.2.0.47\BaiduProtect.exe" -r |$X(自己主动)
O23 - 服务: DsArk (DsArk) - C:\WINDOWS\system32\drivers\DsArk.sys |$Qihoo 360 Software (Beijing) Company Limited | 2013-11-2 13:26:35(引导)
O23 - 服务: EfiMon (EfiSystemMon) - System32\Drivers\Efimon.sys |$Qihoo 360 Software (Beijing) Company Limited | 2014-4-21 18:45:8(系统)
O23 - 服务: HookPort (HookPort) - System32\Drivers\Hookport.sys |$Qihoo 360 Software (Beijing) Company Limited | 2014-4-21 21:22:20(引导)
O23 - 服务: HyperVM (HyperVM) - C:\WINDOWS\system32\drivers\hvm.sys |$Beijing Rising Information Technology Corporation Limited | 2013-11-17 22:15:3(系统)
O23 - 服务: kguard (kguard) - system32\DRIVERS\kguard.sys |$Beijing Rising Information Technology Corporation Limited | 2014-5-15 14:57:43(系统)
O23 - 服务: lsservice (lsservice) - C:\Program Files\XCFaXian\lssvr.exe |$北京趣找电子商务有限公司 | 2014-6-26 14:5:28(自己主动)
O23 - 服务: QQProtect (QQProtect) - C:\WINDOWS\system32\drivers\QQProtect.sys |$Tencent Technology(Shenzhen) Company Limited | 2014-5-8 17:32:44(系统)
O23 - 服务: qutmdserv (Quantum DeepScanner Servers) - system32\DRIVERS\qutmdrv.sys |$Qihoo 360 Software (Beijing) Company Limited | 2014-6-20 15:10:30(系统)
O23 - 服务: qutmipc (qutmipc) - C:\WINDOWS\system32\drivers\qutmipc.sys |$Qihoo 360 Software (Beijing) Company Limited | 2014-5-14 10:46:24(系统)
O23 - 服务: rsdsys (rsd protect) - C:\WINDOWS\system32\drivers\protreg.sys |$Beijing Rising Information Technology Corporation Limited | 2014-5-28 15:23:55(自己主动)
O23 - 服务: RsMgrSvc (Rsd Service) - "C:\Program Files\Rising\RSD\RsMgrSvc.exe" |$Beijing Rising Information Technology Corporation Limited | 2013-11-17 22:14:37(自己主动)
O23 - 服务: RsRavMon (Rav Service) - "C:\Program Files\Rising\RAV\ravmond.exe" |$Beijing Rising Information Technology Corporation Limited | 2014-5-15 14:57:11(自己主动)
O23 - 服务: rsutils (rsutils) - system32\DRIVERS\rsutils.sys |$Beijing Rising Information Technology Corporation Limited | 2013-11-27 8:0:20(系统)
O23 - 服务: stickynotes (stickynotes service) - "C:\Program Files\stickynotes\stickynotes.exe" -srv |$Beijing Panshi Yongye Investment Co.,Ltd. | 2014-7-4 14:41:8(自己主动)
O23 - 服务: sysmon (sysmon) - system32\DRIVERS\sysmon.sys |$Beijing Rising Information Technology Corporation Limited | 2014-6-23 14:53:54(引导)
O23 - 服务: ZheziSrv (Zhezi Service) - "C:\Program Files\zhezi\app\zhezi\ZheziServiceMgr.exe" /asservice |$北京精益求德科技有限公司 | 2014-7-4 18:4:12(手动)
O23 - 服务: ZhuDongFangYu (主动防御) - "C:\Program Files\360\360Safe\deepscan\zhudongfangyu.exe" |$Qihoo 360 Software (Beijing) Company Limited | 2014-5-27 22:0:44(自己主动)

O29 - HKCU-Start Page = http://www.hao123.com/?

tn=98868055_hao_pg
O29 - HKCU-Search Page =

src=lm&ls=n290987998a" target="_blank">http://www.3600.com/?

