跟垃圾广告斗争好几个月了，兔子卡卡都用过了，现在还是经常弹出广告，很多还是色情性质的，用的又是公司的电脑，不好交代啊。哪位大侠能帮忙解决一下？Bow bow bow
下面是hijackthis的扫描日志

Logfile of HijackThis v1.99.1
Scan saved at 5:51:15 PM, on 9/8/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\CA\eTrust Antivirus\InoRpc.exe
C:\Program Files\CA\eTrust Antivirus\InoRT.exe
C:\Program Files\CA\eTrust Antivirus\InoTask.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\MSDEMSSQL$INST01\Binn\sqlservr.exe
C:\EPOAgent\naimas32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\svchost.exe
C:\MSDEMSSQL$INST01\Binn\sqlagent.EXE
C:\Program Files\Kingsoft\PowerWord 2005\XDICT.EXE
C:\WINDOWS\System32\dllhost.exe
C:\Program Files\Microsoft Visual Studio .NET 2003\Common7\IDE\devenv.exe
C:\software\VISUAL_SOURCESAFE2005\VSSSwitcher\VSSSwitcher\Debug\SCCSwitcher.exe
C:\Program Files\Microsoft Office\Office10\EXCEL.EXE
C:\Program Files\MSN Messenger\msnmsgr.exe
\?\C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Documents and Settings\5103\My Documents\software\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=56626&homepage=about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {8D139DD1-6BB5-4103-8C89-41560FF2E107} - C:\WINDOWS\system32\3721_6.dll
O3 - Toolbar: ???????? - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINDOWS\system32\kakatool.dll
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [SCCSwitcher] ; C:\software\VISUAL_SOURCESAFE2005\VSSSwitcher\VSSSwitcher\Debug\SCCSwitcher.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\wshcon32.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wshcon32.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.microsoft.com/
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = aquiloplc.co.uk
O17 - HKLM\Software\..\Telephony: DomainName = aquiloplc.co.uk
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = aquiloplc.co.uk
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: eTrust Antivirus RPC Server (InoRPC) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRpc.exe
O23 - Service: eTrust Antivirus Realtime Server (InoRT) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoRT.exe
O23 - Service: eTrust Antivirus Job Server (InoTask) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Antivirus\InoTask.exe
O23 - Service: NAI ePolicy Orchestrator Agent (NAIMAGENT32) - Network Associates, Inc. - C:\EPOAgent\naimas32.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Svchost Service For Windows (svchost) - Unknown owner - C:\WINDOWS\svchost.exe

控制面板－－管理工具－－服务－－查找--Svchost Service For Windows --启动类型－－设置为已禁止--服务类型－－设置为停止

运行Hijackthis，把下面的选中打上钩，修复
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=56626&homepage=about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {8D139DD1-6BB5-4103-8C89-41560FF2E107} - C:\WINDOWS\system32\3721_6.dll
O3 - Toolbar: ???????? - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINDOWS\system32\kakatool.dll
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = aquiloplc.co.uk
O17 - HKLM\Software\..\Telephony: DomainName = aquiloplc.co.uk
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = aquiloplc.co.uk
O23 - Service: Svchost Service For Windows (svchost) - Unknown owner - C:\WINDOWS\svchost.exe


删除
C:\WINDOWS\svchost.exe


O10 - Unknown file in Winsock LSP: c:\windows\system32\wshcon32.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wshcon32.dll
下载，LSPFix.exe，WinsockXPFix这两个软件
下载地址：http://free5.ys168.com/?ufwihgu168
重新启动电脑, 开机检测完后, 按[F8]键(可以一直按到启动菜单出来为止), 选择安全模式进入Windows

运行LSPFix.exe
删除
wshcon32.dll

附说明一份
LSPFix.exe这个软件主要用来辅助修复HijackThis扫描发现的O10项。
使用时，请关闭所有IE界面和文件夹界面后运行LSPFix，运行后，把要修复的那一个O10项从左边转到右边，点“Finish”即可。（不过这之前，需要在“I know what I`m doing”前面打勾。）
双击我的电脑，工具，文件夹选项，查看，单击选取"显示隐藏文件或文件夹"清除"隐藏受保护的操作系统文件（推荐）"复选框。在提示确定更改时，单击“是”，清除“隐藏已知文件类型的扩展名
删除
c:\windows\system32\wshcon32.dll

修复后重启，如果无法上网，请运行WinsockXPFix，让它修复一下。

修复后，

请下载SREng2 ，使用“智能扫描”，按下“扫描”按钮进行扫描，
扫描完成后按下“保存报告”按钮保存报告日志文件（SREng.LOG），把保存的报告
日志文件内容复制-粘贴上来,,日志一次粘不完，分次粘完，请不要修改。

下载地址
http://free5.ys168.com/?ufwihgu168

【回复“秋日里的蓝天”的帖子】
2006-09-08,19:35:03

System Repair Engineer 2.0.21.505 (2.0 RC 2)
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- Administrative User - Completed Functions Allowed

