I can't type Chinese since the usp10 virus hit me on 26th Jan, sorry~~!!!!!

用户系统信息：Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)

首先搜索于中毒日期创建的
usp10.dll
psapi.dll
全部删除

然后
从XP-sp3
拷
C:\WINDOWS\system32\ctfmon.exe
替换本机相同文件
替换方法：
http://bbs.ikaka.com/showtopic-8561436.aspx

1.建议使用XDelBox删除以下文件：(XDelBox1.8下载)
使用说明：删除时复制所有要删除文件的路径，在待删除文件列表里点击右键选择从剪贴板导入，导入后在要删除文件上点击右键，选择立刻重启删除，电脑会重启进入DOS界面进行删除操作。运行xdelbox前最好卸载所有可移动存储介质（包括U盘，MP3，手机存储卡等）。

c:\windows\fonts\ctmres.dll
c:\docume~1\admini~1\locals~1\temp\527809
c:\docume~1\admini~1\locals~1\temp\445132
c:\docume~1\admini~1\locals~1\temp\185566
c:\windows\fonts\ctm01025.ttf
c:\windows\fonts\ctm03004.ttf
c:\windows\fonts\ctm11008.ttf
c:\windows\system32\akocochg.dll
c:\windows\system32\befnecek.dll
c:\windows\system32\cnioogfa.dll
c:\windows\system32\dahecihg.dll
c:\windows\system32\djeaonjc.dll
c:\windows\system32\effmoppd.dll
c:\windows\system32\ighghnok.dll
c:\windows\system32\emnconoh.dll
c:\windows\system32\jklpghnj.dll
c:\windows\system32\jlbdeeho.dll
c:\windows\system32\nejnikmc.dll
c:\windows\system32\oanjmnfb.dll
c:\windows\system32\pifamlbd.dll
c:\docume~1\admini~1\locals~1\temp\wowinitcode.dat
c:\program files\internet explorer\powernent.onz
c:\windows\system32\ajningpe.dll
c:\windows\system32\bdkkjoia.dll
c:\windows\system32\bpehgpjo.dll
c:\windows\system32\ddjpgppf.dll
c:\windows\system32\djhlpoid.dll
c:\windows\system32\jgkcbieb.dll
c:\windows\system32\jlilneki.dll
c:\windows\system32\kffhjlnf.dll
c:\windows\system32\majgoadb.dll
c:\windows\system32\oddkpaih.dll
c:\windows\system32\okkeakkf.dll
c:\windows\system32\ponnoeic.dll
c:\windows\system32\blfpblnj.dll
c:\windows\system32\ojlgbglb.dll
c:\windows\system32\fhacfmhn.dll
c:\windows\system32\onaealai.dll
c:\windows\system32\jdamhpji.dll
c:\windows\system32\faajapkl.dll
c:\windows\system32\jgmcedki.dll
c:\windows\system32\ipfaknmb.dll
c:\windows\system32\becnjgha.dll
c:\windows\system32\fpfbgpmp.dll
c:\windows\system32\bjciojfb.dll
c:\windows\system32\nhmjglne.dll
c:\windows\system32\ggdalabg.dll
c:\windows\system32\cekghkeb.dll
c:\windows\system32\dejgbdjp.dll
c:\windows\system32\oahokncn.dll
c:\windows\system32\pjcjaodo.dll
c:\windows\system32\apihmpkp.dll
c:\windows\system32\gkidaajm.dll
c:\windows\system32\kgnkkoja.dll
c:\windows\system32\ifdbhpdm.dll
c:\windows\system32\nbmpjloc.dll
c:\windows\system32\gmkkmplc.dll
c:\windows\system32\mmmllbnn.dll
c:\windows\system32\cdbfkmnk.dll
c:\windows\system32\lkldkoge.dll
c:\windows\system32\ichpjbme.dll
c:\windows\system32\oipcnbkh.dll
c:\windows\system32\naefhjnk.dll
c:\windows\system32\fjknfano.dll
c:\windows\system32\fcmkdbmg.dll
c:\windows\system32\kpjmeimo.dll
c:\windows\system32\donpglhm.dll
c:\windows\system32\fepciepb.dll
c:\windows\system32\kdggadin.dll
c:\windows\system32\kaidahoo.dll
c:\windows\system32\gclikakl.dll
c:\windows\system32\lccfcibd.dll
c:\windows\system32\hjndnnjm.dll
c:\windows\system32\fihjkapp.dll
c:\windows\system32\bookdihb.dll
c:\windows\system32\embaanni.dll
c:\windows\system32\opnoggnh.dll
c:\windows\system32\aajembkk.dll
c:\windows\system32\fpgpbnca.dll
c:\windows\system32\bfajicje.dll
c:\windows\system32\acfmajdh.dll
c:\windows\system32\gbeonfol.dll
c:\windows\system32\lelolgpj.dll
c:\windows\system32\aepejaeh.dll
c:\windows\system32\eaknkppi.dll
c:\windows\system32\clbohjdj.dll
c:\windows\system32\bhappped.dll
c:\windows\system32\immldkic.dll
c:\windows\system32\jlpfijbi.dll
c:\windows\system32\jiopglhd.dll
c:\windows\system32\lciafogg.dll
c:\windows\system32\bahknlgn.dll
c:\windows\system32\jgejpomd.dll
c:\windows\system32\hnlfmccn.dll
c:\windows\system32\dbbodgek.dll
c:\windows\system32\miajcgjl.dll
c:\windows\system32\ohnfackf.dll
c:\windows\system32\pfdkmhlg.dll
c:\windows\system32\fdlhkijm.dll
c:\windows\system32\jifkcdbi.dll
c:\windows\system32\jgdhddkg.dll
c:\windows\system32\ghcnlhcd.dll
c:\docume~1\admini~1\locals~1\temp\upbmlbtcdltk
c:\windows\system32\37c7e13d.dat
c:\windows\system32\drivers\msiffei.sys

