驱动程序
[ati2mtag / ati2mtag]
  <system32\DRIVERS\ati2mtag.sys><ATI Technologies Inc.>
[Rising TDI Base Driver / BaseTDI]
  <System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[cda1000 / cda1000]
  <C:\WINDOWS\SYSTEM32\DRIVERS\cda1000.SYS><Adaptec, Inc.>
[ExpScaner / ExpScaner]
  <\??\D:\Rising\ExpScan.sys><>
[Microsoft UAA Bus Driver for High Definition Audio / HDAudBus]
  <system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[HookCont / HookCont]
  <\??\D:\Rising\HOOKCONT.sys><Rising>
[HookReg / HookReg]
  <\??\D:\Rising\HookReg.sys><>
[HookSys / HookSys]
  <\??\D:\Rising\HookSys.sys><Rising>
[Intel AHCI Controller / iastor]
  <\SystemRoot\system32\DRIVERS\iaStor.sys><Intel Corporation>
[Service for Realtek HD Audio (WDM) / IntcAzAudAddService]
  <system32\drivers\RtkHDAud.sys><Realtek Semiconductor Corp.>
[kmsinput / kmsinput]
  <\??\C:\WINDOWS\system32\drivers\kmsinput.sys><N/A>
[MEMSCAN / MEMSCAN]
  <\??\D:\Rising\MEMSCAN.sys><瑞星软件有限公司>
[npkcrypt / npkcrypt]
  <\??\D:\QQ\npkcrypt.sys><INCA Internet Co., Ltd.>
[Direct Parallel Link Driver / Ptilink]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[RsNTGDI / RsNTGDI]
  <\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.>
[RSPPSYS / RSPPSYS]
  <\??\D:\Rising\RSPPSYS.sys><Rising>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139]
  <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv]
  <system32\DRIVERS\secdrv.sys><N/A>
[SVKP / SVKP]
  <\??\C:\WINDOWS\system32\SVKP.sys><AntiCracking>

