我这个病毒怎么老杀不完啊?
  重启后又有,而且很卡.

病毒： Suspicious.Trojan.Win32.DelSelf.a
病毒： Trojan.PSW.Win32.GameOL.nfl
病毒： RootKit.Win32.Mnless.jz 
病毒： Trojan.PSW.Win32.GameOL.nds
病毒： Trojan.PSW.Win32.GamesOnline.uf
病毒： Trojan.PSW.Win32.GameOL.nfn
病毒： Trojan.PSW.Win32.GameOL.nhq
病毒： Trojan.PSW.Win32.GameOL.nga
病毒： Trojan.PSW.Win32.GamesOnline.ua
病毒： Trojan.PSW.Win32.GameOL.nfp
病毒： Trojan.PSW.Win32.GameOL.mjf
病毒： Trojan.PSW.Win32.GameOL.gy
病毒： Trojan.Win32.Undef.fuu 
病毒： Trojan.Win32.Undef.fgg 
病毒： Trojan.PSW.Win32.GamesOnline.tv
病毒： Trojan.PSW.Win32.OnlineGames.GEN

这些怎么杀啊?!!!

用户系统信息：Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; KuGooSoft)

我的日志是这些

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
    <run><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <PPHIDPAD><C:\WINPENJR\Win32\pphidpad.exe>  []
    <BigDogPath><C:\WINDOWS\VM_STI.EXE USB PC Camera 301P>  [N/A]
    <runeip><"C:\Program Files\Rising\AntiSpyware\runiep.exe" /startup>  [Beijing Rising Technology Co., Ltd.]
    <RavTask><"C:\Program Files\Rising\Rav\RavTask.exe" -system>  [(Verified)Beijing Rising Science and Technology Corporation Limited]
    <TkBellExe><; "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [RealNetworks, Inc.]
    <IMJPMIG8.1><; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Windows Publisher]
    <NvCplDaemon><; RUNDLL32.EXE NvQTwk,NvCplDaemon initialize>  [N/A]
    <nwiz><; nwiz.exe /install>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <PHIME2002A><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Windows Publisher]
    <PHIME2002ASync><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
    <wscripte><C:\WINDOWS\system32\msnlive.exe>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Publisher]
    <Userinit><C:\Windows\system32\userinit.exe,>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><ieprot.dll>  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><"\Program Files\Logonui\Logonui.exe">  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll>  [(Verified)Beijing Rising Science and Technology Corporation Limited]
    <{4A041F13-A111-12A3-B0CF-F99818AA68A4}><C:\WINDOWS\system32\zxmsawin.dll>  []
    <{25694105-5108-9405-3695-954187462152}><C:\WINDOWS\system32\mpwdbapi.dll>  []
    <{3629FF4F-ACDB-5C90-A098-FACB3456A263}><C:\WINDOWS\system32\mpmycapi.dll>  [N/A]
    <{30AF1289-F140-A140-D012-C1458759FC03}><C:\WINDOWS\system32\ypcqbhlp.dll>  [N/A]
    <{0a204fa0-41c3-4f14-9e49-70fe27d954d5}><C:\WINDOWS\system32\dqDABDAB1070.dll>  [N/A]
    <{4490415F-65F8-B5C5-D8BA-9405FB120544}><C:\WINDOWS\system32\yzztdmsn.dll>  [N/A]
    <{328DF602-9541-A985-210A-984A698C6F23}><C:\WINDOWS\system32\ptjhchlp.dll>  []
    <{81698482-6555-3666-1222-954784129018}><C:\WINDOWS\system32\zxptdjpg.dll>  [N/A]
    <{61954FAC-1023-154F-895A-1458258AD816}><C:\WINDOWS\system32\ypdjdbmp.dll>  [N/A]
    <{2A698102-5904-AFD0-20DF-CD1A65829CA2}><C:\WINDOWS\system32\zycbbime.dll>  [N/A]
    <{f9f097ef-a5e3-4765-a6d9-1c08f9bc43e6}><C:\WINDOWS\system32\dqBAIBAI1066.dll>  [N/A]
    <{dfe891a8-b391-49a5-9315-19faa9b90be9}><C:\WINDOWS\system32\dqWHXWHX1012.dll>  [N/A]
    <{3B1AEF69-DDAE-FDAD-DCAB-698F026ABDB3}><C:\WINDOWS\system32\oohxbbyt.dll>  [N/A]
    <{ba2e3580-64db-4d59-85ad-7a6415485954}><C:\WINDOWS\system32\ttCBDCBD1049.dll>  []
    <{25671234-7890-ABCD-CDEF-567801237652}><C:\WINDOWS\system32\yxcsbhlp.dll>  []
    <{40940F85-F015-14F1-A05F-F69858AC6D04}><C:\WINDOWS\system32\zptlbsys.dll>  [N/A]
    <{45AADFAA-DD36-42AB-83AD-0521BBF58C24}><C:\WINDOWS\system32\zjydcx.dll>  []
    <{86ba2ef4-3501-47cf-a71d-8759997a44d0}><C:\WINDOWS\system32\dqDABDAB1071.dll>  []
    <{3c0a13c5-4df0-4430-9718-bf99ff81334a}><C:\WINDOWS\system32\dqBAIBAI1067.dll>  []
    <{674bbd87-85d0-4144-849d-6c6d3b76cdec}><dqWHXWHX1029.dll>  [N/A]
    <{c5c2054b-fca9-4968-b457-baf9499a5beb}><C:\WINDOWS\system32\dqMYSMYS1049.dll>  []
    <{3f372ded-857d-4732-b207-3c1c21c959bb}><C:\WINDOWS\system32\dqSHYSHY1053.dll>  []
    <{c71a35d3-baa3-46e5-9f6e-d81bb893846a}><C:\WINDOWS\system32\dqQACQAC1044.dll>  []