2.删除重启后使用SREng修复下面各项：

    启动项目 －－ 注册表之如下项删除：
[B9E10938]    <C:\WINDOWS\system32\bpehgpjo.dll>
[4FF1357F]    <C:\WINDOWS\system32\kffhjlnf.dll>
[35257E42]    <C:\WINDOWS\system32\jlilneki.dll>
[DD39099F]    <C:\WINDOWS\system32\ddjpgppf.dll>
[98778E2C]    <C:\WINDOWS\system32\ponnoeic.dll>
[304CB2EB]    <C:\WINDOWS\system32\jgkcbieb.dll>
[844EA44F]    <C:\WINDOWS\system32\okkeakkf.dll>
[6A308ADB]    <C:\WINDOWS\system32\majgoadb.dll>
[D315982D]    <C:\WINDOWS\system32\djhlpoid.dll>
[A372709E]    <C:\WINDOWS\system32\ajningpe.dll>
[BD44382A]    <C:\WINDOWS\system32\bdkkjoia.dll>
[8DD49A21]    <C:\WINDOWS\system32\oddkpaih.dll>
[EFF6899D]    <C:\WINDOWS\system32\effmoppd.dll>
[{B9E10938-BC5D-4788-849D-81E368B665AA}]    <C:\WINDOWS\system32\bpehgpjo.dll>
[{4FF1357F-0B5E-4D68-924F-7B0634B1430D}]    <C:\WINDOWS\system32\kffhjlnf.dll>
[{35257E42-5E95-4615-B540-8A3E1D5B3DAD}]    <C:\WINDOWS\system32\jlilneki.dll>
[{DD39099F-C525-4DC5-8233-5BA401318151}]    <C:\WINDOWS\system32\ddjpgppf.dll>
[{98778E2C-94B8-4F81-965D-4653D33A0D49}]    <C:\WINDOWS\system32\ponnoeic.dll>
[{304CB2EB-F52D-48CE-B7D3-16859BDE60CA}]    <C:\WINDOWS\system32\jgkcbieb.dll>
[{844EA44F-501B-4064-9FC8-948B56FC0F96}]    <C:\WINDOWS\system32\okkeakkf.dll>
[{6A308ADB-3710-4BAD-A725-C81B49A849E3}]    <C:\WINDOWS\system32\majgoadb.dll>
[{D315982D-997F-471E-B665-B69C8413FF54}]    <C:\WINDOWS\system32\djhlpoid.dll>
[{A372709E-6AAC-4B89-B0C2-CAF73992E8AE}]    <C:\WINDOWS\system32\ajningpe.dll>
[{BD44382A-3A42-4C40-B7FA-D261C216E70C}]    <C:\WINDOWS\system32\bdkkjoia.dll>
[{EFF6899D-B97C-4BBA-BBC0-F7C870982870}]    <C:\WINDOWS\system32\effmoppd.dll>
[{8DD49A21-8BD8-4C68-B4AB-C85855BF9647}]    <C:\WINDOWS\system32\oddkpaih.dll>
[{B5F9B573-0F78-467B-AFDD-1ADE97F332FA}]    <C:\WINDOWS\system32\blfpblnj.dll>
[{8350B05B-30A0-426F-A09C-8C9EAAAF2460}]    <C:\WINDOWS\system32\ojlgbglb.dll>
[{F1ACF617-4646-4CF2-A8EA-41E6EDE80198}]    <C:\WINDOWS\system32\fhacfmhn.dll>
[{87AEA5A2-2F1D-4511-B58C-206B0D3A8973}]    <C:\WINDOWS\system32\onaealai.dll>
[{3DA61932-27C0-4A0B-9B08-665F5A041463}]    <C:\WINDOWS\system32\jdamhpji.dll>
