不言放弃大哥，帮小弟看看阿，那么多。。。

开始－－控制面板－－管理工具－－服务
禁用
[mms-up / mms-up]
<C:\DOCUME~1\user\LOCALS~1\Temp\mms.exe -R><N/A>

进入注册表
搜索mms.exe
找到后删除

删除C:\DOCUME~1\user\LOCALS~1\Temp下的所有文件

－－－－－－－－－－－－－－－－－－
对于下面这三个进程

[PID: 3972][C:\Program Files\Maxthon\Maxthon.exe] <Maxthon International Ltd.><1, 5, 2, 21>
[C:\Program Files\Maxthon\maxzlib.dll] < ><1, 0, 0, 2>

[PID: 2232][c:\progra~1\maxthon\maxthon.exe] <Maxthon International Ltd.><1, 5, 2, 21>
[c:\progra~1\maxthon\maxzlib.dll] < ><1, 0, 0, 2>

[PID: 2832][C:\Program Files\Maxthon\Maxthon.exe] <Maxthon International Ltd.><1, 5, 2, 21>
[C:\Program Files\Maxthon\maxzlib.dll] < ><1, 0, 0, 2>

建议操作：
开始→运行
在弹出的系统运行框中
运行cmd命令
ntsd -c q -p 2832
回车

开始→运行
在弹出的系统运行框中
运行cmd命令
ntsd -c q -p 2232
回车

不行啊~~
C:\DOCUME~1\user\LOCALS~1\Temp里面的
Perflib_Perfdata_7a4.dat
Perflib_Perfdata_784.dat
Perflib_Perfdata_ce0.dat
不能删除，说什么正被一另一个人使用。。。

一下操作：
建议操作：
开始→运行
在弹出的系统运行框中
运行cmd命令
ntsd -c q -p 2832
回车

开始→运行
在弹出的系统运行框中
运行cmd命令
ntsd -c q -p 2232
回车


也不行，说什么参数不正。。。


大哥。。。再帮帮我吧。。。

Perflib_Perfdata_7a4.dat
Perflib_Perfdata_784.dat
Perflib_Perfdata_ce0.dat
这是瑞星的日志文件
正常的