浏览器加载项
[ThunderIEHelper Class]
  {0005A87D-D626-4B3A-84F9-1D9571695F55} <C:\WINDOWS\system32\xunleibho_v14.dll, Thunder Networking Technologies,LTD>
[]
  {A9930D97-9CF0-42A0-A10D-4F28836579D5} <D:\KUGOOV~1.216\KUGOO3~1.OCX, N/A>
[豪杰超级解霸V8]
  {367E0A21-8601-4986-9C9A-153BF5ACA118} <D:\HeroV8\STHSDVD.EXE, herosoft>
[番茄花园]
  {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} <http://www.tomatolei.com, N/A>
[信息检索(&R)]
  {92780B25-18CC-41C8-B9BE-3C9C571A8263} <D:\MICROS~1\OFFICE11\REFIEBAR.DLL, Microsoft Corporation>
[卡卡上网安全助手]
  {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\KakaTool.dll, Beijing Rising Technology Co., Ltd.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[ThunderIEHelper Class]
  {0005A87D-D626-4B3A-84F9-1D9571695F55} <C:\WINDOWS\system32\xunleibho_v14.dll, Thunder Networking Technologies,LTD>
[Web Browser Applet Control]
  {08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\WINDOWS\system32\Msjava.dll, Microsoft Corporation>
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[Recorder Control]
  {2423AB16-9F42-457B-A337-FE3B11964DB0} <C:\PROGRA~1\bluesky\BLUESK~1\recorder.ocx, Bluesky Studio (http://www.bluesky.cn)>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[DHTML Edit Control Safe for Scripting for IE5]
  {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
[HtmlDlgSafeHelper Class]
  {3050F819-98B5-11CF-BB82-00AA00BDCE0B} <C:\WINDOWS\system32\mshtmled.dll, Microsoft Corporation>
[Share Control]
  {3072B1F1-0C4D-4E76-A7C6-FBAF129DBCC9} <C:\PROGRA~1\bluesky\BLUESK~1\share.ocx, http://www.bluesky.cn>
[Tabular Data Control]
  {333C7BC4-460F-11D0-BC04-0080C7055A83} <C:\WINDOWS\system32\tdc.ocx, Microsoft Corporation>
[HHCtrl Object]
  {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[BDC Control]
  {7253A666-8D4A-11D7-A4DC-00E04C504779} <C:\PROGRA~1\BDC\Bdc.ocx, N/A>
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[Filetran Control]
  {88734439-46D0-42C0-A13F-7E881EE550CF} <C:\PROGRA~1\bluesky\BLUESK~1\filetran.ocx, Bluesky Studio(http://www.bluesky.cn)>
[Blueskyvoice Control]
  {991481A7-4669-4E15-8C24-100404E1F5CB} <C:\PROGRA~1\bluesky\BLUESK~1\BLUESK~1.OCX, 蓝天工作室(http://www.bluesky.cn)>
[]
  {A9930D97-9CF0-42A0-A10D-4F28836579D5} <D:\KUGOOV~1.216\KUGOO3~1.OCX, N/A>
[Microsoft Scriptlet Component]
  {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
[卡卡上网安全助手]
  {AFF6E516-CBE5-4F8A-9C2F-38A68013E766} <C:\WINDOWS\system32\KakaTool.dll, Beijing Rising Technology Co., Ltd.>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[Blueskyvoice Control]
  {BA0F088C-72C1-475A-92F8-42391DEF6961} <C:\PROGRA~1\bluesky\BLUESK~1\BLUESK~2.OCX, 蓝天工作室(http://www.bluesky.cn)>
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[AUDIO__MID Moniker Class]
  {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[AUDIO__MP3 Moniker Class]
  {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[AUDIO__WAV Moniker Class]
  {CD3AFA7B-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[AUDIO__X_MS_WMA Moniker Class]
  {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[RealPlayer G2 Control]
  {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[卡卡上网安全助手]
  {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\KakaTool.dll, Beijing Rising Technology Co., Ltd.>
[&V使用Vagaa哇嘎下载]
  <D:\Vagaa\Data\vg.htm, N/A>
[&使用迅雷下载]
  <D:\Thunder\geturl.htm, N/A>
[&使用迅雷下载全部链接]
  <D:\Thunder\getallurl.htm, N/A>
[上传到QQ网络硬盘]
  <D:\QQ\AddToNetDisk.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
  <res://D:\MICROS~1\OFFICE11\EXCEL.EXE/3000, N/A>
[添加到QQ自定义面板]
  <D:\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
  <D:\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <D:\QQ\SendMMS.htm, N/A>
[豪杰超级解霸V8实时播放]
  <D:\HeroV8\MPURLGET.HTM, N/A>

