zoukankan      html  css  js  c++  java
  • 瑞星杀毒软件、奇虎360杀毒软件、360卫士、百度卫士联手,搞不定弹出广告 & 恶意广告图标

      一位网友说他的电脑近期出了问题:开机后桌面和任务栏上的高速启动栏会出现恶意图标。删除了下次开机又会出现;使用电脑过程中每分钟都会弹出广告。他为电脑安装了瑞星杀毒软件、奇虎360杀毒软件、360卫士、百度卫士。以及广告神盾,都不能解决这个问题。如今电脑开机时须要几分钟才干进入桌面。请求帮忙。


      这些恶意广告图标pe_xscan扫描log中的相关项目:

     

    hao123_网址导航_Internet.lnk -> http://www.hao123.com/?tn=90618383_hao_pg
    Inteent Exploror.lnk -> http://www.hao123.com/?tn=98868055_hao_pg
    Intronnt HaoDao.lnk -> http://www.hao123.com/?tn=98868055_hao_pg
    lentent Epxlroer.lnk -> http://www.3600.com/?src=lm&ls=n525187378f
    今日黄历.lnk -> C:Documents and SettingsAdministratorApplication Data lcal lcal.exe
    折子购物.lnk -> C:Program Fileszheziappzhezizhezi.exe
    极速抢票入口.lnk ->
    http://www.hao123.com/?tn=93947501_hao_pg
    爱淘宝.lnk -> http://t.cn/Rv8Fg27

     

     在QQ上远程协助,依次用奇虎360杀毒软件、360卫士、瑞星杀毒软件、百度卫士进行扫描查杀,确认桌面和任务栏上的高速启动栏会出现恶意广告图标都删除了。

     

    然后重新启动电脑一看,这些图标又出来了。

      用pe_xscan扫描log并分析:

    pe_xscan 11-03-17 by Purple Endurer
    2014-7-10 9:27:11
    Windows XP Service Pack 3(5.1.2600)
    MSIE:8.0.6001.18702
    管理员用户组
    正常模式
    [System Process] * 0 |$X
        C:Program FilesRisingRAV smgr.dll |$Beijing Rising Information Technology Corporation Limited | 2014-4-17 20:7:23
        C:Program FilesRisingRAVwbprotect.dll |$Beijing Rising Information Technology Corporation Limited | 2014-2-27 17:52:42
        C:Program Files广告神盾707150103adhkdll.dll |$Guangzhou Feiwu Network Science and Technology Co., Ltd. | 2014-5-22 20:31:42
    C:Program FilesaiduBaiduAn2.1.0.1214BaiduAnSvc.exe * 1200 |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:16
        C:Program FilesBaiduBaiduAn2.1.0.1214BDLogicUtils.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:17
        C:Program FilesBaiduBaiduAn2.1.0.1214BDMSkin.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:17
        C:Program FilesBaiduBaiduAn2.1.0.1214dmantivirusBDMAVEng.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:16
        C:Program FilesBaiduBaiduAn2.1.0.1214BDMReport.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:17
        C:Program FilesBaiduBaiduAn2.1.0.1214dmantivirusduf.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:16
        C:Program FilesBaiduBaiduAn2.1.0.1214BDMNet.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:17
        C:Program FilesBaiduBaiduAn2.1.0.1214pluginsRTPPluginsBDMSOAccServicePlugin.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:15
        C:Program FilesBaiduBaiduAn2.1.0.1214FTSOManagerBDMProcessRunningTime.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:15
        C:Program FilesBaiduBaiduAn2.1.0.1214pluginsRTPPluginsHIPS.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-7-2 8:3:11
        C:Program FilesBaiduBaiduAn2.1.0.1214DriverManager.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:17
        C:Program FilesBaiduBaiduAn2.1.0.1214ad.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-7-2 8:3:9
        C:Program FilesBaiduBaiduAn2.1.0.1214dmantivirusBDKitUtils.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:16
        C:Program FilesBaiduBaiduAn2.1.0.1214dmantivirusTrustAndIso.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:16
        C:Documents and SettingsAll UsersApplication Datazheziin2hximvdemx.dll |$北京精益求德科技有限公司 | 2014-7-10 8:5:18
    C:WINDOWSsystem32svchost.exe * 1232 |$M$ | 2008-6-2 8:0:0
        C:Documents and SettingsAll UsersApplication Datazheziin2hximvdemx.dll |$北京精益求德科技有限公司 | 2014-7-10 8:5:18
    C:Program FilesRisingRSDRsMgrSvc.exe * 1476 |$Beijing Rising Information Technology Corporation Limited | 2013-11-17 22:14:37
        C:Program FilesRisingRSDcomx3.dll |$Beijing Rising Information Technology Corporation Limited | 2013-11-17 22:14:37
        C:Program FilesRisingRSDSyslay.dll |$Beijing Rising Information Technology Corporation Limited | 2013-11-17 22:14:37
    C:Program FilesRisingRAV avmond.exe * 1492 |$Beijing Rising Information Technology Corporation Limited | 2014-5-15 14:57:11
    C:WINDOWSsystem32svchost.exe * 1528 |$M$ | 2008-6-2 8:0:0
        C:Documents and SettingsAll UsersApplication Datazheziin2hximvdemx.dll |$北京精益求德科技有限公司 | 2014-7-10 8:5:18
        C:Program FilesRisingRAV avscrch.dll |$Beijing Rising Information Technology Corporation Limited | 2014-5-26 14:59:59
    C:WINDOWSsystem32svchost.exe * 1664 |$M$ | 2008-6-2 8:0:0
        C:Documents and SettingsAll UsersApplication Datazheziin2hximvdemx.dll |$北京精益求德科技有限公司 | 2014-7-10 8:5:18
    C:WINDOWSsystem32svchost.exe * 1736 |$M$ | 2008-6-2 8:0:0
        C:Documents and SettingsAll UsersApplication Datazheziin2hximvdemx.dll |$北京精益求德科技有限公司 | 2014-7-10 8:5:18
    C:Program Filesstickynotesstickynotes.exe * 1776 |$Beijing Panshi Yongye Investment Co.,Ltd. | 2014-7-4 14:41:8
        C:Program Filesstickynotesstickynotes.dll |$Beijing Panshi Yongye Investment Co.,Ltd. | 2014-7-4 14:41:10
    C:Program Files360360SafedeepscanhuDongFangYu.exe * 1848 |$Qihoo 360 Software (Beijing) Company Limited | 2014-5-27 22:0:44
        C:Program Files360360Safe360base.dll |$Qihoo 360 Software (Beijing) Company Limited | 2014-4-22 11:48:30
        C:Program Files360360Safe360util.dll |$Qihoo 360 Software (Beijing) Company Limited | 2014-6-18 12:6:38
        C:Program Files360360Safe360conf.dll |$Qihoo 360 Software (Beijing) Company Limited | 2014-4-22 11:48:38
        C:Program Files360360Safedeepscancloudcom2.dll |$Qihoo 360 Software (Beijing) Company Limited | 2014-6-26 15:30:12
        C:Program Files360360Safe360leakfixplugin.dll |$Qihoo 360 Software (Beijing) Company Limited | 2014-4-22 11:51:0
        C:Program Files360360SafeSoftMgr360SoftMgrS.dll |$Qihoo 360 Software (Beijing) Company Limited | 2014-4-15 9:25:38
        C:Program Files360360Safe360NetBase.dll |$Qihoo 360 Software (Beijing) Company Limited | 2014-5-28 18:22:42
        C:Program Files360360Safedeepscanheavygate.dll |$Qihoo 360 Software (Beijing) Company Limited | 2014-4-22 11:50:6
        C:Program Files360360Safedeepscanqutmload.dll |$Qihoo 360 Software (Beijing) Company Limited | 2014-5-6 14:22:12
        C:Program Files360360Safedeepscanapi.dll |$Qihoo 360 Software (Beijing) Company Limited | 2014-4-16 19:23:34
        C:Program Files360360SafeSoftMgr360OptExt.dll |$Qihoo 360 Software (Beijing) Company Limited | 2014-4-24 10:58:46
        C:Program Files360360SafesweeperCleanSoft.dll |$Qihoo 360 Software (Beijing) Company Limited | 2014-6-25 16:27:44
        C:Program Files360360SafesweeperCleanSoftEng.dll |$Qihoo 360 Software (Beijing) Company Limited | 2014-6-12 12:50:50
    C:WINDOWSsystem32spoolsv.exe * 264 |$M$ | 2011-6-15 17:8:54
        C:Documents and SettingsAll UsersApplication Datazheziin2hximvdemx.dll |$北京精益求德科技有限公司 | 2014-7-10 8:5:18
    C:WINDOWSexplorer.exe * 1836 |$M$ | 2008-6-2 8:0:0
        D:Program Files360360sdShellIco.dll |$Qihoo 360 Software (Beijing) Company Limited | 2014-2-20 20:7:5
        C:Program Files360360Safesafemon360UDiskGuard.dll |$Qihoo 360 Software (Beijing) Company Limited | 2014-5-6 10:53:58
        C:Program FilesRisingRAV smgr.dll |$Beijing Rising Information Technology Corporation Limited | 2014-4-17 20:7:23
        C:Program FilesRisingRAVwbshld.dll |$Beijing Rising Information Technology Corporation Limited | 2014-5-30 15:7:51
        C:Program FilesRisingRAVwbprotect.dll |$Beijing Rising Information Technology Corporation Limited | 2014-2-27 17:52:42
        C:Program Files360360SafeSoftMgrSMLSMLLauncher.dll |$Qihoo 360 Software (Beijing) Company Limited | 2014-4-17 18:34:36
        C:Program Files360360Safe360Base.dll |$Qihoo 360 Software (Beijing) Company Limited | 2014-4-22 11:48:30
        C:Program Files360360Safesafemonsafemon.dll |$Qihoo 360 Software (Beijing) Company Limited | 2014-5-13 17:24:40
        C:Program Files360360SafesafemonSafehmpg.dll |$Qihoo 360 Software (Beijing) Company Limited | 2014-4-17 14:51:8
        C:Program Files360360SafesafemoniNetSafe.dll |$Qihoo 360 Software (Beijing) Company Limited | 2014-5-6 12:18:52
        C:Program Files360360Safesafemonwdexhelper.dll |$Qihoo 360 Software (Beijing) Company Limited | 2014-4-17 16:23:14
        C:Program FilesWinRAR arext.dll |$X | 2013-1-4 14:36:24| ?| ?

