各位老师：

    请教一下，在任务管理器的进程选项中，经常出现dwin.exe的运行，所用内存颇为庞大，而刚打开电脑时看不到它，但过一会儿它出现了，只要它一出现，电脑反应速度明显变慢，我网上搜索这个dwin.exe，一说它是病毒，一说它不是，那么它到底是什么？怎么才能使它不出现？

  还有，电脑运行中，任务管理器栏里通常莫名出现无名程序，如图，粗一看，以为是VB的某个程序，其实跟本没装VB，它与dwin.exe是否有关？怎么设置才能使它们不再出现？

这是我的日志
Logfile of Kaka v2. 0. 0. 9 Scan Module v2. 0. 0. 1
Scan saved at 12:29:48, on 2006-08-19
Platform: Microsoft Windows XP Professional  (Build 2600)
MSIE: Internet Explorer v6.00  (6.00.2600.0000 (xpclient.010817-1148))


Running processes:
[SMSS.EXE]
CommandLine =

[CSRSS.EXE]
CommandLine = D:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16

[WINLOGON.EXE]
CommandLine = winlogon.exe

[SERVICES.EXE]
CommandLine = D:\WINDOWS\system32\services.exe

[LSASS.EXE]
CommandLine = D:\WINDOWS\system32\lsass.exe

[SVCHOST.EXE]
CommandLine = D:\WINDOWS\system32\svchost -k rpcss

[CCenter.exe]
CommandLine = "D:\Program Files\Rising\Rav\CCenter.exe"

[SVCHOST.EXE]
CommandLine = D:\WINDOWS\System32\svchost.exe -k netsvcs

[SVCHOST.EXE]
CommandLine = D:\WINDOWS\System32\svchost.exe -k NetworkService

[SVCHOST.EXE]
CommandLine = D:\WINDOWS\System32\svchost.exe -k LocalService

[RavMonD.exe]
CommandLine = "D:\Program Files\Rising\Rav\Ravmond.exe"

[RFWSRV.EXE]
CommandLine = "d:\program files\rising\rfw\rfwsrv.exe"

[SPOOLSV.EXE]
CommandLine = D:\WINDOWS\system32\spoolsv.exe

[NVSVC32.EXE]
CommandLine = D:\WINDOWS\System32\nvsvc32.exe

[SVCHOST.EXE]
CommandLine = D:\WINDOWS\System32\svchost.exe -k imgsvc

[SCVHOST.EXE]
CommandLine = "D:\WINDOWS\system32\scvhost.exe"

[RavStub.exe]
CommandLine = "D:\Program Files\Rising\Rav\RavStub.exe" /RAVMOND

[Explorer.EXE]
CommandLine = D:\WINDOWS\Explorer.EXE

[conime.exe]
CommandLine = D:\WINDOWS\System32\conime.exe

[RavTask.exe]
CommandLine = "D:\PROGRAM FILES\RISING\RAV\RAVTASK.EXE" -SYSTEM

[RfwMain.exe]
CommandLine = "D:\Program Files\Rising\Rfw\rfwmain.exe" -Startup

[RavMon.exe]
CommandLine = "D:\Program Files\Rising\Rav\Ravmon.exe" -SYSTEM

[ctfmon.exe]
CommandLine = "D:\WINDOWS\System32\ctfmon.exe"

[Vm_sti.exe]
CommandLine = "D:\WINDOWS\VM_STI.EXE" BigDogPath

[QQ.exe]
CommandLine = "E:\Tencent\qq20050610\2\QQ.exe"

[TIMPlatform.exe]
CommandLine = E:\Tencent\qq20050610\2\TIMPlatform.exe -Embedding

[BitComet.exe]
CommandLine = "E:\BitComet2\BitComet.exe"

继续：

[realsched.exe]
CommandLine = "D:\Program Files\Common Files\Real\Update_OB\realsched.exe" -startedByApp

[Rav.exe]
CommandLine = "D:\Program Files\Rising\Rav\Rav.exe"

[TTraveler.exe]
CommandLine = "E:\Tencent\tt1\TTraveler.exe"

[dwin.exe]
CommandLine = c:\dwin.exe

[dwin.exe]
CommandLine = c:\dwin.exe

[KkScan.exe]
CommandLine = "H:\kaka上网助手\KkScan.exe"