正在运行的进程
[PID: 468][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 532][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 560][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\Ati2evxx.dll]  [ATI Technologies Inc., 6.14.10.4129]
[PID: 604][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 624][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\TcpIpDog0.dll]  [N/A, N/A]
[PID: 772][C:\WINDOWS\system32\Ati2evxx.exe]  [ATI Technologies Inc., 6.14.10.4129]
    [C:\WINDOWS\system32\Ati2edxx.dll]  [ATI Technologies, Inc., 6, 14, 10, 2500]
[PID: 792][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 860][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\TcpIpDog0.dll]  [N/A, N/A]
[PID: 940][D:\Rising\CCenter.exe]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 3]
[PID: 964][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\TcpIpDog0.dll]  [N/A, N/A]
[PID: 1040][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\TcpIpDog0.dll]  [N/A, N/A]
[PID: 1164][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\TcpIpDog0.dll]  [N/A, N/A]
[PID: 1184][D:\Rising\Ravmond.exe]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 39]
    [D:\Rising\BWList.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 6]
    [D:\Rising\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [D:\Rising\rfwctrl.dll]  [Beijing Rising Technology Co., Ltd., 5, 0, 0, 11]
    [D:\Rising\RsPPsys.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 3]
    [D:\Rising\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [D:\Rising\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
    [D:\Rising\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [D:\Rising\RsLog.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 20]
    [D:\Rising\HOOKSYS.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 0]
    [D:\Rising\Scanner.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 8]
    [D:\Rising\libload.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 16]
    [D:\Rising\VirusLib.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
    [D:\Rising\regmon.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
    [D:\Rising\HookWeb.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 1]
    [D:\Rising\MemMon.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 12]
    [D:\Rising\expscan.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [D:\Rising\mPorts.dll]  [Beijing Rising Technology Co., Ltd., 4, 0, 0, 3]
    [D:\Rising\HookCont.dll]  [Rising, 19, 0, 0, 0]
    [D:\Rising\SpamEng.dll]  [N/A, 18, 0, 0, 6]
    [D:\Rising\engine.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 20]
    [C:\WINDOWS\system32\TcpIpDog0.dll]  [N/A, N/A]
    [D:\Rising\PostTrt.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 8]
    [D:\Rising\UnExe.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9]
    [D:\Rising\ScanExec.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 15]
    [D:\Rising\ScanEx.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 27]
    [D:\Rising\ExtFile.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 22]
    [D:\Rising\NvFile.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 11]
    [D:\Rising\ScanMac.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 13]
    [D:\Rising\ScanSct.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 15]
    [D:\Rising\Unpacker.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 17]
    [D:\Rising\ExtOLE.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 11]
    [D:\Rising\ScanNet.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
    [D:\Rising\RsStore.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
[PID: 1324][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
[PID: 1420][D:\Rising\RavStub.exe]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 4]
    [D:\Rising\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [D:\Rising\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[PID: 1708][C:\WINDOWS\system32\Ati2evxx.exe]  [ATI Technologies Inc., 6.14.10.4129]
    [C:\WINDOWS\system32\Ati2edxx.dll]  [ATI Technologies, Inc., 6, 14, 10, 2500]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 5]
    [C:\WINDOWS\system32\dt.dll]  [N/A, N/A]
[PID: 1808][C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE]  [Microsoft Corporation, 7.00.9466]
[PID: 1876][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 7]
    [C:\Program Files\Common Files\Microsoft Shared\MSINFO\WinInfo.rxk]  [N/A, N/A]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 5]
    [C:\WINDOWS\system32\dt.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\TcpIpDog0.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\xunleibho_v14.dll]  [Thunder Networking Technologies,LTD, 4, 6, 0, 62]
    [D:\Rising\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [D:\KUGOOV~1.216\KUGOO3~1.OCX]  [N/A, N/A]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, N/A]
[PID: 1948][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1972][C:\WINDOWS\system32\wdfmgr.exe]  [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
[PID: 1064][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\TcpIpDog0.dll]  [N/A, N/A]
[PID: 1632][C:\WINDOWS\RTHDCPL.EXE]  [Realtek Semiconductor Corp., 2.0.3.4]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 5]
    [C:\WINDOWS\system32\dt.dll]  [N/A, N/A]
[PID: 2060][C:\WINDOWS\VM_STI.EXE]  [VM., 4.2.610.4]
    [C:\WINDOWS\system32\msdmo.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\VM31bPrp.Ax]  [VM, 4.2.711.31]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 5]
    [C:\WINDOWS\system32\dt.dll]  [N/A, N/A]
[PID: 2112][D:\Rising\RavTask.exe]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [D:\Rising\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
    [D:\Rising\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
    [D:\Rising\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
    [D:\Rising\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 5]
    [C:\WINDOWS\system32\dt.dll]  [N/A, N/A]
[PID: 2136][C:\Program Files\Rising\AntiSpyware\runiep.exe]  [Beijing Rising Technology Co., Ltd., 1, 0, 1, 3]
    [C:\Program Files\Rising\AntiSpyware\iep_ctrl.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 4]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 5]
    [C:\WINDOWS\system32\dt.dll]  [N/A, N/A]
[PID: 2172][C:\WINDOWS\Microsoft\rundll32.exe]  [N/A, N/A]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\897va.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\dt.dll]  [N/A, N/A]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 5]
[PID: 2224][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 5]
    [C:\WINDOWS\system32\dt.dll]  [N/A, N/A]
[PID: 2636][D:\Rising\RsAgent.exe]  [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9]
    [D:\Rising\RsCommX.dll]  [rising, 18, 0, 0, 1]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 5]
    [C:\WINDOWS\system32\dt.dll]  [N/A, N/A]
[PID: 2656][C:\WINDOWS\msagent\AgentSvr.exe]  [Microsoft Corporation, 2.00.0.3422]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 5]
    [C:\WINDOWS\system32\dt.dll]  [N/A, N/A]
[PID: 2832][C:\WINDOWS\system32\conime.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 5]
    [C:\WINDOWS\system32\dt.dll]  [N/A, N/A]
[PID: 2916][D:\学校客户端\ishare_user.exe]  [N/A, N/A]
    [C:\WINDOWS\system32\TcpIpDog0.dll]  [N/A, N/A]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 5]
    [C:\WINDOWS\system32\dt.dll]  [N/A, N/A]
[PID: 3064][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\KakaTool.dll]  [Beijing Rising Technology Co., Ltd., 2, 0, 2, 5]
    [C:\WINDOWS\system32\xunleibho_v14.dll]  [Thunder Networking Technologies,LTD, 4, 6, 0, 62]
    [D:\KUGOOV~1.216\KUGOO3~1.OCX]  [N/A, N/A]
    [C:\WINDOWS\system32\TcpIpDog0.dll]  [N/A, N/A]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 5]
    [C:\WINDOWS\system32\dt.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx]  [Adobe Systems, Inc., 9,0,28,0]
[PID: 1892][F:\SREng\SREng.exe]  [Smallfrogs Studio, 2.2.6.605]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 5]
    [C:\WINDOWS\system32\dt.dll]  [N/A, N/A]
    [C:\WINDOWS\system32\TcpIpDog0.dll]  [N/A, N/A]