    | ?| ?| ?| ?| ?| ?| ?


        d:Program Files360360sdMenuEx.dll |$Qihoo 360 Software (Beijing) Company Limited | 2014-2-20 20:7:19
        C:Program Files360360SafeUtilsshell360ext.dll |$Qihoo 360 Software (Beijing) Company Limited | 2014-5-9 18:20:6
        C:WINDOWSsystem32 avext.dll |$Beijing Rising Information Technology Corporation Limited | 2014-1-5 9:4:41
        C:WINDOWSWinSxSx86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fdATL80.DLL |$X | 2012-8-17 16:27:58 | Microsoft? Visual Studio?

    2005 | 8.00.50727.4053 | ATL Module for Windows (Unicode) | ? Microsoft Corporation.  All rights reserved. | 8.00.50727.4053 | Microsoft Corporation| ? | ATL80.DLL | ATL80.DLL
        C:Program Files广告神盾707150103adhkdll.dll |$Guangzhou Feiwu Network Science and Technology Co., Ltd. | 2014-5-22 20:31:42
        C:WINDOWSsystem32diactkf.dll |$X | 2014-7-1 8:5:3 | TK | 1.01.0006 |   | (C) Microsoft Corporation. All rights reserved. | 1.01.0006 | TK| ? | TuKu | TuKu.dll
        C:WINDOWSsystem32SGWPShe32.dll |$Sogou.com | 2014-5-26 17:7:30
        C:Program Files360360SafeSoftMgrSoftMgrExt.dll |$Qihoo 360 Software (Beijing) Company Limited | 2014-5-7 11:16:36
        C:WINDOWSsystem32shellfire.dll |$PPLive Corporation | 2014-7-2 15:29:30
        C:Documents and SettingsAdministratorApplication DataWandoujia2Applications2.67.0.4980wandoujia_shlext_dll.dll |$Wandou Technology Ltd | 2013-11-25 20:8:12
    C:Program FilesXCFaXianlssvr.exe * 2292 |$北京趣找电子商务有限公司 | 2014-6-26 14:5:28
    C:Program FilesSogouInputComponentsAddressSearchOmniAddrOmniAddrService.exe * 2500 |$Sogou.com | 2014-5-14 8:29:48
        C:Program FilesSogouInputComponentsAddressSearchOmniAddrOmniAddrService.exe |$Sogou.com | 2014-5-14 8:29:48
        C:Documents and SettingsAll UsersApplication Datazheziin2hximvdemx.dll |$北京精益求德科技有限公司 | 2014-7-10 8:5:18
    C:Program FilesRisingRAV stray.exe * 2648 |$Beijing Rising Information Technology Corporation Limited | 2014-5-15 14:57:13
    C:Program Files广告神盾707150103ADShendun32.exe * 2748 |$Guangzhou Feiwu Network Science and Technology Co., Ltd. | 2014-6-23 14:27:34
        C:Program Files广告神盾707150103ADShendun32.exe |$Guangzhou Feiwu Network Science and Technology Co., Ltd. | 2014-6-23 14:27:34
        C:Program FilesRisingRAV smgr.dll |$Beijing Rising Information Technology Corporation Limited | 2014-4-17 20:7:23
        C:Program FilesRisingRAVwbprotect.dll |$Beijing Rising Information Technology Corporation Limited | 2014-2-27 17:52:42
        C:Program FilesRisingRAV avscrch.dll |$Beijing Rising Information Technology Corporation Limited | 2014-5-26 14:59:59
        C:Documents and SettingsAll UsersApplication Datazheziin2hximvdemx.dll |$北京精益求德科技有限公司 | 2014-7-10 8:5:18
        C:Program Files广告神盾707150103adhkdll.dll |$Guangzhou Feiwu Network Science and Technology Co., Ltd. | 2014-5-22 20:31:42
    C:Program Filesyyfm05292014071008yymusic05.exe * 3272 |$GuangxiNanningshi Shengjuguangzaixian Info Tech Co.,LTD. | 2014-6-6 1:53:58
        C:Program Filesyyfm05292014071008yymusic05.exe |$GuangxiNanningshi Shengjuguangzaixian Info Tech Co.,LTD. | 2014-6-6 1:53:58
        C:Program Filesyyfm05292014071008avcore.dll |$GuangxiNanningshi Shengjuguangzaixian Info Tech Co.,LTD. | 2014-6-6 1:54:0
        C:Program Filesyyfm05292014071008audio.dll |$GuangxiNanningshi Shengjuguangzaixian Info Tech Co.,LTD. | 2014-6-6 1:54:0
        C:Program Filesyyfm05292014071008libav.dll |$GuangxiNanningshi Shengjuguangzaixian Info Tech Co.,LTD. | 2014-6-6 1:54:6
        C:Program Filesyyfm05292014071008pthreadGC2.dll |$GuangxiNanningshi Shengjuguangzaixian Info Tech Co.,LTD. | 2014-6-6 1:53:54
        C:Program Filesyyfm05292014071008swresample-0.dll |$GuangxiNanningshi Shengjuguangzaixian Info Tech Co.,LTD. | 2014-6-6 1:53:56
        C:Program Filesyyfm05292014071008avutil-52.dll |$GuangxiNanningshi Shengjuguangzaixian Info Tech Co.,LTD. | 2014-6-6 1:54:4
        C:Program Filesyyfm05292014071008avformat-54.dll |$GuangxiNanningshi Shengjuguangzaixian Info Tech Co.,LTD. | 2014-6-6 1:54:2
        C:Program Filesyyfm05292014071008avcodec-54.dll |$GuangxiNanningshi Shengjuguangzaixian Info Tech Co.,LTD. | 2014-6-6 1:54:0
        C:Program Filesyyfm05292014071008source.dll |$GuangxiNanningshi Shengjuguangzaixian Info Tech Co.,LTD. | 2014-6-6 1:53:54
        C:Program Filesyyfm05292014071008DuiLib.dll |$GuangxiNanningshi Shengjuguangzaixian Info Tech Co.,LTD. | 2014-6-6 1:54:6
        C:Program FilesRisingRAV smgr.dll |$Beijing Rising Information Technology Corporation Limited | 2014-4-17 20:7:23
        C:Program FilesRisingRAVwbprotect.dll |$Beijing Rising Information Technology Corporation Limited | 2014-2-27 17:52:42
        C:Documents and SettingsAll UsersApplication Datazheziin2hximvdemx.dll |$北京精益求德科技有限公司 | 2014-7-10 8:5:18
        C:Program Files广告神盾707150103adhkdll.dll |$Guangzhou Feiwu Network Science and Technology Co., Ltd. | 2014-5-22 20:31:42
    C:Program FilesXCFaXianXCFaXian.exe * 3424 |$北京趣找电子商务有限公司 | 2014-6-26 14:5:28
        C:Program FilesXCFaXianXCFaXian.exe |$北京趣找电子商务有限公司 | 2014-6-26 14:5:28
        C:Program FilesRisingRAV smgr.dll |$Beijing Rising Information Technology Corporation Limited | 2014-4-17 20:7:23
        C:Program FilesRisingRAVwbprotect.dll |$Beijing Rising Information Technology Corporation Limited | 2014-2-27 17:52:42
        C:Documents and SettingsAll UsersApplication Datazheziin2hximvdemx.dll |$北京精益求德科技有限公司 | 2014-7-10 8:5:18
        C:Program Files广告神盾707150103adhkdll.dll |$Guangzhou Feiwu Network Science and Technology Co., Ltd. | 2014-5-22 20:31:42
        C:Program Files360360Safesafemonsafemon.dll |$Qihoo 360 Software (Beijing) Company Limited | 2014-5-13 17:24:40
    C:Program FilesRisingRSDpopwndexe.exe * 3448 |$Beijing Rising Information Technology Corporation Limited | 2013-11-17 22:14:37
        C:Program FilesRisingRSDpopwndexe.exe |$Beijing Rising Information Technology Corporation Limited | 2013-11-17 22:14:37
        C:Program FilesRisingRSD sdk.dll |$Beijing Rising Information Technology Corporation Limited | 2013-11-17 22:14:37
