收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 国外杀毒软件 Avira(小红伞) 各位快进来帮帮我啊,实在没办法了,在线等
返回列表 发新帖
查看: 2514|回复: 4
收起左侧

[其他相关] 各位快进来帮帮我啊,实在没办法了,在线等

[复制链接]
运指如飞
发表于 2007-2-27 20:51:46 | 显示全部楼层 |阅读模式
我的小红伞自从昨天安装过那个什么Spyware Terminator 就不能监控了。
每次启动后都是小伞合上的那样,监控无法开启,选了Start AntiVir也不行。
我就怀疑是Spyware Terminator 引起的。
就把Spyware Terminator 删除了,删除的应该很干净。(用Uruninstaller卸载工具删除的,然后又在注册表扫描关于Spyware Terminator 的项目,都删除了,也用HijackThis把找到的相关项目删除了)

可是还是不行,我用的COMODO的防火墙,关于红伞的程序我都允许了。有图

我用SReng和HijackThis分别扫下日志,麻烦各位帮我看看,小弟实在没办法啊
下午没的用,还上KAV6.0,用的真是不舒服,太拖系统速度了,实在是放不下红伞

我也试过完全卸载重新安装,(用了红伞专门的卸载工具的),也试过用安装文件修复,都不行!
会不会是COMODO有问题?


SReng日志:

  1. 2007-02-27,20:46:01
  2. System Repair Engineer 2.3.13.690
  3. Smallfrogs (http://www.KZTechs.com)
  4. Windows XP Professional Service Pack 2 (Build 2600)
  5. - 管理权限用户 - 完整功能
  6. 以下内容被选中:
  7.     所有的启动项目(包括注册表、启动文件夹、服务等)
  8.     浏览器加载项
  9.     正在运行的进程(包括进程模块信息)
  10.     文件关联
  11.     Winsock 提供者
  12.     Autorun.inf
  13.     HOSTS 文件