Follow item(s) have been choosed:
    All Boot Items (Including Registry, Startup Folders, Services and so on)
    Browser Add-ons
    Runing Processes (Including process model information)
    File Associations


Boot Items
Registry
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <SCCSwitcher><; C:\software\VISUAL_SOURCESAFE2005\VSSSwitcher\VSSSwitcher\Debug\SCCSwitcher.exe>  [S?nke Schau ]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <HotKeysCmds><C:\WINDOWS\System32\hkcmd.exe>  [Intel Corporation]
    <Windows Defender><"C:\Program Files\Windows Defender\MSASCui.exe" -hide>  [Microsoft Corporation]
    <KernelFaultCheck><%systemroot%\system32\dumprep 0 -k>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\Userinit.exe,>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [Microsoft Corporation]

==================================
Startup Folders
Services
[eTrust Antivirus RPC Server / InoRPC]
  <"C:\Program Files\CA\eTrust Antivirus\InoRpc.exe"><Computer Associates International, Inc.>
[eTrust Antivirus Realtime Server / InoRT]
  <"C:\Program Files\CA\eTrust Antivirus\InoRT.exe"><Computer Associates International, Inc.>
[eTrust Antivirus Job Server / InoTask]
  <"C:\Program Files\CA\eTrust Antivirus\InoTask.exe"><Computer Associates International, Inc.>
[NAI ePolicy Orchestrator Agent / NAIMAGENT32]
  <C:\EPOAgent\naimas32.exe><Network Associates, Inc.>
[SoundMAX Agent Service / SoundMAX Agent Service (default)]
  <C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe><Analog Devices, Inc.>
[Svchost Service For Windows / svchost]
  <C:\WINDOWS\svchost.exe><N/A>

==================================
Browser Add-ons
[Windows Genuine Advantage Validation Tool]
  {17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\LegitCheckControl.DLL, Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash8b.ocx, Macromedia, Inc.>
[Yahoo! Toolbar Helper]
  {02478D38-C3F9-4EFB-9B51-7695ECA05670} <, N/A>
[MonitorURL Class]
  {08A312BB-5409-49FC-9347-54BB7D069AC6} <C:\PROGRA~1\DESKAD~1\deskipn.dll, N/A>
[Web Browser Applet Control]
  {08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\WINDOWS\System32\msjava.dll, Microsoft Corporation>
[wmpdrm]
  {0E674588-66B7-4E19-9D0E-2053B800F69F} <C:\WINDOWS\system32\wmpdrm.dll, Allsum Info. Tech. Ltd.>
[Windows Genuine Advantage Validation Tool]
  {17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\LegitCheckControl.DLL, Microsoft Corporation>
[FltSetUp Class]
  {1D49D58D-5C84-4B50-8359-D9809BEB2B32} <C:\Program Files\Internet Explorer\Connection Wizard\icwnet.dll, Microsoft Corporation>
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\System32\mshtml.dll, N/A>
[BbdMzotz Class]
  {28D8612D-F943-AE39-9B8C-46F9FE56FB6F} <C:\WINDOWS\DOWNLO~1\tsqlv.dll, cdldnsoft>
[DHTML Edit Control Safe for Scripting for IE5]
  {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
[BrowserHelper Class]
  {2D99E8F4-56B7-457B-9A92-61B5D247D263} <C:\WINDOWS\system32\WinDefendor.dll, TODO: <公司名>>
[Yahoo!Photo]
  {33BBE430-0E42-4F12-B075-8D21ACB10DCB} <C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yphtb.dll, Yahoo! China>
[IETag Factory]
  {38481807-CA0E-42D2-BF39-B33AF135CC4D} <C:\PROGRA~1\COMMON~1\MICROS~1\SMARTT~1\IETAG.DLL, Microsoft Corporation>
[雅虎助手]
  {406F94F0-504F-4A40-8DFD-58B0666ABEBD} <C:\PROGRA~1\Yahoo!\Assistant\Assist\yasbar.dll, yahoo! china>
[HHCtrl Object]
  {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
[Yahoo!Live]
  {57421194-58FB-49AE-9B4F-FD48869B9AD4} <C:\PROGRA~1\Yahoo!\ASSIST~1\YAlive.dll, yahoo! china>
[Macrosoft Class]
  {58DB541D-F15A-4E95-A5D9-5DF5EE13920C} <c:\windows\system32\winlogin.dll, Macrosoft>
[ActiveBHO Class]
  {63C55A7F-6E29-8D4F-5C76-4F850F28D13A} <C:\Progra~1\DoDoorRSSFinder\ActiveBandObject.dll, >
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Microsoft Web Browser]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\System32\shdocvw.dll, Microsoft Corporation>
[IEHlprObj Class]
  {999ADFA2-8AD1-47FF-97FC-69FB847458F4} <C:\Progra~1\NetMeeting\nmview.dll, Microsoft Corporation>
[Microsoft Scriptlet Component]
  {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\System32\mshtml.dll, Microsoft Corporation>
[卡卡上网安全助手]
  {AFF6E516-CBE5-4F8A-9C2F-38A68013E766} <C:\WINDOWS\system32\kakatool.dll, Beijing Rising Technology Co., Ltd.>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\System32\shdocvw.dll, N/A>
[]
  {B69003B3-C55E-4B48-836C-BC5946FC3B28} <C:\Program Files\Messenger\msgsc.dll, Microsoft Corporation>
[IEHlprObj Class]
  {BA623AA0-9A82-4D0C-944C-0228CEA17780} <C:\Progra~1\Messenger\msgsf.dll, Microsoft Corporation>
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[Adobe PDF Reader]
  {CA8A9780-280D-11CF-A24D-444553540000} <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroPDF.dll, Adobe Systems, Inc.>
[AUDIO__MP3 Moniker Class]
  {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[AUDIO__WAV Moniker Class]
  {CD3AFA7B-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[AUDIO__X_MS_WMA Moniker Class]
  {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_ASF Moniker Class]
  {CD3AFA8F-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash8b.ocx, Macromedia, Inc.>
[卡卡上网安全助手]
  {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\kakatool.dll, Beijing Rising Technology Co., Ltd.>
[Yahoo! 导航条]
  {EF99BD32-C1FB-11D2-892F-0090271D4F88} <, N/A>
[IEHlprObj Class]
  {F5B3ECED-9BF3-4F7E-882B-A6E75343C499} <C:\Progra~1\NetMeeting\netinit.dll, Microsoft Corporation>
[assist]
  {FE3ECAE7-0A37-4506-8A7D-3CC9A04D2CA8} <C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yassist.dll, Yahoo! China>