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page=D:\WINDOWS\System32\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page=%SystemRoot%\system32\blank.htm
R3 - URLSearchHook: (no name) - {A8B28872-3324-4CD2-8AA3-7D555C872D96} - (no file)
O1 - Hosts: 127.0.0.1      localhost
O2 - BHO:  - {A9930D97-9CF0-42A0-A10D-4F28836579D5} - F:\KuGoo3\KuGoo3DownXControl.ocx
O3 - Toolbar: 电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - D:\WINDOWS\System32\KakaTool.dll
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\System32\ctfmon.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] D:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] D:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] D:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [RavTask] "D:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - HKLM\..\Run: [RfwMain] "D:\Program Files\Rising\Rfw\rfwmain.exe" -Startup
O4 - HKLM\..\Run: [NMGameX_AutoRun] D:\WINDOWS\System32\Rundll32.exe NMGameX.dll,LiveProcess /aa
O4 - Startup: desktop.ini =
O4 - Global Startup: desktop.ini =
O8 - Extra context menu item: 上传到QQ网络硬盘 - E:\Tencent\qq20050610\2\AddToNetDisk.htm
O8 - Extra context menu item: 使用KuGoo3下载(&K) - F:\KuGoo3\KuGoo3DownX.htm
O8 - Extra context menu item: 添加到QQ自定义面板 - E:\Tencent\qq20050610\2\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - E:\Tencent\qq20050610\2\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - E:\Tencent\qq20050610\2\SendMMS.htm
O14 - IERESET.INF: START_PAGE_URL=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
O17 - HKLM\System\CCS\Services\Tcpip\..\{1A78A2F0-FE76-476A-8832-47860B83AD88}: NameServer = 202.99.160.68 202.99.166.4
O18 - Protocol: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - D:\WINDOWS\System32\mshtml.dll
O18 - Protocol: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - D:\WINDOWS\system32\urlmon.dll
O18 - Protocol: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - D:\WINDOWS\System32\msvidctl.dll
O18 - Protocol: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - D:\WINDOWS\system32\urlmon.dll
O18 - Protocol: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - D:\WINDOWS\system32\urlmon.dll
O18 - Protocol: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - D:\WINDOWS\system32\urlmon.dll
O18 - Protocol: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - D:\WINDOWS\system32\urlmon.dll
O18 - Protocol: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - D:\WINDOWS\system32\urlmon.dll
O18 - Protocol: ipp - (no CLSID) - (no file)
O18 - Protocol: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - D:\WINDOWS\System32\itss.dll
O18 - Protocol: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - D:\WINDOWS\System32\mshtml.dll
O18 - Protocol: lid - {5C135180-9973-46D9-ABF4-148267CBB8BF} - D:\WINDOWS\System32\msvidctl.dll
O18 - Protocol: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - D:\WINDOWS\system32\urlmon.dll
O18 - Protocol: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - D:\WINDOWS\System32\mshtml.dll
O18 - Protocol: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - D:\WINDOWS\System32\inetcomm.dll
O18 - Protocol: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - D:\WINDOWS\system32\urlmon.dll
O18 - Protocol: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - D:\WINDOWS\System32\itss.dll
O18 - Protocol: msdaipp - (no CLSID) - (no file)
O18 - Protocol: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - D:\WINDOWS\System32\mshtml.dll
O18 - Protocol: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - D:\WINDOWS\System32\mshtml.dll
O18 - Protocol: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - D:\WINDOWS\System32\msvidctl.dll
O18 - Protocol: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - D:\WINDOWS\System32\mshtml.dll
O18 - Protocol: vnd.ms.radio - {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - D:\WINDOWS\System32\msdxm.ocx
O18 - Protocol: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - D:\WINDOWS\System32\wiascr.dll
O20 - AppInit_DLLs: APIHookDll.dll
O23 - Service: Human Interface Device Access (HidServ) -  - D:\WINDOWS\System32\svchost.exe -k netsvcs
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Rising Proxy  Service (RfwProxySrv) - Beijing Rising Technology Co., Ltd. - d:\program files\rising\rfw\rfwproxy.exe
O23 - Service: Rising Personal Firewall Service (RfwService) - Beijing Rising Technology Co., Ltd. - d:\program files\rising\rfw\rfwsrv.exe
O23 - Service: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - "D:\Program Files\Rising\Rav\CCenter.exe"
O23 - Service: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - "D:\Program Files\Rising\Rav\Ravmond.exe"
O23 - Service: Window Remote Process (Window Remote Process) -  - D:\WINDOWS\System32\scvhost.exe"