  15. 启动项目
  16. 注册表
  17. [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  18.     <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE>  [(Verified)Microsoft Corporation]
  19. [HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
  20.     <load><>  [N/A]
  21. [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  22.     <COMODO Firewall Pro><"C:\Program Files\Comodo\Firewall\CPF.exe" /background>  [(Verified)COMODO]
  23.     <avgnt><"C:\Program Files\AntiVir PersonalEdition Premium\avgnt.exe" /min>  [Avira GmbH]
  24. [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
  25.     <shell><Explorer.exe>  [(Verified)Microsoft Corporation]
  26.     <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Corporation]
  27. [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
  28.     <AppInit_DLLs><>  [N/A]
  29. [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
  30.     <UIHost><logonui.exe>  [(Verified)Microsoft Corporation]
  31. ==================================
  32. 启动文件夹
  33. N/A
  34. ==================================
  35. 服务
  36. [AntiVir PersonalEdition Premium MailGuard / AntiVirMailService][Stopped/Auto Start]
  37.   <C:\Program Files\AntiVir PersonalEdition Premium\avmailc.exe><Avira GmbH>
  38. [AntiVir PersonalEdition Premium Scheduler / AntiVirScheduler][Running/Auto Start]
  39.   <C:\Program Files\AntiVir PersonalEdition Premium\sched.exe><Avira GmbH>
  40. [AntiVir PersonalEdition Premium Guard / AntiVirService][Running/Auto Start]
  41.   <C:\Program Files\AntiVir PersonalEdition Premium\avguard.exe><AVIRA GmbH>
  42. [Ati HotKey Poller / Ati HotKey Poller][Stopped/Disabled]
  43.   <C:\WINDOWS\system32\Ati2evxx.exe><ATI Technologies Inc.>
  44. [ATI Smart / ATI Smart][Stopped/Disabled]
  45.   <C:\WINDOWS\system32\ati2sgag.exe><>
  46. [AntiVir PersonalEdition Premium MailGuard helper service / AVEService][Others/Auto Start]
  47.   <C:\Program Files\AntiVir PersonalEdition Premium\avesvc.exe><Avira GmbH>
  48. [AVG Anti-Spyware Guard / AVG Anti-Spyware Guard][Stopped/Disabled]
  49.   <C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe><Anti-Malware Development a.s.>
  50. [Comodo Application Agent / CmdAgent][Running/Auto Start]
  51.   <C:\Program Files\Comodo\Firewall\cmdagent.exe><COMODO>
  52. [Human Interface Device Access / HidServ][Stopped/Disabled]
  53.   <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
  54. [SoundMAX Agent Service / SoundMAX Agent Service (default)][Running/Auto Start]
  55.   <C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe><Analog Devices, Inc.>
  56. [Spyware Terminator Realtime Shield Service / sp_rssrv][Stopped/Disabled]
  57.   <F:\TDdownload\SpywareTerminator\Spyware Terminator\sp_rsser.exe><N/A>
  58. ==================================
  59. 驱动程序
  60. [aeaudio / aeaudio][Running/Manual Start]
  61.   <system32\drivers\aeaudio.sys><Andrea Electronics Corporation>
  62. [ati2mtag / ati2mtag][Running/Manual Start]
  63.   <system32\DRIVERS\ati2mtag.sys><ATI Technologies Inc.>
  64. [AVG Anti-Spyware Driver / AVG Anti-Spyware Driver][Running/System Start]
  65.   <\??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys><N/A>
  66. [AVG Anti-Spyware Clean Driver / AvgAsCln][Running/System Start]
  67.   <System32\DRIVERS\AvgAsCln.sys><GRISOFT, s.r.o.>
  68. [avgio / avgio][Running/System Start]
  69.   <\??\C:\Program Files\AntiVir PersonalEdition Premium\avgio.sys><AVIRA GmbH>
  70. [avgntflt / avgntflt][Running/Manual Start]
  71.   <\??\C:\Program Files\AntiVir PersonalEdition Premium\avgntflt.sys><AVIRA GmbH>
  72. [Comodo Application Engine / CmdMon][Running/System Start]
  73.   <System32\DRIVERS\cmdmon.sys><Comodo Research Lab., Inc.>
  74. [Comodo Network Engine / Inspect][Running/Boot Start]
  75.   <\SystemRoot\System32\DRIVERS\inspect.sys><COMODO>
  76. [MidiSyn / MidiSyn][Stopped/Manual Start]
  77.   <system32\drivers\MidiSyn.sys><Analog Devices Inc>
  78. [npkcrypt / npkcrypt][Running/Auto Start]
  79.   <\??\C:\Program Files\Tencent\QQ\npkcrypt.sys><INCA Internet Co., Ltd.>
  80. [Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  81.   <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
  82. [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