src=lm&ls=n290987998a
O29 - HKCU-Default_Page_URL = http://www.3600.com/?

src=lm&ls=n290987998a
O29 - HKLM-Start Page =

1004" target="_blank">http://hao.360.cn/?1004
O29 - HKUS-Start Page =

tn=94104199_hao_pg" target="_blank">http://www.hao123.com/?tn=94104199_hao_pg
O34 - StartMenuInternet [2345Explorer.exe] = "C:\Program Files\2345Explorer\2345Explorer.exe" |$X
O34 - StartMenuInternet [360SE.exe] = C:\Program Files\360\360se\360SE.exe |$360.cn | 2013-1-4 14:36:5
O34 - StartMenuInternet [BaiduBrowser.EXE] = "C:\Program Files\Baidu\BaiduBrowser\BaiduBrowser.exe" |$X
C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch
2345智能浏览器.lnk -> C:\Program Files\2345Explorer\2345Explorer.exe

tn=98868055_hao_pg" target="_blank">http://www.hao123.com/?tn=98868055_hao_pg
360安全卫士.lnk -> C:\Program Files\360\360Safe\360Safe.exe
hao123_网址导航_Internet.lnk ->

tn=90618383_hao_pg" target="_blank">http://www.hao123.com/?tn=90618383_hao_pg
Inteent Exploror.lnk -> http://www.hao123.com/?

tn=98868055_hao_pg
Intronnt HaoDao.lnk -> http://www.hao123.com/?tn=98868055_hao_pg
lentent Epxlroer.lnk -> http://www.3600.com/?

src=lm&ls=n525187378f
    今日黄历.lnk -> C:\Documents and Settings\Administrator\Application Data\nlcal\nlcal.exe
    折子购物.lnk -> C:\Program Files\zhezi\app\zhezi\zhezi.exe
    极速抢票入口.lnk -> http://www.hao123.com/?tn=93947501_hao_pg
    爱淘宝.lnk -> http://t.cn/Rv8Fg27
C:\Documents and Settings\Administrator\桌面
    hao123_网址导航_Internet.lnk -> http://www.hao123.com/?tn=90618383_hao_pg
    Internet   Explorer.lnk -> http://www.hao123.com/?tn=97883556_hao_pg
    Internet Explorer.lnk -> http://www.hao123.com/?tn=97883556_hao_pg
    安全上网必备.lnk ->

src=lm&ls=n799d887988" target="_blank">http://www.3600.com/?

src=lm&ls=n799d887988
极速抢票入口.lnk ->

src=lm&ls=n7141871b8c" target="_blank">http://www.3600.com/?

src=lm&ls=n7141871b8c
淘宝.lnk ->

pid=mm_43853062_4068309_23360394" target="_blank">http://ai.taobao.com/?pid=mm_43853062_4068309_23360394
C:\Documents and Settings\All Users\「開始」菜单
    lentent Epxlroer.lnk -> http://www.3600.com/?src=lm&ls=n525187378f
    爱淘宝.lnk -> http://t.cn/Rv8Fg27
C:\Documents and Settings\All Users\桌面
    Apabi Reader 4.5.lnk -> C:\Program Files\Founder\Apabi Reader 4.0\ApaReader.exe
    Inteent Exploror.lnk -> http://www.hao123.com/?tn=98868055_hao_pg
    Intronnt HaoDao.lnk -> http://www.hao123.com/?tn=98868055_hao_pg
    lentent Epxlroer.lnk -> http://www.3600.com/?

src=lm&ls=n525187378f
.htm - "C:\Program Files\360\360se\360SE.exe" "%1"
.html - "C:\Program Files\360\360se\360SE.exe" "%1"