郁闷了~~~自己再顶一下~~~~

对不起，麻烦了，我发你说的那个，麻烦再看一次 呵呵
2006-08-20,00:06:25

System Repair Engineer 2.0.21.505 (2.0 RC 2)
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional  (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><D:\WINDOWS\System32\ctfmon.exe>  [Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><D:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32>  [Microsoft Corporation]
    <PHIME2002ASync><D:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [Microsoft Corporation]
    <PHIME2002A><D:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [Microsoft Corporation]
    <NvCplDaemon><RUNDLL32.EXE D:\WINDOWS\System32\NvCpl.dll,NvStartup>  [NVIDIA Corporation]
    <RavTask><"D:\Program Files\Rising\Rav\RavTask.exe" -system>  [Beijing Rising Technology Co., Ltd.]
    <RfwMain><"D:\Program Files\Rising\Rfw\rfwmain.exe" -Startup>  [Beijing Rising Technology Co., Ltd.]
    <NMGameX_AutoRun><D:\WINDOWS\System32\Rundll32.exe NMGameX.dll,LiveProcess /aa>  [NMGameX]
    <TkBellExe><"D:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [RealNetworks, Inc.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [Microsoft Corporation]
    <Userinit><D:\WINDOWS\system32\userinit.exe,>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><APIHookDll.dll>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><D:\WINDOWS\system32\RavExt.dll>  [Beijing Rising Technology Co., Ltd.]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <MSMSGS><; "D:\Program Files\Messenger\msmsgs.exe" /background>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <NvMediaCenter><; RUNDLL32.EXE D:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit>  [NVIDIA Corporation]
    <SoundMan><; SOUNDMAN.EXE>  [Avance Logic, Inc.]

==================================
启动文件夹
服务
[IMAPI CD-Burning COM Service / ImapiService]
  <D:\WINDOWS\System32\imapi.exe><Microsoft Corporation>
[NVIDIA Display Driver Service / NVSvc]
  <D:\WINDOWS\System32\nvsvc32.exe><NVIDIA Corporation>
[Rising Proxy  Service / RfwProxySrv]
  <d:\program files\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService]
  <d:\program files\rising\rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Rising Process Communication Center / RsCCenter]
  <"D:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[RsRavMon Service / RsRavMon]
  <"D:\Program Files\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[Window Remote Process / Window Remote Process]
  <"D:\WINDOWS\system32\scvhost.exe"><N/A>

==================================
浏览器加载项
[]
  {A9930D97-9CF0-42A0-A10D-4F28836579D5} <F:\KuGoo3\KuGoo3DownXControl.ocx, N/A>
[电台(&R)]
  {8E718888-423F-11D2-876E-00A0C9082467} <D:\WINDOWS\System32\msdxm.ocx, Microsoft Corporation>
[卡卡上网安全助手]
  {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <D:\WINDOWS\System32\KakaTool.dll, Beijing Rising Technology Co., Ltd.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <D:\WINDOWS\System32\Macromed\Flash\Flash9.ocx, Adobe Systems, Inc.>
[上传到QQ网络硬盘]
  <E:\Tencent\qq20050610\2\AddToNetDisk.htm, N/A>
[使用KuGoo3下载(&K)]
  <F:\KuGoo3\KuGoo3DownX.htm, N/A>
[添加到QQ自定义面板]
  <E:\Tencent\qq20050610\2\AddPanel.htm, N/A>
[添加到QQ表情]
  <E:\Tencent\qq20050610\2\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <E:\Tencent\qq20050610\2\SendMMS.htm, N/A>