  83.   <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
  84. [Secdrv / Secdrv][Stopped/Manual Start]
  85.   <system32\DRIVERS\secdrv.sys><N/A>
  86. [smwdm / smwdm][Running/Manual Start]
  87.   <system32\drivers\smwdm.sys><Analog Devices, Inc.>
  88. [Spyware Terminator Driver 2 / sp_rsdrv2][Running/System Start]
  89.   <\??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys><N/A>
  90. [TCP/IP Protocol Driver / Tcpip][Running/System Start]
  91.   <system32\DRIVERS\tcpip.sys><Microsoft Corporation>
  92. [viaraid / viaraid][Running/Boot Start]
  93.   <\SystemRoot\system32\DRIVERS\viaraid.sys><VIA Technologies inc,.ltd>
  94. ==================================
  95. 浏览器加载项
  96. [Thunder Browser Helper]
  97.   {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder\ComDlls\XunLeiBHO_007.dll, Thunder Networking Technologies,LTD>
  98. [IEHlpObj Class]
  99.   {EFBCA345-14DC-4640-994E-4AF1DFDEB4FD} <C:\Program Files\Riptide\Plugin\Plugin.dll, >
  100. [信息检索(&R)]
  101.   {92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL, Microsoft Corporation>
  102. [发现音视频地址]
  103.   {CFB84BBD-959B-4fcb-9A03-22ACE091043C} <C:\Program Files\Riptide\Monitor.exe, Colormedia Corporation>
  104. [Dr.eye WebPage Translation]
  105.   {92B255FE-94E2-4BCA-958D-3926CE38913F} <C:\Program Files\Inventec\Dreye\DreyeMT\DreyeIEBar.dll, >
  106. [Thunder Browser Helper]
  107.   {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder\ComDlls\XunLeiBHO_007.dll, Thunder Networking Technologies,LTD>
  108. [IEHlpObj Class]
  109.   {EFBCA345-14DC-4640-994E-4AF1DFDEB4FD} <C:\Program Files\Riptide\Plugin\Plugin.dll, >
  110. [&_找本网页音视频链接_]
  111.   <C:\Program Files\Riptide\Plugin\Monitor.htm, N/A>
  112. [&使用迅雷下载]
  113.   <C:\Program Files\Thunder\Program\geturl.htm, N/A>
  114. [&使用迅雷下载全部链接]
  115.   <C:\Program Files\Thunder\Program\getallurl.htm, N/A>
  116. [导出到 Microsoft Office Excel(&X)]
  117.   <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
  118. [用比特精灵下载(&B)]
  119.   <C:\Program Files\BitSpirit\bsurl.htm, N/A>
  120. ==================================
  121. 正在运行的进程
  122. [PID: 488][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  123. [PID: 540][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  124. [PID: 568][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  125.     [C:\WINDOWS\system32\Ati2evxx.dll]  [ATI Technologies Inc., 6.14.10.4121]
  126. [PID: 612][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  127. [PID: 624][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  128. [PID: 772][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  129. [PID: 832][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  130.     [C:\WINDOWS\system32\GameLink.dll]  [N/A, N/A]
  131.     [C:\WINDOWS\system32\avsda.dll]  [Avira GmbH, 07.00.00.01]
  132. [PID: 896][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  133.     [C:\WINDOWS\system32\GameLink.dll]  [N/A, N/A]
  134.     [C:\WINDOWS\System32\avsda.dll]  [Avira GmbH, 07.00.00.01]
  135. [PID: 932][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  136. [PID: 1252][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
  137.     [C:\WINDOWS\system32\GameLink.dll]  [N/A, N/A]
  138.     [C:\WINDOWS\system32\avsda.dll]  [Avira GmbH, 07.00.00.01]
  139.     [C:\Program Files\Thunder\ComDlls\XunLeiBHO_007.dll]  [Thunder Networking Technologies,LTD, 5, 0, 1, 4]
  140. [PID: 1316][C:\Program Files\AntiVir PersonalEdition Premium\sched.exe]  [Avira GmbH, 7.00.00.34]
  141.     [C:\Program Files\AntiVir PersonalEdition Premium\schedr.dll]  [ Avira GmbH, 7.00.18.00]
  142.     [C:\Program Files\AntiVir PersonalEdition Premium\avevtlog.dll]  [Avira GmbH, 7.00.00.12]
  143.     [C:\Program Files\AntiVir PersonalEdition Premium\sqlite3.dll]  [N/A, 3, 3, 6, 0]
  144. [PID: 1384][C:\Program Files\AntiVir PersonalEdition Premium\avguard.exe]  [AVIRA GmbH, 7.00.00.45]
  145.     [C:\Program Files\AntiVir PersonalEdition Premium\GUARDMSG.DLL]  [Avira GmbH, 7.00.05.00]
  146.     [C:\Program Files\AntiVir PersonalEdition Premium\avevtlog.dll]  [Avira GmbH, 7.00.00.12]
  147.     [C:\Program Files\AntiVir PersonalEdition Premium\sqlite3.dll]  [N/A, 3, 3, 6, 0]
