收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 国外杀毒软件 Avira(小红伞) 红伞的托盘图标无法显示
12下一页
返回列表 发新帖
查看: 5097|回复: 10
收起左侧

[求助] 红伞的托盘图标无法显示

[复制链接]
woaixiaozhao
发表于 2008-9-22 10:48:14 | 显示全部楼层 |阅读模式
单位的电脑,之前中了病毒,连开机都不行,后来被我弄好了,装了红伞,可是最近红伞的托盘图标又不见了,但是AVGUARD.EXE这个主进程还在。不知道是怎么回事。而且我原本的设置是把病毒删除到隔离区,但是常常杀完毒后发现隔离区里什么都没有,请大家帮个忙


附上SRE的扫描结果
启动项目注册表 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] <; RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup> [NVIDIA Corporation] <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd] <360Safetray> [(Verified)Qizhi Software (beijing) Co. Ltd] <360Antiarp> [(Verified)Qizhi Software (beijing) Co. Ltd] <; C:\Program Files\Brother\Brmfl04g\BrStDvPt.exe> [Brother Industories, Ltd.] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] [(Verified)Microsoft Windows Component Publisher] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] <> [N/A] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] <%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] <"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] [(Verified)Microsoft Windows Publisher] ================================== 启动文件夹 N/A ================================== 服务 [Avira AntiVir Premium MailGuard / AntiVirMailService][Stopped/Disabled] <"C:\Program Files\Avira\AntiVir PersonalEdition Premium\avmailc.exe"> [Avira AntiVir Premium Scheduler / AntiVirScheduler][Running/Auto Start] <"C:\Program Files\Avira\AntiVir PersonalEdition Premium\sched.exe"> [Avira AntiVir Premium Guard / AntiVirService][Running/Auto Start] <"C:\Program Files\Avira\AntiVir PersonalEdition Premium\avguard.exe"> [Avira AntiVir Premium WebGuard / antivirwebservice][Stopped/Disabled] <"C:\Program Files\Avira\AntiVir PersonalEdition Premium\AVWEBGRD.EXE"> [Avira AntiVir Premium MailGuard helper service / AVEService][Stopped/Disabled] <"C:\Program Files\Avira\AntiVir PersonalEdition Premium\avesvc.exe"> [Contrl Center of Storm Media / ccosm][Stopped/Disabled] <北京暴风网际科技有限公司> [Help and Support / helpsvc][Stopped/Manual Start] %WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll> [Human Interface Device Access / HidServ][Stopped/Disabled] <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll> [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start] <><(File is missing)> [NVIDIA Display Driver Service / NVSvc][Running/Auto Start] ================================== 驱动程序 [360AntiArp / 360AntiArp][Running/System Start] <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心> [aaatimeo / aaatimeo][Running/Boot Start] <\SystemRoot\system32\DRIVERS\aaatimeo.sys> [AFAMgt / AFAMgt][Running/Boot Start] <\SystemRoot\system32\DRIVERS\afamgt.sys> [ahcix86 / ahcix86][Running/Boot Start] <\SystemRoot\system32\DRIVERS\ahcix86.sys> [AliIde / AliIde][Running/Boot Start] <\SystemRoot\system32\DRIVERS\aliide.sys> [AMD AGP Bus Filter Driver / amdagp][Running/Boot Start] <\SystemRoot\system32\DRIVERS\amdagp.sys> [amdbusdr / amdbusdr][Running/Boot Start] <\SystemRoot\system32\DRIVERS\amdbusdr.sys> [AMD EIDE 驱动程衼E / amdeide][Running/Boot Start] <\SystemRoot\system32\DRIVERS\AmdEide.sys> [AMD K8 Processor Driver / AmdK8][Stopped/Manual Start] [SiI-3112 SATALink Controller / ASH1205][Running/Boot Start] <\SystemRoot\system32\DRIVERS\ASH1205.sys> [ata1200a / ata1200a][Running/Boot Start] <\SystemRoot\system32\DRIVERS\ata1200a.sys> [atiide / atiide][Running/Boot Start] <\SystemRoot\system32\DRIVERS\atiide.sys> [avgio / avgio][Running/System Start] <\??\C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgio.sys> [avgntflt / avgntflt][Running/Manual Start] <\??\C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgntflt.sys> [avipbb / avipbb][Running/System Start] [Promise driver accelerator / bb-run][Running/Boot Start] <\SystemRoot\system32\DRIVERS\bb-run.sys> [Brother USB Still Image driver / BrScnUsb][Running/Manual Start]