    <{a5ce5479-6f05-4ba0-b657-eb31f75cc408}><C:\WINDOWS\system32\dqHADHAD1069.dll>  []
    <{d70eb86c-312a-48d5-a89f-0c1f4b75cc72}><C:\WINDOWS\system32\dqSADSAD1042.dll>  []
    <{67ba0720-e5a5-4b59-92cc-63faf4816f27}><C:\WINDOWS\system32\dqWLVWLV1014.dll>  []
    <{77f7e039-7181-4a6d-b1bb-8c81f81e833a}><C:\WINDOWS\system32\ttKAFKAF1072.dll>  []
    <{b855ec1a-a8f8-4f59-ab45-08de1dae1ae2}><C:\WINDOWS\system32\dqDLQDLQ1007.dll>  []
    <{de6d095b-bda9-4c89-b810-046df5350d41}><C:\WINDOWS\system32\ttDXYDXY1013.dll>  []
    <{40AF1289-F140-A140-D012-C1458759FC04}><C:\WINDOWS\system32\ypcqchlp.dll>  []
    <{398C9B84-4EF7-47B5-9862-DE29543B3C42}><C:\Program Files\Internet Explorer\PLUGINS\Nt_Sys32.Sys>  []
    <{bf56f015-2762-4119-8559-af6b3a0f41bc}><dqDXYDXY1006.dll>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
    <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
    <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
    <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
    <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
    <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
    <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [N/A]
==================================
启动文件夹
[腾讯QQ]
  <C:\Documents and Settings\user\「开始」菜单\程序\启动\腾讯QQ.lnk --> C:\PROGRA~1\Tencent\QQ\QQ.exe [TENCENT]><N>
==================================
服务
[Human Intexxxce Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[NVIDIA Driver Helper Service / NVSvc][Running/Auto Start]
  <C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
[Rising Process Communication Center / RsCCenter][Stopped/Auto Start]
  <"C:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon][Stopped/Auto Start]
  <"C:\PROGRAM FILES\RISING\RAV\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
==================================
驱动程序
[Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]
  <system32\drivers\ac97intc.sys><Intel Corporation>
[AliIde / AliIde][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\aliide.sys><N/A>
[Rising TDI Base Driver / BaseTDI][Running/Auto Start]
  <System32\DRIVERS\BaseTDI.SYS><Beijing Rising Technology Co., Ltd.>
[CmdIde / CmdIde][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\cmdide.sys><CMD Technology, Inc.>
[HOOKAPI / HOOKAPI][Stopped/Manual Start]
  <\??\C:\PROGRAM FILES\RISING\RAV\HookApi.Sys><N/A>
[HookCont / HookCont][Running/System Start]
  <\SystemRoot\system32\drivers\HookCont.sys><Beijing Rising Technology Co., Ltd>
[HookNtos / HookNtos][Running/System Start]
  <\SystemRoot\system32\drivers\HookNtos.sys><Beijing Rising Technology Co., Ltd>
[HookReg / HookReg][Running/System Start]
  <\SystemRoot\system32\drivers\HookReg.sys><Beijing Rising Technology Co., Ltd>
[HookSys / HookSys][Running/System Start]
  <\SystemRoot\system32\drivers\HookSys.sys><Beijing Rising Technology Co., Ltd>
[MegaIDE / MegaIDE][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\MegaIDE.sys><LSI Logic Corporation.>
[nv / nv][Running/Manual Start]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[ppmoucls / ppmoucls][Running/System Start]
  <System32\DRIVERS\ppmoucls.sys><Windows (R) 2000 DDK provider>
[PenPower Touchpad / pptchpad][Running/System Start]
  <System32\DRIVERS\pptchpd5.sys><N/A>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[RsAntiSpyware / RsAntiSpyware][Running/Boot Start]
  <\SystemRoot\system32\drivers\RsBoot.sys><Beijing Rising Technology Co., Ltd.>
[RsNTGDI / RsNTGDI][Running/Boot Start]
  <\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
  <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><N/A>
[ViaIde / ViaIde][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\viaide.sys><Microsoft Corporation>
[World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
  <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
[XNGAnti / XNGAnti][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\drivers\RESS.sys><N/A>
[USB PC Camera 301P / ZSMC301b][Stopped/Manual Start]
  <System32\Drivers\usbVM31b.sys><VM>
==================================
浏览器加载项
[ThunderIEHelper Class]
