VISTA系统 杀毒软件从老版本升级到2009后 只要升级 所有监控和组建自动全部关闭 呈红伞状态 使用修复软件后又全部正常 呈绿伞状态 但只要一升级就会出现之前的状态 如此反复
用KAKA和杀毒软件扫描过机器 无病毒
删了重新安装还是这样 防火墙倒正常 无问题
杀毒软件的问题怎么解决啊 每次都要修复不正常的说 好麻烦啊

用户系统信息：Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.0.04506)

楼主卸载当前版本到瑞星网站下载最新版本看看有无复现http://update.rising.com.cn/register/pcver/upgrade.htm

就前面刚刚重装过
就是因为重装过了还有问题才来这里问的
补充点 我选择的是 管理员账户

安装2009后 桌面出现一个<修复瑞星软件> 那个我也下了 也没啥用 还是一样红伞

再补充点 进入主程序点开启也无反映

lz是不是中毒了啊？不行的扫描一个听诊器上来看看吧%……
下载瑞星听诊器

下载地址：http://download.rising.com.cn/for_down/RsDetect.exe

运行扫描后会生成一个“瑞星听诊信息.htm”的文件

未知家族病毒分析
扫描结果:
无可疑文件


系统活动进程
D:\PROGRAM FILES\RISING\ANTISPYWARE\RSTRAY.EXE
C:\WINDOWS\WINSXS\X86_MICROSOFT.WINDOWS.COMMON-CONTROLS_6595B64144CCF1DF_6.0.6001.18000_NONE_5CDBAA5A083979CC\COMCTL32.DLL
D:\PROGRAM FILES\RISING\ANTISPYWARE\RSMGINFO.DLL
D:\PROGRAM FILES\RISING\ANTISPYWARE\RSXML.DLL
D:\PROGRAM FILES\RISING\ANTISPYWARE\MSVCP71.DLL
D:\PROGRAM FILES\RISING\ANTISPYWARE\MSVCR71.DLL
D:\PROGRAM FILES\RISING\ANTISPYWARE\COMSERV.DLL
D:\PROGRAM FILES\RISING\ANTISPYWARE\SYSLAY.DLL
D:\PROGRAM FILES\RISING\ANTISPYWARE\RSCOMMON.DLL
D:\PROGRAM FILES\RISING\ANTISPYWARE\COMX3.DLL
D:\PROGRAM FILES\RISING\ANTISPYWARE\PNGDLL.DLL
D:\PROGRAM FILES\RISING\ANTISPYWARE\RUNIEP.DLL
D:\PROGRAM FILES\RISING\ANTISPYWARE\NCOMM.DLL
D:\PROGRAM FILES\RISING\RAV\PROCCOM.DLL
D:\PROGRAM FILES\RISING\ANTISPYWARE\RSCOMMX2.DLL

C:\PROGRAM FILES\WINDOWS SIDEBAR\SIDEBAR.EXE
C:\WINDOWS\WINSXS\X86_MICROSOFT.WINDOWS.COMMON-CONTROLS_6595B64144CCF1DF_6.0.6001.18000_NONE_5CDBAA5A083979CC\COMCTL32.DLL
C:\WINDOWS\WINSXS\X86_MICROSOFT.WINDOWS.GDIPLUS_6595B64144CCF1DF_1.0.6001.18065_NONE_9E7ABE2EC9C13222\GDIPLUS.DLL
D:\PROGRAM FILES\RISING\RAV\RAVSCRCH.DLL
C:\WINDOWS\SYSTEM32\MSVCP71.DLL
C:\WINDOWS\SYSTEM32\MSVCR71.DLL
C:\WINDOWS\SYSTEM32\NVD3DUM.DLL

C:\WINDOWS\SYSTEM32\DWM.EXE
C:\WINDOWS\WINSXS\X86_MICROSOFT.WINDOWS.COMMON-CONTROLS_6595B64144CCF1DF_6.0.6001.18000_NONE_5CDBAA5A083979CC\COMCTL32.DLL
C:\WINDOWS\SYSTEM32\NVD3DUM.DLL