  148.     [C:\Program Files\AntiVir PersonalEdition Premium\AVPREF.DLL]  [Avira GmbH, 7.00.02.00]
  149.     [C:\Program Files\AntiVir PersonalEdition Premium\SMTPLIB.DLL]  [Avira GmbH, 1.02.00.09]
  150.     [C:\Program Files\AntiVir PersonalEdition Premium\AVEWIN32.DLL]  [Avira GmbH, 7.3.1.38]
  151.     [C:\WINDOWS\system32\GameLink.dll]  [N/A, N/A]
  152.     [C:\WINDOWS\system32\avsda.dll]  [Avira GmbH, 07.00.00.01]
  153. [PID: 1396][C:\Program Files\AntiVir PersonalEdition Premium\avesvc.exe]  [Avira GmbH, 7.00.00.24]
  154.     [C:\Program Files\AntiVir PersonalEdition Premium\AVESVCR.DLL]  [Avira GmbH, 07.00.07.00]
  155.     [C:\Program Files\AntiVir PersonalEdition Premium\avpack32.dll]  [Avira GmbH, 7.02.00.05]
  156.     [C:\Program Files\AntiVir PersonalEdition Premium\unacev2.dll]  [N/A, N/A]
  157.     [C:\WINDOWS\system32\GameLink.dll]  [N/A, N/A]
  158.     [C:\WINDOWS\system32\avsda.dll]  [Avira GmbH, 07.00.00.01]
  159. [PID: 1496][C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe]  [Analog Devices, Inc., 3, 2, 6, 0]
  160. [PID: 1528][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  161.     [C:\WINDOWS\system32\GameLink.dll]  [N/A, N/A]
  162.     [C:\WINDOWS\system32\avsda.dll]  [Avira GmbH, 07.00.00.01]
  163. [PID: 1948][C:\Program Files\AntiVir PersonalEdition Premium\avgnt.exe]  [Avira GmbH, 7.00.02.01]
  164.     [C:\Program Files\AntiVir PersonalEdition Premium\avgcmxp.dll]  [Avira GmbH, 7.00.02.00]
  165.     [C:\Program Files\AntiVir PersonalEdition Premium\AVWINLL.DLL]  [Avira GmbH, 1.00.00.06]
  166.     [C:\WINDOWS\system32\GameLink.dll]  [N/A, N/A]
  167.     [C:\WINDOWS\system32\avsda.dll]  [Avira GmbH, 07.00.00.01]
  168. [PID: 1976][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  169. [PID: 260][C:\Program Files\Tencent\QQ\QQ.exe]  [TENCENT, 0, 0, 0, 0]
  170.     [C:\Program Files\Tencent\QQ\QQBaseClassInDll.dll]  [, 1, 0, 0, 1]
  171.     [C:\Program Files\Tencent\QQ\QQHelperDll.dll]  [, 1, 0, 0, 1]
  172.     [C:\Program Files\Tencent\QQ\BasicCtrlDll.dll]  [Tencent, 5, 0, 200, 370]
  173.     [C:\Program Files\Tencent\QQ\PYKer.dll]  [飘云 http://www.pyqq.cn, 飘云]
  174.     [C:\Program Files\Tencent\QQ\ipsearcher.dll]  [, 1.0.0.3]
  175.     [C:\Program Files\Tencent\QQ\QQAPI.dll]  [, 1, 0, 0, 1]
  176.     [C:\Program Files\Tencent\QQ\LoginCtrl.dll]  [, 1, 0, 0, 1]
  177.     [C:\Program Files\Tencent\QQ\npkcntc.dll]  [INCA Internet Co., Ltd., 2006, 6, 27, 1]
  178.     [C:\Program Files\Tencent\QQ\npkpdb.dll]  [INCA Internet Co., Ltd., 2003, 10, 1, 1]
  179.     [C:\Program Files\Tencent\QQ\QQRes.dll]  [tencent, 1, 0, 0, 1]
  180.     [C:\Program Files\Tencent\QQ\WizardCtrl.dll]  [, 1, 0, 0, 1]
  181.     [C:\Program Files\Tencent\QQ\QQMainFrame.dll]  [N/A, N/A]
  182.     [C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx]  [Adobe Systems, Inc., 9,0,28,0]
  183.     [C:\WINDOWS\system32\GameLink.dll]  [N/A, N/A]
  184.     [C:\WINDOWS\system32\avsda.dll]  [Avira GmbH, 07.00.00.01]
  185.     [C:\Program Files\Tencent\QQ\CQQApplication.dll]  [N/A, N/A]
  186.     [C:\Program Files\Tencent\QQ\NewSkin.dll]  [, 1, 0, 0, 1]
  187.     [C:\Program Files\Tencent\QQ\HostingMgr.dll]  [, 1, 0, 0, 1]
  188.     [C:\Program Files\Tencent\QQ\CameraDll.dll]  [, 1, 0, 0, 1]
  189.     [C:\Program Files\Tencent\QQ\MailSummary.dll]  [, 1, 0, 0, 1]
  190.     [C:\WINDOWS\system32\msdmo.dll]  [N/A, N/A]
  191.     [C:\Program Files\Tencent\QQ\QQGroupMng.dll]  [, 1, 0, 0, 1]
  192.     [C:\Program Files\Tencent\QQ\GroupLive.dll]  [N/A, N/A]
  193.     [C:\Program Files\Tencent\QQ\UserDefinedHead.dll]  [, 1, 0, 0, 1]
  194.     [C:\Program Files\Tencent\QQ\QQPlugin.dll]  [N/A, N/A]
  195.     [C:\Program Files\Tencent\QQ\QQConfigPlugin.dll]  [, 1, 0, 0, 1]
  196.     [C:\Program Files\Tencent\QQ\QRingMng.dll]  [N/A, N/A]
  197.     [C:\Program Files\Tencent\QQ\PhoneAPI.dll]  [, 1, 0, 0, 1]
  198.     [C:\Program Files\Tencent\QQ\DialerAllinOne.dll]  [tencent, 1, 4, 0, 0]
  199.     [C:\Program Files\Tencent\QQ\VPortal.dll]  [, 1, 0, 0, 4]
  200.     [C:\Program Files\Tencent\QQ\QQSysMsgMng.dll]  [N/A, N/A]
  201.     [C:\Program Files\Tencent\QQ\LongConnection.dll]  [tencent, 5, 0, 200, 160]
