附件中有SRENG扫描文件。

用户系统信息：Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; (R1 1.5))

瑞星开机杀毒杀不了.

参考此贴：http://bbs.ikaka.com/showtopic-8561436.aspx修复rpcss.dll文件。
1.建议使用XDelBox删除以下文件：(XDelBox1.8下载)
使用说明：删除时复制所有要删除文件的路径，在待删除文件列表里点击右键选择从剪贴板导入，导入后在要删除文件上点击右键，选择立刻重启删除，电脑会重启进入DOS界面进行删除操作。运行xdelbox前最好卸载所有可移动存储介质（包括U盘，MP3，手机存储卡等）。

c:\windows\system32\craoek.exe
c:\windows\system32\system.exe
c:\docume~1\new\locals~1\temp\vmnat.exe
c:\windows\cmmon32.exe
c:\program files\common files\dosoce\mineos.exe
c:\program files\internet explorer\vitnnt64.987
c:\windows\620386mm.dll
c:\windows\system32\16af66eb.dll
c:\windows\system32\4fbfd5a4.dll
c:\windows\system32\58ff3024.dll
c:\windows\system32\755d0ed0.dll
c:\windows\system32\8566f82e.dll
c:\windows\system32\9ca963ca.dll
c:\windows\system32\byguktfz.dll
c:\windows\system32\com\1.2.2\wndhook.dll
c:\windows\system32\d7c79813.dll
c:\windows\system32\hbmhly.dll
c:\windows\system32\hbqqxx.dll
c:\windows\system32\lmtlsb.dll
c:\windows\system32\mapi32.dll
c:\windows\system32\msgati.dll
c:\windows\system32\sysmxd3.dll
c:\windows\temp\element.dll
c:\windows\temp\textfont.dat
c:\windows\temp\wowinitcode.dat
c:\windows\temp\zpwgamerecord.dll
c:\windows\system32\acdess.dll
c:\program files\common files\dosoce\fozos.exe
c:\windows\system32\winsysdwn.dll
c:\windows\system32\drivers\wucoi.sys
c:\documents and settings\all users\application data\microsoft\media player\obj\wmpobj.sys
c:\windows\system32\nskhelper2.sys
c:\windows\system32\drivers\hbkernel32.sys
c:\windows\system32\f35ee9e.sys
c:\windows\system32\drivers\entdrv51.sys
c:\windows\system32\de8296f.sys
c:\windows\system32\d7b49fa.sys
c:\windows\system32\c39e8db.sys