  {0005A87D-D626-4B3A-84F9-1D9571695F55} <C:\WINDOWS\system32\xunleibho_v11.dll, Thunder Networking Technologies,LTD>
[]
  {25671234-7890-ABCD-CDEF-567801237652} <C:\WINDOWS\system32\yxcsbhlp.dll, N/A>
[]
  {25694105-5108-9405-3695-954187462152} <C:\WINDOWS\system32\mpwdbapi.dll, N/A>
[]
  {2A698102-5904-AFD0-20DF-CD1A65829CA2} <C:\WINDOWS\system32\zycbbime.dll, N/A>
[]
  {30AF1289-F140-A140-D012-C1458759FC03} <C:\WINDOWS\system32\ypcqbhlp.dll, N/A>
[]
  {328DF602-9541-A985-210A-984A698C6F23} <C:\WINDOWS\system32\ptjhchlp.dll, N/A>
[]
  {3629FF4F-ACDB-5C90-A098-FACB3456A263} <C:\WINDOWS\system32\mpmycapi.dll, N/A>
[]
  {398C9B84-4EF7-47B5-9862-DE29543B3C42} <C:\Program Files\Internet Explorer\PLUGINS\Nt_Sys32.Sys, N/A>
[]
  {3B1AEF69-DDAE-FDAD-DCAB-698F026ABDB3} <C:\WINDOWS\system32\oohxbbyt.dll, N/A>
[]
  {40940F85-F015-14F1-A05F-F69858AC6D04} <C:\WINDOWS\system32\zptlbsys.dll, N/A>
[]
  {40AF1289-F140-A140-D012-C1458759FC04} <C:\WINDOWS\system32\ypcqchlp.dll, N/A>
[]
  {4490415F-65F8-B5C5-D8BA-9405FB120544} <C:\WINDOWS\system32\yzztdmsn.dll, N/A>
[]
  {4A041F13-A111-12A3-B0CF-F99818AA68A4} <C:\WINDOWS\system32\zxmsawin.dll, N/A>
[]
  {61954FAC-1023-154F-895A-1458258AD816} <C:\WINDOWS\system32\ypdjdbmp.dll, N/A>
[]
  {81698482-6555-3666-1222-954784129018} <C:\WINDOWS\system32\zxptdjpg.dll, N/A>
[豪杰超级解霸9]
  {367E0A21-8601-4986-9C9A-153BF5ACA118} <C:\Program Files\Herosoft\Hero 9\STHSDVD.EXE, herosoft>
[Messenger]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[卡卡上网安全助手]
  {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\kakatool.dll, Beijing Rising Technology Co., Ltd.>
[ThunderIEHelper Class]
  {0005A87D-D626-4B3A-84F9-1D9571695F55} <C:\WINDOWS\system32\xunleibho_v11.dll, Thunder Networking Technologies,LTD>
[]
  {25671234-7890-ABCD-CDEF-567801237652} <C:\WINDOWS\system32\yxcsbhlp.dll, N/A>
[]
  {25694105-5108-9405-3695-954187462152} <C:\WINDOWS\system32\mpwdbapi.dll, N/A>
[]
  {2A698102-5904-AFD0-20DF-CD1A65829CA2} <C:\WINDOWS\system32\zycbbime.dll, N/A>
[]
  {30AF1289-F140-A140-D012-C1458759FC03} <C:\WINDOWS\system32\ypcqbhlp.dll, N/A>
[]
  {328DF602-9541-A985-210A-984A698C6F23} <C:\WINDOWS\system32\ptjhchlp.dll, N/A>
[]
  {3629FF4F-ACDB-5C90-A098-FACB3456A263} <C:\WINDOWS\system32\mpmycapi.dll, N/A>
[]
  {398C9B84-4EF7-47B5-9862-DE29543B3C42} <C:\Program Files\Internet Explorer\PLUGINS\Nt_Sys32.Sys, N/A>
[]
  {3B1AEF69-DDAE-FDAD-DCAB-698F026ABDB3} <C:\WINDOWS\system32\oohxbbyt.dll, N/A>
[]
  {40940F85-F015-14F1-A05F-F69858AC6D04} <C:\WINDOWS\system32\zptlbsys.dll, N/A>
[]
  {40AF1289-F140-A140-D012-C1458759FC04} <C:\WINDOWS\system32\ypcqchlp.dll, N/A>
[]
  {4490415F-65F8-B5C5-D8BA-9405FB120544} <C:\WINDOWS\system32\yzztdmsn.dll, N/A>
[]
  {4A041F13-A111-12A3-B0CF-F99818AA68A4} <C:\WINDOWS\system32\zxmsawin.dll, N/A>
[]
  {61954FAC-1023-154F-895A-1458258AD816} <C:\WINDOWS\system32\ypdjdbmp.dll, N/A>
[]
  {81698482-6555-3666-1222-954784129018} <C:\WINDOWS\system32\zxptdjpg.dll, N/A>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
[&使用迅雷下载]
  <C:\Program Files\Thunder Network\Thunder\geturl.htm, N/A>
[&使用迅雷下载全部链接]
  <C:\Program Files\Thunder Network\Thunder\getallurl.htm, N/A>
[使用超级解霸播放]
  <C:\Program Files\Herosoft\Hero 9\MPURLGET.HTM, N/A>
[导出到 Microsoft Office Excel(&X)]
  <res://c:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000, N/A>
==================================
正在运行的进程
[PID: 436 / SYSTEM][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 492 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 516 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 560 / SYSTEM][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 572 / SYSTEM][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 724 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 788 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 896 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 960 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1040 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1248 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]