[Brother MFC Serial Port Interface WDM Driver / BrSerIf][Running/Manual Start]
[Brother MFC USB Serial WDM Driver / BrUsbSer][Running/Manual Start]
[DELL CERC SATA 1.5/6ch RAID Miniport Driver / cercsr6][Running/Boot Start] <\SystemRoot\system32\DRIVERS\cercsr6.sys> [CmdIde / CmdIde][Running/Boot Start] <\SystemRoot\system32\DRIVERS\cmdide.sys> [Cpq32fs2 / Cpq32fs2][Running/Boot Start] <\SystemRoot\system32\DRIVERS\Cpq32fs2.sys> [Promise Removable Disk Control Driver / dontgo][Running/Boot Start] <\SystemRoot\system32\DRIVERS\DontGo.sys> [Intel(R) PRO/1000 PCI Express Network Connection Driver / e1express][Running/Manual Start] [fttxr52P / fttxr52P][Running/Boot Start] <\SystemRoot\system32\DRIVERS\fttxr52P.sys> [Microsoft UAA Bus Driver for High Definition Audio / HDAudBus][Running/Manual Start] [hpch / hpch][Stopped/Manual Start] <\??\C:\WINDOWS\system32\drivers\hpch.sys> [HpCISSm2 / HpCISSm2][Running/Boot Start] <\SystemRoot\system32\DRIVERS\HpCISSm2.sys> [Intel RAID Controller / iaStor][Running/Boot Start] <\SystemRoot\system32\DRIVERS\iaStor.sys> [Intel RAID Controller / iaStor55][Running/Boot Start] <\SystemRoot\system32\DRIVERS\iaStor55.sys> [Intel RAID Controller / iaStor70][Running/Boot Start] <\SystemRoot\system32\DRIVERS\iaStor70.sys> [mv61xx / mv61xx][Running/Boot Start] <\SystemRoot\system32\DRIVERS\mv61xx.sys> [mvSata / mvSata][Running/Boot Start] <\SystemRoot\system32\DRIVERS\mvsata.sys> [nv / nv][Running/Manual Start] [nvgts / nvgts][Running/Boot Start] <\SystemRoot\system32\DRIVERS\nvgts.sys> [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start] <\SystemRoot\system32\DRIVERS\nvrd32.sys> [DDK PACKET Protocol / Packet][Running/Manual Start] <360安全中心> [Direct Parallel Link Driver / Ptilink][Running/Manual Start] [ql2100 / ql2100][Running/Boot Start] <\SystemRoot\system32\DRIVERS\ql2100.sys> [ql2200 / ql2200][Running/Boot Start] <\SystemRoot\system32\DRIVERS\ql2200.sys> [SafeBoxKrnl / SafeBoxKrnl][Running/System Start] <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心> [Secdrv / Secdrv][Stopped/Manual Start] [Sonic Focus Plugin for Sigmatel HDA / sfng32][Stopped/Manual Start] [SATALink External Device Filter / SiRemFil][Running/Boot Start] <\SystemRoot\system32\DRIVERS\SiRemFil.sys> [SIS AGP Bus Filter / sisagp][Running/Boot Start] <\SystemRoot\system32\DRIVERS\sisagp.sys> [sisraidx / sisraidx][Running/Boot Start] <\SystemRoot\system32\DRIVERS\sisraidx.sys> [ssmdrv / ssmdrv][Running/System Start] [SigmaTel High Definition Audio CODEC / STHDA][Running/Manual Start] [TSKSP / TSKSP][Stopped/Manual Start] <\??\D:\Program Files\QQDoctor\TSKSP.sys> [ViBus / ViBus][Running/Boot Start] <\SystemRoot\system32\DRIVERS\ViBus.sys> [videX32 / videX32][Running/Boot Start] <\SystemRoot\system32\DRIVERS\videX32.sys> [VIA SATA IDE Device Driver / ViPrt][Running/Boot Start] <\SystemRoot\system32\DRIVERS\ViPrt.sys> [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start] <\SystemRoot\system32\DRIVERS\xfilt.sys>
回复