正在运行的进程
[PID: 424][\SystemRoot\System32\smss.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 492][\??\D:\WINDOWS\system32\csrss.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 516][\??\D:\WINDOWS\system32\winlogon.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 560][D:\WINDOWS\system32\services.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 572][D:\WINDOWS\system32\lsass.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 736][D:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 788][D:\Program Files\Rising\Rav\CCenter.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 3>
[PID: 804][D:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 884][D:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 940][D:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 960][D:\Program Files\Rising\Rav\Ravmond.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 1, 33>
    [D:\Program Files\Rising\Rav\BWList.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 19>
    [D:\Program Files\Rising\Rav\RsCommX.dll]  <rising><18, 0, 0, 1>
    [D:\Program Files\Rising\Rav\RSAPPMGR.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
    [D:\Program Files\Rising\Rav\CfgDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
    [D:\Program Files\Rising\Rav\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [D:\Program Files\Rising\Rav\RsLog.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 20>
    [D:\Program Files\Rising\Rav\HOOKSYS.dll]  <Beijing Rising Technology Co., Ltd.><18, 1, 0, 11>
    [D:\Program Files\Rising\Rav\Scanner.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 30>
    [D:\Program Files\Rising\Rav\libload.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
    [D:\Program Files\Rising\Rav\VirusLib.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 12>
    [D:\Program Files\Rising\Rav\regmon.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 6>
    [D:\Program Files\Rising\Rav\HookWeb.dll]  <rising><18, 0, 0, 2>
    [D:\Program Files\Rising\Rav\MemMon.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
    [D:\Program Files\Rising\Rav\expscan.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [D:\Program Files\Rising\Rav\mPorts.dll]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 3>
    [D:\Program Files\Rising\Rav\MailMon.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
    [D:\Program Files\Rising\Rav\SpamEng.dll]  <N/A><18, 0, 0, 6>
    [D:\Program Files\Rising\Rav\engine.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 30>
    [D:\Program Files\Rising\Rav\UnExe.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
    [D:\Program Files\Rising\Rav\PostTrt.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 12>
    [D:\Program Files\Rising\Rav\ScanExec.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
    [D:\Program Files\Rising\Rav\ScanEx.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 14>
    [D:\Program Files\Rising\Rav\NvFile.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 7>
    [D:\Program Files\Rising\Rav\ScanMac.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 9>
    [D:\Program Files\Rising\Rav\ScanSct.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 18>
    [D:\Program Files\Rising\Rav\Unpacker.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 3>
    [D:\Program Files\Rising\Rav\ExtOLE.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 6>
    [D:\Program Files\Rising\Rav\RsStore.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
[PID: 1072][d:\program files\rising\rfw\rfwsrv.exe]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 32>
    [d:\program files\rising\rfw\RfwRule.dll]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 13>
    [d:\program files\rising\rfw\rfwlog.dll]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 6>
    [d:\program files\rising\rfw\Rfwdrv.dll]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 21>
    [d:\program files\rising\rfw\MonDrv.dll]  <rs><1, 0, 0, 4>
    [d:\program files\rising\rfw\ProcLib.dll]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 9>
[PID: 1192][D:\WINDOWS\system32\spoolsv.exe]  <Microsoft Corporation><5.1.2600.0 (XPClient.010817-1148)>
[PID: 1316][D:\WINDOWS\System32\nvsvc32.exe]  <NVIDIA Corporation><6.14.10.5656>
[PID: 1352][D:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 1376][D:\WINDOWS\system32\scvhost.exe]  <N/A><N/A>
[PID: 1532][D:\Program Files\Rising\Rav\RavStub.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 16>
    [D:\Program Files\Rising\Rav\RsCommX.dll]  <rising><18, 0, 0, 1>
    [D:\Program Files\Rising\Rav\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
还有一部分

