谢谢楼上两位的回帖，但是我都试过了，这些dll文件都无法删除，接下来我该怎么办啊？

引用:

【loveperday的贴子】========Content======== 注册表删除： <wosa><C:\DOCUME~1\YXIUAN~1\LOCALS~1\Temp\woso.exe> [N/A] <ztsa><C:\DOCUME~1\YXIUAN~1\LOCALS~1\Temp\ztso.exe> [] <mhsa><C:\DOCUME~1\YXIUAN~1\LOCALS~1\Temp\mhso.exe> [] <fysa><C:\DOCUME~1\YXIUAN~1\LOCALS~1\Temp\fyso.exe> [] <jtsa><C:\DOCUME~1\YXIUAN~1\LOCALS~1\Temp\jtso.exe> [] <wlsa><C:\DOCUME~1\YXIUAN~1\LOCALS~1\Temp\wlso.exe> [] <wgsa><C:\DOCUME~1\YXIUAN~1\LOCALS~1\Temp\wgso.exe> [] <wmsa><C:\DOCUME~1\YXIUAN~1\LOCALS~1\Temp\wmso.exe> [] <qjsa><C:\DOCUME~1\YXIUAN~1\LOCALS~1\Temp\qjso.exe> [] <rxsa><C:\DOCUME~1\YXIUAN~1\LOCALS~1\Temp\rxso.exe> [] <wdsa><C:\DOCUME~1\YXIUAN~1\LOCALS~1\Temp\wdso.exe> [] <tlsa><C:\DOCUME~1\YXIUAN~1\LOCALS~1\Temp\tlso.exe> [] <dasa><C:\DOCUME~1\YXIUAN~1\LOCALS~1\Temp\daso.exe> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] <{01F6EB6F-AB5C-1FDD-6E5B-FB6EE3CC6CD6}><C:\Program Files\Internet Explorer\HiJack.dll> [Microsoft Corporation] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}] 文件删除： [C:\Program Files\Internet Explorer\HiJack.dll] [Microsoft Corporation, 1. 0. 0. 1] 以下这些是木马，但都在临时文件夹里面。所以你直接清空临时文件夹就好了。 [C:\DOCUME~1\YXIUAN~1\LOCALS~1\Temp\daso0.dll] [N/A, ] [C:\DOCUME~1\YXIUAN~1\LOCALS~1\Temp\tlso0.dll] [N/A, ] [C:\DOCUME~1\YXIUAN~1\LOCALS~1\Temp\wdso0.dll] [N/A, ] [C:\DOCUME~1\YXIUAN~1\LOCALS~1\Temp\rxso0.dll] [N/A, ] [C:\DOCUME~1\YXIUAN~1\LOCALS~1\Temp\qjso0.dll] [N/A, ] [C:\DOCUME~1\YXIUAN~1\LOCALS~1\Temp\wmso0.dll] [N/A, ] [C:\DOCUME~1\YXIUAN~1\LOCALS~1\Temp\wgso0.dll] [N/A, ] [C:\DOCUME~1\YXIUAN~1\LOCALS~1\Temp\wlso0.dll] [N/A, ] [C:\DOCUME~1\YXIUAN~1\LOCALS~1\Temp\jtso0.dll] [N/A, ] [C:\DOCUME~1\YXIUAN~1\LOCALS~1\Temp\fyso0.dll] [N/A, ] [C:\DOCUME~1\YXIUAN~1\LOCALS~1\Temp\mhso0.dll] [N/A, ] [C:\DOCUME~1\YXIUAN~1\LOCALS~1\Temp\ztso0.dll] [N/A, ] 清理完后可以自己再扫一次日志，比对一下。 ………………

按这个处理完注册表后，重起删除DLL文件

重起后再不行，就要借助工具了
下载ICESWORD，置顶处有下载的联接

我有2个文件  一个清注册表启动项  一个清除系统垃圾  大家看看 复制到文本文件 后缀改成.bat  看看但是杀不料毒，我把清理垃圾设成拉  开机启动项拉，

1
@echo off
echo 正在清理系统垃圾文件，请稍等......
del /f /s /q %systemdrive%\*.tmp
del /f /s /q %systemdrive%\*._mp
del /f /s /q %systemdrive%\*.log
del /f /s /q %systemdrive%\*.gid
del /f /s /q %systemdrive%\*.chk
del /f /s /q %systemdrive%\*.old
del /f /s /q %systemdrive%\recycled\*.*
del /f /s /q %windir%\*.bak
del /f /s /q %windir%\prefetch\*.*
rd /s /q %windir%\temp & md %windir%\temp
del /f /q %userprofile%\cookies\*.*
del /f /q %userprofile%\recent\*.*
del /f /s /q "%userprofile%\Local Settings\Temporary Internet Files\*.*"
del /f /s /q "%userprofile%\Local Settings\Temp\*.*"
del /f /s /q "%userprofile%\recent\*.*"
echo 清理系统垃圾完成！
echo. & pause
2
@ ECHO OFF
@ ECHO.
@ ECHO.                          说  明
@ ECHO --------------------------------------------------------------
@ ECHO  本批处理会自动清理所有非必要的启动项目，仅保留输入法(ctfmon)。
@ ECHO 目的是减少不必要的资源占用，使系统运行顺畅。但清理掉的项目不作
@ ECHO 备份，请小心使用。
@ ECHO --------------------------------------------------------------
PAUSE
reg delete HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /va /f
reg delete HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /va /f
reg add HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /v ctfmon.exe /d C:\WINDOWS\system32\ctfmon.exe
reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /f

reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IMJPMIG8.1"
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IMJPMIG8.1" /v command /d ""C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32"
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IMJPMIG8.1" /v hkey /d HKLM
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IMJPMIG8.1" /v inimapping /d 0
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IMJPMIG8.1" /v item /d IMJPMIG
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IMJPMIG8.1" /v key /d SOFTWARE\Microsoft\Windows\CurrentVersion\Run

reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PHIME2002A"
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PHIME2002A" /v command /d "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName"
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PHIME2002A" /v hkey /d HKLM
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PHIME2002A" /v inimapping /d 0
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PHIME2002A" /v item /d TINTSETP
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PHIME2002A" /v key /d SOFTWARE\Microsoft\Windows\CurrentVersion\Run

reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PHIME2002ASync"
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PHIME2002ASync" /v command /d ""C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32"
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PHIME2002ASync" /v hkey /d HKLM
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PHIME2002ASync" /v inimapping /d 0
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PHIME2002ASync" /v item /d TINTSETP
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PHIME2002ASync" /v key /d SOFTWARE\Microsoft\Windows\CurrentVersion\Run

del "C:\Documents and Settings\All Users\「开始」菜单\程序\启动\*.*" /q /f
del "C:\Documents and Settings\Default User\「开始」菜单\程序\启动\*.*" /q /f
del "%userprofile%\「开始」菜单\程序\启动\*.*" /q /f
start C:\WINDOWS\pchealth\helpctr\binaries\msconfig.exe

收下。。