举报

woaixiaozhao
 楼主| 发表于 2008-9-22 10:48:56 | 显示全部楼层
浏览器加载项
[ThunderAtOnce Class]
  {01443AEC-0FD1-40fd-9C87-E93D1494C233} <C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[SafeMon Class]
  {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, (Signed) 360.CN>
[启动迅雷5]
  {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <C:\Program Files\Thunder Network\Thunder\Thunder.exe, Thunder Networking Technologies,LTD>
[浩方对战平台]
  {0A155D3C-68E2-4215-A47A-E800A446447A} <D:\Platform\GameClient.exe, (Signed) 上海浩方在线信息技术有限公司>
[ThunderAtOnce Class]
  {01443AEC-0FD1-40FD-9C87-E93D1494C233} <C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[]
  {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <, >
[]
  {0A155D3C-68E2-4215-A47A-E800A446447A} <, >
[PeerDraw Class]
  {10072CEC-8CC1-11D1-986E-00A0C955B42E} <C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll, (Signed) Microsoft Corporation>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, (Signed) N/A>
[DHTML Edit Control Safe for Scripting for IE5]
  {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, (Signed) Microsoft Corporation>
[XML Document]
  {48123BC4-99D9-11D1-A6B3-00C04FD91555} <%SystemRoot%\system32\msxml3.dll, (Signed) N/A>
[Thunder Agent Class]
  {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} <C:\Program Files\Thunder Network\Thunder\ComDlls\ThunderAgent_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[XMP Class]
  {6483F145-A768-4C41-AACC-52D4D7845851} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xplayer.dll_1_work, >
[XDRM]
  {693571CB-54A3-4E90-9D52-EEAE1334E2D3} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xdrm.dll_1_work, >
[StormPlayer Object]
  {6BE52E1D-E586-474F-A6E2-1A85A9B4D9FB} <C:\Program Files\StormII\mps.dll, 北京暴风网际科技有限公司>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[WangWangObj Class]
  {6E213FC7-DD5A-4115-B7E6-D4C7838C361E} <D:\淘宝旺旺\WangWangX4.dll, (Signed) 阿里软件(中国)有限公司>
[Active Desktop Mover]
  {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, (Signed) N/A>
[MediaComm Class]
  {7670648D-461B-42AF-BDFE-46D26AF5EFF2} <C:\Program Files\Thunder Network\Thunder\Components\InMedia\MediaAddin17.dll, Thunder Networking Technologies,LTD>
[360SafeLive]
  {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, (Signed) 360.cn>
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, (Signed) Microsoft Corporation>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[]
  {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} <, >
[DapCtrl Class]
  {ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8} <C:\Program Files\Common Files\Thunder Network\KanKan\DapCtrl.2.1.5803.60.(582).dll, ShenZhen Thunder Networking Technologies Ltd.>
[]
  {B03F8B48-7A62-4C22-A5DD-A4F24A1531A8} <, >
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, (Signed) N/A>
[SafeMon Class]
  {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, (Signed) 360.CN>
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, (Signed) Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, (Signed) Adobe Systems, Inc.>
[PlayerCtrl Class]
  {E05BC2A3-9A46-4A32-80C9-023A473F5B23} <D:\Program Files\QQMusic\QzoneMusic.dll, (Signed) 深圳腾讯科技>
[Thunder DapPlayer]
  {EEDD6FF9-13DE-496B-9A1C-D78B3215E266} <C:\Program Files\Thunder Network\Thunder\Components\DownAndPlay\DapPlayer3.0.5712.71.582.dll, ShenZhen Thunder Networking Technologies Ltd.>
[XPPlayer Class]
  {F3E70CEA-956E-49CC-B444-73AFE593AD7F} <C:\Program Files\Common Files\Thunder Network\KanKan\PPlayer.2.0.0.181.(583).dll, Xunlei Networking Technologies,LTD>
[使用迅雷下载]
  <C:\Program Files\Thunder Network\Thunder\Program\geturl.htm, N/A>
[使用迅雷下载全部链接]
  <C:\Program Files\Thunder Network\Thunder\Program\getallurl.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
  <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[添加到QQ表情]
  <D:\Program Files\QQ\AddEmotion.htm, N/A>