C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\WINSXS\X86_MICROSOFT.WINDOWS.GDIPLUS_6595B64144CCF1DF_1.0.6001.18065_NONE_9E7ABE2EC9C13222\GDIPLUS.DLL
C:\WINDOWS\WINSXS\X86_MICROSOFT.WINDOWS.COMMON-CONTROLS_6595B64144CCF1DF_6.0.6001.18000_NONE_5CDBAA5A083979CC\COMCTL32.DLL
C:\PROGRAM FILES\NOKIA\NOKIA PC SUITE 6\PHONEBROWSER.DLL
C:\PROGRAM FILES\NOKIA\NOKIA PC SUITE 6\PCSCM.DLL
C:\WINDOWS\SYSTEM32\CONNAPI.DLL
C:\WINDOWS\SYSTEM32\MSVCP71.DLL
C:\WINDOWS\SYSTEM32\MSVCR71.DLL
C:\PROGRAM FILES\NOKIA\NOKIA PC SUITE 6\LANG\PHONEBROWSER_CHI-SC.NLR
C:\PROGRAM FILES\NOKIA\NOKIA PC SUITE 6\RESOURCE\PHONEBROWSER_NOKIA.NGR
C:\WINDOWS\SYSTEM32\NVCPL.DLL
C:\WINDOWS\SYSTEM32\NVAPI.DLL
D:\PROGRAM FILES\THUNDER NETWORK\THUNDER\COMDLLS\XUNLEIBHO_NOW.DLL
D:\PROGRAM FILES\THUNDER NETWORK\THUNDER\COMPONENTS\RESWORKER\DSBHO_01.DLL
D:\PROGRAM FILES\THUNDER NETWORK\THUNDER\COMPONENTS\RESWORKER\DATAPROCESSOR_00.DLL
D:\PROGRAM FILES\THUNDER NETWORK\THUNDER\COMDLLS\TDATONCE_NOW.DLL
D:\PROGRAM FILES\WINRAR\RAREXT.DLL
C:\WINDOWS\SYSTEM32\RAVEXT.DLL
C:\WINDOWS\SYSTEM32\CMDLINEEXT.DLL

C:\WINDOWS\SYSTEM32\WBEM\UNSECAPP.EXE
C:\WINDOWS\SYSTEM32\TASKENG.EXE
C:\WINDOWS\WINSXS\X86_MICROSOFT.WINDOWS.COMMON-CONTROLS_6595B64144CCF1DF_6.0.6001.18000_NONE_5CDBAA5A083979CC\COMCTL32.DLL

C:\PROGRAM FILES\WINDOWS DEFENDER\MSASCUI.EXE
C:\WINDOWS\WINSXS\X86_MICROSOFT.WINDOWS.GDIPLUS_6595B64144CCF1DF_1.0.6001.18065_NONE_9E7ABE2EC9C13222\GDIPLUS.DLL
C:\WINDOWS\WINSXS\X86_MICROSOFT.WINDOWS.COMMON-CONTROLS_6595B64144CCF1DF_6.0.6001.18000_NONE_5CDBAA5A083979CC\COMCTL32.DLL