2.删除重启后使用SREng修复下面各项：

    启动项目 －－ 注册表之如下项删除：
[[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\program.exe]]    <IFEO[program.exe]>
[[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\prot.exe]]    <IFEO[prot.exe]>
[[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pview95.exe]]    <IFEO[pview95.exe]>
[[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ras.exe]]    <IFEO[ras.exe]>
[[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RAV7.exe]]    <IFEO[RAV7.exe]>
[[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rav7win.exe]]    <IFEO[rav7win.exe]>
[[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RavMon.exe]]    <IFEO[RavMon.exe]>
[[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RavMonD.exe]]    <IFEO[RavMonD.exe]>
[[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RavStub.exe]]    <IFEO[RavStub.exe]>
[[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RavTask.exe]]    <IFEO[RavTask.exe]>
[[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rescue32.exe]]    <IFEO[rescue32.exe]>
[[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Rfw.exe]]    <IFEO[Rfw.exe]>
[[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rn.exe]]    <IFEO[rn.exe]>
[[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\safeboxTray.exe]]    <IFEO[safeboxTray.exe]>
[[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\safeweb.exe]]    <IFEO[safeweb.exe]>
[[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\scam32.exe]]    <IFEO[scam32.exe]>
[[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\scan.exe]]    <IFEO[scan.exe]>
[[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SCAN32.exe]]    <IFEO[SCAN32.exe]>
[[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SCANPM.exe]]    <IFEO[SCANPM.exe]>
[[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\scon.exe]]    <IFEO[scon.exe]>
[[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SCRSCAN.exe]]    <IFEO[SCRSCAN.exe]>
[[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\seccenter.exe]]    <IFEO[seccenter.exe]>
[[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\secu.exe]]    <IFEO[secu.exe]>
[[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SERV95.exe]]    <IFEO[SERV95.exe]>
[[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sirc32.exe]]    <IFEO[sirc32.exe]>
[[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SMC.exe]]    <IFEO[SMC.exe]>
[[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\smtpsvc.exe]]    <IFEO[smtpsvc.exe]>
[[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SPHINX.exe]]    <IFEO[SPHINX.exe]>
[[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\spy.exe]]    <IFEO[spy.exe]>
[[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SWEEP95.exe]]    <IFEO[SWEEP95.exe]>
[[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\symproxysvc.exe]]    <IFEO[symproxysvc.exe]>
[[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TBSCAN.exe]]    <IFEO[TBSCAN.exe]>
[[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TCA.exe]]    <IFEO[TCA.exe]>
[[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TDS2-98.exe]]    <IFEO[TDS2-98.exe]>
[[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TDS2-NT.exe]]    <IFEO[TDS2-NT.exe]>
[[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Tmntsrv.exe]]    <IFEO[Tmntsrv.exe]>
[[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TMOAgent.exe]]    <IFEO[TMOAgent.exe]>
[[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tmproxy.exe]]    <IFEO[tmproxy.exe]>
[[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tmupdito.exe]]    <IFEO[tmupdito.exe]>
[[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TSC.exe]]    <IFEO[TSC.exe]>
[[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UlibCfg.exe]]    <IFEO[UlibCfg.exe]>
[[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vavrunr.exe]]    <IFEO[vavrunr.exe]>
[[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\VET95.exe]]    <IFEO[VET95.exe]>
[[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\VETTRAY.exe]]    <IFEO[VETTRAY.exe]>
