红伞扫出的Hidden objects，大家帮忙看看怎么清除？

显示全部楼层 · 发表于 2008-5-10 09:21:42

Avira AntiVir Premium
Report file date: 2008年5月10日  08:39
Scanning for 1258665 virus strains and unwanted programs.
Licensed to:
Serial number:
Platform:       Windows XP
Windows version:  (Service Pack 3)  [5.1.2600]
Boot mode:       Normally booted
Username:       SYSTEM
Computer name:
Version information:
BUILD.DAT    : 8.1.00.332    19215 Bytes 2008-4-29 10:46:00
AVSCAN.EXE : 8.1.2.12    311553 Bytes 2008-3-18 03:02:56
AVSCAN.DLL : 8.1.1.0       53505 Bytes 2008-2-7 02:43:37
LUKE.DLL    : 8.1.2.9       151809 Bytes 2008-2-28 02:41:23
LUKERES.DLL : 8.1.2.1       12033 Bytes 2008-2-21 02:28:40
ANTIVIR0.VDF  : 6.40.0.0    11030528 Bytes 2007-7-18 04:33:34
ANTIVIR1.VDF  : 7.0.3.2    5447168 Bytes 2008-3-7 07:08:58
ANTIVIR2.VDF  : 7.0.4.0    1554432 Bytes 2008-5-5 12:57:34
ANTIVIR3.VDF  : 7.0.4.23       99840 Bytes 2008-5-9 00:39:15
Engineversion : 8.1.0.42
AEVDF.DLL    : 8.1.0.5       102772 Bytes 2008-2-25 03:58:21
AESCRIPT.DLL  : 8.1.0.31    262522 Bytes 2008-5-9 12:57:04
AESCN.DLL    : 8.1.0.16    119156 Bytes 2008-5-9 12:56:42
AERDL.DLL    : 8.1.0.20    418165 Bytes 2008-4-26 12:21:37
AEPACK.DLL : 8.1.1.4       364918 Bytes 2008-4-29 12:19:26
AEOFFICE.DLL  : 8.1.0.18    192890 Bytes 2008-4-26 12:21:19
AEHEUR.DLL : 8.1.0.26    1237366 Bytes 2008-5-9 12:56:32
AEHELP.DLL : 8.1.0.14    115063 Bytes 2008-4-26 12:20:39
AEGEN.DLL    : 8.1.0.20    299380 Bytes 2008-5-9 12:53:56
AEEMU.DLL    : 8.1.0.6       430451 Bytes 2008-5-9 12:53:05
AECORE.DLL : 8.1.0.28    168310 Bytes 2008-5-9 12:52:49
AVWINLL.DLL : 1.0.0.7       14593 Bytes 2008-1-23 11:07:53
AVPREF.DLL : 8.0.0.1       25857 Bytes 2008-2-18 04:37:50
AVREP.DLL    : 7.0.0.1       155688 Bytes 2007-4-16 07:26:47
AVREG.DLL    : 8.0.0.0       30977 Bytes 2008-1-23 11:07:49
AVARKT.DLL : 1.0.0.23    307457 Bytes 2008-2-12 02:29:23
AVEVTLOG.DLL  : 8.0.0.11    114945 Bytes 2008-2-28 02:31:31
SQLITE3.DLL : 3.3.17.1    339968 Bytes 2008-1-22 11:28:02
SMTPLIB.DLL : 1.2.0.19       28929 Bytes 2008-1-23 11:08:39
NETNT.DLL    : 8.0.0.1       7937 Bytes 2008-1-25 06:05:10
RCIMAGE.DLL : 8.0.0.31    2564353 Bytes 2008-2-28 03:19:50
RCTEXT.DLL : 8.0.32.0       86273 Bytes 2008-3-6 05:45:45
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition premium\sysscan.avp
Logging..........................: low
Primary action...................: repair
Secondary action.................: delete
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:, E:, F:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: on
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Deviating archive types..........: +BSD Mailbox, +Netscape/Mozilla Mailbox, +Eudora Mailbox, +Squid cache, +Pegasus Mailbox, +MS Outlook Mailbox,
Macro heuristic..................: on
File heuristic...................: high
Deviating risk categories........: +APPL,+GAME,+JOKE,+PCK,+SPR,
Start of the scan: 2008年5月10日  08:39
Starting search for hidden objects.
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\klif\Instances\$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123
   [INFO]    The registry entry is invisible.
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\klif\Instances\klif
   [INFO]    The registry entry is invisible.
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\klif\parameters\$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123
   [INFO]    The registry entry is invisible.
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\klif\parameters\909
   [INFO]    The registry entry is invisible.
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\klif\parameters\909\$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123
   [INFO]    The registry entry is invisible.
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\klif\parameters\909\filters
   [INFO]    The registry entry is invisible.
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\klif\Instances\$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123
   [INFO]    The registry entry is invisible.
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\klif\Instances\klif
   [INFO]    The registry entry is invisible.
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\klif\parameters\$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123
   [INFO]    The registry entry is invisible.
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\klif\parameters\909
   [INFO]    The registry entry is invisible.
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\klif\parameters\909\$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123
   [INFO]    The registry entry is invisible.
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\klif\parameters\909\filters
   [INFO]    The registry entry is invisible.
'53304' objects were checked, '12' hidden objects were found.
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'cfp.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'egui.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'hpqwmiex.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ekrn.exe' - '1' Module(s) have been scanned
Scan process 'cmdagent.exe' - '1' Module(s) have been scanned
Scan process 'guard.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
26 processes with 26 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
   [INFO]    No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
   [INFO]    No virus was found!
Boot sector 'D:\'
   [INFO]    No virus was found!
Boot sector 'E:\'
   [INFO]    No virus was found!
Boot sector 'F:\'
   [INFO]    No virus was found!
Starting to scan the registry.
The registry was scanned ( '19' files ).

Starting the file scan:
Begin scan in 'C:\'
C:\pagefile.sys
   [WARNING] The file could not be opened!
Begin scan in 'D:\'
Begin scan in 'E:\' <书籍>
Begin scan in 'F:\' <新加卷>

End of the scan: 2008年5月10日  09:09
Used time: 29:47 min
The scan has been done completely.
4474 Scanning directories
157068 Files were scanned
   0 viruses and/or unwanted programs were found
   0 Files were classified as suspicious:
   0 files were deleted
   0 files were repaired
   0 files were moved to quarantine
   0 files were renamed
   1 Files cannot be scanned
157068 Files not concerned
1316 Archives were scanned
   1 Warnings
   0 Notes
  53304 Objects were scanned with rootkit scan
   12 Hidden objects were found

[ 本帖最后由 kafantravel 于 2008-5-10 20:17 编辑 ]

显示全部楼层 · 发表于 2008-5-10 13:11:40

没人帮忙么，真失望。

显示全部楼层 · 发表于 2008-5-10 13:57:57

klif……像是卡巴的东西……似乎无害……
如果是残余的话，用冰刃可以干掉

显示全部楼层 · 发表于 2008-5-10 13:59:38

红伞报告invisible

直接去注册表把这个键删了（可能需要借助IceSword）

显示全部楼层 · 发表于 2008-5-10 20:17:26

谢谢楼上两位朋友。拿ICESWORD一气乱砍，清净了。

[已解决] 红伞扫出的Hidden objects，大家帮忙看看怎么清除？