先把百度卫士、百度浏览器、zhezi卸载了。

打开任务管理器，终止进程：

C:\Program Files\XCFaXian\lssvr.exe
C:\Program Files\yyfm0529\2014071008\yymusic05.exe
C:\Program Files\XCFaXian\XCFaXian.exe
C:\Documents and Settings\Administrator\Application Data\nlcal\nlcal.exe
C:\Documents and Settings\Administrator\Application Data\nlcal\nlcalQuick.exe
C:\Program Files\XCFaXian\XCFaXian.exe

停止并禁用服务：

O23 - 服务: SuperApps (SuperApps service) - C:\WINDOWS\system32\svchost.exe -k SuperApps |$M$ | 2008-6-2 8:0:0(自己主动)

删除启动项：
O4 - HKCU\..\run: [XCFaXian] "C:\Program Files\XCFaXian\XCFaXian.exe" /A
O4 - HKLM\..\run: [yyfm0529_2014071008] "C:\Program Files\yyfm0529\2014071008\yymusic05.exe" -mini
O4 - HKLM\..\run: [yyfm0529_News_2014071008] "C:\Program Files\yyfm0529\2014071008\YFMSever.exe" -mini
O4 - HKLM\..\run: [nlcal] C:\Documents and Settings\Administrator\Application Data\nlcal\nlcal.exe /start

瑞星集成了系统优化功能，会检測并列出一些能够优化的项目，但不能对未检測出的项目进行操作。

比方O23 - 服务: SuperApps，瑞星没列出来，用windows系统自带的服务管理器无法禁用，用360卫士则能够禁用。

然后清理这些恶意广告图标及開始菜单项，重新启动电脑，最终正常了。

附部分文件信息：

文件说明符 : C:\Program Files\yyfm0529\2014071008\YFMSever.exe
属性 : A---
数字签名:GuangxiNanningshi Shengjuguangzaixian Info Tech Co.,LTD.
PE文件:是
语言 : 中文(中国)
文件版本号 : 20.20.20.20
说明 : 音乐软件相关
版权 : 2014年编译
产品版本号 : 20.20.20.20
产品名称 : 音乐软件相关
公司名称 : 音乐软件相关
合法商标 :
内部名称 :
源文件名称 :
创建时间 : 2014-6-6 1:53:56
改动时间 : 2014-6-6 1:53:56
大小 : 706192 字节 689.656 KB
MD5 : cc479a63384549b4727c5c261f86592a
SHA1: A3E0F2BC4C631170ED7A7E2793A3925E2F5E7320
CRC32: e0fbc0e7

文件说明符 : C:\Program Files\yyfm0529\2014071008\yymusic05.exe
属性 : A---
数字签名:GuangxiNanningshi Shengjuguangzaixian Info Tech Co.,LTD.
PE文件:是
语言 : 中文(中国)
文件版本号 : 1.14.529.1
说明 : 音乐FM
版权 : Copyright (C) 2014
产品版本号 : 1.14.529.1
产品名称 : 音乐FM
公司名称 : 音乐FM
内部名称 : MusicPla.exe
源文件名称 : MusicPla.exe
创建时间 : 2014-6-6 1:53:58
改动时间 : 2014-6-6 1:53:58
大小 : 1979536 字节 1.909 MB
MD5 : eceba96738a53afb5284ca33b049d998
SHA1: 5965CA90BAB852CF6CF03E46AB1E2CBB8743EAA0
CRC32: 3ef1ef4c

文件说明符 : C:\Documents and Settings\All Users\Application Data\GBX2014710\GameBox.exe
属性 : A---
数字签名:否
PE文件:是
语言 : 中文(中国)
文件版本号 : 1.1.14.6150
说明 : GameBox
版权 : 版权全部 (C) 2013
产品版本号 : 1.1.14.6150
产品名称 : GameBox
内部名称 : GameBox
源文件名称 : GameBox.exe
创建时间 : 2014-7-1 8:5:7
改动时间 : 2014-6-15 15:33:58
大小 : 477696 字节 466.512 KB
MD5 : 989d10106b1fd621936bde8b5160014c
SHA1: 363F54892C37D51BEA1026CD68917234409D6C73
CRC32: c042d084