==================================

Running Processes
[PID: 316][\SystemRoot\System32\smss.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 424][\??\C:\WINDOWS\system32\csrss.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 448][\??\C:\WINDOWS\system32\winlogon.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\system32\SYNCOR11.DLL]  <SoundMAX><1.2.3>
[PID: 492][C:\WINDOWS\system32\services.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\system32\SYNCOR11.DLL]  <SoundMAX><1.2.3>
[PID: 504][C:\WINDOWS\system32\lsass.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\system32\SYNCOR11.DLL]  <SoundMAX><1.2.3>
[PID: 668][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\system32\SYNCOR11.DLL]  <SoundMAX><1.2.3>
[PID: 728][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\system32\SYNCOR11.DLL]  <SoundMAX><1.2.3>
[PID: 796][C:\Program Files\Windows Defender\MsMpEng.exe]  <Microsoft Corporation><1.1.1347.0>
[PID: 840][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\System32\SYNCOR11.DLL]  <SoundMAX><1.2.3>
[PID: 912][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\System32\SYNCOR11.DLL]  <SoundMAX><1.2.3>
[PID: 1020][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\System32\SYNCOR11.DLL]  <SoundMAX><1.2.3>
[PID: 1172][C:\WINDOWS\system32\spoolsv.exe]  <Microsoft Corporation><5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)>
    [C:\WINDOWS\system32\SYNCOR11.DLL]  <SoundMAX><1.2.3>
[PID: 1444][C:\WINDOWS\Explorer.EXE]  <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\system32\SYNCOR11.DLL]  <SoundMAX><1.2.3>
    [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll]  <Adobe Systems, Inc.><7.0.0.0>
    [C:\Program Files\Ontrack\ZipMagic\ZMSHExt.dll]  <Ontrack Data International><4,0,2,75>
    [C:\Program Files\Ontrack\ZipMagic\mxdlgsup.dll]  <Ontrack Data International><4,0,2,75>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\assist\ywiper.dll]  <Yahoo! China><3, 0, 0, 1000>
    [C:\Program Files\CA\eTrust Antivirus\InoShell.dll]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\WinRAR\rarext.dll]  <N/A><N/A>
    [C:\Program Files\Ontrack\ZipMagic\ZMCopy.dll]  <Ontrack Data International><4,0,2,75>
[PID: 1564][C:\WINDOWS\System32\hkcmd.exe]  <Intel Corporation><3,0,0,2104>
    [C:\WINDOWS\System32\hccutils.DLL]  <Intel Corporation><3,0,0,2104>
    [C:\WINDOWS\System32\igfxdev.dll]  <Intel Corporation><3,0,0,2104>
    [C:\WINDOWS\System32\igfxsrvc.dll]  <Intel Corporation><3,0,0,2104>
    [C:\WINDOWS\System32\igfxhk.dll]  <Intel Corporation><3,0,0,2104>
    [C:\WINDOWS\System32\igfxres.dll]  <Intel Corporation><3,0,0,2104>
[PID: 1572][C:\Program Files\Windows Defender\MSASCui.exe]  <Microsoft Corporation><1.1.1347.0>
    [C:\WINDOWS\system32\SYNCOR11.DLL]  <SoundMAX><1.2.3>
[PID: 1660][C:\WINDOWS\system32\ctfmon.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\system32\SYNCOR11.DLL]  <SoundMAX><1.2.3>
[PID: 1740][C:\WINDOWS\system32\inetsrv\inetinfo.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1804][C:\Program Files\CA\eTrust Antivirus\InoRpc.exe]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\eTrust Antivirus\InConfig.dll]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\eTrust Antivirus\InoOEM.dll]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\eTrust Antivirus\INOCORE.dll]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\SharedComponents\ScanEngine\DistCfg.dll]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\eTrust Antivirus\ScanLog.dll]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\eTrust Antivirus\InocDB.dll]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\eTrust Antivirus\wBkRsrc.dll]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\eTrust Antivirus\secAddIn.dll]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\eTrust Antivirus\InocAdn.dll]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\eTrust Antivirus\InDrvCfg.dll]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\eTrust Antivirus\secAPI.dll]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\SharedComponents\ScanEngine\InoScan.dll]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\SharedComponents\ScanEngine\ScanRes.dll]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\eTrust Antivirus\poldecod.dll]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\eTrust Antivirus\polAdn.dll]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\eTrust Antivirus\RPCMtAdn.dll]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\eTrust Antivirus\NameAPIX.dll]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\eTrust Antivirus\RPCMtAPI.dll]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\eTrust Antivirus\InoAlert.dll]  <Computer Associates International, Inc.><7.1.192.0>