        C:Program FilesRisingRSD smginfo.dll |$Beijing Rising Information Technology Corporation Limited | 2013-11-17 22:14:37
        C:Program FilesCommon FilesMicrosoft SharedOFFICE11MSOXMLMF.DLL |$Microsoft Corporation | 2013-1-4 14:36:22
        C:Program Files广告神盾707150103adhkdll.dll |$Guangzhou Feiwu Network Science and Technology Co., Ltd. | 2014-5-22 20:31:42
        C:Program FilesRisingRAV smgr.dll |$Beijing Rising Information Technology Corporation Limited | 2014-4-17 20:7:23
        C:Program FilesRisingRAVwbprotect.dll |$Beijing Rising Information Technology Corporation Limited | 2014-2-27 17:52:42
        C:Program FilesRisingRAV avscrch.dll |$Beijing Rising Information Technology Corporation Limited | 2014-5-26 14:59:59
        C:Documents and SettingsAll UsersApplication Datazheziin2hximvdemx.dll |$北京精益求德科技有限公司 | 2014-7-10 8:5:18
    C:Documents and SettingsAdministratorApplication Data lcal lcal.exe * 3892 |$深圳亿纬科技有限公司 | 2014-7-10 8:4:58
        C:Documents and SettingsAdministratorApplication Data lcal lcal.exe |$深圳亿纬科技有限公司 | 2014-7-10 8:4:58
        C:Program FilesRisingRAV smgr.dll |$Beijing Rising Information Technology Corporation Limited | 2014-4-17 20:7:23
        C:Program FilesRisingRAVwbprotect.dll |$Beijing Rising Information Technology Corporation Limited | 2014-2-27 17:52:42
        C:Documents and SettingsAll UsersApplication Datazheziin2hximvdemx.dll |$北京精益求德科技有限公司 | 2014-7-10 8:5:18
        C:Program Files360360Safesafemonsafemon.dll |$Qihoo 360 Software (Beijing) Company Limited | 2014-5-13 17:24:40
        C:Program FilesRisingRAV avscrch.dll |$Beijing Rising Information Technology Corporation Limited | 2014-5-26 14:59:59
        C:Program Files广告神盾707150103adhkdll.dll |$Guangzhou Feiwu Network Science and Technology Co., Ltd. | 2014-5-22 20:31:42
    C:WINDOWSsystem32 undll32.exe * 1956 |$M$ | 2008-6-2 8:0:0
        C:Program FilesRisingRAV smgr.dll |$Beijing Rising Information Technology Corporation Limited | 2014-4-17 20:7:23
        C:Program FilesRisingRAVwbprotect.dll |$Beijing Rising Information Technology Corporation Limited | 2014-2-27 17:52:42
        C:Program Files360360Safesafemonsafemon.dll |$Qihoo 360 Software (Beijing) Company Limited | 2014-5-13 17:24:40
        C:Program Files广告神盾707150103adhkdll.dll |$Guangzhou Feiwu Network Science and Technology Co., Ltd. | 2014-5-22 20:31:42
    C:WINDOWSsystem32ctfmon.exe * 436 |$M$ | 2008-6-2 8:0:0
        C:Program FilesRisingRAV smgr.dll |$Beijing Rising Information Technology Corporation Limited | 2014-4-17 20:7:23
        C:Program FilesRisingRAVwbprotect.dll |$Beijing Rising Information Technology Corporation Limited | 2014-2-27 17:52:42
        C:Program Files广告神盾707150103adhkdll.dll |$Guangzhou Feiwu Network Science and Technology Co., Ltd. | 2014-5-22 20:31:42
    C:Program FilesaiduBaiduAn2.1.0.1214BaiduAnTray.exe * 976 |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:16
        C:Program FilesBaiduBaiduAn2.1.0.1214aiduanTray.exe |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:16
        C:Program FilesBaiduBaiduAn2.1.0.1214BDMSkin.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:17
        C:Program FilesBaiduBaiduAn2.1.0.1214BDLogicUtils.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:17
        C:Program FilesRisingRAV smgr.dll |$Beijing Rising Information Technology Corporation Limited | 2014-4-17 20:7:23
        C:Program FilesRisingRAVwbprotect.dll |$Beijing Rising Information Technology Corporation Limited | 2014-2-27 17:52:42
        C:Program FilesBaiduBaiduAn2.1.0.1214PluginsBDMPatcherPluginsBDMConnect.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-7-2 8:3:5
        C:Program FilesBaiduBaiduAn2.1.0.1214PluginsdmtraypluginsBDMTrayTipsPlugin.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:15
        C:Program FilesBaiduBaiduAn2.1.0.1214PluginsBDMTrayPluginsBDMSusPlugin.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:15
        C:Program FilesBaiduBaiduAn2.1.0.1214pluginsdmsuspluginsBDMSOAccSusPlugin.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:15
        C:Program FilesBaiduBaiduAn2.1.0.1214pluginsdmsuspluginsBDMNetMonSusPlugin.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:15
        C:Program FilesBaiduBaiduAn2.1.0.1214FTSOManagerBDMSOLiveAccMgr.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:15
        C:Program FilesBaiduBaiduAn2.1.0.1214FTSOManagerBDMSOLiveAccStrategyMgr.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:15
        C:Program FilesBaiduBaiduAn2.1.0.1214FTSOManagerBDMSOLiveAccEngine.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:15
        C:Program FilesBaiduBaiduAn2.1.0.1214FTSOManagerBDMNetMonMgrDll.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:15
        C:Program FilesBaiduBaiduAn2.1.0.1214BDMReport.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:17
        C:Program FilesBaiduBaiduAn2.1.0.1214BDMNet.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:17
        C:Documents and SettingsAll UsersApplication Datazheziin2hximvdemx.dll |$北京精益求德科技有限公司 | 2014-7-10 8:5:18
        C:Program FilesBaiduBaiduAn2.1.0.1214PluginsdmtraypluginsBDMSOAccTrayPlugin.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:15
        C:Program FilesBaiduBaiduAn2.1.0.1214FTSOManagerSysAccMgrDll.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:15
        C:Program FilesBaiduBaiduAn2.1.0.1214dmantivirusBDKitUtils.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:16
        C:Program FilesBaiduBaiduAn2.1.0.1214PluginsdmtraypluginsBDMSOCleanerTrayPlugin.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:15
        C:Program FilesBaiduBaiduAn2.1.0.1214BDMUpdate.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:17
        C:Program Files360360Safesafemonsafemon.dll |$Qihoo 360 Software (Beijing) Company Limited | 2014-5-13 17:24:40
        C:Program FilesBaiduBaiduAn2.1.0.1214BDMDownload.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:17
        C:Program Files广告神盾707150103adhkdll.dll |$Guangzhou Feiwu Network Science and Technology Co., Ltd. | 2014-5-22 20:31:42
