启动项目 -- 注册表之如下项删除:
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
<AutoRun><allrs.exe> [N/A]
<FaltCheck><allps.exe> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{01AFE3DC-2242-436E-9B44-6DD1C664E828}><01AFE3DC.dll> [N/A]
<{201476D0-2B18-462E-AB9F-3E2B0CC8732B}><201476D0.dll> [N/A]
<{A1A6BC2E-C6A1-43C1-8884-A31D772F42B8}><A1A6BC2E.dll> [N/A]
<{4D023DE9-F4B5-4BE0-99C6-7C7AD0CF5426}><4D023DE9.dll> [N/A]
<{122B901E-493F-4AD9-BC69-7DE8C3E52FCC}><122B901E.dll> [N/A]
<{5934EA2B-B2C4-4BE7-BF7A-FBA781A12E40}><5934EA2B.dll> [N/A]
<{56BC86C7-0692-4F94-A2C1-6CF1DBF8096C}><56BC86C7.dll> [N/A]
<{133AEAC9-9C88-4905-864C-38BBA312D9B0}><133AEAC9.dll> [N/A]
<{08223B03-1B38-4A33-A83A-A4D3CC1D6E4E}><08223B03.dll> [N/A]
<{B1471A4C-C62E-4E6B-B7DB-A2020EB18435}><B1471A4C.dll> [N/A]
<{DFB3DAC5-B0B5-4B05-BFCF-FB42737778FA}><DFB3DAC5.dll> [N/A]
<{E44343AD-3605-4282-AC8F-2E41C2F5F398}><E44343AD.dll> [N/A]
<{D7C79813-9233-4AE0-832C-99B2E8019673}><D7C79813.dll> [N/A]
<{FFAE967F-D0FC-4D2B-A0F5-D1BF27F46418}><FFAE967F.dll> [N/A]
<{950D1600-DE4A-448D-93B4-7BAE5A7A8052}><950D1600.dll> [N/A]
<{DA63E650-537C-4042-87BB-9D19D844680B}><DA63E650.dll> [N/A]
<{93DEE065-EC9B-4505-ADD3-19880AD3C38F}><93DEE065.dll> [N/A]
系统修复——浏览器加载项之如下项删除
[IEupdateCheck]
{1798BEA6-E891-46B7-A1F8-C15780D0A023} <C:\WINDOWS\system32\allmax.dll, N/A>
从其他相同系统(XP SP2)中拷贝Userinit到C:\WINDOWS\system32\dllcache和C:\WINDOWS\system32下。运行下载的删除映像劫持工具,清除检测到的所有映像劫持项:http://bbs.ikaka.com/attachment.aspx?attachmentid=429561之后再扫sreng日志上传。