[PID: 1880][C:\Program Files\CA\eTrust Antivirus\InoRT.exe]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\eTrust Antivirus\ScanLog.dll]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\eTrust Antivirus\InConfig.dll]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\eTrust Antivirus\InoOEM.dll]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\eTrust Antivirus\INOCORE.dll]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\eTrust Antivirus\InocDB.dll]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\SharedComponents\ScanEngine\DistCfg.dll]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\eTrust Antivirus\wBkRsrc.dll]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\SharedComponents\ScanEngine\InoScan.dll]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\SharedComponents\ScanEngine\ScanRes.dll]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\SharedComponents\ScanEngine\arclib.dll]  <Computer Associates International, Inc.><7.2.0.18>
    [C:\Program Files\CA\SharedComponents\ScanEngine\VetE.dll]  <Computer Associates International, Inc.><Version 12.4.1.0>
[PID: 1952][C:\Program Files\CA\eTrust Antivirus\InoTask.exe]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\eTrust Antivirus\InoAlert.dll]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\eTrust Antivirus\ScanLog.dll]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\eTrust Antivirus\InConfig.dll]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\eTrust Antivirus\InoOEM.dll]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\eTrust Antivirus\INOCORE.dll]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\eTrust Antivirus\InocDB.dll]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\eTrust Antivirus\RPCMtAPI.dll]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\eTrust Antivirus\InDrvCfg.dll]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\SharedComponents\ScanEngine\DistCfg.dll]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\eTrust Antivirus\secAPI.dll]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\eTrust Antivirus\wBkRsrc.dll]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\SharedComponents\ScanEngine\InoScan.dll]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\SharedComponents\ScanEngine\arclib.dll]  <Computer Associates International, Inc.><7.2.0.18>
    [C:\Program Files\CA\SharedComponents\ScanEngine\Avh32dll.dll]  <N/A><N/A>
    [C:\Program Files\CA\SharedComponents\ScanEngine\ScanRes.dll]  <Computer Associates International, Inc.><7.1.192.0>
[PID: 212][C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe]  <Microsoft Corporation><7.10.3077>
[PID: 712][C:\MSDEMSSQL$INST01\Binn\sqlservr.exe]  <Microsoft Corporation><2000.080.2039.00>
[PID: 788][C:\EPOAgent\naimas32.exe]  <Network Associates, Inc.><2.5.0.168>
    [C:\EPOAgent\nagshr32.dll]  <Network Associates, Inc.><2.5.0.168>
    [C:\EPOAgent\NAICRT32.dll]  <Network Associates, Inc.><2.5.0.168>
    [C:\EPOAgent\nmcomn32.dll]  <Network Associates, Inc.><2.5.0.168>
    [C:\EPOAgent\nauaconv.dll]  <Network Associates, Inc.><2.5.0.168>
    [C:\EPOAgent\naisp32.dll]  <Network Associates, Inc.><2.5.0.168>
    [C:\EPOAgent\nanif32.dll]  <Network Associates, Inc.><2.5.0.168>
    [C:\EPOAgent\naisgn32.dll]  <Network Associates, Inc.><2.5.0.168>
    [C:\EPOAgent\NAHTTP32.dll]  <Network Associates, Inc.><2.5.0.168>
    [C:\EPOAgent\AGENTRES.DLL]  <Network Associates, Inc.><2.5.0.168>
    [C:\EPOAgent\nan32tcp.dll]  <Network Associates, Inc.><2.5.0.168>
    [C:\WINDOWS\system32\SYNCOR11.DLL]  <SoundMAX><1.2.3>

