[J:\Program Files\Thunder Network\Thunder\Program\log4cplus.dll]  [, 1, 0, 2, 1]
    [J:\Program Files\Thunder Network\Thunder\Program\asyn_dns.dll]  [Thunder Networking Technologies,LTD, 2, 11, 2, 22]
    [C:\WINDOWS\system32\cdnns.dll]  [CNNIC, 2, 0, 0, 0]
    [J:\Program Files\Thunder Network\Thunder\Program\iTargetAD.dll]  [Thunder Networking Technologies,LTD, 1, 0, 2, 12]
    [J:\Program Files\Thunder Network\Thunder\Program\BHOStub.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 8]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx]  [Adobe Systems, Inc., 9,0,28,0]
    [J:\Program Files\Thunder Network\Thunder\Components\DTAG\DTAG.dll]  [, 1, 0, 0, 1]
    [J:\Program Files\Thunder Network\Thunder\Program\LiveUpdate.dll]  [, 1, 0, 0, 9]
    [J:\Program Files\Thunder Network\Thunder\Program\UpdateDownload.dll]  [Thunder Networking Technologies,LTD, 1, 0, 1, 8]
    [J:\Program Files\Thunder Network\Thunder\Components\InMedia\iEmbedShell.dll]  [　, 1, 0, 0, 14]
    [j:\Program Files\Thunder Network\Thunder\Components\InMedia\iEmbed07.dll]  [　, 3, 1, 0, 58]
    [J:\Program Files\Thunder Network\Thunder\Components\Community\XLCommunity.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 10]
    [J:\Program Files\Thunder Network\Thunder\Program\RegisterDll.dll]  [Thunder Networking Technologies,LTD, 2, 2, 1, 42]
    [J:\Program Files\Thunder Network\Thunder\Components\Search\XLSearch.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 1]
    [J:\Program Files\Thunder Network\Thunder\Components\P4PClient\P4PClient.dll]  [Thunder Networking Technologies,LTD, 1, 0, 2, 3]
    [J:\Program Files\Thunder Network\Thunder\Plugins\BhoAdv\bho_adv.dll]  [深圳市迅雷网络技术有限公司, 1.0.1.0]
    [j:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
    [J:\Program Files\Thunder Network\Thunder\Program\msgmanage.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 15]
    [C:\PROGRA~1\Yahoo!\Assistant\Assist\yasbar.dll]  [yahoo! china, 3, 2, 6, 1084]
    [C:\WINDOWS\system32\msdmo.dll]  [N/A, N/A]
[PID: 5148][C:\Program Files\WinRAR\WinRAR.exe]  [N/A, N/A]
    [C:\WINDOWS\124327M.BMP]  [N/A, N/A]
    [C:\Program Files\CNNIC\Cdn\imaoe.dll]  [CNNIC, 2, 2, 0, 1]
    [C:\Program Files\CNNIC\Cdn\cdnforie.dll]  [CNNIC, 2, 1, 0, 4]
    [C:\Program Files\CNNIC\Cdn\cdndet.dll]  [CNNIC, 2, 5, 0, 0]
[PID: 5184][C:\DOCUME~1\Admin\LOCALS~1\Temp\Rar$EX00.594\SREng\SREng.exe]  [Smallfrogs Studio, 2.2.6.605]
    [C:\WINDOWS\124327M.BMP]  [N/A, N/A]
    [C:\Program Files\CNNIC\Cdn\imaoe.dll]  [CNNIC, 2, 2, 0, 1]
    [C:\Program Files\CNNIC\Cdn\cdnforie.dll]  [CNNIC, 2, 1, 0, 4]
    [C:\Program Files\CNNIC\Cdn\cdndet.dll]  [CNNIC, 2, 5, 0, 0]
    [C:\WINDOWS\system32\cdnns.dll]  [CNNIC, 2, 0, 0, 0]