哦，那在cmd下的那些操作呢？？？

还有重新启动后，进程里就没有了，过不了一会儿又出来了。。。头痛死了。。还有那个Trojan.Spy.LopBar永远杀不完的。。。今天已经57个了。。。

【回复“sinrei”的帖子】
直接把
ntsd -c q -p 2832

ntsd -c q -p 2232
粘贴到命令行中

大哥。。。没用阿。。。进程里还是有啊。。。

再导出日志　
注意只导出进程

【回复“不言放弃”的帖子】

对不起大哥阿，我第一次用System Repair Engineer

正在运行的进程
[PID: 556][\SystemRoot\System32\smss.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 620][\??\C:\WINDOWS\system32\csrss.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 644][\??\C:\WINDOWS\system32\winlogon.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 692][C:\WINDOWS\system32\services.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 704][C:\WINDOWS\system32\lsass.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 864][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 912][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 992][C:\Program Files\Rising\Rav\CCenter.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 3>
[PID: 1012][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1064][C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe]  <><0, 20, 0, 3000>
[PID: 1124][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1208][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1220][C:\Program Files\Rising\Rav\Ravmond.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 1, 7>
    [C:\Program Files\Rising\Rav\BWList.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 16>
    [C:\Program Files\Rising\Rav\RsCommX.dll]  <rising><18, 0, 0, 1>
    [C:\Program Files\Rising\Rav\RSAPPMGR.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
    [C:\Program Files\Rising\Rav\CfgDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 6>
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [C:\Program Files\Rising\Rav\RsLog.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 18>
    [C:\Program Files\Rising\Rav\HOOKSYS.dll]  <Rising><18, 1, 0, 9>
    [C:\Program Files\Rising\Rav\Scanner.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 28>
    [C:\Program Files\Rising\Rav\libload.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
    [C:\Program Files\Rising\Rav\VirusLib.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
    [C:\Program Files\Rising\Rav\regmon.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 6>
    [C:\Program Files\Rising\Rav\HookWeb.dll]  <rising><18, 0, 0, 1>
    [C:\Program Files\Rising\Rav\MemMon.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 8>
    [C:\Program Files\Rising\Rav\expscan.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [C:\Program Files\Rising\Rav\mPorts.dll]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 3>
    [C:\Program Files\Rising\Rav\MailMon.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
    [C:\Program Files\Rising\Rav\SpamEng.dll]  <N/A><18, 0, 0, 4>
    [C:\Program Files\Rising\Rav\engine.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 23>
    [C:\Program Files\Rising\Rav\PostTrt.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
    [C:\Program Files\Rising\Rav\UnExe.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 6>
    [C:\Program Files\Rising\Rav\ScanExec.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 6>
    [C:\Program Files\Rising\Rav\ScanEx.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
    [C:\Program Files\Rising\Rav\NvFile.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 7>
    [C:\Program Files\Rising\Rav\ScanMac.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 7>
    [C:\Program Files\Rising\Rav\ScanSct.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
    [C:\Program Files\Rising\Rav\Unpacker.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 3>
    [C:\Program Files\Rising\Rav\ExtOLE.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
    [C:\Program Files\Rising\Rav\ScanNet.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
[PID: 1256][c:\program files\rising\rfw\rfwproxy.exe]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 7>
    [c:\program files\rising\rfw\RfwRule.dll]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 11>
    [c:\program files\rising\rfw\MonMid.dll]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 2>
[PID: 1308][c:\program files\rising\rfw\rfwsrv.exe]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 29>
    [c:\program files\rising\rfw\RfwRule.dll]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 11>
    [c:\program files\rising\rfw\rfwlog.dll]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 6>
    [c:\program files\rising\rfw\Rfwdrv.dll]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 19>
    [c:\program files\rising\rfw\MonDrv.dll]  <rs><1, 0, 0, 4>
    [c:\program files\rising\rfw\ProcLib.dll]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 9>
[PID: 1464][C:\Program Files\Rising\Rav\RavStub.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 12>
    [C:\Program Files\Rising\Rav\RsCommX.dll]  <rising><18, 0, 0, 1>
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>