D:\PROGRAM FILES\RISING\RFW\RSTRAY.EXE
C:\WINDOWS\WINSXS\X86_MICROSOFT.WINDOWS.COMMON-CONTROLS_6595B64144CCF1DF_6.0.6001.18000_NONE_5CDBAA5A083979CC\COMCTL32.DLL
D:\PROGRAM FILES\RISING\RFW\COMSERV.DLL
C:\WINDOWS\SYSTEM32\MSVCP71.DLL
C:\WINDOWS\SYSTEM32\MSVCR71.DLL
D:\PROGRAM FILES\RISING\RFW\RSLANG.DLL
D:\PROGRAM FILES\RISING\RFW\COMX3.DLL
D:\PROGRAM FILES\RISING\RFW\SYSLAY.DLL
D:\PROGRAM FILES\RISING\RFW\RSXML.DLL
D:\PROGRAM FILES\RISING\RFW\PROCCOMM.DLL
D:\PROGRAM FILES\RISING\RFW\MONSTATE.DLL
D:\PROGRAM FILES\RISING\RFW\RFWRULE.DLL
D:\PROGRAM FILES\RISING\RFW\RSCONF.DLL
D:\PROGRAM FILES\RISING\RFW\RSAPPMGR.DLL
D:\PROGRAM FILES\RISING\RFW\CFGDLL.DLL
D:\PROGRAM FILES\RISING\RFW\RSPALVD.DLL
D:\PROGRAM FILES\RISING\RFW\RSGUILIB.DLL
C:\WINDOWS\SYSTEM32\MFC71.DLL
D:\PROGRAM FILES\RISING\RFW\RAVBINTL.DLL
D:\PROGRAM FILES\RISING\RFW\RSNETSVR.DLL
D:\PROGRAM FILES\RISING\RFW\RSMGINFO.DLL
D:\PROGRAM FILES\RISING\RFW\RFWTRAY.DLL
D:\PROGRAM FILES\RISING\RFW\PNGDLL.DLL
D:\PROGRAM FILES\RISING\RFW\RFWLOG.DLL

C:\WINDOWS\RTHDVCPL.EXE
C:\WINDOWS\WINSXS\X86_MICROSOFT.WINDOWS.GDIPLUS_6595B64144CCF1DF_1.0.6001.18065_NONE_9E7ABE2EC9C13222\GDIPLUS.DLL
C:\WINDOWS\WINSXS\X86_MICROSOFT.WINDOWS.COMMON-CONTROLS_6595B64144CCF1DF_6.0.6001.18000_NONE_5CDBAA5A083979CC\COMCTL32.DLL

C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\WINSXS\X86_MICROSOFT.WINDOWS.COMMON-CONTROLS_6595B64144CCF1DF_5.82.6001.18000_NONE_886786F450A74A05\COMCTL32.DLL
C:\WINDOWS\WINSXS\X86_MICROSOFT.WINDOWS.COMMON-CONTROLS_6595B64144CCF1DF_6.0.6001.18000_NONE_5CDBAA5A083979CC\COMCTL32.DLL
C:\WINDOWS\WINSXS\X86_MICROSOFT.WINDOWS.GDIPLUS_6595B64144CCF1DF_1.0.6001.18065_NONE_9E7ABE2EC9C13222\GDIPLUS.DLL
D:\PROGRAM FILES\THUNDER NETWORK\THUNDER\COMDLLS\TDATONCE_NOW.DLL
C:\WINDOWS\SYSTEM32\MSVCP71.DLL
C:\WINDOWS\SYSTEM32\MSVCR71.DLL
D:\PROGRAM FILES\THUNDER NETWORK\THUNDER\COMDLLS\XUNLEIBHO_NOW.DLL
C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WINDOWS LIVE\WINDOWSLIVELOGIN.DLL
C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WINDOWS LIVE\MSIDCRL40.DLL
D:\PROGRAM FILES\RISING\RAV\RAVSCRCH.DLL
C:\WINDOWS\SYSTEM32\MACROMED\FLASH\FLASH10A.OCX
C:\WINDOWS\SYSTEM32\NVD3DUM.DLL
D:\PROGRAM FILES\THUNDER NETWORK\THUNDER\COMDLLS\THUNDERAGENT_NOW.DLL