  202.     [C:\Program Files\Tencent\QQ\QQAvatar.dll]  [N/A, N/A]
  203.     [C:\Program Files\Tencent\QQ\FlashAvatarDll.dll]  [, 1, 4, 0, 1]
  204.     [C:\Program Files\Tencent\QQ\QQAllInOne.dll]  [N/A, N/A]
  205.     [C:\Program Files\Tencent\QQ\SCCore.dll]  [TENCENT, 2, 0, 0, 1]
  206.     [C:\Program Files\Tencent\QQ\QQCustomFace.dll]  [N/A, N/A]
  207.     [C:\Program Files\Tencent\QQ\QQSceneMng.dll]  [N/A, N/A]
  208.     [C:\WINDOWS\system32\FOURI_M3.IME]  [北京紫光华宇软件股份有限公司, 4.0.0.5027]
  209.     [C:\Program Files\Tencent\QQ\ImageOle.dll]  [TODO: <Company name>, 1.0.0.1]
  210.     [C:\Program Files\Tencent\QQ\GroupConnection.dll]  [Tencent, 0, 3, 3, 5]
  211.     [C:\Program Files\Tencent\QQ\CommercesMng.dll]  [, 1, 0, 0, 1]
  212.     [C:\Program Files\Tencent\QQ\PersonalDesktop.dll]  [深圳市腾讯计算机系统公司QQ工作小组, 1, 0, 0, 2]
  213.     [C:\Program Files\Tencent\QQ\QQAddr.dll]  [深圳市腾讯计算机系统有限公司, 5, 0, 101, 240]
  214.     [C:\Program Files\Tencent\QQ\QQPhoneHelper.dll]  [腾讯科技(深圳)有限公司, 2, 1, 5, 50]
  215.     [C:\WINDOWS\system32\DREYESC.IME]  [IES, 1, 0, 0, 1]
  216.     [C:\Program Files\Inventec\Dreye\DreyeMIM\exchange.dll]  [, 1, 0, 0, 1]
  217. [PID: 1476][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
  218. [PID: 480][C:\Program Files\Maxthon\Maxthon.exe]  [Maxthon International Ltd., 1, 5, 9, 80]
  219.     [C:\Program Files\Maxthon\maxzlib.dll]  [ , 1, 0, 0, 2]
  220.     [C:\Program Files\Thunder\ComDlls\XunLeiBHO_007.dll]  [Thunder Networking Technologies,LTD, 5, 0, 1, 4]
  221.     [C:\Program Files\Riptide\Plugin\Plugin.dll]  [, 1, 0, 0, 1]
  222.     [C:\WINDOWS\system32\GameLink.dll]  [N/A, N/A]
  223.     [C:\WINDOWS\system32\avsda.dll]  [Avira GmbH, 07.00.00.01]
  224.     [C:\Program Files\Maxthon\Services\RealTime\real_time.dll]  [, 1, 0, 0, 1]
  225.     [C:\WINDOWS\system32\msdmo.dll]  [N/A, N/A]
  226.     [C:\WINDOWS\system32\FOURI_M3.IME]  [北京紫光华宇软件股份有限公司, 4.0.0.5027]
  227. [PID: 596][D:\反病毒文件夹\HijackThis1991\HijackThis.exe]  [Soeperman Enterprises Ltd., 1.99.0001]
  228. [PID: 1336][D:\反病毒文件夹\SREng\SREng.EXE]  [Smallfrogs Studio, 2.3.13.690]
  229.     [C:\WINDOWS\system32\GameLink.dll]  [N/A, N/A]
  230.     [C:\WINDOWS\system32\avsda.dll]  [Avira GmbH, 07.00.00.01]
  231. ==================================
  232. 文件关联
  233. .TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
  234. .EXE  OK. ["%1" %*]
  235. .COM  OK. ["%1" %*]
  236. .PIF  OK. ["%1" %*]
  237. .REG  OK. [regedit.exe "%1"]
  238. .BAT  OK. ["%1" %*]
  239. .SCR  OK. ["%1" /S]
  240. .CHM  OK. ["C:\WINDOWS\hh.exe" %1]
  241. .HLP  OK. [%SystemRoot%\system32\winhlp32.exe %1]
  242. .INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
  243. .INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
  244. .VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
  245. .JS   OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
  246. .LNK  OK. [{00021401-0000-0000-C000-000000000046}]
  247. ==================================
  248. Winsock 提供者
  249. Easy2Game-TCPChain
  250.     C:\WINDOWS\system32\GameLink.dll(N/A, N/A)
  251. Easy2Game-UDPChain
  252.     C:\WINDOWS\system32\GameLink.dll(N/A, N/A)
  253. Easy2Game-UDPChain
  254.     C:\WINDOWS\system32\GameLink.dll(N/A, N/A)
  255. Easy2Game-TCPChain
  256.     C:\WINDOWS\system32\GameLink.dll(N/A, N/A)
  257. AVSDA over [MSAFD Tcpip [TCP/IP]]
  258.     avsda.dll(Avira GmbH, AntiVir layered service provider)
  259. AVSDA over [MSAFD Tcpip [UDP/IP]]
  260.     avsda.dll(Avira GmbH, AntiVir layered service provider)
  261. Easy2Game-TCPFilter
  262.     C:\WINDOWS\system32\GameLink.dll(N/A, N/A)
  263. Easy2Game-UDPFilter
  264.     C:\WINDOWS\system32\GameLink.dll(N/A, N/A)
  265. Easy2Game-UDPFilter
  266.     C:\WINDOWS\system32\GameLink.dll(N/A, N/A)
  267. Easy2Game-TCPFilter
  268.     C:\WINDOWS\system32\GameLink.dll(N/A, N/A)
  269. AVSDA
  270.     avsda.dll(Avira GmbH, AntiVir layered service provider)
  271. ==================================
  272. Autorun.inf
  273. N/A
  274. ==================================
  275. HOSTS 文件
  276. 127.0.0.1       localhost
  277. ==================================
  278. API HOOK
  279. N/A
  280. ==================================
复制代码