    C:Documents and SettingsAdministratorApplication Data lcal lcalQuick.exe * 3936 |$深圳亿纬科技有限公司 | 2014-7-10 8:4:58
        C:Documents and SettingsAdministratorApplication Data lcal lcalQuick.exe |$深圳亿纬科技有限公司 | 2014-7-10 8:4:58
        C:Program FilesRisingRAV smgr.dll |$Beijing Rising Information Technology Corporation Limited | 2014-4-17 20:7:23
        C:Program FilesRisingRAVwbprotect.dll |$Beijing Rising Information Technology Corporation Limited | 2014-2-27 17:52:42
        C:Documents and SettingsAdministratorApplication Data lcalAssistModule.dll |$深圳亿纬科技有限公司 | 2014-7-10 8:4:58
        C:Documents and SettingsAll UsersApplication Datazheziin2hximvdemx.dll |$北京精益求德科技有限公司 | 2014-7-10 8:5:18
        C:Program Files360360Safesafemonsafemon.dll |$Qihoo 360 Software (Beijing) Company Limited | 2014-5-13 17:24:40
        C:Program FilesRisingRAV avscrch.dll |$Beijing Rising Information Technology Corporation Limited | 2014-5-26 14:59:59
        C:Program Files广告神盾707150103adhkdll.dll |$Guangzhou Feiwu Network Science and Technology Co., Ltd. | 2014-5-22 20:31:42
    C:Program FilesCommon FilesBaiduBDDownload107ddownloader.exe * 3168 |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:20
        c:program filescommon filesaiduddownload107ddownloader.exe |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:20
        C:Program Files360360Safesafemonsafemon.dll |$Qihoo 360 Software (Beijing) Company Limited | 2014-5-13 17:24:40
        C:Program FilesRisingRAV smgr.dll |$Beijing Rising Information Technology Corporation Limited | 2014-4-17 20:7:23
        C:Program FilesRisingRAVwbprotect.dll |$Beijing Rising Information Technology Corporation Limited | 2014-2-27 17:52:42
        c:program filescommon filesaiduddownload107dl.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:20
        C:Documents and SettingsAll UsersApplication Datazheziin2hximvdemx.dll |$北京精益求德科技有限公司 | 2014-7-10 8:5:18
        C:Program Files广告神盾707150103adhkdll.dll |$Guangzhou Feiwu Network Science and Technology Co., Ltd. | 2014-5-22 20:31:42
    C:Program Files广告神盾707150103serverADShendunProxy32.exe * 5500 |$Guangzhou Feiwu Network Science and Technology Co., Ltd. | 2014-6-9 22:7:10
        C:Documents and SettingsAll UsersApplication Datazheziin2hximvdemx.dll |$北京精益求德科技有限公司 | 2014-7-10 8:5:18
    C:Program FilesaiduBaiduAn2.1.0.1214BaiduAn.exe * 5896 |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:16
        C:Program Files360360Safesafemonsafemon.dll |$Qihoo 360 Software (Beijing) Company Limited | 2014-5-13 17:24:40
        C:Program FilesRisingRAV smgr.dll |$Beijing Rising Information Technology Corporation Limited | 2014-4-17 20:7:23
        C:Program FilesRisingRAVwbprotect.dll |$Beijing Rising Information Technology Corporation Limited | 2014-2-27 17:52:42
        C:Program FilesBaiduBaiduAn2.1.0.1214BDMMainframe.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:17
        C:Program FilesBaiduBaiduAn2.1.0.1214BDLogicUtils.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:17
        C:Program FilesBaiduBaiduAn2.1.0.1214BDMSkin.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:17
        C:Program Files广告神盾707150103adhkdll.dll |$Guangzhou Feiwu Network Science and Technology Co., Ltd. | 2014-5-22 20:31:42
        C:Program FilesBaiduBaiduAn2.1.0.1214PluginsBDMSOManagerPluginsBDMSOCleanerPlugin.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:15
        C:Program FilesBaiduBaiduAn2.1.0.1214PluginsBDMSOManagerPluginsBDMSOAcceleratorPlugin.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:15
        C:Program FilesBaiduBaiduAn2.1.0.1214FTSOManagerSYSCleaner.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:15
        C:Program FilesBaiduBaiduAn2.1.0.1214BDMScriptVM.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:17
        C:Program FilesBaiduBaiduAn2.1.0.1214GCScriptBind.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:17
        C:Program FilesBaiduBaiduAn2.1.0.1214BDMWindowsLib.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:18
        C:Program FilesBaiduBaiduAn2.1.0.1214FTSOManagerSysAccMgrDll.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:15
        C:Program FilesBaiduBaiduAn2.1.0.1214dmantivirusBDKitUtils.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:16
        C:Program FilesBaiduBaiduAn2.1.0.1214FTSOManagerBDMSOLiveAccMgr.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:15
        C:Program FilesBaiduBaiduAn2.1.0.1214FTSOManagerBDMSOLiveAccStrategyMgr.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:15
        C:Program FilesBaiduBaiduAn2.1.0.1214FTSOManagerBDMSOLiveAccEngine.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:15
        C:Program FilesBaiduBaiduAn2.1.0.1214FTSOManagerBDMNetMonMgrDll.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:15
        C:Program FilesBaiduBaiduAn2.1.0.1214PluginsdmmainframepluginsBDMSWManagerFrame.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:15
        C:Program FilesBaiduBaiduAn2.1.0.1214BDMSWNestCore.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:17
        C:Program FilesBaiduBaiduAn2.1.0.1214PluginsdmmainframepluginsBDMSafePlugin.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:15
        C:Program FilesBaiduBaiduAn2.1.0.1214PluginsdmsafepluginsBDMKVMainPlugin.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:15
        C:Program FilesBaiduBaiduAn2.1.0.1214PluginsBDMSafePluginsBDMPatcherPlugin.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-7-2 8:3:15
        C:Program FilesBaiduBaiduAn2.1.0.1214PluginsdmsafepluginsBDMSysFixerPlugin.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:15
        C:Program FilesBaiduBaiduAn2.1.0.1214PluginsBDMPatcherPluginsBDMConnect.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-7-2 8:3:5
        C:Program FilesBaiduBaiduAn2.1.0.1214BDMReport.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:17
        C:Program FilesBaiduBaiduAn2.1.0.1214BDMNet.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:17
