查看: 1428|回复: 1
收起左侧

[求助] 请各位老大帮忙看看,该怎么处理?

[复制链接]
fifa45
头像被屏蔽
发表于 2008-2-1 19:58:08 | 显示全部楼层 |阅读模式
[C:\Program Files\McAfee\VirusScan Enterprise\VsEvntUI.dll]  [N/A, ]
    [C:\Program Files\McAfee\VirusScan Enterprise\NAEvent.dll]  [McAfee, Inc., VSCORE.13.3.2.123.x86]
    [C:\Program Files\McAfee\VirusScan Enterprise\ftl.dll]  [McAfee, Inc., VSCORE.13.3.2.123.x86]
    [C:\Program Files\McAfee\VirusScan Enterprise\vsupdcpl.dll]  [McAfee, Inc., 8.5.0.857]
[PID: 1520 / SYSTEM][C:\Program Files\Eset\nod32krn.exe]  [Eset , 2, 70, 39 ]
    [C:\Program Files\Eset\nod32krr.dll]  [Eset , 2, 70, 32 ]
    [C:\Program Files\Eset\ps_amon.dll]  [Eset , 2, 70, 39 ]
    [C:\Program Files\Eset\pr_amon.dll]  [Eset , 2, 70, 16 ]
    [C:\Program Files\Eset\ps_dmon.dll]  [Eset , 2, 70, 39 ]
    [C:\Program Files\Eset\pr_dmon.dll]  [N/A, ]
    [C:\Program Files\Eset\ps_emon.dll]  [Eset , 2, 70, 39 ]
    [C:\Program Files\Eset\pr_emon.dll]  [N/A, ]
    [C:\WINDOWS\system32\imon.dll]  [Eset , 2, 70, 39 ]
    [C:\Program Files\Eset\pr_imon.dll]  [N/A, ]
    [C:\Program Files\Eset\ps_nod32.dll]  [Eset , 2, 70, 39 ]
    [C:\Program Files\Eset\pr_nod32.dll]  [Eset , 2, 70, 16 ]
    [C:\Program Files\Eset\ps_upd.dll]  [Eset , 2, 70, 39 ]
    [C:\Program Files\Eset\pr_upd.dll]  [N/A, ]
[PID: 1588 / SYSTEM][C:\Program Files\McAfee\Common Framework\naPrdMgr.exe]  [McAfee, Inc., 3.6.0.480]
    [C:\Program Files\McAfee\Common Framework\NaiSign.DLL]  [N/A, ]
    [C:\WINDOWS\system32\epoPGPSDK.dll]  [PGP Corporation, 3.5.3]
    [C:\Program Files\McAfee\Common Framework\naXML71.dll]  [N/A, ]
    [C:\Program Files\McAfee\Common Framework\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\McAfee\Common Framework\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\McAfee\Common Framework\nailog.dll]  [McAfee, Inc., 3.6.0.480]
    [C:\Program Files\McAfee\Common Framework\naCmnLib71.dll]  [McAfee, Inc., 3.6.0.480]
    [C:\Program Files\McAfee\Common Framework\applib.dll]  [McAfee, Inc., 3.6.0.480]
    [C:\Program Files\McAfee\Common Framework\0409\AgentRes.dll]  [McAfee, Inc., 3.6.0.480]
    [C:\Program Files\McAfee\VirusScan Enterprise\VsPlugin.dll]  [McAfee, Inc., 8.5.0.895]
[PID: 1628 / Administrator][D:\360safe\safemon\360tray.exe]  [奇虎网, 3, 6, 4, 3003]
    [D:\360safe\safemon\safemon.dll]  [奇虎网, 3, 6, 4, 1001]
    [D:\360safe\safemon\SafeKrnl.dll]  [奇虎网, 3, 6, 0, 1001]
    [D:\360safe\AntiAdwa.dll]  [360Safe.com, 3, 6, 3, 1001]
    [D:\360safe\live.dll]  [360safe.com, 1, 0, 1, 1021]
[PID: 1656 / Administrator][C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE]  [McAfee, Inc., 8.5.0.895]
    [C:\Program Files\McAfee\VirusScan Enterprise\LockDown.dll]  [McAfee, Inc., VSCORE.13.3.2.123.x86]