[C:\WINDOWS\system32\csdlocalmon.dll]  [N/A, ]
[PID: 1332 / user][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\zxmsawin.dll]  [N/A, ]
    [C:\WINDOWS\system32\mpwdbapi.dll]  [N/A, ]
    [C:\WINDOWS\system32\ptjhchlp.dll]  [N/A, ]
    [C:\WINDOWS\system32\ttCBDCBD1049.dll]  [N/A, ]
    [C:\WINDOWS\system32\yxcsbhlp.dll]  [N/A, ]
    [C:\WINDOWS\system32\zjydcx.dll]  [N/A, ]
    [C:\WINDOWS\system32\dqDABDAB1071.dll]  [N/A, ]
    [C:\WINDOWS\system32\dqBAIBAI1067.dll]  [N/A, ]
    [C:\WINDOWS\system32\dqMYSMYS1049.dll]  [N/A, ]
    [C:\WINDOWS\system32\dqSHYSHY1053.dll]  [N/A, ]
    [C:\WINDOWS\system32\dqQACQAC1044.dll]  [N/A, ]
    [C:\WINDOWS\system32\dqHADHAD1069.dll]  [N/A, ]
    [C:\WINDOWS\system32\dqSADSAD1042.dll]  [N/A, ]
    [C:\WINDOWS\system32\dqWLVWLV1014.dll]  [N/A, ]
    [C:\WINDOWS\system32\ttKAFKAF1072.dll]  [N/A, ]
    [C:\WINDOWS\system32\dqDLQDLQ1007.dll]  [N/A, ]
    [C:\WINDOWS\system32\ttDXYDXY1013.dll]  [N/A, ]
    [C:\WINDOWS\system32\ypcqchlp.dll]  [N/A, ]
    [C:\Program Files\Internet Explorer\PLUGINS\Nt_Sys32.Sys]  [N/A, ]
    [C:\WINDOWS\system32\dqDXYDXY1006.dll]  [N/A, ]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.17]
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, ]
    [c:\Program Files\Microsoft Office\OFFICE11\msohev.dll]  [Microsoft Corporation, 11.0.5510]
[PID: 1836 / SYSTEM][C:\WINDOWS\system32\nvsvc32.exe]  [NVIDIA Corporation, 6.13.10.3082]
[PID: 1876 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1896 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe]  [Microsoft Corporation, 5.2.3790.1230 built by: DNSRV(bld4act)]
[PID: 736 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 936 / user][C:\WINPENJR\Win32\pphidpad.exe]  [N/A, ]
    [C:\Program Files\Internet Explorer\PLUGINS\Nt_Sys32.Sys]  [N/A, ]
    [C:\WINDOWS\system32\yxcsbhlp.dll]  [N/A, ]
    [C:\WINDOWS\system32\ypcqchlp.dll]  [N/A, ]
    [C:\WINDOWS\system32\zxmsawin.dll]  [N/A, ]
    [C:\WINDOWS\system32\zjydcx.dll]  [N/A, ]
[PID: 976 / user][C:\WINDOWS\VM_STI.EXE]  [VM., 4.2.610.4]
    [C:\Program Files\Internet Explorer\PLUGINS\Nt_Sys32.Sys]  [N/A, ]
    [C:\WINDOWS\system32\msdmo.dll]  [, ]
    [C:\WINDOWS\system32\ypcqchlp.dll]  [N/A, ]
    [C:\WINDOWS\system32\zjydcx.dll]  [N/A, ]
    [C:\WINDOWS\system32\yxcsbhlp.dll]  [N/A, ]
    [C:\WINDOWS\system32\zxmsawin.dll]  [N/A, ]
[PID: 684 / user][C:\Program Files\Common Files\Real\Update_OB\realsched.exe]  [RealNetworks, Inc., 0.1.0.3208]
    [C:\Program Files\Internet Explorer\PLUGINS\Nt_Sys32.Sys]  [N/A, ]
    [C:\WINDOWS\system32\zxmsawin.dll]  [N/A, ]
    [C:\WINDOWS\system32\ypcqchlp.dll]  [N/A, ]
    [C:\WINDOWS\system32\yxcsbhlp.dll]  [N/A, ]
    [C:\WINDOWS\system32\zjydcx.dll]  [N/A, ]
[PID: 1128 / user][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Internet Explorer\PLUGINS\Nt_Sys32.Sys]  [N/A, ]
    [C:\WINDOWS\system32\zxmsawin.dll]  [N/A, ]
    [C:\WINDOWS\system32\ypcqchlp.dll]  [N/A, ]
    [C:\WINDOWS\system32\yxcsbhlp.dll]  [N/A, ]
    [C:\WINDOWS\system32\zjydcx.dll]  [N/A, ]
[PID: 1152 / user][C:\Program Files\Rising\Rav\Ravmon.exe]  [Beijing Rising Technology Co., Ltd., 20.0.01.19]
    [C:\WINDOWS\system32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Rising\Rav\ProcCom.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [C:\Program Files\Rising\Rav\RsCommX2.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
    [C:\Program Files\Rising\Rav\recomp.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 35]
    [C:\Program Files\Rising\Rav\refs.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 15]
    [C:\Program Files\Rising\Rav\viruslib.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 26]
    [C:\Program Files\Rising\Rav\relibldr.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 14]
    [C:\Program Files\Rising\Rav\RSAPPMGR.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.0]