        C:Documents and SettingsAll UsersApplication Datazheziin2hximvdemx.dll |$北京精益求德科技有限公司 | 2014-7-10 8:5:18
        C:Program FilesBaiduBaiduAn2.1.0.1214FTSysFixerSysFixer.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:16
        C:Program FilesBaiduBaiduAn2.1.0.1214BDMSWParseDetect.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:18
        C:Program FilesBaiduBaiduAn2.1.0.1214PluginsdmkvscanpluginBDMKVScanPlugin.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:15
        C:Program FilesBaiduBaiduAn2.1.0.1214dmantivirusCompatibilityChecker.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:16
        C:Program FilesBaiduBaiduAn2.1.0.1214dmantivirusBDMRepMgr.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:16
        C:Program FilesBaiduBaiduAn2.1.0.1214dmantivirusBDMRepBase.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:16
        C:Program FilesBaiduBaiduAn2.1.0.1214dmantivirusBDMAVEng.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:16
        C:Program FilesBaiduBaiduAn2.1.0.1214dmantivirusTrustAndIso.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:16
    C:Program FilesaiduBaiduAn2.1.0.1214BDALeakfixer.exe * 4608 |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:16
        C:Program FilesBaiduBaiduAn2.1.0.1214BDALeakfixer.exe |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:16
        C:Program FilesBaiduBaiduAn2.1.0.1214BDLogicUtils.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:17
        C:Program FilesBaiduBaiduAn2.1.0.1214BDMSkin.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:17
        C:Program Files360360Safesafemonsafemon.dll |$Qihoo 360 Software (Beijing) Company Limited | 2014-5-13 17:24:40
        C:Program FilesRisingRAV smgr.dll |$Beijing Rising Information Technology Corporation Limited | 2014-4-17 20:7:23
        C:Program FilesRisingRAVwbprotect.dll |$Beijing Rising Information Technology Corporation Limited | 2014-2-27 17:52:42
        C:Program FilesBaiduBaiduAn2.1.0.1214PluginsBDMPatcherPluginsBDMPatcher.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-7-2 8:3:13
        C:Program FilesBaiduBaiduAn2.1.0.1214PluginsBDMPatcherPluginsBDMConnect.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-7-2 8:3:5
        C:Program FilesBaiduBaiduAn2.1.0.1214BDMReport.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:17
        C:Program FilesBaiduBaiduAn2.1.0.1214BDMNet.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:17
        C:Program FilesBaiduBaiduAn2.1.0.1214BDMDownload.dll |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:17
        C:Documents and SettingsAll UsersApplication Datazheziin2hximvdemx.dll |$北京精益求德科技有限公司 | 2014-7-10 8:5:18
    C:Program FilesRisingRAV smain.exe * 340 |$Beijing Rising Information Technology Corporation Limited | 2013-11-17 22:15:1
    C:Program FilesXCFaXianXCFaXian.exe * 4384 |$北京趣找电子商务有限公司 | 2014-6-26 14:5:28
        C:Program FilesXCFaXianXCFaXian.exe |$北京趣找电子商务有限公司 | 2014-6-26 14:5:28
        C:Program Files360360Safesafemonsafemon.dll |$Qihoo 360 Software (Beijing) Company Limited | 2014-5-13 17:24:40
        C:Program FilesRisingRAV smgr.dll |$Beijing Rising Information Technology Corporation Limited | 2014-4-17 20:7:23
        C:Program FilesRisingRAVwbprotect.dll |$Beijing Rising Information Technology Corporation Limited | 2014-2-27 17:52:42
        C:Documents and SettingsAll UsersApplication Datazheziin2hximvdemx.dll |$北京精益求德科技有限公司 | 2014-7-10 8:5:18
        C:Program FilesRisingRAV avscrch.dll |$Beijing Rising Information Technology Corporation Limited | 2014-5-26 14:59:59
        C:Program Files广告神盾707150103adhkdll.dll |$Guangzhou Feiwu Network Science and Technology Co., Ltd. | 2014-5-22 20:31:42
        C:WINDOWSsystem32MacromedFlashFlash32_14_0_0_145.ocx |$Adobe Systems Incorporated | 2014-7-9 8:2:30
    O2 - IeAddOn(360sdbho Class) - {0F4BF955-A127-41B7-A998-369904AA2578}
       = D:Program Files360360sd360sdbho.dll |$Qihoo 360 Software (Beijing) Company Limited | 2014-2-20 18:29:58
    O2 - IeAddOn(广告神盾IE插件) - {5AC58093-0F4D-4D65-A40B-007DDD7A79CF}
       = C:Program Files广告神盾707150103ieplugin32.dll |$Guangzhou Feiwu Network Science and Technology Co., Ltd. | 2014-5-22 20:32:0
    O2 - IeAddOn(SafeMon Class) - {B69F34DD-F0F9-42DC-9EDD-957187DA688D}
       = C:Program Files360360Safesafemonsafemon.dll |$Qihoo 360 Software (Beijing) Company Limited | 2014-5-13 17:24:40
    O2 - IeAddOn(搜狗输入法地址栏搜索) - {0C3ED74B-8703-4003-A1F4-2B2A0C450DD2}
       = C:Program FilesSogouInputComponentsAddressSearchOmniAddrOmniAddr.dll |$Sogou.com | 2014-5-14 8:29:47
    O2 - IeAddOn(360sdbho Class) - {0F4BF955-A127-41B7-A998-369904AA2578}
       = D:Program Files360360sd360sdbho.dll |$Qihoo 360 Software (Beijing) Company Limited | 2014-2-20 18:29:58
    O2 - IeAddOn(广告神盾IE插件) - {5AC58093-0F4D-4D65-A40B-007DDD7A79CF}
       = C:Program Files广告神盾707150103ieplugin32.dll |$Guangzhou Feiwu Network Science and Technology Co., Ltd. | 2014-5-22 20:32:0
    O2 - IeAddOn(360SafeLive) - {87515F61-A66C-4319-A0E0-D416CB8059E3}
       = C:Program Files360360SafeSafelive.dll |$Qihoo 360 Software (Beijing) Company Limited | 2014-5-5 18:46:50
    O2 - IeAddOn(SetupCtrl Class) - {8C891026-0BE9-434E-B807-118E6E5EA3B6}
       = C:WINDOWSDownloaded Program Files276828BaiduSetupAx_0.dll |$Baidu (China) Co., Ltd. | 2012-12-26 15:34:22
    O2 - IeAddOn(SafeMon Class) - {B69F34DD-F0F9-42DC-9EDD-957187DA688D}
       = C:Program Files360360Safesafemonsafemon.dll |$Qihoo 360 Software (Beijing) Company Limited | 2014-5-13 17:24:40
    O2 - IeAddOn(BDBProtocolHelperImpl Class) - {E1819698-0CD0-435C-AE0D-F288924C40A1}
       = C:Program FilesaiduBaiduPlayer3.9.3.12dbph.dll |$Baidu (China) Co., Ltd. | 2014-6-13 15:36:28
    O4 - HKCU.. un: [360sd] "D:Program Files360360sd360sd.exe" /autorun
    O4 - HKCU.. un: [XCFaXian] "C:Program FilesXCFaXianXCFaXian.exe" /A
    O4 - HKLM.. un: [360Safetray] "C:Program Files360360Safesafemon360Tray.exe" /start
    O4 - HKLM.. un: [RavTRAY] "C:Program FilesRisingRAVRSTRAY.EXE" -system
    O4 - HKLM.. un: [ADSD0707150103] "C:Program Files广告神盾707150103ADShendun32.exe" tray