[PID: 1200][C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe]  <Analog Devices, Inc.><3, 2, 6, 0>
[PID: 1232][C:\MSDEMSSQL$INST01\Binn\sqlagent.EXE]  <Microsoft Corporation><2000.080.2039.00>
[PID: 1396][C:\WINDOWS\system32\wdfmgr.exe]  <Microsoft Corporation><5.2.3790.1230 built by: DNSRV(bld4act)>
[PID: 2328][C:\WINDOWS\System32\alg.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\System32\SYNCOR11.DLL]  <SoundMAX><1.2.3>
[PID: 3760][C:\Documents and Settings\5103\My Documents\software\HijackThis.exe]  <Soeperman Enterprises Ltd.><1.99.0001>
[PID: 3968][C:\Program Files\Internet Explorer\iexplore.exe]  <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\system32\SYNCOR11.DLL]  <SoundMAX><1.2.3>
    [C:\WINDOWS\system32\Macromed\Flash\Flash8b.ocx]  <Macromedia, Inc.><8,0,24,0>
[PID: 3872][C:\WINDOWS\system32\notepad.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\system32\SYNCOR11.DLL]  <SoundMAX><1.2.3>
[PID: 3660][C:\Program Files\WinRAR\WinRAR.exe]  <N/A><N/A>
    [C:\Program Files\WinRAR\Formats\ace.fmt]  <N/A><N/A>
    [C:\Program Files\WinRAR\Formats\arj.fmt]  <N/A><N/A>
    [C:\Program Files\WinRAR\Formats\bz2.fmt]  <N/A><N/A>
    [C:\Program Files\WinRAR\Formats\cab.fmt]  <N/A><N/A>
    [C:\Program Files\WinRAR\Formats\gz.fmt]  <N/A><N/A>
    [C:\Program Files\WinRAR\Formats\iso.fmt]  <N/A><N/A>
    [C:\Program Files\WinRAR\Formats\lzh.fmt]  <N/A><N/A>
    [C:\Program Files\WinRAR\Formats\tar.fmt]  <N/A><N/A>
    [C:\Program Files\WinRAR\Formats\uue.fmt]  <N/A><N/A>
[PID: 1392][C:\Documents and Settings\5103\My Documents\software\SREng2\SREng.exe]  <Smallfrogs Studio><2.0.21.505>
    [C:\WINDOWS\system32\SYNCOR11.DLL]  <SoundMAX><1.2.3>

==================================
File Associations
.TXT  Error. [notepad.exe %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  Error. [hh.exe %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  Error. [notepad.exe %1]
.INF  Error. [notepad.exe %1]
.VBS  Error. [wscript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock Provider

==================================

运行(双击)SRENG2，点“启动项目，服务，点“Win32服务应用程序”
勾选“隐藏微软服务”选中病毒服务Svchost Service For Windows ，选择“删除服务”
点“设置”选择“否”


重启后删除：
C:\WINDOWS\svchost.exe

运行SRENG2,使用：系统修复－－文件关联－－选择修复、

修复后请重新扫描上来

【回复“秋日里的蓝天”的帖子】
2006-09-08,20:12:54

System Repair Engineer 2.0.21.505 (2.0 RC 2)
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- Administrative User - Completed Functions Allowed

Follow item(s) have been choosed:
    All Boot Items (Including Registry, Startup Folders, Services and so on)
    Browser Add-ons
    Runing Processes (Including process model information)
    File Associations


Boot Items
Registry
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <SCCSwitcher><; C:\software\VISUAL_SOURCESAFE2005\VSSSwitcher\VSSSwitcher\Debug\SCCSwitcher.exe>  [S?nke Schau ]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <HotKeysCmds><C:\WINDOWS\System32\hkcmd.exe>  [Intel Corporation]
    <Windows Defender><"C:\Program Files\Windows Defender\MSASCui.exe" -hide>  [Microsoft Corporation]
    <KernelFaultCheck><%systemroot%\system32\dumprep 0 -k>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\Userinit.exe,>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [Microsoft Corporation]

==================================
Startup Folders
Services
[eTrust Antivirus RPC Server / InoRPC]
  <"C:\Program Files\CA\eTrust Antivirus\InoRpc.exe"><Computer Associates International, Inc.>
[eTrust Antivirus Realtime Server / InoRT]
  <"C:\Program Files\CA\eTrust Antivirus\InoRT.exe"><Computer Associates International, Inc.>
[eTrust Antivirus Job Server / InoTask]
  <"C:\Program Files\CA\eTrust Antivirus\InoTask.exe"><Computer Associates International, Inc.>
[NAI ePolicy Orchestrator Agent / NAIMAGENT32]
  <C:\EPOAgent\naimas32.exe><Network Associates, Inc.>
[SoundMAX Agent Service / SoundMAX Agent Service (default)]
  <C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe><Analog Devices, Inc.>