文件说明符 : C:\Documents and Settings\Administrator\Application Data\nlcal\nlcal.exe
属性 : A---
数字签名:深圳亿纬科技有限公司
PE文件:是
语言 : 中文(中国)
文件版本号 : 1, 0, 0, 7
说明 : 今日黄历应用程序
版权 : 版权全部 (C) 2014
产品版本号 : 1, 0, 0, 7
产品名称 : nlcal 应用程序
内部名称 : nlcal
源文件名称 : nlcal.exe
创建时间 : 2014-7-10 8:4:58
改动时间 : 2014-7-10 8:4:58
大小 : 260208 字节 254.112 KB
MD5 : e9a0e8307595d972715cff739506ea2d
SHA1: 6A54F039EED7A98AB0BB70A58F789ED75334FF1C
CRC32: a4792813

文件说明符 : C:\Program Files\XCFaXian\lssvr.exe
属性 : A---
数字签名:北京趣找电子商务有限公司
PE文件:是
获取文件版本号信息大小失败!
创建时间 : 2014-6-26 14:5:28
改动时间 : 2014-6-26 14:5:28
大小 : 766592 字节 748.640 KB
MD5 : 510ecaf617b6c71c14d9acec12007b6f
SHA1: 3EA45B408D2AE48293CB73E6D7AD45000EFFB4E8
CRC32: 61917e7f

瑞星杀毒软件、奇虎360杀毒软件、360卫士、百度卫士联手，搞不定弹出广告 & 恶意广告图标的更多相关文章

奇虎360诉腾讯QQ垄断案之我见（3Q大战之我见）
这两款软件我都在用,要说时间最长感情最深的应该是腾讯QQ,1999年诞生的那年就在用QQ了! 不过感情归感情,个人看法归个人看法,不能用感情来判断. 正所谓外行看热闹,内行看门道.从事实上讲在使用这两 ...
每天200亿次查询 – MongoDB在奇虎360【转】
100多个应用,1,500多个实例,每天200亿次查询奇虎是中国最大的安卓移动发布平台.奇虎也是中国最顶尖的病毒软件防护公司,同时为网络以及移动平台提供产品.自从2011年成为MongoDB的用户之 ...
奇虎360选择IPO　“壳概念”很受伤
黄一帆 “市场正呈现出为一幕经典影像:在绚丽的霞光笼罩下,蔚蓝色的大海边,在金色的海岸上,欢笑的孩子们踮起脚尖,刚好看见原来海平面露出的航船桅杆——那是缓缓驶来的注册制号:而转过头来,则是沙滩上大 ...
IIS中报错弹出调试，系统日志-错误应用程序名称: w3wp.exe，版本: 8.5.9600.16384，时间戳: 0x5215df96（360主机卫士）
偶遇一次特殊情况,在使用Web系统导入数据模版(excel)时,服务端IIS会报错并弹出调试框,然后整个网站都处于卡死的debug状态,如果点否不进行调试,则IIS会中断调试,Web系统继续执行,运行 ...
Jquery--仿制360右下角弹出窗口
原文:Jquery--仿制360右下角弹出窗口先发浏览器效果图,给大家看. 要实现这样的效果,按照思路,第一步,写好CSS布局,将图片放到浏览器右下角的位置 CSS代码很灵活,我写的只是简单的一种而 ...
BAT小米奇虎美团迅雷携程等等各大企业校招，笔试面试题。
类似在线测试的方式展示题目. 历年在线笔试试卷: 百度 http://www.nowcoder.com/paper/search?query=%E7%99%BE%E5%BA%A6 腾讯http:// ...
python3.7--pycharm selenium自启360浏览器/360极速浏览器方法
写于:2019.01.02(实测日) 参考文档:https://blog.csdn.net/five3/article/details/50013159 一.下载360浏览器或360极速浏览器的Chr ...
Android 手机卫士--弹出对话框
在<Android 手机卫士--解析json与消息机制发送不同类型消息>一文中,消息机制发送不同类型的信息还没有完全实现,在出现异常的时候,应该弹出吐司提示异常,代码如下: private ...
【全网免费VIP观看】哔哩哔哩番剧解锁大会员-集合了优酷-爱奇艺-腾讯-芒果-乐视-ab站等全网vip视频免费破解去广告-高清普清电视观看-持续更新
哔哩哔哩番剧解锁大会员-集合了优酷-爱奇艺-腾讯-芒果-乐视-ab站等全网vip视频免费破解去广告-高清普清电视观看-持续更新前言突然想看电视,结果没有VIP 又不想花钱,这免费的不久来啦. 示 ...

