【回复“lawrendc”的帖子】
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<updatereal><C:\WINDOWS\realupdate.exe other> [N/A]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
<{9C41D71E-069D-2052-0324-030818030056}><"C:\Program Files\Common Files\{9C41D71E-069D-2052-0324-030818030056}\Update.exe" te-110-12-0000057> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<CdnCtr><C:\Program Files\CNNIC\Cdn\cdnup.exe> [N/A]
<System><C:\WINDOWS\system32\hc.exe> []
<RichMedia><C:\WINDOWS\system32\Rundll32.exe "C:\PROGRA~1\pcast\hbcast.dll",WaitWindows> [Shanghai Henbang Technology Co., Ltd]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<221.exe><; C:\DOCUME~1\dengcong\LOCALS~1\Temp\221.exe Auto> [N/A]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
<Load><; C:\WINDOWS\system\tpkIM32.exe> [N/A]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<msnnt><; C:\WINDOWS\winamph.exe> []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<RichMedia><; C:\WINDOWS\system32\Rundll32.exe "C:\PROGRA~1\pcast\hbcast.dll",WaitWindows> [Shanghai Henbang Technology Co., Ltd]
<System><; C:\WINDOWS\system32\hc.exe> []
<winla><; c:\winla\winla.exe> []

删除这些启动项。
重启。
显示隐藏文件。
删除上述启动项指向的文件。
修复hosts文件（只保留其中的127.0.0.1      localhost）

打开sreng 启动项注册表删除
<System><; C:\WINDOWS\system32\hc.exe> []
<winla><; c:\winla\winla.exe> []<msnnt>
<; C:\WINDOWS\winamph.exe> []
<Load><; C:\WINDOWS\system\tpkIM32.exe> [N/A]