最后一部分：
[PID: 1904][D:\WINDOWS\Explorer.EXE]  <Microsoft Corporation><6.00.2600.0000 (xpclient.010817-1148)>
    [D:\WINDOWS\system32\RavExt.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 21>
    [h:\bak\WinRAR\rarext.dll]  <N/A><N/A>
    [F:\KuGoo3\KuGoo3DownXControl.ocx]  <N/A><N/A>
[PID: 244][d:\program files\rising\rfw\RfwMain.exe]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 51>
    [d:\program files\rising\rfw\RsGuiLib.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 23>
    [d:\program files\rising\rfw\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [d:\program files\rising\rfw\PngDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
[PID: 328][D:\Program Files\Rising\Rav\RavTask.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 22>
    [D:\Program Files\Rising\Rav\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [D:\Program Files\Rising\Rav\RSAPPMGR.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
    [D:\Program Files\Rising\Rav\CfgDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
    [D:\Program Files\Rising\Rav\RsCommX.dll]  <rising><18, 0, 0, 1>
[PID: 692][D:\Program Files\Rising\Rav\Ravmon.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 1, 32>
    [D:\Program Files\Rising\Rav\RsGuiLib.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 24>
    [D:\Program Files\Rising\Rav\BWList.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 19>
    [D:\Program Files\Rising\Rav\RSAPPMGR.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
    [D:\Program Files\Rising\Rav\CfgDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
    [D:\Program Files\Rising\Rav\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [D:\Program Files\Rising\Rav\RsCommX.dll]  <rising><18, 0, 0, 1>
    [D:\Program Files\Rising\Rav\PngDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
[PID: 828][D:\Program Files\Common Files\Real\Update_OB\realsched.exe]  <RealNetworks, Inc.><0.1.0.3512>
[PID: 840][D:\WINDOWS\System32\ctfmon.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 1000][D:\WINDOWS\VM_STI.EXE]  <VM.><4.2.610.4>
    [D:\WINDOWS\System32\msdmo.dll]  <N/A><N/A>
    [D:\WINDOWS\System32\VM31bPrp.Ax]  <VM><4.2.815.31>
[PID: 776][E:\Tencent\qq20050610\2\QQ.exe]  <TENCENT><0, 0, 0, 0>
    [E:\Tencent\qq20050610\2\QQBaseClassInDll.dll]  <><1, 0, 0, 1>
    [E:\Tencent\qq20050610\2\QQHelperDll.dll]  <><1, 0, 0, 1>
    [E:\Tencent\qq20050610\2\BasicCtrlDll.dll]  <Tencent><5, 0, 200, 14>
    [E:\Tencent\qq20050610\2\QQAPI.dll]  <><1, 0, 0, 1>
    [E:\Tencent\qq20050610\2\TIMProxy.dll]  <tencent><0, 3, 2, 4>
    [E:\Tencent\qq20050610\2\LoginCtrl.dll]  <><1, 0, 0, 1>
    [E:\Tencent\qq20050610\2\npkcntc.dll]  <INCA Internet Co., Ltd.><2005, 9, 1, 1>
    [E:\Tencent\qq20050610\2\npkpdb.dll]  <INCA Internet Co., Ltd.><2003, 10, 1, 1>
    [E:\Tencent\qq20050610\2\QQRes.dll]  <tencent><1, 0, 0, 1>
    [E:\Tencent\qq20050610\2\QQMainFrame.dll]  <N/A><N/A>
    [E:\Tencent\qq20050610\2\CQQApplication.dll]  <N/A><N/A>
    [E:\Tencent\qq20050610\2\NewSkin.dll]  <><1, 0, 0, 1>
    [E:\Tencent\qq20050610\2\HostingMgr.dll]  <><1, 0, 0, 1>
    [E:\Tencent\qq20050610\2\CameraDll.dll]  <><1, 0, 0, 1>
    [E:\Tencent\qq20050610\2\MailSummary.dll]  <><1, 0, 0, 1>
    [E:\Tencent\qq20050610\2\QQSpace.dll]  <><1, 0, 0, 1>
    [E:\Tencent\qq20050610\2\QQAllInOne.dll]  <N/A><N/A>
    [E:\Tencent\qq20050610\2\SCCore.dll]  <N/A><N/A>
    [E:\Tencent\qq20050610\2\QQConfigPlugin.dll]  <><1, 0, 0, 1>
    [E:\Tencent\qq20050610\2\PhoneAPI.dll]  <><1, 0, 0, 1>
    [E:\Tencent\qq20050610\2\DialerAllinOne.dll]  <tencent><1, 4, 0, 0>
    [E:\Tencent\qq20050610\2\QQAvatar.dll]  <N/A><N/A>
    [E:\Tencent\qq20050610\2\FlashAvatarDll.dll]  <><1, 4, 0, 1>
    [E:\Tencent\qq20050610\2\BQQApplication.dll]  <N/A><N/A>
    [E:\Tencent\qq20050610\2\QQPlugin.dll]  <N/A><N/A>
    [D:\WINDOWS\system32\RavExt.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 21>
    [E:\Tencent\qq20050610\2\CommercesMng.dll]  <><1, 0, 0, 1>
    [E:\Tencent\qq20050610\2\PersonalDesktop.dll]  <深圳市腾讯计算机系统公司QQ工作小组><1, 0, 0, 2>
    [E:\Tencent\qq20050610\2\QQAddr.dll]  <深圳市腾讯计算机系统有限公司><5, 0, 101, 141>
    [E:\Tencent\qq20050610\2\QQSceneMng.dll]  <N/A><N/A>
    [D:\WINDOWS\System32\msdmo.dll]  <N/A><N/A>
    [E:\Tencent\qq20050610\2\QRingMng.dll]  <N/A><N/A>
    [E:\Tencent\qq20050610\2\QQGroupMng.dll]  <><1, 0, 0, 1>
    [E:\Tencent\qq20050610\2\LongConnection.dll]  <tencent><0, 3, 3, 8>
    [E:\Tencent\qq20050610\2\UserDefinedHead.dll]  <><1, 0, 0, 1>
    [E:\Tencent\qq20050610\2\QQSysMsgMng.dll]  <N/A><N/A>
    [E:\Tencent\qq20050610\2\QQCustomFace.dll]  <N/A><N/A>
    [E:\Tencent\qq20050610\2\QQPet.dll]  <><1, 0, 0, 1>
    [E:\Tencent\qq20050610\2\QQFileTransfer.dll]  <Tencent><5, 0, 202, 40>
    [D:\WINDOWS\System32\Macromed\Flash\Flash9.ocx]  <Adobe Systems, Inc.><9,0,16,0>
    [E:\Tencent\qq20050610\2\ImageOle.dll]  <TODO: <Company name>><1.0.0.1>
[PID: 968][E:\Tencent\qq20050610\2\TIMPlatform.exe]  <tencent><0, 3, 1, 8>
    [E:\Tencent\qq20050610\2\TIMProxy.dll]  <tencent><0, 3, 2, 4>
[PID: 3324][E:\Tencent\tt1\TTraveler.exe]  <腾讯公司><3.1.0.256>
    [E:\Tencent\tt1\Plugins\QQFloatBar\QQFloatBar4TT2.dll]  <腾讯公司><1, 1, 0, 5>
    [E:\Tencent\tt1\Plugins\TWeather\TWeather.dll]  <><1, 0, 0, 3>
    [E:\Tencent\tt1\PersonalDesktop.dll]  <深圳市腾讯计算机系统公司QQ工作小组><1, 0, 0, 4>
    [D:\Program Files\Rising\Rav\RavScrCh.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [D:\WINDOWS\System32\Macromed\Flash\Flash9.ocx]  <Adobe Systems, Inc.><9,0,16,0>
[PID: 2508][H:\bak\扫描日志\SREng2\SREng.exe]  <Smallfrogs Studio><2.0.21.505>