D:\PROGRAM FILES\TENCENT\QQGAME\ACCEL.EXE
C:\WINDOWS\WINSXS\X86_MICROSOFT.WINDOWS.GDIPLUS_6595B64144CCF1DF_1.0.6001.18065_NONE_9E7ABE2EC9C13222\GDIPLUS.DLL
C:\WINDOWS\WINSXS\X86_MICROSOFT.WINDOWS.COMMON-CONTROLS_6595B64144CCF1DF_6.0.6001.18000_NONE_5CDBAA5A083979CC\COMCTL32.DLL
D:\PROGRAM FILES\TENCENT\QQGAME\COMMON\UTILITY.DLL
D:\PROGRAM FILES\TENCENT\QQGAME\HELPDLL.DLL
C:\WINDOWS\WINSXS\X86_MICROSOFT.WINDOWS.COMMON-CONTROLS_6595B64144CCF1DF_5.82.6001.18000_NONE_886786F450A74A05\COMCTL32.DLL
D:\PROGRAM FILES\TENCENT\QQGAME\RESEX.DLL
D:\PROGRAM FILES\TENCENT\QQGAME\FACTORY.DLL
D:\PROGRAM FILES\TENCENT\QQGAME\LOGIC\UISTYLE.DLL
D:\PROGRAM FILES\TENCENT\QQGAME\LOGIC\MAINLOGI.DLL
D:\PROGRAM FILES\TENCENT\QQGAME\RES\ERRORDES.DLL
D:\PROGRAM FILES\TENCENT\QQGAME\LOGIC\COMASYN.DLL

C:\PROGRAM FILES\INTERNET EXPLORER\IEUSER.EXE
C:\WINDOWS\WINSXS\X86_MICROSOFT.WINDOWS.COMMON-CONTROLS_6595B64144CCF1DF_6.0.6001.18000_NONE_5CDBAA5A083979CC\COMCTL32.DLL
C:\WINDOWS\WINSXS\X86_MICROSOFT.WINDOWS.COMMON-CONTROLS_6595B64144CCF1DF_5.82.6001.18000_NONE_886786F450A74A05\COMCTL32.DLL

C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WINDOWS LIVE\WLLOGINPROXY.EXE
C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WINDOWS LIVE\MSIDCRL40.DLL
C:\WINDOWS\WINSXS\X86_MICROSOFT.WINDOWS.COMMON-CONTROLS_6595B64144CCF1DF_6.0.6001.18000_NONE_5CDBAA5A083979CC\COMCTL32.DLL

C:\WINDOWS\SYSTEM32\MACROMED\FLASH\FLASHUTIL10A.EXE
C:\WINDOWS\WINSXS\X86_MICROSOFT.WINDOWS.COMMON-CONTROLS_6595B64144CCF1DF_6.0.6001.18000_NONE_5CDBAA5A083979CC\COMCTL32.DLL

G:\下载\RSDETECT.EXE
C:\WINDOWS\WINSXS\X86_MICROSOFT.WINDOWS.COMMON-CONTROLS_6595B64144CCF1DF_5.82.6001.18000_NONE_886786F450A74A05\COMCTL32.DLL
C:\WINDOWS\WINSXS\X86_MICROSOFT.WINDOWS.COMMON-CONTROLS_6595B64144CCF1DF_6.0.6001.18000_NONE_5CDBAA5A083979CC\COMCTL32.DLL

C:\WINDOWS\SYSTEM32\DLLHOST.EXE
C:\WINDOWS\WINSXS\X86_MICROSOFT.WINDOWS.COMMON-CONTROLS_6595B64144CCF1DF_6.0.6001.18000_NONE_5CDBAA5A083979CC\COMCTL32.DLL


普通自启动项
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Windows Defender = C:\PROGRAM FILES\WINDOWS DEFENDER\MSASCUI.EXE -HIDE
RtHDVCpl = RTHDVCPL.EXE
runeip = "D:\PROGRAM FILES\RISING\ANTISPYWARE\RSTRAY.EXE" /STARTUP
Microsoft Pinyin IME Migration = C:\PROGRA~1\COMMON~1\MICROS~1\IME12L~1\IMESC\IMSCMIG.EXE /INSTALL
RFWTray = "D:\PROGRAM FILES\RISING\RFW\RSTRAY.EXE" -SYSTEM
RavTray = "D:\PROGRAM FILES\RISING\RAV\RSTRAY.EXE" -SYSTEM