    [C:\Program Files\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.16]
    [C:\Program Files\Rising\Rav\MonRule.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.29]
    [C:\Program Files\Rising\Rav\PngDll.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 4]
    [C:\Program Files\Rising\Rav\Rsguilib.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 88]
    [C:\Program Files\Rising\Rav\RsXML.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 0]
    [C:\WINDOWS\system32\ypcqchlp.dll]  [N/A, ]
    [C:\WINDOWS\system32\yxcsbhlp.dll]  [N/A, ]
    [C:\WINDOWS\system32\zxmsawin.dll]  [N/A, ]
    [C:\Program Files\Internet Explorer\PLUGINS\Nt_Sys32.Sys]  [N/A, ]
    [C:\WINDOWS\system32\zjydcx.dll]  [N/A, ]
    [C:\WINDOWS\system32\mpwdbapi.dll]  [N/A, ]
    [C:\WINDOWS\system32\ptjhchlp.dll]  [N/A, ]
[PID: 3000 / user][C:\WINDOWS\system32\conime.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 17]
    [C:\Program Files\Internet Explorer\PLUGINS\Nt_Sys32.Sys]  [N/A, ]
    [C:\WINDOWS\system32\zxmsawin.dll]  [N/A, ]
    [C:\WINDOWS\system32\yxcsbhlp.dll]  [N/A, ]
    [C:\WINDOWS\system32\ypcqchlp.dll]  [N/A, ]
    [C:\WINDOWS\system32\zjydcx.dll]  [N/A, ]
[PID: 3016 / user][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 17]
    [C:\Program Files\Internet Explorer\PLUGINS\Nt_Sys32.Sys]  [N/A, ]
    [C:\WINDOWS\system32\xunleibho_v11.dll]  [Thunder Networking Technologies,LTD, 4, 6, 0, 48]
    [C:\WINDOWS\system32\yxcsbhlp.dll]  [N/A, ]
    [C:\WINDOWS\system32\mpwdbapi.dll]  [N/A, ]
    [C:\WINDOWS\system32\ptjhchlp.dll]  [N/A, ]
    [C:\WINDOWS\system32\ypcqchlp.dll]  [N/A, ]
    [C:\WINDOWS\system32\zxmsawin.dll]  [N/A, ]
    [C:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 3]
    [c:\Program Files\Microsoft Office\OFFICE11\msohev.dll]  [Microsoft Corporation, 11.0.5510]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx]  [Adobe Systems, Inc., 9,0,124,0]
    [c:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL]  [Microsoft Corporation, 11.0.5510]
    [C:\WINDOWS\system32\JPWB.IME]  [长江软件工作室, 4.00.950]
    [C:\WINDOWS\system32\zjydcx.dll]  [N/A, ]
    [C:\WINDOWS\system32\ttCBDCBD1049.dll]  [N/A, ]
    [C:\WINDOWS\system32\dqDABDAB1071.dll]  [N/A, ]
    [C:\WINDOWS\system32\dqBAIBAI1067.dll]  [N/A, ]
    [C:\WINDOWS\system32\dqMYSMYS1049.dll]  [N/A, ]
    [C:\WINDOWS\system32\dqSHYSHY1053.dll]  [N/A, ]
    [C:\WINDOWS\system32\dqQACQAC1044.dll]  [N/A, ]
    [C:\WINDOWS\system32\dqHADHAD1069.dll]  [N/A, ]
    [C:\WINDOWS\system32\dqSADSAD1042.dll]  [N/A, ]
    [C:\WINDOWS\system32\dqWLVWLV1014.dll]  [N/A, ]
    [C:\WINDOWS\system32\ttKAFKAF1072.dll]  [N/A, ]
    [C:\WINDOWS\system32\dqDLQDLQ1007.dll]  [N/A, ]
    [C:\WINDOWS\system32\ttDXYDXY1013.dll]  [N/A, ]
    [C:\WINDOWS\system32\dqDXYDXY1006.dll]  [N/A, ]
[PID: 3820 / user][C:\Program Files\Thunder Network\Thunder\Thunder.exe]  [Thunder Networking Technologies,LTD, 5.1.1.157]
    [C:\Program Files\Thunder Network\Thunder\UpdateDownload.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 2]
    [C:\Program Files\Thunder Network\Thunder\download_intexxxce.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 39]
    [C:\Program Files\Thunder Network\Thunder\log4cplus.dll]  [, 1, 0, 2, 1]
    [C:\Program Files\Thunder Network\Thunder\stlport_vc646.dll]  [STLport Consulting, Inc., 4.6.2003.1031]
    [C:\Program Files\Thunder Network\Thunder\historyinfo_manage.dll]  [Thunder Networking Technologies,LTD, 5, 2, 0, 148]
    [C:\WINDOWS\system32\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 17]
    [C:\Program Files\Internet Explorer\PLUGINS\Nt_Sys32.Sys]  [N/A, ]
    [C:\Program Files\Thunder Network\Thunder\iEmbed.dll]  [Thunder Networking Technologies,LTD, 1, 0, 1, 12]
    [C:\Program Files\Thunder Network\Thunder\RegisterDll.dll]  [Thunder Networking Technologies,LTD, 1, 2, 0, 4]
    [C:\Program Files\Thunder Network\Thunder\FloatBar.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 2]
