瑞星卡卡安全论坛

用木马克星发现可疑系统服务，怎么回事呀，有什么办法解决嘛？谢谢了……

扫个HJ日志贴上来

请教: 这是我用木马克星扫出来的,请帮我看下好吗?哪些要删啊?

发现非法ie记录:
Admonitor Spyware Cookie found in c:\documents and settings\administrator\cookies\administrator@advertising[1].txt
发现非法ie记录:
Admonitor Spyware Cookie found in c:\documents and settings\administrator\cookies\administrator@atdmt[2].txt
发现非法ie记录:
Admonitor Spyware Cookie found in c:\documents and settings\administrator\cookies\administrator@counter14.sextracker[2].txt
发现非法ie记录:
Admonitor Spyware Cookie found in c:\documents and settings\administrator\cookies\administrator@counter15.sextracker[1].txt
发现非法ie记录:
Admonitor Spyware Cookie found in c:\documents and settings\administrator\cookies\administrator@counter8.sextracker[2].txt
发现非法ie记录:
Doubleclick Spyware Cookie found in c:\documents and settings\administrator\cookies\administrator@doubleclick[1].txt
发现非法ie记录:
Admonitor Spyware Cookie found in c:\documents and settings\administrator\cookies\administrator@mediaplex[1].txt
发现非法ie记录:
Admonitor Spyware Cookie found in c:\documents and settings\administrator\cookies\administrator@servedby.advertising[1].txt
发现非法ie记录:
Admonitor Spyware Cookie found in c:\documents and settings\administrator\cookies\administrator@sex.12384[1].txt
发现非法ie记录:
Admonitor Spyware Cookie found in c:\documents and settings\administrator\cookies\administrator@sexlist[1].txt
发现非法ie记录:
Admonitor Spyware Cookie found in c:\documents and settings\administrator\cookies\administrator@sextracker[2].txt
发现非法ie记录:
Valueclick Spyware Cookie found in c:\documents and settings\administrator\cookies\administrator@valueclick[2].txt
发现非法ie记录:
Admonitor Spyware Cookie found in c:\documents and settings\administrator\cookies\administrator@advertising[1].txt
发现非法ie记录:
Admonitor Spyware Cookie found in c:\documents and settings\administrator\cookies\administrator@atdmt[2].txt
发现非法ie记录:
Admonitor Spyware Cookie found in c:\documents and settings\administrator\cookies\administrator@counter14.sextracker[2].txt
发现非法ie记录:
Admonitor Spyware Cookie found in c:\documents and settings\administrator\cookies\administrator@counter15.sextracker[1].txt
发现非法ie记录:
Admonitor Spyware Cookie found in c:\documents and settings\administrator\cookies\administrator@counter8.sextracker[2].txt
发现非法ie记录:
Doubleclick Spyware Cookie found in c:\documents and settings\administrator\cookies\administrator@doubleclick[1].txt
发现非法ie记录:
Admonitor Spyware Cookie found in c:\documents and settings\administrator\cookies\administrator@mediaplex[1].txt
发现非法ie记录:
Admonitor Spyware Cookie found in c:\documents and settings\administrator\cookies\administrator@servedby.advertising[1].txt
发现非法ie记录:
Admonitor Spyware Cookie found in c:\documents and settings\administrator\cookies\administrator@sex.12384[1].txt
发现非法ie记录:
Admonitor Spyware Cookie found in c:\documents and settings\administrator\cookies\administrator@sexlist[1].txt
发现非法ie记录:
Admonitor Spyware Cookie found in c:\documents and settings\administrator\cookies\administrator@sextracker[2].txt
发现非法ie记录:
Valueclick Spyware Cookie found in c:\documents and settings\administrator\cookies\administrator@valueclick[2].txt
C:\Program Files\FlashGet\BACKUP\cd_install277.exe 发现广告程序:tro2005-7-13-adware-cd_install277,290312
C:\WINNT\G_ServerKey.DLL 怀疑为木马.
C:\WINNT\Downloaded Program Files\cnshint.dll 怀疑为3721广告
C:\WINNT\Downloaded Program Files\CnsHook.dll 怀疑为3721广告
C:\WINNT\Downloaded Program Files\cnsio.dll 怀疑为3721广告
C:\WINNT\Downloaded Program Files\CnsMin.dll 怀疑为3721广告
C:\WINNT\Downloaded Program Files\CnsMinEx.dll 怀疑为3721广告
C:\WINNT\Downloaded Program Files\CnsMinEx.dll 怀疑为yisou广告
C:\WINNT\Downloaded Program Files\CnsMinIO.dll 怀疑为3721广告
C:\WINNT\Downloaded Program Files\keepmain.dll 怀疑为3721广告
C:\WINNT\system32\CD_CLINT.DLL 发现广告程序:tro2005-5-31-spywareCD_CLINT,124928
C:\WINNT\system32\cns.dll 怀疑为3721广告
C:\WINNT\system32\cns.dll 怀疑为CNNIC广告
C:\WINNT\system32\cns.exe 怀疑为baidu广告
C:\WINNT\system32\cns.exe 怀疑为CNNIC广告
C:\WINNT\system32\QQMusic3\QzoneSupport.exe 怀疑为qq木马
C:\ 扫描完成.
D:\ 扫描完成.
E:\ 扫描完成.
F:\ 扫描完成.
G:\ 扫描完成.

【回复“依然MM”的帖子】全都删除

【回复“木冰”的帖子】服务名字

啊...明白了,谢谢!

不好意思，这几天忙没来，请帮忙再看看吧，谢谢了……
发现可疑系统服务:C:\WINDOWS\System32\drivers\ds1410d.sys
发现可疑系统服务:C:\WINDOWS\System32\new.sys

用hijackthis扫描后,把日志贴上来看看

木马克星误报多,请相信正规杀软