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
KKDelay = D:\PROGRAM FILES\RISING\ANTISPYWARE\RUNONCE.EXE

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Sidebar = C:\PROGRAM FILES\WINDOWS SIDEBAR\SIDEBAR.EXE /AUTORUN


系统文件关联
.exe ==> exefile = "%1" %*
.com ==> comfile = "%1" %*
.cmd ==> cmdfile = "%1" %*
.bat ==> batfile = "%1" %*
.txt ==> txtfile = C:\Windows\notepad.exe %1
.scr ==> scrfile = "%1" /S
.reg ==> regfile = regedit.exe "%1"
.doc ==> WPS.Doc.6 = "D:\Program Files\Kingsoft\WPS Office 2005\office6\wps.exe" "%1"

其它启动项
WIN.INI
无信息

SYSTEM.INI
SHELL = Explorer.exe
SCRNSAVE.EXE = C:\Windows\system32\Bubbles.scr


Winlogon 启动项
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
Userinit = C:\WINDOWS\SYSTEM32\USERINIT.EXE,
shell = EXPLORER.EXE


IE - BHO
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
{01443AEC-0FD1-40fd-9C87-E93D1494C233} = D:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll
{7E853D72-626A-48EC-A868-BA8D5E23E045} = NULL
{889D2FEB-5411-4565-8998-1DD2C5261283} = D:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll
{9030D464-4C02-4ABF-8ECC-5164760863C6} = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll


Winsock SPI
MSAFD Irda [IrDA] = C:\Windows\SYSTEM32\MSWSOCK.DLL
MSAFD Tcpip [TCP/IP] = C:\Windows\SYSTEM32\MSWSOCK.DLL
MSAFD Tcpip [UDP/IP] = C:\Windows\SYSTEM32\MSWSOCK.DLL
MSAFD Tcpip [RAW/IP] = C:\Windows\SYSTEM32\MSWSOCK.DLL
MSAFD Tcpip [TCP/IPv6] = C:\Windows\SYSTEM32\MSWSOCK.DLL
MSAFD Tcpip [UDP/IPv6] = C:\Windows\SYSTEM32\MSWSOCK.DLL
MSAFD Tcpip [RAW/IPv6] = C:\Windows\SYSTEM32\MSWSOCK.DLL
RSVP TCPv6 = C:\Windows\SYSTEM32\MSWSOCK.DLL
RSVP TCP = C:\Windows\SYSTEM32\MSWSOCK.DLL
RSVP UDPv6 = C:\Windows\SYSTEM32\MSWSOCK.DLL
RSVP UDP = C:\Windows\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{D54BC3DF-2A42-4EB8-B85A-767CD4217897}] SEQPACKET 4 = C:\Windows\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip_{D54BC3DF-2A42-4EB8-B85A-767CD4217897}] DATAGRAM 4 = C:\Windows\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip6_{118A79D8-6E34-4333-8B40-066B786F7803}] SEQPACKET 1 = C:\Windows\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip6_{118A79D8-6E34-4333-8B40-066B786F7803}] DATAGRAM 1 = C:\Windows\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip6_{66CB5D13-70E1-48E4-A3D9-EDE443982E3C}] SEQPACKET 0 = C:\Windows\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip6_{66CB5D13-70E1-48E4-A3D9-EDE443982E3C}] DATAGRAM 0 = C:\Windows\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip6_{D54BC3DF-2A42-4EB8-B85A-767CD4217897}] SEQPACKET 5 = C:\Windows\SYSTEM32\MSWSOCK.DLL
MSAFD NetBIOS [\Device\NetBT_Tcpip6_{D54BC3DF-2A42-4EB8-B85A-767CD4217897}] DATAGRAM 5 = C:\Windows\SYSTEM32\MSWSOCK.DLL

系统服务项

文件驱动

系统驱动项

貌似日志是正常的

红伞只会在更新后出现

日志没有什么问题啊？