==================================
Browser Add-ons
[Windows Genuine Advantage Validation Tool]
  {17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\LegitCheckControl.DLL, Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash8b.ocx, Macromedia, Inc.>
[Yahoo! Toolbar Helper]
  {02478D38-C3F9-4EFB-9B51-7695ECA05670} <, N/A>
[MonitorURL Class]
  {08A312BB-5409-49FC-9347-54BB7D069AC6} <C:\PROGRA~1\DESKAD~1\deskipn.dll, N/A>
[Web Browser Applet Control]
  {08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\WINDOWS\System32\msjava.dll, Microsoft Corporation>
[wmpdrm]
  {0E674588-66B7-4E19-9D0E-2053B800F69F} <C:\WINDOWS\system32\wmpdrm.dll, Allsum Info. Tech. Ltd.>
[Windows Genuine Advantage Validation Tool]
  {17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\LegitCheckControl.DLL, Microsoft Corporation>
[FltSetUp Class]
  {1D49D58D-5C84-4B50-8359-D9809BEB2B32} <C:\Program Files\Internet Explorer\Connection Wizard\icwnet.dll, Microsoft Corporation>
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\System32\mshtml.dll, N/A>
[BbdMzotz Class]
  {28D8612D-F943-AE39-9B8C-46F9FE56FB6F} <C:\WINDOWS\DOWNLO~1\tsqlv.dll, cdldnsoft>
[DHTML Edit Control Safe for Scripting for IE5]
  {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
[BrowserHelper Class]
  {2D99E8F4-56B7-457B-9A92-61B5D247D263} <C:\WINDOWS\system32\WinDefendor.dll, TODO: <公司名>>
[Yahoo!Photo]
  {33BBE430-0E42-4F12-B075-8D21ACB10DCB} <C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yphtb.dll, Yahoo! China>
[IETag Factory]
  {38481807-CA0E-42D2-BF39-B33AF135CC4D} <C:\PROGRA~1\COMMON~1\MICROS~1\SMARTT~1\IETAG.DLL, Microsoft Corporation>
[雅虎助手]
  {406F94F0-504F-4A40-8DFD-58B0666ABEBD} <C:\PROGRA~1\Yahoo!\Assistant\Assist\yasbar.dll, yahoo! china>
[HHCtrl Object]
  {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
[Yahoo!Live]
  {57421194-58FB-49AE-9B4F-FD48869B9AD4} <C:\PROGRA~1\Yahoo!\ASSIST~1\YAlive.dll, yahoo! china>
[Macrosoft Class]
  {58DB541D-F15A-4E95-A5D9-5DF5EE13920C} <c:\windows\system32\winlogin.dll, Macrosoft>
[ActiveBHO Class]
  {63C55A7F-6E29-8D4F-5C76-4F850F28D13A} <C:\Progra~1\DoDoorRSSFinder\ActiveBandObject.dll, >
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Microsoft Web Browser]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\System32\shdocvw.dll, Microsoft Corporation>
[IEHlprObj Class]
  {999ADFA2-8AD1-47FF-97FC-69FB847458F4} <C:\Progra~1\NetMeeting\nmview.dll, Microsoft Corporation>
[Microsoft Scriptlet Component]
  {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\System32\mshtml.dll, Microsoft Corporation>
[卡卡上网安全助手]
  {AFF6E516-CBE5-4F8A-9C2F-38A68013E766} <C:\WINDOWS\system32\kakatool.dll, Beijing Rising Technology Co., Ltd.>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\System32\shdocvw.dll, N/A>
[]
  {B69003B3-C55E-4B48-836C-BC5946FC3B28} <C:\Program Files\Messenger\msgsc.dll, Microsoft Corporation>
[IEHlprObj Class]
  {BA623AA0-9A82-4D0C-944C-0228CEA17780} <C:\Progra~1\Messenger\msgsf.dll, Microsoft Corporation>
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[Adobe PDF Reader]
  {CA8A9780-280D-11CF-A24D-444553540000} <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroPDF.dll, Adobe Systems, Inc.>
[AUDIO__MP3 Moniker Class]
  {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[AUDIO__WAV Moniker Class]
  {CD3AFA7B-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[AUDIO__X_MS_WMA Moniker Class]
  {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_ASF Moniker Class]
  {CD3AFA8F-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash8b.ocx, Macromedia, Inc.>
[卡卡上网安全助手]
  {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\kakatool.dll, Beijing Rising Technology Co., Ltd.>
[Yahoo! 导航条]
  {EF99BD32-C1FB-11D2-892F-0090271D4F88} <, N/A>
[IEHlprObj Class]
  {F5B3ECED-9BF3-4F7E-882B-A6E75343C499} <C:\Progra~1\NetMeeting\netinit.dll, Microsoft Corporation>
[assist]
  {FE3ECAE7-0A37-4506-8A7D-3CC9A04D2CA8} <C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yassist.dll, Yahoo! China>