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["D:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者

==================================

老大~~~能不能告诉我  SER  是个什么东东啊？？？
我真不知道，不要笑话俺啊  嘿嘿

我最近每次启动机器，瑞星都会提示有病毒，名字是：Trojan.DL.VB.cfw，存在于D:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\EERJ4FHC。我的XP是装在D盘里的，可是我找不到这个路径。在瑞星提示中我选择的删除，而不是杀毒，杀完以后就不出现dwin.exe这个进程了。另外还有一些别的病毒，我给您复制过来麻烦帮看下：
病毒名称
Trojan.DL.ConHook.am
Trojan.DL.DrSmart.m
Trojan.DL.ConHook.am
Trojan.JS.Psyme.e
Trojan.JS.Psyme.e
Trojan.PSW.ZhengTu.bx
Trojan.DL.DrSmart.m
Dropper.Misc.al
Dropper.Agent.bsq
Backdoor.BlackHole.ax
Adware.Dinkum.a
Adware.Dinkum.a
Trojan.DL.ConHook.am
Backdoor.BlackHole.ax
Trojan.DL.ConHook.am
Trojan.DL.DrSmart.m
Backdoor.Gpigeon.zzj
Trojan.PSW.LMir.kgy
Trojan.DL.Agent.izx
Trojan.DL.Tiny.fzf
Backdoor.AgoBot.hgj
Trojan.Clicker.VB.ur
Trojan.DL.VB.ccu
Trojan.DL.VB.ccv
Trojan.DL.VB.cfw
Trojan.DL.VB.cct
Trojan.DL.VB.cct
Trojan.Clicker.VB.ur
Trojan.DL.Adload.ms
Trojan.DL.VB.ccu
Trojan.DL.VB.ccv
Trojan.DL.VB.cfw
Trojan.DL.VB.cfw
Trojan.DL.VB.cfw
Trojan.DL.VB.cfw
Trojan.DL.Adload.ms
谢谢~~~这是我从杀毒历史中找到的。每次杀基本都有。呵呵~~