==================================
文件关联
.TXT  Error. [C:\WINDOWS\notepad.exe %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost
127.0.0.1      www.winopen.cn
127.0.0.1      www.tanip.com
127.0.0.1      www.365tc.com
127.0.0.1      code.winopen.cn
127.0.0.1      code1.winopen.cn
127.0.0.1      code2.winopen.cn
127.0.0.1      code3.winopen.cn
127.0.0.1      code4.winopen.cn
127.0.0.1      www.djk66.com
127.0.0.1      www.158soft.com
127.0.0.1      www.10359172.com
127.0.0.1      www.ietool.cn
127.0.0.1      www.456link.com
127.0.0.1      www.159.com
127.0.0.1      www.17510.com
127.0.0.1      www.at58.cn
127.0.0.1      www.nb46.com
127.0.0.1      www.qqget.cn
127.0.0.1      www.6tan.com
127.0.0.1      www.ip321.cn
127.0.0.1    rhino.acme.com
127.0.0.1    x.acme.com
127.0.0.1    cn.47555.cn
127.0.0.1    new3.etsoft.com.cn
127.0.0.1    new3.etsoft.com
127.0.0.1    etsoft.com
127.0.0.1    wl.etsoft.com.cn
127.0.0.1    wl.etsoft.com
127.0.0.1    down.jschina.com.cn
127.0.0.1    down.jschina.com
127.0.0.1    jschina.com
127.0.0.1    wow.etsoft.com.cn
127.0.0.1    wow.etsoft.com
127.0.0.1    new3.etsoft.com.cn
127.0.0.1    new3.etsoft.com
127.0.0.1    sw.etsoft.com.cn
127.0.0.1    mh.etsoft.com.cn
127.0.0.1    wool.etsoft.com.cn
127.0.0.1    zt.soft.com.cn
127.0.0.1    www.gaodumm.com
127.0.0.1    www.97725.com
127.0.0.1    www.ac86.cn

==================================

红色的自己确认一下是否删除

运行SREng2,使用“启动项目”－－注册表－－删除
C:\WINDOWS\rund1132.exe
C:\PROGRA~1\svhost32.exe
C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\NTService32.dll",Run
C:\DOCUME~1\Admin\LOCALS~1\Temp\mhs2.exe
124327M.BMP

运行(双击)SRENG2，点“启动项目，服务，点“Win32服务应用程序”
勾选“隐藏微软服务”选中病毒服务
BFBDEBB8
Windows DHCP Service
Windows NT Service32
Server Advance
，选择“删除服务”
点“设置”选择“否”

运行(双击)SRENG2，点“启动项目，服务，点“驱动程序”
勾选“隐藏微软服务”选中病毒服务
cdnprot
djheghaa
sbrttg4
，选择“删除服务”
点“设置”选择“否”

运行SREng2,使用“系统修复”－－浏览器加载项－－删除
[CAdLogic Object]
{11F09AFD-75AD-4E51-AB43-E09E9351CE16} <C:\Program Files\Common Files\CPUSH\cpush.dll, N/A>
[Cbho Object]
{352E3B3A-CAB5-4DBC-B940-C7F84D0447D8} <C:\PROGRA~1\CNNIC\Cdn\cdndrag.dll, CNNIC>


重启按F８进入安全模式下
显示隐藏文件
删除：   
C:\Program Files\Common Files\CPUSH\cpush.dll
C:\PROGRA~1\CNNIC\Cdn\cdndrag.dll
\SystemRoot\System32\DRIVERS\sbrttg43.sys
SystemRoot\system32\drivers\djheghaa.sys
\SystemRoot\system32\drivers\cdnprot.sys
C:\WINDOWS\system32\Security.exe
windhcp.ocx
C:\WINDOWS\system32\BFBDEBB8.EXE
C:\WINDOWS\rund1132.exe
C:\PROGRA~1\svhost32.exe
C:\WINDOWS\system32\NTService32.dll
C:\DOCUME~1\Admin\LOCALS~1\Temp\清空文件夹
124327M.BMP

请下载LSPFix和WinsockXPFix这两个软件，
小软件下载
http://free5.ys168.com/?ufwihgu168
　　重新启动电脑, 进入安全模式。运行LSPFix.exe，删除：

cdnns.dll
如果无法上网，请运行WinsockXPFix，
让它修复一下。

楼主贴的图够大的