    [C:\Program Files\McAfee\VirusScan Enterprise\ftcfg.dll]  [McAfee, Inc., 8.5.0.895]
    [C:\Program Files\McAfee\VirusScan Enterprise\mytilus2.dll]  [McAfee, Inc., VSCORE.13.3.2.123.x86]
    [C:\Program Files\McAfee\VirusScan Enterprise\mytilus.dll]  [McAfee, Inc., VSCORE.13.3.2.123.x86]
    [C:\Program Files\McAfee\VirusScan Enterprise\wmain.dll]  [McAfee, Inc., 8.5.0.781]
    [C:\Program Files\McAfee\VirusScan Enterprise\shutil.dll]  [McAfee, Inc., 8.5.0.895]
    [C:\Program Files\McAfee\VirusScan Enterprise\RES0402\McShield.dll]  [McAfee, Inc., VSCORE.13.3.2.123]
    [C:\Program Files\McAfee\VirusScan Enterprise\Graphics.dll]  [McAfee, Inc., 8.5.0.781]
    [D:\360safe\safemon\safemon.dll]  [奇虎网, 3, 6, 4, 1001]
[PID: 1668 / Administrator][C:\Program Files\McAfee\Common Framework\UdaterUI.exe]  [McAfee, Inc., 3.6.0.480]
    [C:\Program Files\McAfee\Common Framework\nailog.dll]  [McAfee, Inc., 3.6.0.480]
    [C:\Program Files\McAfee\Common Framework\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\McAfee\Common Framework\naCmnLib71.dll]  [McAfee, Inc., 3.6.0.480]
    [C:\Program Files\McAfee\Common Framework\naXML71.dll]  [N/A, ]
    [C:\Program Files\McAfee\Common Framework\NaiSign.DLL]  [N/A, ]
    [C:\WINDOWS\system32\epoPGPSDK.dll]  [PGP Corporation, 3.5.3]
    [C:\Program Files\McAfee\Common Framework\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\McAfee\Common Framework\applib.dll]  [McAfee, Inc., 3.6.0.480]
    [C:\Program Files\McAfee\Common Framework\cmalib.dll]  [McAfee, Inc., 3.6.0.480]
    [C:\Program Files\McAfee\Common Framework\0409\UpdRes.dll]  [McAfee, Inc., 3.6.0.480]
    [C:\Program Files\McAfee\Common Framework\0409\AgentRes.dll]  [McAfee, Inc., 3.6.0.480]
    [C:\Program Files\McAfee\Common Framework\SecureFrameworkFactory.dll]  [McAfee, Inc., 3.6.0.480]
[PID: 1684 / Administrator][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1736 / Administrator][C:\Program Files\McAfee\Common Framework\McTray.exe]  [McAfee, Inc., 1.0.0.125]
    [C:\Program Files\McAfee\Common Framework\JrMac.dll]  [McAfee, Inc., 1.0.0.125]
[PID: 1316 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 3572 / Administrator][F:\GOMPLA~1\GOM.exe]  [Gretech Corp., 2, 1, 8, 3683]
    [D:\360safe\safemon\safemon.dll]  [奇虎网, 3, 6, 4, 1001]
    [F:\GOMPLA~1\lang\GomCHS.dll]  [Gretech Corp., 2, 1, 8, 3683]
    [F:\GomPlayer\GVF.ax]  [N/A, ]
    [F:\GomPlayer\MSVCR71.dll]  [Microsoft Corporation, 7.10.6030.0]
    [F:\GomPlayer\GAF.ax]  [N/A, ]
    [C:\WINDOWS\system32\msdmo.dll]  [, ]
    [F:\GomPlayer\codecs\real\RealMediaSplitter.ax]  [Gabest, 1, 0, 1, 0]