[[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vir.exe]]    <IFEO[vir.exe]>
[[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\VPC32.exe]]    <IFEO[VPC32.exe]>
[[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\VSECOMR.exe]]    <IFEO[VSECOMR.exe]>
[[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vshwin32.exe]]    <IFEO[vshwin32.exe]>
[[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\VSSCAN40]]    <IFEO[VSSCAN40]>
[[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vsstat.exe]]    <IFEO[vsstat.exe]>
[[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\WEBSCAN.exe]]    <IFEO[WEBSCAN.exe]>
[[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\WEBSCANX.exe]]    <IFEO[WEBSCANX.exe]>
[[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\webtrap.exe]]    <IFEO[webtrap.exe]>
[[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\WFINDV32.exe]]    <IFEO[WFINDV32.exe]>
[[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\windows优化大师.exe]]    <IFEO[windows优化大师.exe]>
[[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wink.exe]]    <IFEO[wink.exe]>
[[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\zonealarm.exe]]    <IFEO[zonealarm.exe]>
[[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\_AVP32.exe]]    <IFEO[_AVP32.exe]>
[[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\_AVPCC.exe]]    <IFEO[_AVPCC.exe]>
[[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\_AVPM.exe]]    <IFEO[_AVPM.exe]>
[IFEO[atrack.exe]]    <svchost.exe>
[IFEO[AVCONSOL.exe]]    <svchost.exe>
[IFEO[AVE32.exe]]    <svchost.exe>
[IFEO[AVGCTRL.exe]]    <svchost.exe>
[IFEO[avk.exe]]    <svchost.exe>
[IFEO[AVKSERV.exe]]    <svchost.exe>
[IFEO[avp.exe]]    <svchost.exe>
[IFEO[avp32.exe]]    <svchost.exe>
[IFEO[AVPCC.exe]]    <svchost.exe>
[IFEO[avpdos32.exe]]    <svchost.exe>
[IFEO[AVPM.exe]]    <svchost.exe>
[IFEO[AVPMON.exe]]    <svchost.exe>
[IFEO[AVPNT.exe]]    <svchost.exe>
[IFEO[AVPTC32.exe]]    <svchost.exe>
[IFEO[AVPUPD.exe]]    <svchost.exe>
[IFEO[AVSCHED32.exe]]    <svchost.exe>
[IFEO[avsynmgr.exe]]    <svchost.exe>
[IFEO[AVWIN95.exe]]    <svchost.exe>
[IFEO[avxonsol.exe]]    <svchost.exe>
[IFEO[bdagent.exe]]    <svchost.exe>
[IFEO[BLACKD.exe]]    <svchost.exe>
[IFEO[BLACKICE.exe]]    <svchost.exe>
[IFEO[CCenter.exe]]    <svchost.exe>
[IFEO[CFIADMIN.exe]]    <svchost.exe>
[IFEO[CFIAUDIT.exe]]    <svchost.exe>
[IFEO[CFIND.exe]]    <svchost.exe>
[IFEO[cfinet.exe]]    <svchost.exe>
[IFEO[cfinet32.exe]]    <svchost.exe>
[IFEO[CLAW95.exe]]    <svchost.exe>
[IFEO[CLAW95CT.exe]]    <svchost.exe>
[IFEO[CLEANER.exe]]    <svchost.exe>
[IFEO[CLEANER3.exe]]    <svchost.exe>
[IFEO[DAVPFW.exe]]    <svchost.exe>
[IFEO[debu.exe]]    <svchost.exe>
[IFEO[DV95.exe]]    <svchost.exe>
[IFEO[DV95_O.exe]]    <svchost.exe>
[IFEO[DVP95.exe]]    <svchost.exe>
[IFEO[ECENGINE.exe]]    <svchost.exe>
[IFEO[EFINET32.exe]]    <svchost.exe>
[IFEO[egui.exe]]    <svchost.exe>
[IFEO[ESAFE.exe]]    <svchost.exe>
[IFEO[ESPWATCH.exe]]    <svchost.exe>
[IFEO[explorewclass.exe]]    <svchost.exe>
[IFEO[F-AGNT95.exe]]    <svchost.exe>
[IFEO[F-PROT.exe]]    <svchost.exe>
[IFEO[f-prot95.exe]]    <svchost.exe>
[IFEO[F-STOPW.exe]]    <svchost.exe>
[IFEO[FINDVIRU.exe]]    <svchost.exe>
[IFEO[fir.exe]]    <svchost.exe>
[IFEO[fp-win.exe]]    <svchost.exe>
[IFEO[IAMAPP.exe]]    <svchost.exe>
[IFEO[IAMSERV.exe]]    <svchost.exe>
[IFEO[IBMASN.exe]]    <svchost.exe>
[IFEO[IBMAVSP.exe]]    <svchost.exe>
[IFEO[ice.exe]]    <svchost.exe>
[IFEO[IceSword.exe]]    <svchost.exe>
[IFEO[ICLOAD95.exe]]    <svchost.exe>
[IFEO[ICLOADNT.exe]]    <svchost.exe>
[IFEO[ICMOON.exe]]    <svchost.exe>
[IFEO[ICSSUPPNT.exe]]    <svchost.exe>
[IFEO[iom.exe]]    <svchost.exe>
[IFEO[iomon98.exe]]    <svchost.exe>
[IFEO[JED.exe]]    <svchost.exe>
[IFEO[Kabackreport.exe]]    <svchost.exe>
[IFEO[Kasmain.exe]]    <svchost.exe>
[IFEO[kav32.exe]]    <svchost.exe>
[IFEO[kavstart.exe]]    <svchost.exe>
[IFEO[kissvc.exe]]    <svchost.exe>
[IFEO[KPFW32.exe]]    <svchost.exe>
[IFEO[kpfwsvc.exe]]    <svchost.exe>
[IFEO[KPPMain.exe]]    <svchost.exe>