    [C:\Program Files\Thunder Network\Thunder\Plugins\TingTing\TingTing.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 7]
    [C:\WINDOWS\system32\yxcsbhlp.dll]  [N/A, ]
    [C:\WINDOWS\system32\ypcqchlp.dll]  [N/A, ]
    [C:\WINDOWS\system32\zxmsawin.dll]  [N/A, ]
    [C:\Program Files\Thunder Network\Thunder\iTargetAd.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 46]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 3]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx]  [Adobe Systems, Inc., 9,0,124,0]
    [C:\WINDOWS\system32\ptjhchlp.dll]  [N/A, ]
    [C:\WINDOWS\system32\mpwdbapi.dll]  [N/A, ]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.17]
    [C:\WINDOWS\system32\ttCBDCBD1049.dll]  [N/A, ]
    [C:\WINDOWS\system32\zjydcx.dll]  [N/A, ]
    [C:\WINDOWS\system32\dqDABDAB1071.dll]  [N/A, ]
    [C:\WINDOWS\system32\dqBAIBAI1067.dll]  [N/A, ]
    [C:\WINDOWS\system32\dqMYSMYS1049.dll]  [N/A, ]
    [C:\WINDOWS\system32\dqSHYSHY1053.dll]  [N/A, ]
    [C:\WINDOWS\system32\dqQACQAC1044.dll]  [N/A, ]
    [C:\WINDOWS\system32\dqHADHAD1069.dll]  [N/A, ]
    [C:\WINDOWS\system32\dqSADSAD1042.dll]  [N/A, ]
    [C:\WINDOWS\system32\dqWLVWLV1014.dll]  [N/A, ]
    [C:\WINDOWS\system32\ttKAFKAF1072.dll]  [N/A, ]
    [C:\WINDOWS\system32\dqDLQDLQ1007.dll]  [N/A, ]
    [C:\WINDOWS\system32\ttDXYDXY1013.dll]  [N/A, ]
    [C:\WINDOWS\system32\dqDXYDXY1006.dll]  [N/A, ]
[PID: 3536 / user][D:\sreng2\SREngPS.EXE]  [Smallfrogs Studio, 2.5.16.900]
    [C:\WINDOWS\system32\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 17]
    [C:\Program Files\Internet Explorer\PLUGINS\Nt_Sys32.Sys]  [N/A, ]
    [C:\WINDOWS\system32\zxmsawin.dll]  [N/A, ]
    [C:\WINDOWS\system32\ypcqchlp.dll]  [N/A, ]
    [C:\WINDOWS\system32\yxcsbhlp.dll]  [N/A, ]
    [C:\WINDOWS\system32\zjydcx.dll]  [N/A, ]
    [C:\WINDOWS\system32\ptjhchlp.dll]  [N/A, ]
    [C:\WINDOWS\system32\mpwdbapi.dll]  [N/A, ]
    [D:\sreng2\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]
==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]
==================================
Winsock 提供者
N/A
==================================
Autorun.inf
N/A
==================================
HOSTS 文件
127.0.0.1      localhost
127.0.0.1  yu.8s7.net
127.0.0.1  1.jopanqc.com
127.0.0.1  2.joppnqq.com
127.0.0.1  wg.47255.com
127.0.0.1  1.joppnqq.com
127.0.0.1  xxx.m111.biz
127.0.0.1  1.jopenqc.com
127.0.0.1  1.jopenkk.com
127.0.0.1  xxx.vh7.biz
127.0.0.1  xxx.j41m.com
127.0.0.1  3.joppnqq.com
127.0.0.1  d.93se.com
127.0.0.1  www.868wg.com
127.0.0.1  xxx.mmma.biz
127.0.0.1  ilove.com
127.0.0.1  tp.shpzhan.cn
127.0.0.1  www.tomwg.com
127.0.0.1  www.cike007.cn
127.0.0.1  www.22aaa.com
127.0.0.1  xx.exiao01.com
127.0.0.1  www.exiao01.com
127.0.0.1  www.exiao01.com
127.0.0.1  new.749571.com
127.0.0.1  xtx.kv8.info
127.0.0.1  cao.kv8.info
127.0.0.1  1.jopmmqq.com
127.0.0.1  171817.171817.com
127.0.0.1  d2.llsging.com
127.0.0.1  down.malasc.cn
127.0.0.1  llboss.com
127.0.0.1  nx.51ylb.cn
127.0.0.1  my.531jx.cn
127.0.0.1  qqq.dzydhx.com
127.0.0.1  qqq.hao1658.com
127.0.0.1  www.333292.com
127.0.0.1  down.18dd.net
127.0.0.1  up.22x44.com
127.0.0.1  gxgxy.net
==================================
进程特权扫描
特殊特权被允许： SeLoadDriverPrivilege [PID = 936, C:\WINPENJR\WIN32\PPHIDPAD.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 976, C:\WINDOWS\VM_STI.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 684, C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 3820, C:\PROGRAM FILES\THUNDER NETWORK\THUNDER\THUNDER.EXE]
==================================
API HOOK
入口点错误：NtCreateFile (危险等级: 高,  被下面模块所HOOK: 0x003C3E0D)
入口点错误：NtWriteFile (危险等级: 高,  被下面模块所HOOK: 0x003C3EAD)
入口点错误：ZwCreateFile (危险等级: 高,  被下面模块所HOOK: 0x003C3E0D)
入口点错误：ZwWriteFile (危险等级: 高,  被下面模块所HOOK: 0x003C3EAD)
==================================
隐藏进程
N/A
==================================
[/CODE]