==================================

Running Processes
[PID: 316][\SystemRoot\System32\smss.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 424][\??\C:\WINDOWS\system32\csrss.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 448][\??\C:\WINDOWS\system32\winlogon.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\system32\SYNCOR11.DLL]  <SoundMAX><1.2.3>
[PID: 492][C:\WINDOWS\system32\services.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\system32\SYNCOR11.DLL]  <SoundMAX><1.2.3>
[PID: 504][C:\WINDOWS\system32\lsass.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\system32\SYNCOR11.DLL]  <SoundMAX><1.2.3>
[PID: 668][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\system32\SYNCOR11.DLL]  <SoundMAX><1.2.3>
[PID: 724][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\system32\SYNCOR11.DLL]  <SoundMAX><1.2.3>
[PID: 792][C:\Program Files\Windows Defender\MsMpEng.exe]  <Microsoft Corporation><1.1.1347.0>
[PID: 836][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\System32\SYNCOR11.DLL]  <SoundMAX><1.2.3>
[PID: 916][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\System32\SYNCOR11.DLL]  <SoundMAX><1.2.3>
[PID: 1016][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\System32\SYNCOR11.DLL]  <SoundMAX><1.2.3>
[PID: 1160][C:\WINDOWS\system32\spoolsv.exe]  <Microsoft Corporation><5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)>
    [C:\WINDOWS\system32\SYNCOR11.DLL]  <SoundMAX><1.2.3>
[PID: 1436][C:\WINDOWS\Explorer.EXE]  <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\system32\SYNCOR11.DLL]  <SoundMAX><1.2.3>
    [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll]  <Adobe Systems, Inc.><7.0.0.0>
    [C:\Program Files\Ontrack\ZipMagic\ZMSHExt.dll]  <Ontrack Data International><4,0,2,75>
    [C:\Program Files\Ontrack\ZipMagic\mxdlgsup.dll]  <Ontrack Data International><4,0,2,75>
    [C:\Program Files\WinRAR\rarext.dll]  <N/A><N/A>
[PID: 1560][C:\WINDOWS\System32\hkcmd.exe]  <Intel Corporation><3,0,0,2104>
    [C:\WINDOWS\System32\hccutils.DLL]  <Intel Corporation><3,0,0,2104>
    [C:\WINDOWS\System32\igfxdev.dll]  <Intel Corporation><3,0,0,2104>
    [C:\WINDOWS\System32\igfxsrvc.dll]  <Intel Corporation><3,0,0,2104>
    [C:\WINDOWS\System32\igfxhk.dll]  <Intel Corporation><3,0,0,2104>
    [C:\WINDOWS\System32\igfxres.dll]  <Intel Corporation><3,0,0,2104>
[PID: 1568][C:\Program Files\Windows Defender\MSASCui.exe]  <Microsoft Corporation><1.1.1347.0>
[PID: 1652][C:\WINDOWS\system32\ctfmon.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\system32\SYNCOR11.DLL]  <SoundMAX><1.2.3>
[PID: 1808][C:\WINDOWS\system32\inetsrv\inetinfo.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1872][C:\Program Files\CA\eTrust Antivirus\InoRpc.exe]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\eTrust Antivirus\InConfig.dll]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\eTrust Antivirus\InoOEM.dll]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\eTrust Antivirus\INOCORE.dll]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\SharedComponents\ScanEngine\DistCfg.dll]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\eTrust Antivirus\ScanLog.dll]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\eTrust Antivirus\InocDB.dll]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\eTrust Antivirus\wBkRsrc.dll]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\eTrust Antivirus\secAddIn.dll]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\eTrust Antivirus\InocAdn.dll]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\eTrust Antivirus\InDrvCfg.dll]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\eTrust Antivirus\secAPI.dll]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\SharedComponents\ScanEngine\InoScan.dll]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\SharedComponents\ScanEngine\ScanRes.dll]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\eTrust Antivirus\poldecod.dll]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\eTrust Antivirus\polAdn.dll]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\eTrust Antivirus\RPCMtAdn.dll]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\eTrust Antivirus\NameAPIX.dll]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\eTrust Antivirus\RPCMtAPI.dll]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\eTrust Antivirus\InoAlert.dll]  <Computer Associates International, Inc.><7.1.192.0>
