[D:\珊\QQ\CQQApplication.dll]  [N/A, ]
    [D:\珊\QQ\NewSkin.dll]  [, 1, 0, 0, 1]
    [D:\珊\QQ\HostingMgr.dll]  [, 1, 0, 0, 1]
    [D:\珊\QQ\CameraDll.dll]  [, 1, 0, 0, 1]
    [D:\珊\QQ\MailSummary.dll]  [, 1, 0, 0, 1]
    [D:\珊\QQ\CoralHotkey.cqx]  [Coral Team, 1.0]
    [D:\珊\QQ\QQKnowledgeSearch.dll]  [, 1, 0, 0, 1]
    [D:\珊\QQ\QQAllInOne.dll]  [N/A, ]
    [D:\珊\QQ\GroupLive.dll]  [N/A, ]
    [D:\珊\QQ\SCCore.dll]  [TENCENT, 2, 0, 0, 1]
    [D:\珊\QQ\gdiplus.dll]  [Microsoft Corporation, 5.1.3102.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\珊\QQ\QQSpace.dll]  [, 1, 0, 0, 1]
    [D:\珊\QQ\vbscript.dll]  [Microsoft Corporation, 5.6.0.7426]
    [D:\珊\QQ\UserDefinedHead.dll]  [, 1, 0, 0, 1]
    [D:\珊\QQ\QQPlugin.dll]  [N/A, ]
    [D:\珊\QQ\QQConfigPlugin.dll]  [, 1, 0, 0, 1]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [D:\珊\QQ\QQAvatar.dll]  [N/A, ]
    [D:\珊\QQ\FlashAvatarDll.dll]  [, 1, 4, 0, 1]
    [D:\珊\QQ\PhoneAPI.dll]  [, 1, 0, 0, 1]
    [D:\珊\QQ\DialerAllinOne.dll]  [tencent, 1, 4, 0, 0]
    [D:\珊\QQ\BQQApplication.dll]  [N/A, ]
    [D:\珊\QQ\CommercesMng.dll]  [, 1, 0, 0, 1]
    [D:\珊\QQ\PersonalDesktop.dll]  [深圳市腾讯计算机系统公司QQ工作小组, 1, 0, 0, 2]
    [D:\珊\QQ\QQAddr.dll]  [深圳市腾讯计算机系统有限公司, 5, 0, 101, 280]
    [D:\珊\QQ\QQSceneMng.dll]  [N/A, ]
    [C:\WINDOWS\system32\msdmo.dll]  [, ]
    [D:\珊\QQ\QRingMng.dll]  [N/A, ]
    [D:\珊\QQ\QQGroupMng.dll]  [, 1, 0, 0, 1]
    [D:\珊\QQ\QQSysMsgMng.dll]  [N/A, ]
    [D:\珊\QQ\LongConnection.dll]  [tencent, 5, 0, 200, 160]
    [D:\珊\QQ\QQPet.dll]  [, 1, 0, 0, 1]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx]  [Adobe Systems, Inc., 9,0,28,0]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 7]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Msxo0.dll]  [N/A, ]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\qjzo1.dll]  [N/A, ]
[PID: 4000][D:\tt IE\TTraveler.exe]  [Tencent, 3, 4, 298, 201]
    [D:\tt IE\Plugins\QQFloatBar\QQFloatBar4TT2.dll]  [腾讯公司, 1, 1, 0, 5]
    [D:\tt IE\Plugins\TWeather\TWeather.dll]  [, 1, 0, 0, 3]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 5]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\fyzo0.dll]  [N/A, ]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\LgSy0.dll]  [N/A, ]
    [C:\WINDOWS\system32\mppds.dll]  [N/A, ]
    [C:\WINDOWS\system32\cmdbcs.dll]  [N/A, ]
    [D:\tt IE\TTNetFavor.dll]  [N/A, ]
    [D:\瑞星\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [C:\WINDOWS\system32\xpsp3res.dll]  [Microsoft Corporation, 5.1.2600.3100 (xpsp_sp2_gdr.070309-0025)]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\WINABCX.IME]  [PKUETI, 5.22.216]
    [C:\WINDOWS\system32\ZDGWBX.IME]  [Microsoft, 4.00.950]
    [C:\WINDOWS\system32\VCD2000.IME]  [Microsoft, 4.00.950]
    [C:\WINDOWS\system32\DVD2000.IME]  [Microsoft, 4.00.950]
    [C:\WINDOWS\system32\JPWB.IME]  [常诚研制, 4.00.950]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Msxo0.dll]  [N/A, ]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\qjzo1.dll]  [N/A, ]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx]  [Adobe Systems, Inc., 9,0,28,0]
    [C:\WINDOWS\system32\ieframe.dll]  [Microsoft Corporation, 7.00.5730.11 (winmain(wmbla).061017-1135)]

