my norton always warn 'klif.sys' and 'jwedsfdo0.dll' infected and cleaned everytime reboot the computer. full scan find nothing even run it in safe mode.

the path:
C:\WINDOWS\system32\drivers\klif.sys
C:\WINDOWS\system32\jwedsfdo0.dll
do not exist

what i can do!?? pls help!

i've just deleted a file j3ewro.exe at
C;\WINDOWS\system32\j3ewro.exe
and the warning disappear!

what is this file? is it a virus? will it affect the normal operation of my window XP? pls help!

j3ewro.exe is a Trojan File

Step: Download & Run System Repair Engineer

• 下載 System Repair Engineer (SREng)
  
  
  
  • 解壓並執行 SREngPS.exe
    
  • 按 Smart Scan,確認已選取所有項目,按 Scan
    
  • 最後,按 Save Reports ----> 儲存到桌面, SREngLOG.log
    
  
  

Step: Report Back
<ul>
貼上 以下報告
如果報告太長,可以上傳到 這裡

System Repair Engineer 掃描報告 {SREngLOG.log}

thanks man!
the log uploaded here:
http://www.sendspace.com/file/schpvi

ps: i have deleted the j3ewro.exe file by power remover! what else i have to do? many many thanks!

Script Name: KavoAutoRunKill.USPT
Author: uhthn2002
This script will remove the Kavo Trojan.Autorun files.


刪除檔案
[#]成功 E:\KillBox.exe
[#]成功 E:\unlocker1.8.5.exe
[#]成功 E:\winamp552_full_emusic-7plus_all.exe
[#]成功 E:\Your_Uninstaller_2006_PRO.exe
[#]成功 F:\Partition Magic 8[1][1].05 繁體中文免安裝版.exe
[#]成功 C:\WINDOWS\Prefetch\TASKMGR.EXE-20256C55.pf
[#]成功 C:\WINDOWS\Prefetch\J3EWRO.EXE-2DF079BB.pf


流動功能
[#]成功 刪除臨時文件 -> SysTmp
[#]成功 刪除臨時文件 -> InternetTmp
[#]成功 刪除臨時文件 -> RecycleBin

thanks man! report attached above!
is it those programe named above 'win amp' and your uninstaller' infected? what problem to my pc? is it cleaned now? many many thanks!

到 UanishCMD >  Backup Folder
回復 檔案
E,KillBox.exe.bak
E,unlocker1.8.5.exe.bak
E,winamp552_full_emusic-7plus_all.exe.bak
E,Your_Uninstaller_2006_PRO.exe.bak
F,Partition Magic 8[1][1].05 繁體中文免安裝版.exe.bak

唔見有 Kavo了 , 應該ok

thanks! how to 回復 檔案? rename it and place it to original folder?

重新命名檔案  將 E, 同 .bak 刪除
之後 將個幾個檔 放回 E:\