[PID: 1580][C:\WINDOWS\system32\spoolsv.exe]  <Microsoft Corporation><5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)>
[PID: 1780][C:\Program Files\Antiy Labs\Alive\AliveCenter.exe]  <N/A><N/A>
[PID: 1828][C:\WINDOWS\system32\nvsvc32.exe]  <NVIDIA Corporation><6.14.10.6631>
[PID: 1860][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1880][C:\WINDOWS\system32\wdfmgr.exe]  <Microsoft Corporation><5.2.3790.1230 built by: DNSRV(bld4act)>
[PID: 952][C:\WINDOWS\Explorer.EXE]  <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\Program Files\MessengerPlus! 3\MsgPlusLoader.dll]  <Patchou><3, 62, 4, 0>
    [C:\Program Files\MSNShell\Bin\ShellDll.dll]  <N/A><N/A>
    [C:\WINDOWS\system32\msdmo.dll]  <N/A><N/A>
    [C:\WINDOWS\system32\ffdshow.ax]  <N/A><1.0.2.2003>
    [C:\Program Files\Ringz Studio\Storm Codec\Codecs\VSFilter.dll]  <Gabest><1, 0, 1, 3>
    [C:\Program Files\Ringz Studio\Storm Codec\Codecs\TTL2Dec.dll]  <N/A><N/A>
[PID: 1112][C:\WINDOWS\System32\alg.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1688][c:\program files\rising\rfw\RfwMain.exe]  <Beijing Rising Technology Co., Ltd.><4, 0, 0, 45>
    [c:\program files\rising\rfw\RsGuiLib.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 23>
    [c:\program files\rising\rfw\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [c:\program files\rising\rfw\PngDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
[PID: 2552][C:\Program Files\MessengerPlus! 3\MsgPlus.exe]  <Patchou><3, 62, 0, 146>
    [C:\Program Files\MessengerPlus! 3\MsgPlusLoader.dll]  <Patchou><3, 62, 4, 0>
[PID: 2572][C:\Program Files\Rising\Rav\RavTask.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 22>
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [C:\Program Files\Rising\Rav\RSAPPMGR.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
    [C:\Program Files\Rising\Rav\CfgDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 6>
    [C:\Program Files\Rising\Rav\RsCommX.dll]  <rising><18, 0, 0, 1>
[PID: 2588][C:\Program Files\Rising\Rav\Ravmon.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 1, 10>
    [C:\Program Files\Rising\Rav\RsGuiLib.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 23>
    [C:\Program Files\Rising\Rav\BWList.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 16>
    [C:\Program Files\Rising\Rav\RSAPPMGR.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
    [C:\Program Files\Rising\Rav\CfgDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 6>
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [C:\Program Files\Rising\Rav\RsCommX.dll]  <rising><18, 0, 0, 1>
    [C:\Program Files\Rising\Rav\PngDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
    [C:\Program Files\MessengerPlus! 3\MsgPlusLoader.dll]  <Patchou><3, 62, 4, 0>
    [C:\Program Files\MSNShell\Bin\ShellDll.dll]  <N/A><N/A>
[PID: 2652][C:\Program Files\MSNShell\Bin\MSNShell.exe]  <N/A><N/A>
    [C:\Program Files\MSNShell\Bin\ShellDll.dll]  <N/A><N/A>
    [C:\Program Files\MessengerPlus! 3\MsgPlusLoader.dll]  <Patchou><3, 62, 4, 0>
[PID: 2660][C:\WINDOWS\system32\ctfmon.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\Program Files\MSNShell\Bin\ShellDll.dll]  <N/A><N/A>
    [C:\Program Files\MessengerPlus! 3\MsgPlusLoader.dll]  <Patchou><3, 62, 4, 0>
[PID: 3380][C:\WINDOWS\system32\conime.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\Program Files\MSNShell\Bin\ShellDll.dll]  <N/A><N/A>
    [C:\Program Files\MessengerPlus! 3\MsgPlusLoader.dll]  <Patchou><3, 62, 4, 0>
[PID: 1100][C:\Program Files\Maxthon\Maxthon.exe]  <Maxthon International Ltd.><1, 5, 2, 21>
    [C:\Program Files\Maxthon\maxzlib.dll]  < ><1, 0, 0, 2>
    [C:\Program Files\MSNShell\Bin\ShellDll.dll]  <N/A><N/A>
    [C:\Program Files\MessengerPlus! 3\MsgPlusLoader.dll]  <Patchou><3, 62, 4, 0>
[PID: 3464][c:\progra~1\maxthon\maxthon.exe]  <Maxthon International Ltd.><1, 5, 2, 21>
    [c:\progra~1\maxthon\maxzlib.dll]  < ><1, 0, 0, 2>
[PID: 3464][c:\docume~1\user\applic~1\objins~1\defaul~1.exe]  <N/A><N/A>
    [C:\Program Files\MSNShell\Bin\ShellDll.dll]  <N/A><N/A>
    [C:\Program Files\MessengerPlus! 3\MsgPlusLoader.dll]  <Patchou><3, 62, 4, 0>
[PID: 792][C:\Program Files\Maxthon\Maxthon.exe]  <Maxthon International Ltd.><1, 5, 2, 21>
    [C:\Program Files\Maxthon\maxzlib.dll]  < ><1, 0, 0, 2>
    [C:\Program Files\MSNShell\Bin\ShellDll.dll]  <N/A><N/A>
    [C:\Program Files\MessengerPlus! 3\MsgPlusLoader.dll]  <Patchou><3, 62, 4, 0>
    [C:\Program Files\Maxthon\Services\RealTime\real_time.dll]  <><1, 0, 0, 1>
    [C:\Program Files\Rising\Rav\RavScrCh.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 3>
    [C:\WINDOWS\system32\Macromed\Flash\Flash8.ocx]  <Macromedia, Inc.><8,0,22,0>
[PID: 524][C:\Documents and Settings\user\桌面\sreng2\SREng.exe]  <Smallfrogs Studio><2.0.12.350>
    [C:\Program Files\MSNShell\Bin\ShellDll.dll]  <N/A><N/A>
    [C:\Program Files\MessengerPlus! 3\MsgPlusLoader.dll]  <Patchou><3, 62, 4, 0>