补充
[C:\DOCUME~1\admin\LOCALS~1\Temp\Rav21.dll] [N/A, ]
[C:\DOCUME~1\admin\LOCALS~1\Temp\LgSy0.dll] [N/A, ]
[C:\DOCUME~1\admin\LOCALS~1\Temp\Gjzo1.dll] [N/A, ]
[C:\DOCUME~1\admin\LOCALS~1\Temp\Kavs0.dll] [N/A, ]
[C:\DOCUME~1\admin\LOCALS~1\Temp\fyzo0.dll] [N/A, ]
[C:\DOCUME~1\admin\LOCALS~1\Temp\Msxo0.dll] [N/A, ]
[C:\WINNT\TEMP\LgSy0.dll] [N/A, ]~~~真多

我要疯了

引用:

【蓝狐Lovepig的贴子】HOSTS 文件 127.0.0.1 localhost 127.0.0.1 mmm.caifu18.net 127.0.0.1 www.18dmm.com 127.0.0.1 d.qbbd.com 127.0.0.1 www.5117music.com 127.0.0.1 www.union123.com 127.0.0.1 www.wu7x.cn 127.0.0.1 www.54699.com 127.0.0.1 60.169.0.66 127.0.0.1 60.169.1.29 127.0.0.1 www.97725.com 127.0.0.1 down.97725.com 127.0.0.1 ip.315hack.com 127.0.0.1 ip.54liumang.com 127.0.0.1 www.41ip.com 127.0.0.1 xulao.com 127.0.0.1 www.heixiou.com 127.0.0.1 www.9cyy.com 127.0.0.1 www.hunll.com 127.0.0.1 www.down.hunll.com 127.0.0.1 do.77276.com 127.0.0.1 www.baidulink.com 127.0.0.1 adnx.yygou.cn 127.0.0.1 222.73.220.45 127.0.0.1 www.f5game.com 127.0.0.1 www.guazhan.cn 127.0.0.1 wm,103715.com 127.0.0.1 www.my6688.cn 127.0.0.1 i.96981.com 127.0.0.1 d.77276.com 127.0.0.1 www1.cw988.cn 127.0.0.1 cool.47555.com 127.0.0.1 www.asdwc.com 127.0.0.1 55880.cn 127.0.0.1 61.152.169.234 127.0.0.1 cc.wzxqy.com 127.0.0.1 www.54699.com 127.0.0.1 t.gcuj.com 127.0.0.1 www.puma163.com 127.0.0.1 ceoww.com 留下127.0.0.1 localhost 其余删除 ………………

这个删掉了又会出现

删除注册表里的
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<vy2><C:\DOCUME~1\admin\LOCALS~1\Temp\crasos.exe> []
<xq52fz972><C:\DOCUME~1\admin\LOCALS~1\Temp\1explore.exe> []
<hkgrh6r><C:\DOCUME~1\admin\LOCALS~1\Temp\Servera.exe> []
<b><C:\DOCUME~1\admin\LOCALS~1\Temp\winlog0n.exe> []
<zk8><C:\DOCUME~1\admin\LOCALS~1\Temp\rundl132.exe> []
<5ke><C:\DOCUME~1\admin\LOCALS~1\Temp\c0nime.exe> []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<cmdbcs><C:\WINNT\cmdbcs.exe> []
<stup.exe><C:\PROGRA~1\TENCENT\Adplus\stup.exe> [Tencent](这是个坏东西)

这个东西比较可疑的驱动
WINIO / WINIO][Stopped/Manual Start]
<\??\C:\WINNT\Downloaded Program Files\winio.sys><N/A>
[QKeyServiceDisplay / QKeyService][Running/Boot Start]
<\SystemRoot\system32\KeyCrypt.sys><>

删除
[C:\DOCUME~1\admin\LOCALS~1\Temp\Rav21.dll] [N/A, ]
[C:\DOCUME~1\admin\LOCALS~1\Temp\LgSy0.dll] [N/A, ]
[C:\DOCUME~1\admin\LOCALS~1\Temp\Gjzo1.dll] [N/A, ]
[C:\DOCUME~1\admin\LOCALS~1\Temp\Kavs0.dll] [N/A, ]
[C:\DOCUME~1\admin\LOCALS~1\Temp\fyzo0.dll] [N/A, ]
[C:\DOCUME~1\admin\LOCALS~1\Temp\Msxo0.dll] [N/A, ]
[C:\WINNT\TEMP\LgSy0.dll] [N/A, ]

请别忘记把C:\DOCUME~1\admin\LOCALS~1\Temp的TEMP文件夹清空,不然又要发作的

把下面的全删了吧,保留127.0.0.1 localhost
127.0.0.1 mmm.caifu18.net
127.0.0.1 www.18dmm.com
127.0.0.1 d.qbbd.com
127.0.0.1 www.5117music.com
127.0.0.1 www.union123.com
127.0.0.1 www.wu7x.cn
127.0.0.1 www.54699.com
127.0.0.1 60.169.0.66
127.0.0.1 60.169.1.29
127.0.0.1 www.97725.com
127.0.0.1 down.97725.com
127.0.0.1 ip.315hack.com
127.0.0.1 ip.54liumang.com
127.0.0.1 www.41ip.com
127.0.0.1 xulao.com
127.0.0.1 www.heixiou.com
127.0.0.1 www.9cyy.com
127.0.0.1 www.hunll.com
127.0.0.1 www.down.hunll.com
127.0.0.1 do.77276.com
127.0.0.1 www.baidulink.com
127.0.0.1 adnx.yygou.cn
127.0.0.1 222.73.220.45
127.0.0.1 www.f5game.com
127.0.0.1 www.guazhan.cn
127.0.0.1 wm,103715.com
127.0.0.1 www.my6688.cn
127.0.0.1 i.96981.com
127.0.0.1 d.77276.com
127.0.0.1 www1.cw988.cn
127.0.0.1 cool.47555.com
127.0.0.1 www.asdwc.com
127.0.0.1 55880.cn
127.0.0.1 61.152.169.234
127.0.0.1 cc.wzxqy.com
127.0.0.1 www.54699.com
127.0.0.1 t.gcuj.com
127.0.0.1 www.puma163.com
127.0.0.1 ceoww.com
可能不是很全,希望其他高手补充和指点

另外记事本是在开始菜单---所有程序---附件里面有的,把那个批处理文件代码复制进去保存好就可以了,关键是那个要是.BAT后缀名