[C:\WINDOWS\system32\iertutil.dll]  [Microsoft Corporation, 7.00.5730.11 (winmain(wmbla).061017-1135)]
    [D:\新建文件夹 (7)\Zcom\skin.dll]  [http://www.zcom.com/, 1.0.0.1]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 5]
[PID: 3156][D:\珊\QQ\QZone\Qzone.exe]  [腾讯公司, 1, 8, 102, 15]
    [D:\珊\QQ\QZone\MFC42.DLL]  [Microsoft Corporation, 6.00.8665.0]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 5]
[PID: 2812][D:\珊\QQ\QZone\Qzone.exe]  [腾讯公司, 1, 8, 102, 15]
    [D:\珊\QQ\QZone\MFC42.DLL]  [Microsoft Corporation, 6.00.8665.0]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 5]
[PID: 3028][D:\瑞星\Rising\Rav\Rav.exe]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 28]
    [D:\瑞星\Rising\Rav\PlugIn\RsPgScan.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 17]
    [D:\瑞星\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [D:\瑞星\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
    [D:\瑞星\Rising\Rav\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [D:\瑞星\Rising\Rav\RavUI.Dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 30]
    [D:\瑞星\Rising\Rav\RsGuiLib.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 28]
    [D:\瑞星\Rising\Rav\RsXML.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
    [D:\瑞星\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 5]
    [D:\瑞星\Rising\Rav\Scanner.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 8]
    [D:\瑞星\Rising\Rav\BWList.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 6]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Msxo0.dll]  [N/A, ]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\qjzo1.dll]  [N/A, ]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\fyzo0.dll]  [N/A, ]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\LgSy0.dll]  [N/A, ]
    [C:\WINDOWS\system32\mppds.dll]  [N/A, ]
    [C:\WINDOWS\system32\cmdbcs.dll]  [N/A, ]
    [D:\瑞星\Rising\Rav\PSAPI.DLL]  [Microsoft Corporation, 4.00]
    [D:\瑞星\Rising\Rav\PngDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [D:\瑞星\Rising\Rav\RavQu.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 7]
[PID: 1852][D:\新建文件夹 (2)\Photoshop.exe]  [Adobe Systems, Incorporated, 8.0.1 (8.0x125)]
    [D:\新建文件夹 (2)\UID.mr.dll]  [Adobe Systems, Inc., 1, 1, 0, 0]
    [D:\新建文件夹 (2)\AWSCommonUI.dll]  [Adobe Systems, Incorporated, 3.0.0.432]
    [D:\新建文件夹 (2)\AWSSCL.dll]  [Adobe Systems, 4.0.0.34]
    [D:\新建文件夹 (2)\WebAccessUtils.dll]  [Adobe Systems, Incorporated, 3.0.0.432]
    [D:\新建文件夹 (2)\BIBUtils.dll]  [Adobe Systems Incorporated, 1.00.0]
    [D:\新建文件夹 (2)\Photoshop.dll]  [, ]
    [D:\新建文件夹 (2)\PSViews.dll]  [Adobe Systems, Incorporated, 8.0.1 (8.0x125)]
    [D:\新建文件夹 (2)\PSArt.dll]  [Adobe Systems, Incorporated, 8.0.1 (8.0x125)]
    [C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\PS5UI.DLL]  [Microsoft Corporation, 5.2.3790.122 (srv03_qfe.040117-1806)]
    [C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\PSCRIPT5.DLL]  [Microsoft Corporation, 5.2.3790.120 (srv03_qfe.031205-1652)]
    [D:\新建文件夹 (2)\asn.er.dll]  [Adobe Systems Incorporated, 1.51x3, EndUser, Release]
    [D:\新建文件夹 (2)\增效工具\扩展\FastCore.8BX]  [Adobe Systems, Incorporated, 8.0.1 (8.0x126)]
    [D:\新建文件夹 (2)\PLUGIN.dll]  [Adobe Systems, Incorporated, 8.0.1 (8.0x125)]
    [D:\新建文件夹 (2)\增效工具\扩展\MMXCore.8BX]  [Adobe Systems, Incorporated, 8.0.1 (8.0x126)]
    [D:\新建文件夹 (2)\Required\ADMPlugin.apl]  [Adobe Systems Incorporated, 2.84pe69a 02.06.17-00:03:36h]
    [D:\新建文件夹 (2)\Required\PNGIcons.apl]  [Adobe Systems Incorporated, 1.21x7 2001.12.14-1602h.21s]
    [D:\新建文件夹 (2)\Required\ASDataStream.apl]  [Adobe Systems Incorporated, 1.02x7 02.02.15-01:45:06h]
    [D:\新建文件夹 (2)\增效工具\解析程序\PDF 增效工具.8BI]  [Adobe Systems, Incorporated, 8.0.1 (8.0x126)]
    [D:\新建文件夹 (2)\BIB.dll]  [Adobe Systems Incorporated, 1.1.16]
    [D:\新建文件夹 (2)\JP2KLib.dll]  [Adobe systems Incorporated, 1.0.28706]
    [D:\新建文件夹 (2)\增效工具\文件格式\Camera Raw.8BI]  [Adobe Systems Incorporated, 2.0]
    [D:\新建文件夹 (2)\ACE.dll]  [Adobe Systems Incorporated, 2.05.16]
    [D:\新建文件夹 (2)\AGM.dll]  [Adobe Systems Incorporated, 4.12.36]
    [D:\新建文件夹 (2)\CoolType.dll]  [Adobe Systems Incorporated, 4.14.20]
    [C:\WINDOWS\system32\ATMLIB.dll]  [Adobe Systems, 5.1 Build 226]
    [D:\新建文件夹 (2)\AWSCommonSymbols.dll]  [Adobe Systems, Incorporated, 3.0.0.432]
    [D:\新建文件夹 (2)\ARM.dll]  [Adobe Systems, Incorporated, 3.0.0.432]
    [D:\新建文件夹 (2)\shfolder.dll]  [Microsoft Corporation, 5.50.4027.300]
    [D:\新建文件夹 (2)\FileInfo.dll]  [Adobe Systems, Incorporated, 3.0.0.432]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 5]
    [D:\新建文件夹 (2)\增效工具\Adobe Photoshop Only\自动\脚本支持.8li]  [Adobe Systems Incorporated, 8.0]
    [D:\新建文件夹 (2)\ExtendScriptIDE.dll]  [Adobe Systems, Incorporated, 3.2.21]
    [D:\新建文件夹 (2)\ExtendScript.dll]  [Adobe Systems, Incorporated, 3.2.21]
    [D:\新建文件夹 (2)\ScCore.dll]  [Adobe Systems, Incorporated, 3.2.21]
    [D:\新建文件夹 (2)\MSVCP60.dll]  [Microsoft Corporation, 6.00.8972.0]
    [D:\新建文件夹 (2)\Tw10122.dat]  [Adobe Systems, Incorporated, 8.0.1 (8.0x125)]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Msxo0.dll]  [N/A, ]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\qjzo1.dll]  [N/A, ]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\fyzo0.dll]  [N/A, ]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\LgSy0.dll]  [N/A, ]
    [C:\WINDOWS\system32\mppds.dll]  [N/A, ]
    [C:\WINDOWS\system32\cmdbcs.dll]  [N/A, ]
[PID: 2224][C:\Program Files\WinRAR\WinRAR.exe]  [N/A, ]
    [C:\WINDOWS\system32\Audiodev.dll]  [Microsoft Corporation, 5.2.3802.3802 built by: dnsrv(bld4act)]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 5]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Msxo0.dll]  [N/A, ]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\qjzo1.dll]  [N/A, ]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\fyzo0.dll]  [N/A, ]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\LgSy0.dll]  [N/A, ]
    [C:\WINDOWS\system32\mppds.dll]  [N/A, ]
    [C:\WINDOWS\system32\cmdbcs.dll]  [N/A, ]
[PID: 432][C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX00.609\SREng.EXE]  [Smallfrogs Studio, 2.4.12.806]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 5]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Msxo0.dll]  [N/A, ]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\qjzo1.dll]  [N/A, ]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\fyzo0.dll]  [N/A, ]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\LgSy0.dll]  [N/A, ]
    [C:\WINDOWS\system32\mppds.dll]  [N/A, ]
    [C:\WINDOWS\system32\cmdbcs.dll]  [N/A, ]

