Windows XP Professional (Build 2600) - Administrative User - Completed Functions Allowed

Follow item(s) have been choosed:
  All Boot Items (Including Registry, Startup Folders, Services and so on)
  Browser Add-ons
  Runing Processes (Including process model information)
  File Associations
  Winsock Provider
  Autorun.Inf
  HOSTS File


Boot Items
Registry
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  <ctfmon.exe><C:\WINDOWS\System32\ctfmon.exe> [(Verified)Microsoft Windows XP Publisher]
  <Yahoo! Pager><"C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet> [(Verified)Yahoo! Inc.]
  <MsnMsgr><"C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background> [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
  <load><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <IMJPMIG8.1><C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [(Verified)Microsoft Windows XP Publisher]
  <PHIME2002ASync><C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC> [(Verified)Microsoft Windows XP Publisher]
  <PHIME2002A><C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName> [(Verified)Microsoft Windows XP Publisher]
  <ccApp><"C:\Program Files\Common Files\Symantec Shared\ccApp.exe"> [(Verified)Symantec Corporation]
  <WinampAgent><"C:\Program Files\Winamp\Winampa.exe"> [N/A]
  <Symantec NetDriver Monitor><C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer> [(Verified)Symantec Corporation]
  <Cmaudio><RunDll32 cmicnfg.cpl,CMICtrlWnd> [N/A]
  <SoundMan><SOUNDMAN.EXE> [(Verified)Microsoft Windows XP Publisher]
  <SSC_UserPrompt><C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe> [(Verified)Symantec Corporation]
  <ATIPTA><C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe> [ATI Technologies, Inc.]
  <NeroFilterCheck><C:\WINDOWS\system32\NeroCheck.exe> [Ahead Software Gmbh]
  <KernelFaultCheck><%systemroot%\system32\dumprep 0 -k> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
  <shell><Explorer.exe> [(Verified)Microsoft Windows XP Publisher]
  <Userinit><C:\WINDOWS\System32\UserInit.exe,> [(Verified)Microsoft Windows XP Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
  <AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
  <UIHost><logonui.exe> [(Verified)Microsoft Windows XP Publisher]

==================================
Startup Folders
[Microsoft Office]
<C:\Documents and Settings\All Users\「開始」功能表\程式集\啟動\Microsoft Office.lnk --> C:\PROGRA~1\MICROS~2\Office10\OSA.EXE [Microsoft Corporation]><N>
[Adobe Reader Speed Launch]
<C:\Documents and Settings\All Users\「開始」功能表\程式集\啟動\Adobe Reader Speed Launch.lnk --> C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE [Adobe Systems Incorporated]><N>

==================================
Services
[ASP.NET State Service / aspnet_state][Stopped/Manual Start]
<C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe><Microsoft Corporation>
[Ati HotKey Poller / Ati HotKey Poller][Running/Auto Start]
<C:\WINDOWS\System32\Ati2evxx.exe><ATI Technologies Inc.>
[ATI Smart / ATI Smart][Stopped/Auto Start]
<C:\WINDOWS\system32\ati2sgag.exe><>
[Symantec Event Manager / ccEvtMgr][Running/Auto Start]
<"C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"><Symantec Corporation>
[Symantec Password Validation / ccPwdSvc][Stopped/Manual Start]
<"C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe"><Symantec Corporation>
[Symantec Settings Manager / ccSetMgr][Running/Auto Start]
<"C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"><Symantec Corporation>
[Human Interface Device Access / HidServ][Stopped/Disabled]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[Machine Debug Manager / MDM][Running/Auto Start]
<"C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe"><Microsoft Corporation>
[Norton AntiVirus Auto Protect Service / navapsvc][Running/Auto Start]
<"C:\Program Files\Norton AntiVirus\navapsvc.exe"><Symantec Corporation>
[SAVScan / SAVScan][Running/Manual Start]
<C:\Program Files\Norton AntiVirus\SAVScan.exe><Symantec Corporation>
[ScriptBlocking Service / SBService][Stopped/Auto Start]
<C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe><Symantec Corporation>
[Symantec Network Drivers Service / SNDSrvc][Stopped/Manual Start]
<C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe><Symantec Corporation>
[SymWMI Service / SymWSC][Stopped/Auto Start]
<C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe><Symantec Corporation>
[Audio Adapter / vgADown][Running/Auto Start]
<C:\WINDOWS\avp.exe><N/A>