[ 本帖最后由 运指如飞 于 2007-2-27 20:56 编辑 ]

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

运指如飞
 楼主| 发表于 2007-2-27 20:53:32 | 显示全部楼层
HijackThis日志:




  4. Logfile of HijackThis v1.99.1
  5. Scan saved at 20:45:16, on 2007-2-27
  6. Platform: Windows XP SP2 (WinNT 5.01.2600)
  7. MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

  9. Running processes:
  10. C:\WINDOWS\System32\smss.exe
  11. C:\WINDOWS\system32\winlogon.exe
  12. C:\WINDOWS\system32\services.exe
  13. C:\WINDOWS\system32\lsass.exe
  14. C:\WINDOWS\system32\svchost.exe
  15. C:\WINDOWS\System32\svchost.exe
  16. C:\WINDOWS\Explorer.EXE
  17. C:\Program Files\AntiVir PersonalEdition Premium\sched.exe
  18. C:\Program Files\AntiVir PersonalEdition Premium\avguard.exe
  19. C:\Program Files\AntiVir PersonalEdition Premium\avesvc.exe
  20. C:\Program Files\Comodo\Firewall\cmdagent.exe
  21. C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
  22. C:\Program Files\Comodo\Firewall\CPF.exe
  23. C:\Program Files\AntiVir PersonalEdition Premium\avgnt.exe
  24. C:\WINDOWS\system32\ctfmon.exe
  25. C:\Program Files\Tencent\QQ\QQ.exe
  26. C:\WINDOWS\System32\svchost.exe
  27. C:\Program Files\Maxthon\Maxthon.exe
  28. D:\反病毒文件夹\HijackThis1991\HijackThis.exe

