HijackThis_815汉化版扫描日志 V1.99.1
保存于      11:50:16, 日期 2006-07-21
操作系统：  Windows XP SP2 (WinNT 5.01.2600)
浏览器：    Internet Explorer v6.00 SP2 (6.00.2900.2180)

当前运行的进程：         
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\crypserv.exe
C:\PROGRA~1\TWEAKA~1\AssistSystray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
E:\HijackThis1991汉化版\HijackThis1991zww.exe

O2 - BHO: QQIEHelper - {54EBD53A-9BC1-480B-966A-843A333CA162} - E:\QQ\QQIEHelper.dll
O3 - IE工具栏增项: 全能助手广告拦截专家 - {ED51E9A3-16C5-4236-99E0-9F093B021433} - C:\Program Files\TweakAssist\AssistIEBar.dll
O3 - IE工具栏增项: ICQ  Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll
O3 - IE工具栏增项: 全能助手 ExplorerBar - {939802BD-EDC8-4EE3-9997-A65BE4657FFD} - C:\Program Files\TweakAssist\AssistExplorerBar.dll
O4 - 启动项HKLM\\Run: [AssistSystray] C:\PROGRA~1\TWEAKA~1\AssistSystray.exe
O4 - 启动项HKLM\\Run: [abbxe.exe] C:\WINDOWS\system32\abbxe.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - IE右键菜单中的新增项目: &ICQ Toolbar Search - res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - IE右键菜单中的新增项目: 上传到QQ网络硬盘 - E:\QQ\AddToNetDisk.htm
O8 - IE右键菜单中的新增项目: 添加到QQ自定义面板 - E:\QQ\AddPanel.htm
O8 - IE右键菜单中的新增项目: 添加到QQ表情 - E:\QQ\AddEmotion.htm
O8 - IE右键菜单中的新增项目: 用QQ彩信发送该图片 - E:\QQ\SendMMS.htm
O8 - IE右键菜单中的新增项目: 翻译英文字词(&T) - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O9 - 浏览器额外的按钮: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - 浏览器额外的“工具”菜单项: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - 浏览器额外的按钮: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - E:\QQ\QQ.EXE
O9 - 浏览器额外的“工具”菜单项: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - E:\QQ\QQ.EXE
O9 - 浏览器额外的按钮: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - E:\QQ\QQIEHelper.dll
O9 - 浏览器额外的“工具”菜单项: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - E:\QQ\QQIEHelper.dll
O16 - DPF: {3D8F74EE-8692-4F8F-B8D2-7522E732519E} (WebActivater Control) - http://game.qq.com/QQGame2.cab
O16 - DPF: {52DF16E3-6C4F-4B22-8BAF-09263E463B48} - http://218.30.82.36/md5/YahooOnlineScanTest/KOSInit.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B97E317E-84E8-4E3A-9B84-02D10A8B65A4}: NameServer = 85.255.116.59,85.255.112.188
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.116.59 85.255.112.188
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.59 85.255.112.188
O23 - NT 服务: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe

修复:

O4 - 启动项HKLM\\Run: [abbxe.exe] C:\WINDOWS\system32\abbxe.exe

控制面版中卸载全能助手,建议卸载雅虎.

【回复“tyfs”的帖子】
楼主似乎没有使用杀毒软件，这样是很危险的。



请楼主使用下面的两个多引擎扫描器扫描下列文件：
C:\WINDOWS\system32\abbxe.exe
多引擎扫描之Virustotal

http://www.virustotal.com/
多引擎扫描之Jotti

http://virusscan.jotti.org/


请务必将报告贴全。
使用方法请参考：
【推荐】多引擎扫描器的使用方法

http://forum.ikaka.com/topic.asp?board=67&artid=7957175
如果还有问题，请跟帖说明。

Virustotal
:英文看不懂

引用:

【tyfs的贴子】Virustotal:英文看不懂 ...........................

原先失效的几张图片的链接修改过了，仔细看看使用方法。

C:\WINDOWS\system32\abbxe.exe
这一项的确可疑，楼主有什么异常请描述一一。

经常弹英文广告,让你下载不明软件

这是什么

Stop online threats - spyware, viruses and hackers
Protect your entire system:
Powerful Antivirus: provides complete security for your system against viruses, worms and Trojan horse programs.

Personal Firewall: safeguards your PC from hacker and network intrusions. All incoming and outgoing traffic can be monitored.

Spyware Blocker: guards your computer from harmful spywares and adwares that may stealthily reside on your drives.

PopUp Protector: protects your system from pop-ups that frequently appear on your monitor hindering your browsing activity.

Keep your system safe: thanks to all these applications you will be able to enjoy a completely secure system. Scan for Threats Now Free

Please read the following: clicking the button above confirms you agree to the End User License Agreement of this software.


Copyright © 2006 www.winantivirus.com. All Rights Reserved. Trademarks mentioned are the property of their respective holders.
End User License Agreement | Privacy Policy | Become an affiliate

If automated download doesn't start, please Click Here
and select "Run" or "Open" when prompted.

VirusTotalVirusTotal is a free file analisys service that works using several antivirus engines.


          Select file :            DistributeSSL

          Enter your email, choose the file to be scanned with multiple antivirus engines and click Send.Menu:
News Hot news in the virus/antivirus sector.
Estadisticas Statistics of VirusTotal procesing.
Virustotal More info about Virustotal.


STATUS: FINISHEDComplete scanning result of "abbxe.exe", received in VirusTotal at 07.21.2006, 07:43:58 (CET).

Antivirus Version Update Result
AntiVir n -  no virus found
Authentium n -  no virus found
Avast n -  no virus found
AVG n -  no virus found
BitDefender n -  no virus found
CAT-QuickHeal n -  no virus found
ClamAV n -  no virus found
DrWeb n -  no virus found
eTrust-InoculateIT n -  no virus found
eTrust-Vet n -  no virus found
Ewido n -  no virus found
Fortinet n -  no virus found
F-Prot n -  no virus found
F-Prot4 n -  no virus found
Ikarus n -  no virus found
Kaspersky n -  no virus found
McAfee n -  no virus found
Microsoft n -  no virus found
NOD32v2 n -  no virus found
Norman n -  no virus found
Panda n -  no virus found
Sophos n -  no virus found
Symantec n -  no virus found
TheHacker n -  no virus found
UNA n -  no virus found
VBA32 n -  no virus found
VirusBuster n - no virus found


Aditional Information
File size: 0 bytes
MD5: d41d8cd98f00b204e9800998ecf8427e
SHA1: da39a3ee5e6b4b0d3255bfef95601890afd80709

VirusTotal is a free service offered by Hispasec Sistemas. There are no guarantees about the availability and continuity of this service. Although the detection rate afforded by the use of multiple antivirus engines is far superior to that offered by just one product, these results DO NOT guarantee the harmlessness of a file. Currently, there is not any solution that offers a 100% effectiveness rate for detecting viruses and malware.
> Go to: Home Contactar En Español
--------------------------------------------------------------------------------
www.virustotal.com :: ©Hispasec Sistemas 2004-06:: e-mail info@virustotal.com