    O4 - HKLM.. un: [yyfm0529_2014071008] "C:Program Filesyyfm05292014071008yymusic05.exe" -mini
    O4 - HKLM.. un: [yyfm0529_News_2014071008] "C:Program Filesyyfm05292014071008YFMSever.exe" -mini
    O4 - HKLM.. un: [nlcal] C:Documents and SettingsAdministratorApplication Data lcal lcal.exe /start
    O4 - HKLM.. un: [BaiduAnTray] "C:Program FilesBaiduBaiduAn2.1.0.1214BaiduAnTray.exe"  -stmd=3
    BaiduBrowserUpdater.job -> C:Program FilesBaiduBaiduBrowserdupdate.exe --check --type=auto --fromautorun
    游戏盒子版本号更新检測.job -> C:Documents and SettingsAll UsersApplication DataGBX2014710GameBox.exe /check_update
    O10 - LSP: npzz over [MSAFD Tcpip [TCP/IP]] = C:Documents and SettingsAll UsersApplication Datazheziin2hximvdemx.dll |$北京精益求德科技有限公司 | 2014-7-10 8:5:18
    O10 - LSP: npzz over [MSAFD Tcpip [UDP/IP]] = C:Documents and SettingsAll UsersApplication Datazheziin2hximvdemx.dll |$北京精益求德科技有限公司 | 2014-7-10 8:5:18
    O10 - LSP: npzz = C:Documents and SettingsAll UsersApplication Datazheziin2hximvdemx.dll |$北京精益求德科技有限公司 | 2014-7-10 8:5:18
    O23 - 服务: 360AntiHacker (360Safe Anti Hacker Service) - System32Drivers360AntiHacker.sys |$Qihoo 360 Software (Beijing) Company Limited | 2014-4-18 16:7:8(系统)
    O23 - 服务: 360AvFlt (360AvFlt mini-filter driver) - system32DRIVERS360AvFlt.sys |$Qihoo 360 Software (Beijing) Company Limited | 2014-2-26 11:29:55(手动)
    O23 - 服务: 360Box (360Box mini-filter driver) - system32DRIVERS360Box.sys |$Qihoo 360 Software (Beijing) Company Limited | 2014-5-27 17:3:12(系统)
    O23 - 服务: 360Camera (360Safe Camera Filter Service) - System32Drivers360Camera.sys |$Qihoo 360 Software (Beijing) Company Limited | 2014-4-18 16:30:26(手动)
    O23 - 服务: 360netmon (360netmon) - C:WINDOWSsystem32drivers360netmon.sys |$Qihoo 360 Software (Beijing) Company Limited | 2014-2-27 11:1:50(系统)
    O23 - 服务: 360qpesv (360qpesv driver) - C:WINDOWSsystem32drivers360qpesv.sys |$Qihoo 360 Software (Beijing) Company Limited | 2014-6-29 20:27:0(系统)
    O23 - 服务: 360rp (360 杀毒实时防护载入服务) - "D:Program Files360360sd360rps.exe" |$Qihoo 360 Software (Beijing) Company Limited | 2014-2-24 10:40:33(自己主动)
    O23 - 服务: 360SelfProtection (360SelfProtection) - system32drivers360SelfProtection.sys |$Qihoo 360 Software (Beijing) Company Limited | 2014-4-21 21:17:58(系统)
    O23 - 服务: BAPIDRV (BAPIDRV) - system32DRIVERSBAPIDRV.sys |$Qihoo 360 Software (Beijing) Company Limited | 2014-4-18 15:33:16(系统)
    O23 - 服务: bd0001 (bd0001) - system32DRIVERSd0001.sys |$Beijing baidu Netcom science and technology co.ltd | 2014-6-13 16:38:54(系统)
    O23 - 服务: bd0002 (bd0002) - system32DRIVERSd0002.sys |$Beijing baidu Netcom science and technology co.ltd | 2014-3-11 17:36:8(系统)
    O23 - 服务: bd0004 (bd0004) - system32DRIVERSd0004.sys |$Beijing baidu Netcom science and technology co.ltd | 2014-7-2 7:58:15(系统)
    O23 - 服务: BDArKit (BDArKit) - system32DRIVERSBDArKit.sys |$Beijing baidu Netcom science and technology co.ltd | 2014-7-2 8:3:11(手动)
    O23 - 服务: BDMNetMon (BDMNetMon) - system32DRIVERSBDMNetMon.sys |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:21(自己主动)
    O23 - 服务: BDMRTP (BDMRTP Service) - "C:Program FilesBaiduBaiduAn2.1.0.1214aiduanSvc.exe" -r |$Beijing baidu Netcom science and technology co.ltd | 2014-5-4 19:59:16(自己主动)
    O23 - 服务: BDMWrench (BDMWrench) - system32DRIVERSBDMWrench.sys |$Beijing baidu Netcom science and technology co.ltd | 2014-7-8 14:26:44(系统)
    O23 - 服务: BDSGRTP (BDSGRTP Service) - "C:Program FilesCommon FilesBaiduBaiduProtect1.2.0.47BaiduProtect.exe" -r |$X(自己主动)
    O23 - 服务: DsArk (DsArk) - C:WINDOWSsystem32driversDsArk.sys |$Qihoo 360 Software (Beijing) Company Limited | 2013-11-2 13:26:35(引导)
    O23 - 服务: EfiMon (EfiSystemMon) - System32DriversEfimon.sys |$Qihoo 360 Software (Beijing) Company Limited | 2014-4-21 18:45:8(系统)
    O23 - 服务: HookPort (HookPort) - System32DriversHookport.sys |$Qihoo 360 Software (Beijing) Company Limited | 2014-4-21 21:22:20(引导)
    O23 - 服务: HyperVM (HyperVM) - C:WINDOWSsystem32drivershvm.sys |$Beijing Rising Information Technology Corporation Limited | 2013-11-17 22:15:3(系统)
    O23 - 服务: kguard (kguard) - system32DRIVERSkguard.sys |$Beijing Rising Information Technology Corporation Limited | 2014-5-15 14:57:43(系统)
    O23 - 服务: lsservice (lsservice) - C:Program FilesXCFaXianlssvr.exe |$北京趣找电子商务有限公司 | 2014-6-26 14:5:28(自己主动)
    O23 - 服务: QQProtect (QQProtect) - C:WINDOWSsystem32driversQQProtect.sys |$Tencent Technology(Shenzhen) Company Limited | 2014-5-8 17:32:44(系统)
    O23 - 服务: qutmdserv (Quantum DeepScanner Servers) - system32DRIVERSqutmdrv.sys |$Qihoo 360 Software (Beijing) Company Limited | 2014-6-20 15:10:30(系统)
    O23 - 服务: qutmipc (qutmipc) - C:WINDOWSsystem32driversqutmipc.sys |$Qihoo 360 Software (Beijing) Company Limited | 2014-5-14 10:46:24(系统)
    O23 - 服务: rsdsys (rsd protect) - C:WINDOWSsystem32driversprotreg.sys |$Beijing Rising Information Technology Corporation Limited | 2014-5-28 15:23:55(自己主动)
    O23 - 服务: RsMgrSvc (Rsd Service) - "C:Program FilesRisingRSDRsMgrSvc.exe" |$Beijing Rising Information Technology Corporation Limited | 2013-11-17 22:14:37(自己主动)
    O23 - 服务: RsRavMon (Rav Service) - "C:Program FilesRisingRAV avmond.exe" |$Beijing Rising Information Technology Corporation Limited | 2014-5-15 14:57:11(自己主动)
    O23 - 服务: rsutils (rsutils) - system32DRIVERS sutils.sys |$Beijing Rising Information Technology Corporation Limited | 2013-11-27 8:0:20(系统)
    O23 - 服务: stickynotes (stickynotes service) - "C:Program Filesstickynotesstickynotes.exe" -srv |$Beijing Panshi Yongye Investment Co.,Ltd. | 2014-7-4 14:41:8(自己主动)
    O23 - 服务: sysmon (sysmon) - system32DRIVERSsysmon.sys |$Beijing Rising Information Technology Corporation Limited | 2014-6-23 14:53:54(引导)
    O23 - 服务: ZheziSrv (Zhezi Service) - "C:Program FileszheziappzheziheziServiceMgr.exe" /asservice |$北京精益求德科技有限公司 | 2014-7-4 18:4:12(手动)
    O23 - 服务: ZhuDongFangYu (主动防御) - "C:Program Files360360Safedeepscanzhudongfangyu.exe" |$Qihoo 360 Software (Beijing) Company Limited | 2014-5-27 22:0:44(自己主动)