[IFEO[KRF.exe]]    <svchost.exe>
[IFEO[KVMonXP.exe]]    <svchost.exe>
[IFEO[KVPreScan.exe]]    <svchost.exe>
[IFEO[kwatch.exe]]    <svchost.exe>
[IFEO[lamapp.exe]]    <svchost.exe>
[IFEO[lockdown2000.exe]]    <svchost.exe>
[IFEO[LOOKOUT.exe]]    <svchost.exe>
[IFEO[luall.exe]]    <svchost.exe>
[IFEO[LUCOMSERVER.exe]]    <svchost.exe>
[IFEO[mcafee.exe]]    <svchost.exe>
[IFEO[mon.exe]]    <svchost.exe>
[IFEO[moniker.exe]]    <svchost.exe>
[IFEO[MOOLIVE.exe]]    <svchost.exe>
[IFEO[MPFTRAY.exe]]    <svchost.exe>
[IFEO[N32ACAN.exe]]    <svchost.exe>
[IFEO[navapsvc.exe]]    <svchost.exe>
[IFEO[navapw32.exe]]    <svchost.exe>
[IFEO[NAVLU32.exe]]    <svchost.exe>
[IFEO[NAVNT.exe]]    <svchost.exe>
[IFEO[navrunr.exe]]    <svchost.exe>
[IFEO[NAVSCHED.exe]]    <svchost.exe>
[IFEO[NAVW.exe]]    <svchost.exe>
[IFEO[NAVW32.exe]]    <svchost.exe>
[IFEO[navwnt.exe]]    <svchost.exe>
[IFEO[nisserv.exe]]    <svchost.exe>
[IFEO[nisum.exe]]    <svchost.exe>
[IFEO[NMAIN.exe]]    <svchost.exe>
[IFEO[NORMIST.exe]]    <svchost.exe>
[IFEO[norton.exe]]    <svchost.exe>
[IFEO[NUPGRADE.exe]]    <svchost.exe>
[IFEO[NVC95.exe]]    <svchost.exe>
[IFEO[office.exe]]    <svchost.exe>
[IFEO[OUTPOST.exe]]    <svchost.exe>
[IFEO[PADMIN.exe]]    <svchost.exe>
[IFEO[PAVCL.exe]]    <svchost.exe>
[IFEO[pcc.exe]]    <svchost.exe>
[IFEO[PCCClient.exe]]    <svchost.exe>
[IFEO[pccguide.exe]]    <svchost.exe>
[IFEO[pcciomon.exe]]    <svchost.exe>
[IFEO[pccmain.exe]]    <svchost.exe>
[IFEO[pccwin98.exe]]    <svchost.exe>
[IFEO[PCFWALLICON.exe]]    <svchost.exe>
[; ]    <N/A>
[; ]    <N/A>
[; ]    <N/A>
[IFEO[program.exe]]    <svchost.exe>
[IFEO[prot.exe]]    <svchost.exe>
[IFEO[pview95.exe]]    <svchost.exe>
[IFEO[ras.exe]]    <svchost.exe>
[IFEO[RAV7.exe]]    <svchost.exe>
[IFEO[rav7win.exe]]    <svchost.exe>
[IFEO[RavMon.exe]]    <svchost.exe>
[IFEO[RavMonD.exe]]    <svchost.exe>
[IFEO[RavStub.exe]]    <svchost.exe>
[IFEO[RavTask.exe]]    <svchost.exe>
[IFEO[rescue32.exe]]    <svchost.exe>
[IFEO[Rfw.exe]]    <svchost.exe>
[IFEO[rn.exe]]    <svchost.exe>
[IFEO[safeboxTray.exe]]    <svchost.exe>
[IFEO[safeweb.exe]]    <svchost.exe>
[IFEO[scam32.exe]]    <svchost.exe>
[IFEO[scan.exe]]    <svchost.exe>
[IFEO[SCAN32.exe]]    <svchost.exe>
[IFEO[SCANPM.exe]]    <svchost.exe>
[IFEO[scon.exe]]    <svchost.exe>
[IFEO[SCRSCAN.exe]]    <svchost.exe>
[IFEO[seccenter.exe]]    <svchost.exe>
[IFEO[secu.exe]]    <svchost.exe>
[IFEO[SERV95.exe]]    <svchost.exe>
[IFEO[sirc32.exe]]    <svchost.exe>
[IFEO[SMC.exe]]    <svchost.exe>
[IFEO[smtpsvc.exe]]    <svchost.exe>
[IFEO[SPHINX.exe]]    <svchost.exe>
[IFEO[spy.exe]]    <svchost.exe>
[IFEO[SWEEP95.exe]]    <svchost.exe>
[IFEO[symproxysvc.exe]]    <svchost.exe>
[IFEO[TBSCAN.exe]]    <svchost.exe>
[IFEO[TCA.exe]]    <svchost.exe>
[IFEO[TDS2-98.exe]]    <svchost.exe>
[IFEO[TDS2-NT.exe]]    <svchost.exe>
[IFEO[Tmntsrv.exe]]    <svchost.exe>
[IFEO[TMOAgent.exe]]    <svchost.exe>
[IFEO[tmproxy.exe]]    <svchost.exe>
[IFEO[tmupdito.exe]]    <svchost.exe>
[IFEO[TSC.exe]]    <svchost.exe>
[IFEO[UlibCfg.exe]]    <svchost.exe>
[IFEO[vavrunr.exe]]    <svchost.exe>
[IFEO[VET95.exe]]    <svchost.exe>
[IFEO[VETTRAY.exe]]    <svchost.exe>
[IFEO[vir.exe]]    <svchost.exe>
[IFEO[VPC32.exe]]    <svchost.exe>
[IFEO[VSECOMR.exe]]    <svchost.exe>
[IFEO[vshwin32.exe]]    <svchost.exe>
[IFEO[VSSCAN40]]    <svchost.exe>
[IFEO[vsstat.exe]]    <svchost.exe>
[IFEO[WEBSCAN.exe]]    <svchost.exe>
[IFEO[WEBSCANX.exe]]    <svchost.exe>
[IFEO[webtrap.exe]]    <svchost.exe>
[IFEO[WFINDV32.exe]]    <svchost.exe>
[IFEO[windows优化大师.exe]]    <svchost.exe>
[IFEO[wink.exe]]    <svchost.exe>
[IFEO[zonealarm.exe]]    <svchost.exe>
[IFEO[_AVP32.exe]]    <svchost.exe>
[IFEO[_AVPCC.exe]]    <svchost.exe>
[IFEO[_AVPM.exe]]    <svchost.exe>
[[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PERSFW.exe]]    <IFEO[PERSFW.exe]>
[[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pop3trap.exe]]    <IFEO[pop3trap.exe]>
[[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PpPpWallRun.exe]]    <IFEO[PpPpWallRun.exe]>