==================================
Drivers
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
<system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[ati2mtag / ati2mtag][Running/Manual Start]
<System32\DRIVERS\ati2mtag.sys><ATI Technologies Inc.>
[C-Media WDM Audio Interface / cmuda][Stopped/Manual Start]
<system32\drivers\cmuda.sys><C-Media Inc>
[NAVENG / NAVENG][Running/Manual Start]
<\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20070606.018\NAVENG.Sys><Symantec Corporation>
[NAVEX15 / NAVEX15][Running/Manual Start]
<\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20070606.018\NavEx15.Sys><Symantec Corporation>
[Padus ASPI Shell / pfc][Running/Manual Start]
<system32\drivers\pfc.sys><Padus, Inc.>
[直接平行連接埠連結驅動程式 / Ptilink][Running/Manual Start]
<System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
<System32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[SAVRT / SAVRT][Running/Manual Start]
<\??\C:\Program Files\Norton AntiVirus\SAVRT.SYS><Symantec Corporation>
[SAVRTPEL / SAVRTPEL][Running/System Start]
<\??\C:\Program Files\Norton AntiVirus\SAVRTPEL.SYS><Symantec Corporation>
[Sony Ericsson Device 038 Driver driver (WDM) / SE26bus][Stopped/Manual Start]
<System32\DRIVERS\SE26bus.sys><MCCI>
[Secdrv / Secdrv][Stopped/Manual Start]
<System32\DRIVERS\secdrv.sys><N/A>
[Sony USB Filter Driver (SONYPVU1) / SONYPVU1][Stopped/Manual Start]
<System32\DRIVERS\SONYPVU1.SYS><Sony Corporation>
[SymEvent / SymEvent][Running/Manual Start]
<\??\C:\Program Files\Symantec\SYMEVENT.SYS><Symantec Corporation>
[SYMREDRV / SYMREDRV][Stopped/Manual Start]
<\SystemRoot\System32\Drivers\SYMREDRV.SYS><Symantec Corporation>
[SYMTDI / SYMTDI][Running/System Start]
<\SystemRoot\System32\Drivers\SYMTDI.SYS><Symantec Corporation>

==================================
Browser Add-ons
[Adobe PDF Reader Link Helper]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[Windows Live Sign-in Helper]
{9030D464-4C02-4ABF-8ECC-5164760863C6} <C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, Microsoft Corporation>
[Windows Live Toolbar Helper]
{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} <C:\Program Files\Windows Live Toolbar\msntb.dll, Microsoft Corporation>
[CNavExtBho Class]
{BDF3E430-B101-42AD-A544-FADC6B084872} <C:\Program Files\Norton AntiVirus\NavShExt.dll, Symantec Corporation>
[@shdoclc.dll,-866]
{c95fe080-8f5d-11d2-a20b-00aa003c157a} <, N/A>
[Yahoo! Messenger]
{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} <C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe, Yahoo! Inc.>
[Norton AntiVirus]
{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} <C:\Program Files\Norton AntiVirus\NavShExt.dll, Symantec Corporation>
[Windows Live Toolbar]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} <C:\Program Files\Windows Live Toolbar\msntb.dll, Microsoft Corporation>
[收音機(&R)]
{8E718888-423F-11D2-876E-00A0C9082467} <C:\WINDOWS\System32\msdxm.ocx, Microsoft Corporation>
[Windows Genuine Advantage Validation Tool]
{17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\System32\LegitCheckControl.DLL, Microsoft Corporation>
[WUWebControl Class]
{6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\System32\wuweb.dll, Microsoft Corporation>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\System32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[&Windows Live Search]
<res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm, N/A>
[Foxy 下載]
<res://C:\Program Files\Foxy\Foxy.exe/download.htm, N/A>
[Foxy 搜尋]
<res://C:\Program Files\Foxy\Foxy.exe/search.htm, N/A>
[匯出至 Microsoft Excel(&X)]
<res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000, N/A>
[在新的前景索引標籤中開啟]
<res://C:\Program Files\Windows Live Toolbar\Components\zh-tw\msntabres.dll.mui/230?0b51639ccf30447d9cc031e05e8a6348, N/A>
[在新的背景索引標籤中開啟]
<res://C:\Program Files\Windows Live Toolbar\Components\zh-tw\msntabres.dll.mui/229?0b51639ccf30447d9cc031e05e8a6348, N/A>
[添加到AMV視頻轉換工具...]
<C:\Program Files\MP3 Player Utilities 4.00\AMVConverter\grab.html, N/A>
[添加到Media Manager工具...]
<C:\Program Files\MP3 Player Utilities 4.00\MediaManager\grab.html, N/A>