    [F:\GomPlayer\codecs\real\COOK.dll]  [RealNetworks, Inc., 10.0.0.1338]
    [F:\GOMPLA~1\PNCRT.dll]  [Real Networks, Inc, 6.0.0.0]
    [F:\GomPlayer\codecs\real\drvc.dll]  [RealNetworks, Inc., 10.0.0.1172]
[PID: 1360 / Administrator][C:\Program Files\McAfee\VirusScan Enterprise\mcconsol.exe]  [McAfee, Inc., 8.5.0.895]
    [C:\Program Files\McAfee\VirusScan Enterprise\consl.dll]  [McAfee, Inc., 8.5.0.895]
    [C:\Program Files\McAfee\VirusScan Enterprise\shutil.dll]  [McAfee, Inc., 8.5.0.895]
    [C:\Program Files\McAfee\VirusScan Enterprise\wmain.dll]  [McAfee, Inc., 8.5.0.781]
    [C:\Program Files\McAfee\VirusScan Enterprise\condl.dll]  [McAfee, Inc., 8.5.0.857]
    [C:\Program Files\McAfee\VirusScan Enterprise\LockDown.dll]  [McAfee, Inc., VSCORE.13.3.2.123.x86]
    [D:\360safe\safemon\safemon.dll]  [奇虎网, 3, 6, 4, 1001]
    [C:\Program Files\McAfee\VirusScan Enterprise\bbcpl.dll]  [McAfee, Inc., 8.5.0.895]
    [C:\Program Files\McAfee\VirusScan Enterprise\coptcpl.dll]  [McAfee, Inc., 8.5.0.857]
    [C:\Program Files\McAfee\VirusScan Enterprise\emcfgcpl.dll]  [McAfee, Inc., 8.5.0.781]
    [C:\Program Files\McAfee\VirusScan Enterprise\nvpcpl.dll]  [McAfee, Inc., 8.5.0.781]
    [C:\Program Files\McAfee\VirusScan Enterprise\ftcfg.dll]  [McAfee, Inc., 8.5.0.895]
    [C:\Program Files\McAfee\VirusScan Enterprise\mytilus2.dll]  [McAfee, Inc., VSCORE.13.3.2.123.x86]
    [C:\Program Files\McAfee\VirusScan Enterprise\mytilus.dll]  [McAfee, Inc., VSCORE.13.3.2.123.x86]
    [C:\Program Files\McAfee\VirusScan Enterprise\RES0402\McShield.dll]  [McAfee, Inc., VSCORE.13.3.2.123]
    [C:\Program Files\McAfee\VirusScan Enterprise\oascpl.dll]  [McAfee, Inc., 8.5.0.857]
    [C:\Program Files\McAfee\VirusScan Enterprise\quarcpl.dll]  [McAfee, Inc., 8.5.0.781]
    [C:\Program Files\McAfee\VirusScan Enterprise\vsodscpl.dll]  [McAfee, Inc., 8.5.0.895]
    [C:\Program Files\McAfee\VirusScan Enterprise\VsEvntUI.dll]  [N/A, ]
    [C:\Program Files\McAfee\VirusScan Enterprise\NAEvent.dll]  [McAfee, Inc., VSCORE.13.3.2.123.x86]
    [C:\Program Files\McAfee\VirusScan Enterprise\ftl.dll]  [McAfee, Inc., VSCORE.13.3.2.123.x86]
    [C:\Program Files\McAfee\VirusScan Enterprise\vsupdcpl.dll]  [McAfee, Inc., 8.5.0.857]
    [C:\Program Files\McAfee\VirusScan Enterprise\Graphics.dll]  [McAfee, Inc., 8.5.0.781]
[PID: 3824 / Administrator][C:\WINDOWS\system32\rundll32.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\360safe\safemon\safemon.dll]  [奇虎网, 3, 6, 4, 1001]
[PID: 1548 / Administrator][C:\WINDOWS\regedit.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\360safe\safemon\safemon.dll]  [奇虎网, 3, 6, 4, 1001]
[PID: 2244 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\360safe\safemon\safemon.dll]  [奇虎网, 3, 6, 4, 1001]