    O29 - HKCU-Start Page = http://www.hao123.com/?

    tn=98868055_hao_pg
    O29 - HKCU-Search Page = http://www.3600.com/?

    src=lm&ls=n290987998a
    O29 - HKCU-Default_Page_URL = http://www.3600.com/?

    src=lm&ls=n290987998a
    O29 - HKLM-Start Page = http://hao.360.cn/?1004
    O29 - HKUS-Start Page = http://www.hao123.com/?tn=94104199_hao_pg
    O34 - StartMenuInternet [2345Explorer.exe] = "C:Program Files2345Explorer2345Explorer.exe" |$X
    O34 - StartMenuInternet [360SE.exe] = C:Program Files360360se360SE.exe |$360.cn | 2013-1-4 14:36:5
    O34 - StartMenuInternet [BaiduBrowser.EXE] = "C:Program FilesBaiduBaiduBrowserBaiduBrowser.exe" |$X
    C:Documents and SettingsAdministratorApplication DataMicrosoftInternet ExplorerQuick Launch
        2345智能浏览器.lnk -> C:Program Files2345Explorer2345Explorer.exe
    http://www.hao123.com/?tn=98868055_hao_pg
        360安全卫士.lnk -> C:Program Files360360Safe360Safe.exe
        hao123_网址导航_Internet.lnk ->
    http://www.hao123.com/?tn=90618383_hao_pg
        Inteent Exploror.lnk -> http://www.hao123.com/?

    tn=98868055_hao_pg
        Intronnt HaoDao.lnk -> http://www.hao123.com/?tn=98868055_hao_pg
        lentent Epxlroer.lnk -> http://www.3600.com/?

    src=lm&ls=n525187378f
        今日黄历.lnk -> C:Documents and SettingsAdministratorApplication Data lcal lcal.exe
        折子购物.lnk -> C:Program Fileszheziappzhezizhezi.exe
        极速抢票入口.lnk ->
    http://www.hao123.com/?tn=93947501_hao_pg
        爱淘宝.lnk -> http://t.cn/Rv8Fg27
    C:Documents and SettingsAdministrator桌面
        hao123_网址导航_Internet.lnk ->
    http://www.hao123.com/?tn=90618383_hao_pg
        Internet   Explorer.lnk -> http://www.hao123.com/?tn=97883556_hao_pg
        Internet  Explorer.lnk -> http://www.hao123.com/?tn=97883556_hao_pg
        安全上网必备.lnk -> http://www.3600.com/?

