[PID: 3592][C:\Program Files\Rising\Rav\RsAgent.exe]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9]
    [C:\Program Files\TENCENT\Adplus\Adplus.dll]  [Tencent, 4, 4, 1, 14]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.2.3.10 24Jun03]
    [C:\Program Files\Kingyee\MedDic\RmNT.dll]  [TechnoCraft Inc., 4.0]
    [C:\Program Files\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]
[PID: 572][C:\WINDOWS\msagent\AgentSvr.exe]  [Microsoft Corporation, 2.00.0.3424]
    [C:\Program Files\TENCENT\Adplus\Adplus.dll]  [Tencent, 4, 4, 1, 14]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.2.3.10 24Jun03]
    [C:\Program Files\Kingyee\MedDic\RmNT.dll]  [TechnoCraft Inc., 4.0]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]
    [C:\Program Files\Kingyee\MedDic\TCHook32.dll]  [（株）テクノクラフト, 5, 0, 4, 3]
    [C:\Program Files\Support.com\bin\sdcidle.dll]  [SupportSoft, 1, 0, 0, 4]
[PID: 724][C:\Documents and Settings\Zeng Zihua\桌面\SREng\SREng.exe]  [Smallfrogs Studio, 2.2.6.605]
    [C:\Program Files\TENCENT\Adplus\Adplus.dll]  [Tencent, 4, 4, 1, 14]
    [C:\WINDOWS\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.2.3.10 24Jun03]
    [C:\Program Files\Kingyee\MedDic\RmNT.dll]  [TechnoCraft Inc., 4.0]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 7]
    [C:\Program Files\Kingyee\MedDic\TCHook32.dll]  [（株）テクノクラフト, 5, 0, 4, 3]
    [C:\Program Files\Support.com\bin\sdcidle.dll]  [SupportSoft, 1, 0, 0, 4]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
N/A

==================================

大哥 我帮不了你了  要不你等明天吧  要不你现在从新做系统
看你C盘也没什么重要文件  我就看日志看了30分钟 看的直串行
个人建议袄:1马上做系统
          2等明天

运行(双击)SRENG2，点“启动项目，服务，点“Win32服务应用程序”
勾选“隐藏微软服务”选中病毒服务
[Windows Driver Foundation - User-mode Driver Framework /
Remote Access Connection Management
，选择“删除服务”
点“设置”选择“否”

运行(双击)SRENG2，点“启动项目，服务，点“驱动程序”
勾选“隐藏微软服务”选中病毒服务
dvydcng
mqgfrp4
npkycryp
，选择“删除服务”
点“设置”选择“否”

运行SREng2,使用“系统修复”－－浏览器加载项－－删除
[]
{669751ED-D558-49AE-B01A-3B374CC7910E} <C:\WINDOWS\system32\ssup.dll, TENCENT>
[]
{D3341007-C77C-4F1C-B2A5-D94D5BE55F7E} <C:\WINDOWS\system32\dljnnpldsmshhcz.dll, N/A>


重启按F８进入安全模式下
显示隐藏文件
删除：
C:\Program Files\Messenger\msnhost.dll
C:\WINDOWS\system32\dljnnpldsmshhcz.dll 
C:\WINDOWS\system32\ssup.dll
C:\Program Files\Tencent\QQ\npkycryp.sys
\SystemRoot\System32\DRIVERS\mqgfrp43.sys
SystemRoot\system32\drivers\dvydcng.sys
-->%SystemRoot%\System32\WUDFSvc.dll

学习拉~!  HOHO

谢了~