把日志文件作为附件上传，不要粘贴上来！
日志要完整的，就是从[code]到[/code]全都要，不要有任何删改

完整日志

1.用XDelBox勾选抑制再生后删除以下文件：(XDelBox1.6下载)
使用说明：删除时复制所有要删除文件的路径，在待删除文件列表里点击右键选择从剪贴板导入不检查路径，导入后在要删除文件上点击右键，选择立刻重启删除，电脑会重启进入DOS界面进行删除操作。运行xdelbox前最好卸载所有可移动存储介质（包括U盘，MP3，手机存储卡等）。

c:\windows\system32\csdlocalmon.dll
c:\windows\system32\ypcqchlp.dll
c:\windows\system32\dqwhxwhx1029.dll
c:\windows\system32\zptlbsys.dll
c:\windows\system32\yxcsbhlp.dll
c:\windows\system32\oohxbbyt.dll
c:\windows\system32\dqwhxwhx1012.dll
c:\windows\system32\dqbaibai1066.dll
c:\windows\system32\zycbbime.dll
c:\windows\system32\ypdjdbmp.dll
c:\windows\system32\zxptdjpg.dll
c:\windows\system32\ptjhchlp.dll
c:\windows\system32\yzztdmsn.dll
c:\windows\system32\dqdabdab1070.dll
c:\windows\system32\ypcqbhlp.dll
c:\windows\system32\mpmycapi.dll
c:\windows\system32\mpwdbapi.dll
c:\windows\system32\zxmsawin.dll
c:\windows\system32\drivers\ress.sys
c:\winpenjr\win32\pphidpad.exe
c:\windows\system32\drivers\pptchpd5.sys

