日志文件 Trend Micro HijackThis v 2.0.2
日志保存时间: 19:55:57,2008-8-5
操作系统: Windows XP SP2 (WinNT 5.01.2600)
IE版本: Unable to get Internet Explorer version!
启动模式: 正常
正在运行的进程:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\大本营\完美卸~1\PnpWMmng.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\大本营\魔法兔子\MagicSet\SRFC.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\360safe\safemon\360tray.exe
C:\Program Files\360Safebox\safeboxTray.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SogouInput\OlympicNews.exe
C:\Program Files\PPStream\ppsap.exe
C:\Program Files\大本营\Windows优化大师\Wopti\WoptiUtilities.exe
C:\Program Files\TheWorld 2.0\TheWorld.exe
E:\应用软件\hijackthisHijackThis V2.02 汉化版 _ 杀毒辅助组合.exe
C:\DOCUME~1\李军伟\LOCALS~1\Temp\nso10.tmp\hijackthis.exe
O2 - BHO: Thunder AtOnce - {01443AEC-0FD1-40fd-9C87-E93D1494C233} - C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll
O2 - BHO: QQToolbar - {29CF293A-1E7D-4069-9E11-E39698D0AF95} - C:\Program Files\Tencent\QQToolbar\IEBar.dll
O2 - BHO: (未命名) - {669751ED-D558-49AE-B01A-3B374CC7910E} - (没有文件)
O2 - BHO: ThunderBHO - {889D2FEB-5411-4565-8998-1DD2C5261283} - C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll
O2 - BHO: PPVADownloader - {A986E409-30CC-4185-89BB-AB212C104524} - C:\Program Files\PPLiveVA\DownloaderManager.dll
O2 - BHO: SafeMon Class - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} - C:\Program Files\360safe\safemon\safemon.dll
O3 - IE 工具栏: QQToolbar - {29CF293A-1E7D-4069-9E11-E39698D0AF95} - C:\Program Files\Tencent\QQToolbar\IEBar.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [Super Rabbit SafeEdit] C:\Program Files\大本营\魔法兔子\MagicSet\SRFC.EXE /Load
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [WinPPP] C:\Program Files\Common Files\system\WinPPP.exe
O4 - HKLM\..\Run: [IMSCMig] C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
O4 - HKLM\..\Run: [360Safetray] C:\Program Files\360safe\safemon\360tray.exe /start
O4 - HKLM\..\Run: [360Safebox] "C:\Program Files\360Safebox\safeboxTray.exe" /r
O4 - HKLM\..\Run: [StormCodec_Helper] "C:\Program Files\大本营\暴风影音\Storm Codec\StormSet.exe" /S /opti
O4 - HKLM\..\Run: [LiveUpatePower] C:\Program Files\大本营\完美卸载V2008\MyUpdate.exe -PowerOn
O4 - HKLM\..\Run: [ssMgr_ccb] C:\Program Files\StarSec\ssMgr_ccb.exe -r
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [OlympicExpress] "C:\Program Files\SogouInput\OlympicNews.exe"
O4 - HKCU\..\Run: [PPS Accelerator] C:\Program Files\PPStream\ppsap.exe
O4 - HKCU\..\Run: [Fetion] C:\Program Files\China Mobile\Fetion飞信2008\Fetion.exe
O4 - HKUS\S-1-5-19\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: 网络连接
O8 - 扩展右键菜单项: &V使用Vagaa哇嘎下载 - C:\Program Files\大本营\哇嘎画时代 V2.6.6.0 测试版\Vagaa\Data\vg.htm
O8 - 扩展右键菜单项: 使用迅雷下载 - C:\Program Files\Thunder Network\Thunder\Program\geturl.htm
O8 - 扩展右键菜单项: 使用迅雷下载全部链接 - C:\Program Files\Thunder Network\Thunder\Program\getallurl.htm
O8 - 扩展右键菜单项: 添加到QQ表情 - C:\Program Files\Tencent\QQ腾讯\AddEmotion.htm
O9 - 额外的按钮: 启动迅雷5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - C:\Program Files\Thunder Network\Thunder\Thunder.exe
O9 - 额外的“工具”菜单项目: 启动迅雷5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - C:\Program Files\Thunder Network\Thunder\Thunder.exe
O9 - 额外的按钮: Web 反病毒统计 - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - 额外的按钮: PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - C:\Program Files\PPLive\PPLive.exe
O9 - 额外的“工具”菜单项目: PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - C:\Program Files\PPLive\PPLive.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.microsoft.com/
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{9691B02A-BCAF-4E5A-A5A8-47DB5EB0DAA5}: NameServer = 202.99.160.68 202.99.166.4
O23 - NT 服务:  卡巴斯基反病毒软件 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - NT 服务:  EQService - EQSecure - C:\Program Files\EQSecure\EQService.exe
O23 - NT 服务:  ewido anti-spyware 4.0 guard - Unknown owner - (没有文件)
O23 - NT 服务:  NOD32 Kernel Service (NOD32krn) - Unknown owner - (没有文件)
O23 - NT 服务:  PnpWMmng - Unknown owner - C:\PROGRA~1\大本营\完美卸~1\PnpWMmng.exe(文件不存在)
O23 - NT 服务:  SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
--
文件结束 - 5471 字节

用户系统信息：Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; TheWorld)

楼主用的是不是360safe？

楼主安装补丁时可以把杀毒软件的实时监控关闭试一下
ps：补丁安装失败有什么提示？

LZ是用360来修复系统,提示安装不上,还是下载不了?