==================================
正在运行的进程
[PID: 688 / SYSTEM][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 748 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 772 / SYSTEM][\??\C:\WINDOWS\System32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 816 / SYSTEM][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 828 / SYSTEM][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 992 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1064 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1160 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1328 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1396 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1448 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
[PID: 1496 / SYSTEM][C:\Program Files\Avira\AntiVir PersonalEdition Premium\sched.exe]  [Avira GmbH, 8.00.00.16]
    [C:\Program Files\Avira\AntiVir PersonalEdition Premium\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Avira\AntiVir PersonalEdition Premium\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Avira\AntiVir PersonalEdition Premium\schedr.dll]  [Avira GmbH, 8.00.03.00]
    [C:\Program Files\Avira\AntiVir PersonalEdition Premium\avevtlog.dll]  [Avira GmbH, 8.00.00.16]
    [C:\Program Files\Avira\AntiVir PersonalEdition Premium\sqlite3.dll]  [, 3.3.17.1]
[PID: 1820 / SYSTEM][C:\Program Files\Avira\AntiVir PersonalEdition Premium\avguard.exe]  [Avira GmbH, 8.00.01.27]
    [C:\Program Files\Avira\AntiVir PersonalEdition Premium\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Avira\AntiVir PersonalEdition Premium\avevtlog.dll]  [Avira GmbH, 8.00.00.16]
    [C:\Program Files\Avira\AntiVir PersonalEdition Premium\guardmsg.dll]  [Avira GmbH, 8.00.08.00]
    [C:\Program Files\Avira\AntiVir PersonalEdition Premium\sqlite3.dll]  [, 3.3.17.1]
    [C:\Program Files\Avira\AntiVir PersonalEdition Premium\AVPREF.DLL]  [Avira GmbH, 8.00.02.00]
    [C:\Program Files\Avira\AntiVir PersonalEdition Premium\SMTPLIB.DLL]  [Avira GmbH, 1.02.00.23]
    [C:\Program Files\Avira\AntiVir PersonalEdition Premium\AVGIO.DLL]  [Avira GmbH, 8.00.01.03]
    [C:\Program Files\Avira\AntiVir PersonalEdition Premium\aecore.dll]  [Avira GmbH, 8.1.1.11]
    [C:\Program Files\Avira\AntiVir PersonalEdition Premium\aevdf.dll]  [Avira GmbH, 8.1.0.5]
    [C:\Program Files\Avira\AntiVir PersonalEdition Premium\aescript.dll]  [Avira GmbH, 8.1.0.76]
    [C:\Program Files\Avira\AntiVir PersonalEdition Premium\aescn.dll]  [Avira GmbH, 8.1.0.23]
    [C:\Program Files\Avira\AntiVir PersonalEdition Premium\aerdl.dll]  [Avira GmbH, 8.1.1.2]
    [C:\Program Files\Avira\AntiVir PersonalEdition Premium\aepack.dll]  [Avira GmbH, 8.1.2.1]
    [C:\Program Files\Avira\AntiVir PersonalEdition Premium\unacev2.dll]  [N/A, ]
    [C:\Program Files\Avira\AntiVir PersonalEdition Premium\aeoffice.dll]  [Avira GmbH, 8.1.0.25]
    [C:\Program Files\Avira\AntiVir PersonalEdition Premium\aeheur.dll]  [Avira GmbH, 8.1.0.59]
    [C:\Program Files\Avira\AntiVir PersonalEdition Premium\aehelp.dll]  [Avira GmbH, 8.1.0.15]
    [C:\Program Files\Avira\AntiVir PersonalEdition Premium\aegen.dll]  [Avira GmbH, 8.1.0.36]
    [C:\Program Files\Avira\AntiVir PersonalEdition Premium\aeemu.dll]  [Avira GmbH, 8.1.0.7]
    [C:\Program Files\Avira\AntiVir PersonalEdition Premium\aebb.dll]  [Avira GmbH, 8.1.0.1]
    [C:\Program Files\Avira\AntiVir PersonalEdition Premium\avipc.dll]  [Avira GmbH, 1.0.6.0]
[PID: 1852 / SYSTEM][C:\WINDOWS\system32\nvsvc32.exe]  [NVIDIA Corporation, 6.14.11.6928]
    [C:\WINDOWS\system32\nvapi.dll]  [NVIDIA Corporation, 6.14.11.6928]
[PID: 1916 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\BrWia04b.dll]  [Brother Industries, Ltd., 3.0.6.0 built by: WinDDK]
    [C:\WINDOWS\system32\BrUSi04b.dll]  [Brother Industries, Ltd., 1, 0, 0, 1]
[PID: 716 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1696 / Administrator][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)]
    [C:\Program Files\360safe\safemon\safemon.dll]  [360.CN, 4, 2, 0, 1005]
    [C:\WINDOWS\system32\nvshell.dll]  [, ]
    [C:\WINDOWS\system32\SOGOUPY.IME]  [Sogou.com Inc., 3.6.0.1653]
    [C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.5.29]
    [C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 8, 96]
    [C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 20]
    [C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 16]
[PID: 1772 / Administrator][C:\Program Files\360safe\antiarp\AntiArp.exe]  [360安全中心, 2, 0, 0, 1008]
    [C:\Program Files\360safe\safemon\safemon.dll]  [360.CN, 4, 2, 0, 1005]
[PID: 1756 / Administrator][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1656 / Administrator][D:\arswp\ArSwp.exe]  [ArSwp.com, 2, 8, 1, 815]
    [C:\Program Files\360safe\safemon\safemon.dll]  [360.CN, 4, 2, 0, 1005]
    [D:\arswp\plugin\ArFix.dll]  [ArSwp.Com, 2, 5, 0, 0]
[PID: 416 / Administrator][E:\工具\sreng2\SREngLdr.EXE]  [Smallfrogs Studio, 2.6.12.1018]
[PID: 600 / Administrator][E:\工具\sreng2\SREce25f538.EXE]  [Smallfrogs Studio, 2.6.12.1018]
    [C:\Program Files\360safe\safemon\safemon.dll]  [360.CN, 4, 2, 0, 1005]
    [E:\工具\sreng2\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]
回复