随机推荐

Unity 通过NGUI 完成单摄像机制作地图
本次思想主要是通过 Ngui的Scroll View 主要是UIPanel的Clipping属性的Alipha Clip 调节窗口大小,遮蔽地图试地图实现在屏幕的部分显示.此方法的好处是不用担心sha ...
跳出for循环
如下面,有两个循环,break只能退出一个for循环,不能直接跳过第二个for循环 for (Type type : types) { for (Type t : types2) { if (some ...
iOS 支持arm_64 和 x86_64 的OpenSSL 静态库(libcrypto.a, libssl.a)
下载链接
centos6安装PHP5.4
安装的命令行很简单 sudo yum --enablerepo=remi install php 不过如果你没有配置源Repository,就需要首先启动REMI源: wget http://rpms ...
codeforcese 498C. Array and Operations 网络流
题目链接给n个数, m个数对, 每个数对是两个下标加起来为奇数的两个数.每次操作可以使一个数对中的两个数同时除某个数, 除的这个数是这两个数的任意约数, 问这种操作最多可以做几次.n<100, ...
github桌面软件使用教程
github桌面软件使用教程首先要先安装桌面版官网,或者百度搜github windows下载即可可以再github网站上直接点击,把代码添加的桌面软件中也可以再左上角添加项目,比如actu ...
JVM典型配置
堆大小设置: JVM中最大堆大小有三方面限制:相关操作系统的数据模型(32-bt还是64-bit)限制:系统的可用虚拟内存限制:系统的可用物理内存限制.32位系统下,一般限制在1.5G~2G:64为 ...
Windows10 上运行Ubuntu Bash
Windows10 上运行Ubuntu Bash 2016年4月6日,Windows 10 Insider Preview 发布的版本 14316,添加了Ubuntu Bash,在Windows上提供 ...
Qt 设置背景图片3种方法（QPalette可以做无数的事情，一旦控件指定了调色板，就要乖乖听它的话；QPainter当场绘制当然也没有问题，还有就是QSS）
方法1. setStylSheet{"QDialog{background-image:url()"}} //使用styleSheet 这种方法的好处是继承它的dialog都会自 ...
web应用中Spring ApplicationContext的动态更新
在web应用中时常需要修改配置,并动态的重新加载ApplicationContext.比如,设置和切换数据库.以下给出一个方法,并通过代码验证可行性. 方法的基本思路是,为WebApplication ...

瑞星杀毒软件、奇虎360杀毒软件、360卫士、百度卫士联手，搞不定弹出广告 &amp; 恶意广告图标

瑞星杀毒软件、奇虎360杀毒软件、360卫士、百度卫士联手，搞不定弹出广告 &amp; 恶意广告图标的更多相关文章

随机推荐

热门专题

瑞星杀毒软件、奇虎360杀毒软件、360卫士、百度卫士联手，搞不定弹出广告 & 恶意广告图标

瑞星杀毒软件、奇虎360杀毒软件、360卫士、百度卫士联手，搞不定弹出广告 & 恶意广告图标的更多相关文章