  30. O2 - BHO: ThunderBHO - {889D2FEB-5411-4565-8998-1DD2C5261283} - C:\Program Files\Thunder\ComDlls\XunLeiBHO_007.dll
  31. O2 - BHO: Riptide BHO - {EFBCA345-14DC-4640-994E-4AF1DFDEB4FD} - C:\Program Files\Riptide\Plugin\Plugin.dll
  32. O3 - Toolbar: Dr.eye WebPage Translation - {92B255FE-94E2-4BCA-958D-3926CE38913F} - C:\Program Files\Inventec\Dreye\DreyeMT\DreyeIEBar.dll
  33. O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background
  34. O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Premium\avgnt.exe" /min
  35. O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE
  36. O8 - Extra context menu item: &_找本网页音视频链接_ - C:\Program Files\Riptide\Plugin\Monitor.htm
  37. O8 - Extra context menu item: &使用迅雷下载 - C:\Program Files\Thunder\Program\geturl.htm
  38. O8 - Extra context menu item: &使用迅雷下载全部链接 - C:\Program Files\Thunder\Program\getallurl.htm
  39. O8 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
  40. O8 - Extra context menu item: 用比特精灵下载(&B) - C:\Program Files\BitSpirit\bsurl.htm
  41. O9 - Extra button: 信息检索 - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
  42. O9 - Extra button: 发现音视频地址 - {CFB84BBD-959B-4fcb-9A03-22ACE091043C} - C:\Program Files\Riptide\Monitor.exe
  43. O9 - Extra 'Tools' menuitem: 发现音视频地址 - {CFB84BBD-959B-4fcb-9A03-22ACE091043C} - C:\Program Files\Riptide\Monitor.exe
  44. O10 - Unknown file in Winsock LSP: c:\windows\system32\gamelink.dll
  45. O10 - Unknown file in Winsock LSP: c:\windows\system32\gamelink.dll
  46. O10 - Unknown file in Winsock LSP: c:\windows\system32\gamelink.dll
  47. O10 - Unknown file in Winsock LSP: c:\windows\system32\gamelink.dll
  48. O10 - Broken Internet access because of LSP provider 'avsda.dll' missing
  49. O17 - HKLM\System\CCS\Services\Tcpip\..\{F2F0554C-3C75-469C-840B-6062604D08DD}: NameServer = 202.103.24.68
  50. O18 - Protocol: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll
  51. O18 - Protocol: cdl - {3DD53D40-7B8B-11D0-B013-00AA0059CE02} - C:\WINDOWS\system32\urlmon.dll
  52. O18 - Protocol: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll
  53. O18 - Protocol: file - {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
  54. O18 - Protocol: ftp - {79EAC9E3-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
  55. O18 - Protocol: gopher - {79EAC9E4-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
  56. O18 - Protocol: http - {79EAC9E2-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
  57. O18 - Protocol: https - {79EAC9E5-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
  58. O18 - Protocol: ipp - (no CLSID) - (no file)
  59. O18 - Protocol: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll
  60. O18 - Protocol: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll
  61. O18 - Protocol: local - {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
  62. O18 - Protocol: mailto - {3050F3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll
  63. O18 - Protocol: mhtml - {05300401-BCBC-11D0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll
  64. O18 - Protocol: mk - {79EAC9E6-BAF9-11CE-8C82-00AA004BA90B} - C:\WINDOWS\system32\urlmon.dll
  65. O18 - Protocol: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll
  66. O18 - Protocol: msdaipp - (no CLSID) - (no file)
  67. O18 - Protocol: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll
  68. O18 - Protocol: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll
  69. O18 - Protocol: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll
  70. O18 - Protocol: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll
  71. O18 - Protocol: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll
  72. O23 - Service: AntiVir PersonalEdition Premium MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Premium\avmailc.exe
  73. O23 - Service: AntiVir PersonalEdition Premium Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Premium\sched.exe
  74. O23 - Service: AntiVir PersonalEdition Premium Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Premium\avguard.exe
  75. O23 - Service: AntiVir PersonalEdition Premium MailGuard helper service (AVEService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Premium\avesvc.exe
  76. O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
  77. O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

复制代码
回复

举报

运指如飞
 楼主| 发表于 2007-2-27 22:31:38 | 显示全部楼层
问题解决了,真的是Spyware Terminator 的问题
服务项目和驱动项目都有残留
用SReng删除掉它的服务和驱动项目就好了

这里要特别感谢曲中求的大力支持,谢谢大家~
回复

举报

lood
发表于 2007-2-28 00:11:47 | 显示全部楼层
解决了就好
回复

举报

morningssun
发表于 2007-2-28 00:15:15 | 显示全部楼层
我也装了Spyware Terminator,但没有楼主的情况啊~
回复

举报

返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2025-1-3 22:46 , Processed in 0.131075 second(s), 18 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表