<221.exe><; C:\DOCUME~1\dengcong\LOCALS~1\Temp\221.exe Auto> [N/A]
<System><C:\WINDOWS\system32\hc.exe> []
updatereal><C:\WINDOWS\realupdate.exe other> [N/A]
<{9C41D71E-069D-2052-0324-030818030056}><"C:\Program Files\Common Files\{9C41D71E-069D-2052-0324-030818030056}\Update.exe" te-110-12-0000057> [N/A]
重启计算机 删除上述对应文件
然后用记事本打开C:\windows\system32\etc\hosts
删除61.135.150.114 www.8000qq.com
61.135.150.114 www.800f.net
61.135.150.114 www.1000sf.cn
61.135.150.114 jfengsha.comfb
61.135.150.114 www.1000yf.net
61.135.150.114 www.159sifu.com
61.135.150.114 www.9s5.cn
61.135.150.114 www.spbuy.net
61.135.150.114 www.wym.cn
61.135.150.114 www.cc4f.cn
61.135.150.114 mafan.net
61.135.150.114 www.6688qn.net
61.135.150.114 www.177z.com
61.135.150.114 www.131sf.net
61.135.150.114 tj.cntg.cn
61.135.150.114 www.spbuy.net
61.135.150.114 www.china45.net
61.135.150.114 www.ok22.com
61.135.150.114 www.17mi.net
61.135.150.114 www.sf8.com.cn
61.135.150.114 www.13177.com
61.135.150.114 ip94.fd4f.com
61.135.150.114 www.521it.net
61.135.150.114 www.ytdj.cn
61.135.150.114 www.fwoool.cn
61.135.150.114 www.5u37.net
61.135.150.114 www.87sf.com
61.135.150.114 ww1.swoool.com
61.135.150.114 wooljsz.cn
61.135.150.114 www.57wool.com
61.135.150.114 www.58816.com
61.135.150.114 www.spbuy.net
61.135.150.114 chuanqisjsf.blwool.com
61.135.150.114 www.woool188.com
61.135.150.114 www.sf1260.com
61.135.150.114 linf23.b12.cnwg.cn
61.135.150.114 www.wooolweb.com
61.135.150.114 www.yq520.net
61.135.150.114 www.cs222.com
61.135.150.114 www.ok22.com
61.135.150.114 www.7100sf.com
61.135.150.114 www.1352sf.com
61.135.150.114 www.458wool.cn
61.135.150.114 www.555woool.cn
61.135.150.114 www.kaosf.com
61.135.150.114 www.siyuwl.com
61.135.150.114 www.csjsz.cn
61.135.150.114 www.13177.com
61.135.150.114 www.458cs.com
61.135.150.114 www.5573.com
61.135.150.114 www.02945.com
61.135.150.114 www.pkchina.net
61.135.150.114 www.5181314.com
61.135.150.114 www.fknf2.com
61.135.150.114 www2.yoursf.com
61.135.150.114 www.paocs.com
61.135.150.114 www.sfboke.com
61.135.150.114 www.tt878.com
61.135.150.114 ww1.woool188.com
61.135.150.114 www.cs119.com
61.135.150.114 www.xdwoool.net
61.135.150.114 www.tt515.com
61.135.150.114 www.cs176.com
61.135.150.114 www.552sf.com
61.135.150.114 www.ipmir.com
61.135.150.114 www.898woool.com
61.135.150.114 www.qqks.com
61.135.150.114 www.368idc.com
61.135.150.114 www.csbaba.com
61.135.150.114 www.4745.cn
61.135.150.114 www.636400.com
61.135.150.114 www.oursf.cn
61.135.150.114 www.laiba173.com
61.135.150.114 www.14455.com
61.135.150.114 www.zheshan.net
61.135.150.114 zt.aaaaasf.cn
61.135.150.114 www.zt1314.cn
61.135.150.114 www.zt4f.net
61.135.150.114 www.zt002.com
61.135.150.114 www.amir3.com
61.135.150.114 www.sf1717.com
61.135.150.114 www.cq333.cn
61.135.150.114 www.3316.cn
61.135.150.114 www.sosmir3.com
61.135.150.114 www.95279.com
61.135.150.114 www.sf1788.com
61.135.150.114 www.4fboss.com
61.135.150.114 www.45net.net
61.135.150.114 www.ytdj.cn
61.135.150.114 www.laiba173.com
61.135.150.114 www.wow1314.com
61.135.150.114 www.zgwow.com
61.135.150.114 www.1000wow.net
61.135.150.114 www.gowowsf.com
61.135.150.114 www.wowsf.com
61.135.150.114 www.wxwow.com
61.135.150.114 520.xinwow.com
61.135.150.114 www.wowhelp.cn
61.135.150.114 www.800wow.com
61.135.150.114 www.56wow.com
61.135.150.114 www.45wow.com
61.135.150.114 www.sfhao123.net
61.135.150.114 www.lian2.cn
61.135.150.114 www.14455.com
61.135.150.114 www.sfgoogle.cn
61.135.150.114 www.45top.com
61.135.150.114 www.915mu.com
61.135.150.114 www.gm911.net
61.135.150.114 www.4000mu.com
61.135.150.114 www.99musf.com
61.135.150.114 www.mu45.com
61.135.150.114 www.369mu.com
61.135.150.114 www.525sf.com
61.135.150.114 www.2345w.com
61.135.150.114 www.3jsf.net
61.135.150.114 www.ttfsf.com
61.135.150.114 www.521ee.com
61.135.150.114 www.997j.com
61.135.150.114 www.wz4f.net
61.135.150.114 www.hott2.com
61.135.150.114 www.398q.com
61.135.150.114 www.tt1314.com
61.135.150.114 www.tt2sf.net
61.135.150.114 www.sifu114.com
61.135.150.114 www.2z2.cn
61.135.150.114 www.haosf.com
61.135.150.114 www.cqsf999.com
61.135.150.114 www.zhaosf.com
61.135.150.114 www.920666.com
61.135.150.114 www.450666.com
61.135.150.114 www.3000ok.com
61.135.150.114 www.3000ok.net
61.135.150.114 www.sf001.com
61.135.150.114 www.92045.com
61.135.150.114 www.45bang.com
61.135.150.114 www.30ok.com
61.135.150.114 www.cqsf999.com
61.135.150.114 www.sf123.com
61.135.150.114 www.sf920.com
61.135.150.114 www.99945.com
61.135.150.114 www.176sf.com
61.135.150.114 www.mir2mir2.com
61.135.150.114 www.33520.com
61.135.150.114 www.xp13.com
61.135.150.114 www.45yes.com
61.135.150.114 www.920666.com
61.135.150.114 www.450666.com
61.135.150.114 www.92095.com
61.135.150.114 www.17ww.com
61.135.150.114 www.4000sf.com
61.135.150.114 www.haouc.com
61.135.150.114 www.921uc.com
61.135.150.114 17126.uc999.com
61.135.150.114 www.45pao.com
61.135.150.114 www.177g.com
61.135.150.114 www.95217.com
61.135.150.114 www.2345sf.com
下载超级兔子 清理流氓软件

就这样就ok了吗？？？

这样的步骤已经很复杂了
你中了很多病毒

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<CdnCtr><C:\Program Files\CNNIC\Cdn\cdnup.exe> [N/A]

这个怎么都删不掉~~~ 怎么处理

C:\Program Files\CNNIC\Cdn\cdnup.exe>
超级兔子 卸载 是网络实名软件

[PID: 1020][C:\WINDOWS\system32\ad1.exe] [Microsoft Corporation, 5.380.0690]
还有马儿↑

C:\Program Files\Common Files\{9C41D71E-069D-2052-0324-030818030056}\Update.exe
这个病毒在Internet临时文件夹里，最好先清空临时文件夹，否则删除后又来了！！！
打开IE，“工具”－“Internet选项”－“常规”点击删除文件，然后勾选删除脱机内容

<221.exe><; C:\DOCUME~1\dengcong\LOCALS~1\Temp\221.exe Auto> [N/A]
这个没有找到？ 在哪儿呢？？

然后用记事本打开C:\windows\system32\etc\hosts 这个位置下我没看见etc文件夹，我打开了显示隐藏文件的

另外 哪个木马怎么处理？？ad1.exe 进程里没有 系统文件夹下也没找到

另外,我的系统在启动后报错: 加载 c:windows\system32\xggjpf68.dll时出错,另一程序正在使用,进程无法访问.
  这又怎么处理???谢谢~~~~`