==================================
文件关联
.TXT  Error. [C:\WINDOWS\notepad.exe %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  Error. ["hh.exe" %1]
.HLP  Error. [winhlp32.exe %1]
.INI  Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  Error. []
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost

==================================
API HOOK
N/A

==================================
隐藏进程
N/A

==================================


[/CODE]

征途 盗号
搜去

打开SREng-在"启动项目->注册表->删除以下启动项目
<1qms62dliwk1><C:\WINDOWS\system.exe> []
<0emgs4zfiwggmd5><C:\WINDOWS\crasos.exe> []
<6sejbu77d2><C:\WINDOWS\crasoa.exe> []
<5525sdxk0><C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\crasos.exe> []
<9txrqc1km><C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\rundl132.exe> [N/A]
<cwfi26><C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\iexpl0re.exe> []
<upxdnd><C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\223423424.tmp> [N/A]
cmdbcs><C:\WINDOWS\cmdbcs.exe> []
<msccrt><C:\WINDOWS\msccrt.exe> []
<mppds><C:\WINDOWS\mppds.exe> []
<b1qkg1f><C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\iexp10re.exe> []
<vzdqsr4ditt7r9><C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\1explore.exe> []

打开SREng-在"启动项目->服务->驱动程序"选中"隐藏已认证的微软服务" 然后将下面名称的服务删除（选中有问题的服务后，点“删除服务”，点“设置”按钮即可。  注意弹出的窗口中要点 “NO 否”才是确认删除服务）(不能删除的就禁用:启动类型改为disabled,点中修改启动类型，点设置):
[c715437 / c715437][Stopped/Boot Start]
<\SystemRoot\System32\drivers\c715437.sys><N/A>
[qckapc / qckapc][Running/Boot Start]
<\SystemRoot\\SystemRoot\System32\drivers\qckapc.sys><N/A>

删除上面对应的文件，删除
[C:\WINDOWS\system32\mppds.dll] [N/A, ]
[C:\WINDOWS\system32\cmdbcs.dll

C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp清空这个文件夹

下载arswp(Windows清理助手)
http://www.arswp.com/download/arswp/arswp.rar