2.删除重启后使用SREng修复下面各项：

    启动项目 －－ 注册表之如下项删除：
[{40AF1289-F140-A140-D012-C1458759FC04}]   
[{674bbd87-85d0-4144-849d-6c6d3b76cdec}]   
[{40940F85-F015-14F1-A05F-F69858AC6D04}]   
[{25671234-7890-ABCD-CDEF-567801237652}]   
[{3B1AEF69-DDAE-FDAD-DCAB-698F026ABDB3}]   
[{dfe891a8-b391-49a5-9315-19faa9b90be9}]   
[{f9f097ef-a5e3-4765-a6d9-1c08f9bc43e6}]   
[{2A698102-5904-AFD0-20DF-CD1A65829CA2}]   
[{61954FAC-1023-154F-895A-1458258AD816}]   
[{81698482-6555-3666-1222-954784129018}]   
[{328DF602-9541-A985-210A-984A698C6F23}]   
[{4490415F-65F8-B5C5-D8BA-9405FB120544}]   
[{0a204fa0-41c3-4f14-9e49-70fe27d954d5}]   
[{30AF1289-F140-A140-D012-C1458759FC03}]   
[{3629FF4F-ACDB-5C90-A098-FACB3456A263}]   
[{25694105-5108-9405-3695-954187462152}]   
[{4A041F13-A111-12A3-B0CF-F99818AA68A4}]   
[PPHIDPAD] 

    启动项目 －－ 服务－－ 驱动程序之如下项删除：
[XNGAnti / XNGAnti]   
[PenPower Touchpad / pptchpad]

    系统修复－－　浏览器加载项之如下项删除：
[]    <C:\WINDOWS\system32\zxptdjpg.dll>
[]    <C:\WINDOWS\system32\ypdjdbmp.dll>
[]    <C:\WINDOWS\system32\zxmsawin.dll>
[]    <C:\WINDOWS\system32\yzztdmsn.dll>
[]    <C:\WINDOWS\system32\ypcqchlp.dll>
[]    <C:\WINDOWS\system32\zptlbsys.dll>
[]    <C:\WINDOWS\system32\oohxbbyt.dll>
[]    <C:\WINDOWS\system32\mpmycapi.dll>
[]    <C:\WINDOWS\system32\ptjhchlp.dll>
[]    <C:\WINDOWS\system32\ypcqbhlp.dll>
[]    <C:\WINDOWS\system32\zycbbime.dll>
[]    <C:\WINDOWS\system32\mpwdbapi.dll>
[]    <C:\WINDOWS\system32\yxcsbhlp.dll>
[]    <C:\WINDOWS\system32\zxptdjpg.dll>
[]    <C:\WINDOWS\system32\ypdjdbmp.dll>
[]    <C:\WINDOWS\system32\zxmsawin.dll>
[]    <C:\WINDOWS\system32\yzztdmsn.dll>
[]    <C:\WINDOWS\system32\ypcqchlp.dll>
[]    <C:\WINDOWS\system32\zptlbsys.dll>
[]    <C:\WINDOWS\system32\oohxbbyt.dll>
[]    <C:\WINDOWS\system32\mpmycapi.dll>
[]    <C:\WINDOWS\system32\ptjhchlp.dll>
[]    <C:\WINDOWS\system32\ypcqbhlp.dll>
[]    <C:\WINDOWS\system32\zycbbime.dll>
[]    <C:\WINDOWS\system32\mpwdbapi.dll>
[]    <C:\WINDOWS\system32\yxcsbhlp.dll>

做完后下载以下软件清理一次：

清理系统临时文件和IE临时文件夹
http://www.atribune.org/public-beta/ATF-Cleaner.exe
用金山清理专家清理恶意软件
http://www.duba.net/zt/ksc/down.shtml
下载 windows清理助手清理一遍
http://www.arswp.com/download/arswp2/arswp2.zip

PS：以上有个文件未敢肯定是否是病毒
c:\winpenjr\win32\pphidpad.exe  以及有关的注册表项目和驱动都在以上用红色字体表示出  请楼主自行确认  如果不是病毒  从上面待处理列表中去除后处理剩下的

baidu搜到的，仅供参考
c:\winpenjr\win32\pphidpad.exe 
蒙恬手写板相关程序
不知道lz装了没有

新郎的头像很搞笑啊

非常感谢

  我总幻想着有一天能带着女的去吹牛………………