    [E:\快车\FlashGet\ComDlls\bhoCATCH.dll]  [FlashGet, 2, 0, 2, 1011]
    [C:\Program Files\McAfee\VirusScan Enterprise\scriptcl.dll]  [McAfee, Inc., VSCORE.13.3.2.123.x86]
    [E:\迅雷\ComDlls\XunLeiBHO_004.dll]  [Thunder Networking Technologies,LTD, 5, 0, 0, 3]
[PID: 2004 / Administrator][D:\新建文件夹\Reg\SREngPS_du110.EXE]  [Smallfrogs Studio, 2.5.16.900]
    [D:\360safe\safemon\safemon.dll]  [奇虎网, 3, 6, 4, 1001]
    [D:\新建文件夹\Reg\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]
==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS   OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]
==================================
Winsock 提供者
N/A
==================================
Autorun.inf
N/A
==================================
HOSTS 文件
127.0.0.1       localhost
127.0.0.1  yu.8s7.net
127.0.0.1  1.jopanqc.com
127.0.0.1  2.joppnqq.com
127.0.0.1  wg.47255.com
127.0.0.1  1.joppnqq.com
127.0.0.1  xxx.m111.biz
127.0.0.1  1.jopenqc.com
127.0.0.1  1.jopenkk.com
127.0.0.1  xxx.vh7.biz
127.0.0.1  xxx.j41m.com
127.0.0.1  3.joppnqq.com
127.0.0.1  d.93se.com
127.0.0.1  www.868wg.com
127.0.0.1  xxx.mmma.biz
127.0.0.1  ilove.com
127.0.0.1  tp.shpzhan.cn
127.0.0.1  www.tomwg.com
127.0.0.1  www.177dvd.cn
127.0.0.1  www.cike007.cn
127.0.0.1  www.22aaa.com
127.0.0.1  xx.exiao01.com
127.0.0.1  www.exiao01.com
127.0.0.1  www.exiao01.com
127.0.0.1  new.749571.com
127.0.0.1  xtx.kv8.info
127.0.0.1  cao.kv8.info
127.0.0.1  1.jopmmqq.com
127.0.0.1  171817.171817.com
127.0.0.1  d2.llsging.com
127.0.0.1  down.malasc.cn
127.0.0.1  llboss.com
127.0.0.1  nx.51ylb.cn
127.0.0.1  my.531jx.cn
127.0.0.1  qqq.dzydhx.com
127.0.0.1  qqq.hao1658.com
127.0.0.1  www.333292.com
127.0.0.1  down.18dd.net
127.0.0.1  up.22x44.com
==================================
进程特权扫描
特殊特权被允许: SeDebugPrivilege [PID = 1628, D:\360SAFE\SAFEMON\360TRAY.EXE]
==================================
API HOOK
RVA  错误: LoadLibraryA (危险等级: 高,  被下面模块所HOOK: \??\C:\WINDOWS\system32\drivers\klif.sys)
RVA  错误: LoadLibraryExA (危险等级: 高,  被下面模块所HOOK: \??\C:\WINDOWS\system32\drivers\klif.sys)
RVA  错误: LoadLibraryExW (危险等级: 高,  被下面模块所HOOK: \??\C:\WINDOWS\system32\drivers\klif.sys)
RVA  错误: LoadLibraryW (危险等级: 高,  被下面模块所HOOK: \??\C:\WINDOWS\system32\drivers\klif.sys)
RVA  错误: GetProcAddress (危险等级: 高,  被下面模块所HOOK: \??\C:\WINDOWS\system32\drivers\klif.sys)
==================================
隐藏进程
N/A
==================================

[/CODE]
深红的雪
发表于 2008-2-1 20:23:31 | 显示全部楼层
如果楼主安装过卡巴,那么klif.sys就是卡巴的驱动文件
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2024-11-24 16:01 , Processed in 0.125550 second(s), 17 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表