[PID: 1928][C:\Program Files\CA\eTrust Antivirus\InoRT.exe]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\eTrust Antivirus\ScanLog.dll]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\eTrust Antivirus\InConfig.dll]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\eTrust Antivirus\InoOEM.dll]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\eTrust Antivirus\INOCORE.dll]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\eTrust Antivirus\InocDB.dll]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\SharedComponents\ScanEngine\DistCfg.dll]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\eTrust Antivirus\wBkRsrc.dll]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\SharedComponents\ScanEngine\InoScan.dll]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\SharedComponents\ScanEngine\ScanRes.dll]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\SharedComponents\ScanEngine\arclib.dll]  <Computer Associates International, Inc.><7.2.0.18>
    [C:\Program Files\CA\SharedComponents\ScanEngine\VetE.dll]  <Computer Associates International, Inc.><Version 12.4.1.0>
[PID: 2044][C:\Program Files\CA\eTrust Antivirus\InoTask.exe]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\eTrust Antivirus\InoAlert.dll]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\eTrust Antivirus\ScanLog.dll]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\eTrust Antivirus\InConfig.dll]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\eTrust Antivirus\InoOEM.dll]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\eTrust Antivirus\INOCORE.dll]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\eTrust Antivirus\InocDB.dll]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\eTrust Antivirus\RPCMtAPI.dll]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\eTrust Antivirus\InDrvCfg.dll]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\SharedComponents\ScanEngine\DistCfg.dll]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\eTrust Antivirus\secAPI.dll]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\eTrust Antivirus\wBkRsrc.dll]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\SharedComponents\ScanEngine\InoScan.dll]  <Computer Associates International, Inc.><7.1.192.0>
    [C:\Program Files\CA\SharedComponents\ScanEngine\arclib.dll]  <Computer Associates International, Inc.><7.2.0.18>
    [C:\Program Files\CA\SharedComponents\ScanEngine\Avh32dll.dll]  <N/A><N/A>
    [C:\Program Files\CA\SharedComponents\ScanEngine\ScanRes.dll]  <Computer Associates International, Inc.><7.1.192.0>
[PID: 280][C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe]  <Microsoft Corporation><7.10.3077>
[PID: 408][C:\MSDEMSSQL$INST01\Binn\sqlservr.exe]  <Microsoft Corporation><2000.080.2039.00>
[PID: 904][C:\EPOAgent\naimas32.exe]  <Network Associates, Inc.><2.5.0.168>
    [C:\EPOAgent\nagshr32.dll]  <Network Associates, Inc.><2.5.0.168>
    [C:\EPOAgent\NAICRT32.dll]  <Network Associates, Inc.><2.5.0.168>
    [C:\EPOAgent\nmcomn32.dll]  <Network Associates, Inc.><2.5.0.168>
    [C:\EPOAgent\nauaconv.dll]  <Network Associates, Inc.><2.5.0.168>
    [C:\EPOAgent\naisp32.dll]  <Network Associates, Inc.><2.5.0.168>
    [C:\EPOAgent\nanif32.dll]  <Network Associates, Inc.><2.5.0.168>
    [C:\EPOAgent\naisgn32.dll]  <Network Associates, Inc.><2.5.0.168>
    [C:\EPOAgent\NAHTTP32.dll]  <Network Associates, Inc.><2.5.0.168>
    [C:\EPOAgent\AGENTRES.DLL]  <Network Associates, Inc.><2.5.0.168>
    [C:\EPOAgent\nan32tcp.dll]  <Network Associates, Inc.><2.5.0.168>
    [C:\WINDOWS\system32\SYNCOR11.DLL]  <SoundMAX><1.2.3>
[PID: 1152][C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe]  <Analog Devices, Inc.><3, 2, 6, 0>
[PID: 1272][C:\MSDEMSSQL$INST01\Binn\sqlagent.EXE]  <Microsoft Corporation><2000.080.2039.00>
[PID: 1408][C:\WINDOWS\system32\wdfmgr.exe]  <Microsoft Corporation><5.2.3790.1230 built by: DNSRV(bld4act)>
[PID: 2320][C:\WINDOWS\System32\alg.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\System32\SYNCOR11.DLL]  <SoundMAX><1.2.3>
[PID: 2396][C:\Program Files\Internet Explorer\iexplore.exe]  <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\system32\SYNCOR11.DLL]  <SoundMAX><1.2.3>
    [C:\WINDOWS\system32\Macromed\Flash\Flash8b.ocx]  <Macromedia, Inc.><8,0,24,0>
[PID: 3116][C:\WINDOWS\system32\wuauclt.exe]  <Microsoft Corporation><5.8.0.2469 built by: lab01_n(wmbla)>
    [C:\WINDOWS\system32\SYNCOR11.DLL]  <SoundMAX><1.2.3>
[PID: 3872][C:\WINDOWS\system32\conime.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\system32\SYNCOR11.DLL]  <SoundMAX><1.2.3>
[PID: 780][C:\Program Files\Microsoft Office\Office10\WINWORD.EXE]  <Microsoft Corporation><10.0.4219>
[PID: 3548][C:\Documents and Settings\5103\My Documents\software\SREng2\SREng.exe]  <Smallfrogs Studio><2.0.21.505>
    [C:\WINDOWS\system32\SYNCOR11.DLL]  <SoundMAX><1.2.3>

==================================
File Associations
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock Provider

==================================