举报

woaixiaozhao
 楼主| 发表于 2008-9-22 10:49:58 | 显示全部楼层
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS   OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1       localhost

==================================
进程特权扫描
特殊特权被允许: SeLoadDriverPrivilege [PID = 1496, C:\PROGRAM FILES\AVIRA\ANTIVIR PERSONALEDITION PREMIUM\SCHED.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1820, C:\PROGRAM FILES\AVIRA\ANTIVIR PERSONALEDITION PREMIUM\AVGUARD.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1852, C:\WINDOWS\SYSTEM32\NVSVC32.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 1656, D:\ARSWP\ARSWP.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1656, D:\ARSWP\ARSWP.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 416, E:\工具\SRENG2\SRENGLDR.EXE]

==================================
API HOOK
N/A

==================================
隐藏进程
N/A

==================================


[/CODE]
回复

举报

dadingdading
发表于 2008-9-22 10:54:42 | 显示全部楼层
首先看看这个帖子,判断一下你的红伞Guard是否工作正常?
【官方论坛推荐】安全地测试你机器上的Guard是否工作正常的方法。
http://bbs.kafan.cn/thread-329908-1-2.html

不行的话修复或者重装一次红伞
双击小红伞安装目录下的setup.exe, 选择Modify(修复),单击下一步。
利用小红伞修复功能,安装卸载小红伞相应组件
http://bbs.kafan.cn/thread-318361-1-1.html

清理临时文件和缓存,历史纪录等等垃圾文件

下载金山清理专家清理恶意软件和插件
金山清理专家
http://www.duba.net/qing/

下载大蜘蛛官方绿色版杀毒
Dr.Web出品免费工具Dr.Web CureIt!(官方中文绿色版)
ftp://ftp.drweb.com/pub/drweb/cureit/cureit.exe

[ 本帖最后由 dadingdading 于 2008-9-22 10:55 编辑 ]
回复

举报

於陵闲云
发表于 2008-9-22 11:08:19 | 显示全部楼层
运行msconfig------启动------勾选avgnt.exe
如果还不行的话,按照楼上的方法修复一次
回复

举报

运指如飞
发表于 2008-9-22 11:32:38 | 显示全部楼层
楼主以后上传Sreng的日志不要自己进行排版

看得眼睛都花了

就按照2#的方法试试吧
回复

举报

eyesineyes
发表于 2008-9-22 12:40:39 | 显示全部楼层
红伞有的时候的确会有这个问题。其实这个时候防护是开着的,就是看不到图标。你可以吧avgnt这个进程杀掉,然后手动双击,就可以看到他了。

评分

参与人数 2经验 +2 人气 +1 收起 理由
laoyuan20000 + 1 感谢解答: )
asinasina + 2 感谢解答: )

查看全部评分

回复

举报

昔我往矣
发表于 2008-9-22 15:15:50 | 显示全部楼层
修复一下就好了
回复

举报

stonejr
头像被屏蔽
发表于 2008-9-22 15:19:47 | 显示全部楼层
老问题了.跟UPNP有关的.
回复

举报

asinasina
发表于 2008-9-22 15:19:49 | 显示全部楼层
原帖由 eyesineyes 于 2008-9-22 12:40 发表
红伞有的时候的确会有这个问题。其实这个时候防护是开着的,就是看不到图标。你可以吧avgnt这个进程杀掉,然后手动双击,就可以看到他了。

同这个~
回复

举报

下一页 »
12下一页
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2025-5-25 19:30 , Processed in 0.137964 second(s), 17 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表