文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
MSAFD Tcpip [TCP/IP]
    C:\WINDOWS\system32\TcpIpDog0.dll(N/A, N/A)
MSAFD Tcpip [UDP/IP]
    C:\WINDOWS\system32\TcpIpDog0.dll(N/A, N/A)
MSAFD Tcpip [RAW/IP]
    C:\WINDOWS\system32\TcpIpDog0.dll(N/A, N/A)
RSVP UDP Service Provider
    C:\WINDOWS\system32\TcpIpDogR0.dll(N/A, N/A)
RSVP TCP Service Provider
    C:\WINDOWS\system32\TcpIpDogR0.dll(N/A, N/A)

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost

看看可以了吗？
谢谢您了！

运行SREng2,使用“启动项目”－－注册表－－删除
C:\WINDOWS\Microsoft\rundll32.exe
C:\Program Files\Common Files\Microsoft Shared\MSINFO\WinInfo.rxk

运行(双击)SRENG2，点“启动项目，服务，点“Win32服务应用程序”
勾选“隐藏微软服务”选中病毒服务
Web ClineTer
，选择“删除服务”
点“设置”选择“否”
重启按F８进入安全模式下
显示隐藏文件
删除：
C:\WINDOWS\system32\dt.dll
C:\WINDOWS\webclinet.exe
:\WINDOWS\Microsoft\rundll32.exe
C:\Program Files\Common Files\Microsoft Shared\MSINFO\WinInfo.rxk
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp 清空文件夹

我的系统里也有这类病毒，病毒名称是RootKit.AdProt.g，
路径是windows\system32\,瑞星可以发现，但无法删除，请问是否也可以用上述方法解决？谢谢！

很感谢你！现在监控出来了，也没有病毒提示了
C:\WINDOWS\webclinet.exe
C:\Program Files\Common Files\Microsoft Shared\MSINFO\WinInfo.rxk
所有隐藏文件都打开了，没有发现这两个

很感谢你！现在监控出来了，也没有病毒提示了
C:\WINDOWS\webclinet.exe
C:\Program Files\Common Files\Microsoft Shared\MSINFO\WinInfo.rxk
所有隐藏文件都打开了，没有发现这两个