==================================
Running Processes
[PID: 648][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 704][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 504][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2600.0000 (xpclient.010817-1148)]
  [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll] [Adobe Systems, Inc., 7.0.0.0]
  [C:\Program Files\Common Files\Microsoft Shared\VS7Debug\pdm.dll] [Microsoft Corporation, 7.00.9064.9112]
  [C:\Program Files\Common Files\Microsoft Shared\VS7Debug\1028\mdmui.dll] [Microsoft Corporation, 7.00.9064.9132]
  [C:\Program Files\Common Files\Microsoft Shared\VS7Debug\msdbg2.dll] [Microsoft Corporation, 7.00.9064.9112]
  [C:\Program Files\Common Files\Symantec Shared\Script Blocking\scrauth.dll] [Symantec Corporation, 1, 1, 1, 131]
  [C:\Program Files\Common Files\Symantec Shared\Script Blocking\ScrBlock.dll] [Symantec Corporation, 1, 1, 1, 131]
  [C:\Documents and Settings\凌\Application Data\Foxy\LinkMaker.dll] [, 1, 1, 1, 0]
  [C:\Program Files\Norton AntiVirus\NavShExt.dll] [Symantec Corporation, 10.00.13]
  [C:\WINDOWS\System32\MSVCP70.dll] [Microsoft Corporation, 7.00.9466.0]
  [C:\WINDOWS\System32\MSVCR70.dll] [Microsoft Corporation, 7.00.9466.0]
  [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll] [Adobe Systems Incorporated, 7.0.7.2006011200]
  [C:\WINDOWS\System32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[PID: 912][C:\WINDOWS\SOUNDMAN.EXE] [Realtek Semiconductor Corp., 5, 1, 0, 54]
[PID: 1148][C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe] [ATI Technologies, Inc., 6.14.10.5134]
  [C:\Program Files\ATI Technologies\ATI Control Panel\atipdsxx.dll] [ATI Technologies, Inc., 6.14.10.5134]
  [C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI CONTROL PANEL\ATRPUIXX.CHT] [ATI Technologies, Inc., 6.14.10.5134]
  [C:\Program Files\ATI Technologies\ATI Control Panel\atipdxxx.dll] [ATI Technologies, Inc., 6.14.10.5134]
[PID: 1676][C:\WINDOWS\System32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1672][C:\Program Files\MSN Messenger\MsnMsgr.Exe] [Microsoft Corporation, 8.0.0812.00]
  [C:\WINDOWS\System32\msdmo.dll] [, ]
[PID: 2160][C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe] [Yahoo! Inc., 8,1,0,0]
  [C:\PROGRA~1\Yahoo!\MESSEN~1\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
  [C:\PROGRA~1\Yahoo!\MESSEN~1\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
  [C:\Program Files\Yahoo!\Shared\YbSkin2.dll] [Yahoo! Inc., 2006, 10, 11, 1]
  [C:\PROGRA~1\Yahoo!\MESSEN~1\res_msgr.dll] [Yahoo! Inc., 8,5,0,1]
[PID: 1968][C:\WINDOWS\System32\conime.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 2556][C:\Documents and Settings\凌\桌面\sreng2\SREng.EXE] [Smallfrogs Studio, 2.4.12.806]
  [C:\Documents and Settings\凌\桌面\sreng2\Plugins\NWMON.SRE] [Smallfrogs Studio, 1, 0, 0, 8]

==================================
File Associations
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS   OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock Provider
MSAFD Tcpip [TCP/IP]
  C:\WINDOWS\System32\Od6media.dll(, N/A)
MSAFD Tcpip [RAW/IP]
  C:\WINDOWS\System32\Od6media.dll(, N/A)

==================================
Autorun.Inf
N/A

==================================
HOSTS File
127.0.0.1     localhost

==================================
API HOOK
N/A

==================================
Hidden Process
N/A

==================================


小弟目前IE無法瀏覽網頁
這是使用SRE掃描出來的結果可否請大大幫忙協助處理

<C:\WINDOWS\avp.exe><N/A>

的確有病毒入侵 請使用防毒程式掃毒
但無法顯示網頁 只要將Winsock2 修改回來即可
http://bbs.mychat.to/read.php?tid=578004

請參考以下..
關閉系統還原..清理IE暫存..進入安全模式..
SREng程式..切換到Boot Items分頁中的Services中的Win32 Services選項..找到下列..
Services
[Audio Adapter / vgADown][Running/Auto Start]
<C:\WINDOWS\avp.exe><N/A>
勾選Delet services..再點選set..按下否刪除..

請依路徑刪除下列檔案..
C:\WINDOWS\avp.exe
C:\WINDOWS\System32\Od6media.dll(, N/A)
刪除完C:\WINDOWS\System32\Od6media.dll檔案之後會造成無法上網的情形..請用WinsockXPFix.exe工具..按下Fix即可修復..
WinsockXPFix.exe下載點--ttp://www.pchell.com/downloads/WinsockXPFix.exe