    启动项目 －－ 服务 －－ Win32服务应用程序之如下项删除：
[Application Data Error Log Chec / adelc]    <C:\Program Files\Common Files\dosoce\fozos.exe>
[Application Management / AppMgmt]    <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%systemroot%\system32\winsysdwn.dll>

    启动项目 －－ 服务－－ 驱动程序之如下项删除：
[wucoi / wucoi]    <\SystemRoot\system32\drivers\wucoi.sys>
[wmpobj / wmpobj]    <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Media Player\obj\wmpobj.sys>
[NsReSDev1 / NsReSDev1]    <\??\C:\WINDOWS\system32\Nskhelper2.sys>
[HBKernel32 Driver / HBKernel32]    <\SystemRoot\system32\drivers\HBKernel32.sys>
[f35ee9e / f35ee9e]    <\??\C:\WINDOWS\system32\f35ee9e.sys>
[EntDrv51 / EntDrv51]    <\??\C:\WINDOWS\system32\drivers\EntDrv51.sys>
[de8296f / de8296f]    <\??\C:\WINDOWS\system32\de8296f.sys>
[d7b49fa / d7b49fa]    <\??\C:\WINDOWS\system32\d7b49fa.sys>
[c39e8db / c39e8db]    <\??\C:\WINDOWS\system32\c39e8db.sys>

    系统修复－－　浏览器加载项之如下项删除：
[]    <C:\Program Files\Internet Explorer\VitnNt64.987>

**************以上分析报告由SREngLog分析助手提供******************
分析：草莽书生
时间：2008-11-17
SREngLog分析助手 1.3 (20070808 更新 BY 草莽书生)