    src=lm&ls=n799d887988
        极速抢票入口.lnk -> http://www.3600.com/?

    src=lm&ls=n7141871b8c
        淘宝.lnk -> http://ai.taobao.com/?pid=mm_43853062_4068309_23360394
    C:Documents and SettingsAll Users「開始」菜单
        lentent Epxlroer.lnk ->
    http://www.3600.com/?src=lm&ls=n525187378f
        爱淘宝.lnk -> http://t.cn/Rv8Fg27
    C:Documents and SettingsAll Users桌面
        Apabi Reader 4.5.lnk -> C:Program FilesFounderApabi Reader 4.0ApaReader.exe
        Inteent Exploror.lnk ->
    http://www.hao123.com/?tn=98868055_hao_pg
        Intronnt HaoDao.lnk -> http://www.hao123.com/?tn=98868055_hao_pg
        lentent Epxlroer.lnk -> http://www.3600.com/?

    src=lm&ls=n525187378f
    .htm - "C:Program Files360360se360SE.exe" "%1"
    .html - "C:Program Files360360se360SE.exe" "%1"


    先把百度卫士、百度浏览器、zhezi卸载了。


    打开任务管理器,终止进程:

    C:Program FilesXCFaXianlssvr.exe
    C:Program Filesyyfm05292014071008yymusic05.exe
    C:Program FilesXCFaXianXCFaXian.exe
    C:Documents and SettingsAdministratorApplication Data lcal lcal.exe
    C:Documents and SettingsAdministratorApplication Data lcal lcalQuick.exe
    C:Program FilesXCFaXianXCFaXian.exe

    停止并禁用服务:

    O23 - 服务: SuperApps (SuperApps service) - C:WINDOWSsystem32svchost.exe -k SuperApps |$M$ | 2008-6-2 8:0:0(自己主动)

    删除启动项:
    O4 - HKCU.. un: [XCFaXian] "C:Program FilesXCFaXianXCFaXian.exe" /A
    O4 - HKLM.. un: [yyfm0529_2014071008] "C:Program Filesyyfm05292014071008yymusic05.exe" -mini
    O4 - HKLM.. un: [yyfm0529_News_2014071008] "C:Program Filesyyfm05292014071008YFMSever.exe" -mini
    O4 - HKLM.. un: [nlcal] C:Documents and SettingsAdministratorApplication Data lcal lcal.exe /start

    瑞星集成了系统优化功能,会检測并列出一些能够优化的项目,但不能对未检測出的项目进行操作。

    比方O23 - 服务: SuperApps,瑞星没列出来,用windows系统自带的服务管理器无法禁用,用360卫士则能够禁用。

     

    然后清理这些恶意广告图标及開始菜单项,重新启动电脑,最终正常了。

     

    附部分文件信息:

    文件说明符 : C:Program Filesyyfm05292014071008YFMSever.exe
    属性 : A---
    数字签名:GuangxiNanningshi Shengjuguangzaixian Info Tech Co.,LTD.
    PE文件:是
    语言 : 中文(中国)
    文件版本号 : 20.20.20.20
    说明 : 音乐软件相关
    版权 : 2014年编译
    产品版本号 : 20.20.20.20
    产品名称 : 音乐软件相关
    公司名称 : 音乐软件相关
    合法商标 :
    内部名称 :
    源文件名称 :
    创建时间 : 2014-6-6 1:53:56
    改动时间 : 2014-6-6 1:53:56
    大小 : 706192 字节 689.656 KB
    MD5 : cc479a63384549b4727c5c261f86592a
    SHA1: A3E0F2BC4C631170ED7A7E2793A3925E2F5E7320
    CRC32: e0fbc0e7

    文件说明符 : C:Program Filesyyfm05292014071008yymusic05.exe
    属性 : A---
    数字签名:GuangxiNanningshi Shengjuguangzaixian Info Tech Co.,LTD.
    PE文件:是
    语言 : 中文(中国)
    文件版本号 : 1.14.529.1
    说明 : 音乐FM
    版权 : Copyright (C) 2014
    产品版本号 : 1.14.529.1
    产品名称 : 音乐FM
    公司名称 : 音乐FM
    内部名称 : MusicPla.exe
    源文件名称 : MusicPla.exe
    创建时间 : 2014-6-6 1:53:58
    改动时间 : 2014-6-6 1:53:58
    大小 : 1979536 字节 1.909 MB
    MD5 : eceba96738a53afb5284ca33b049d998
    SHA1: 5965CA90BAB852CF6CF03E46AB1E2CBB8743EAA0
    CRC32: 3ef1ef4c

    文件说明符 : C:Documents and SettingsAll UsersApplication DataGBX2014710GameBox.exe
    属性 : A---
    数字签名:否
    PE文件:是
    语言 : 中文(中国)
    文件版本号 : 1.1.14.6150
    说明 : GameBox
    版权 : 版权全部 (C) 2013
    产品版本号 : 1.1.14.6150
    产品名称 : GameBox
    内部名称 : GameBox
    源文件名称 : GameBox.exe
    创建时间 : 2014-7-1 8:5:7
    改动时间 : 2014-6-15 15:33:58
    大小 : 477696 字节 466.512 KB
    MD5 : 989d10106b1fd621936bde8b5160014c
    SHA1: 363F54892C37D51BEA1026CD68917234409D6C73
    CRC32: c042d084

    文件说明符 : C:Documents and SettingsAdministratorApplication Data lcal lcal.exe
    属性 : A---
    数字签名:深圳亿纬科技有限公司
    PE文件:是
    语言 : 中文(中国)
    文件版本号 : 1, 0, 0, 7
    说明 : 今日黄历 应用程序
    版权 : 版权全部 (C) 2014
    产品版本号 : 1, 0, 0, 7
    产品名称 : nlcal 应用程序
    内部名称 : nlcal
    源文件名称 : nlcal.exe
    创建时间 : 2014-7-10 8:4:58
    改动时间 : 2014-7-10 8:4:58
    大小 : 260208 字节 254.112 KB
    MD5 : e9a0e8307595d972715cff739506ea2d
    SHA1: 6A54F039EED7A98AB0BB70A58F789ED75334FF1C
    CRC32: a4792813

    文件说明符 : C:Program FilesXCFaXianlssvr.exe
    属性 : A---
    数字签名:北京趣找电子商务有限公司
    PE文件:是
    获取文件版本号信息大小失败!
    创建时间 : 2014-6-26 14:5:28
    改动时间 : 2014-6-26 14:5:28
    大小 : 766592 字节 748.640 KB
    MD5 : 510ecaf617b6c71c14d9acec12007b6f
    SHA1: 3EA45B408D2AE48293CB73E6D7AD45000EFFB4E8
    CRC32: 61917e7f

     

  • 相关阅读:
    java8 流操作
    MySQL重置密码
    利用工厂模式+策略模式去掉if-else
    windows10下按照mysql主从复制
    事务隔离级别
    事务传播行为
    Using hints for Postgresql
    PostgreSQL SQL HINT的使用说明
    源码升级SUSE openssh
    mysql之my.cnf详解
  • 原文地址:https://www.cnblogs.com/blfshiye/p/5125093.html
Copyright © 2011-2022 走看看