[{FAA3A945-F856-4F84-94AE-5A21FF8E0FB7}]    <C:\WINDOWS\system32\faajapkl.dll>
[{3DA61932-27C0-4A0B-9B08-665F5A041463}]    <C:\WINDOWS\system32\jdamhpji.dll>
[{306CED42-25E8-4DE6-B094-4A07AEB537EC}]    <C:\WINDOWS\system32\jgmcedki.dll>
[{29FA476B-4CFD-463A-9578-FBC500316A2B}]    <C:\WINDOWS\system32\ipfaknmb.dll>
[{BEC7301A-45D7-42A5-B6A8-042B13D62753}]    <C:\WINDOWS\system32\becnjgha.dll>
[{F9FB0969-A44A-47CC-9C16-E71645C7AFE0}]    <C:\WINDOWS\system32\fpfbgpmp.dll>
[{B3C283FB-C34A-45BF-8246-639EA1F6288A}]    <C:\WINDOWS\system32\bjciojfb.dll>
[{7163057E-9766-4469-992B-4F5F829779BC}]    <C:\WINDOWS\system32\nhmjglne.dll>
[{00DA5AB0-B516-4C27-A042-DE544BF32C1D}]    <C:\WINDOWS\system32\ggdalabg.dll>
[{CE4014EB-015E-41AD-9848-79F7269EEF44}]    <C:\WINDOWS\system32\cekghkeb.dll>
[{DE30BD39-0D04-47DD-9451-BA148CE2249C}]    <C:\WINDOWS\system32\dejgbdjp.dll>
[{8A1847C7-825E-4897-8FC7-4B55C6ED099D}]    <C:\WINDOWS\system32\oahokncn.dll>
[{93C3A8D8-5D77-4DF6-B5B0-961259772C07}]    <C:\WINDOWS\system32\pjcjaodo.dll>
[{A9216949-3E82-42A4-845B-E8828F81C51C}]    <C:\WINDOWS\system32\apihmpkp.dll>
[{042DAA36-F7BF-46F6-AEFB-D40895E66BC8}]    <C:\WINDOWS\system32\gkidaajm.dll>
[{4074483A-F5B4-43E2-8525-D443E80F993F}]    <C:\WINDOWS\system32\kgnkkoja.dll>
[{2FDB19D6-02F8-40D7-B304-A680DA850255}]    <C:\WINDOWS\system32\ifdbhpdm.dll>
[{7B69358C-A120-4B3F-AA86-663DC1BCCF39}]    <C:\WINDOWS\system32\nbmpjloc.dll>
[{0644695C-0842-415A-B2B4-A94202F3EE0C}]    <C:\WINDOWS\system32\gmkkmplc.dll>
[{7B69358C-A120-4B3F-AA86-663DC1BCCF39}]    <C:\WINDOWS\system32\nbmpjloc.dll>
[{66655B77-86FA-4A63-AF74-76B4791EF727}]    <C:\WINDOWS\system32\mmmllbnn.dll>
[{CDBF4674-05AB-4BEE-91F9-CA1154CBB3B7}]    <C:\WINDOWS\system32\cdbfkmnk.dll>
[{545D480E-A588-4C46-A228-6534A1D093FB}]    <C:\WINDOWS\system32\lkldkoge.dll>
[{2C193B6E-95EF-434C-90E3-29E1252664F2}]    <C:\WINDOWS\system32\ichpjbme.dll>
[{829C7B41-E488-4144-B8BA-B64272F6F4C9}]    <C:\WINDOWS\system32\oipcnbkh.dll>
[{7AEF1374-6E1C-4CD3-A8ED-72529D47C548}]    <C:\WINDOWS\system32\naefhjnk.dll>
[{F347FA78-1D66-4C86-9D1C-7C23C0417BE8}]    <C:\WINDOWS\system32\fjknfano.dll>
[{FC64DB60-E107-4C3E-8A9D-88644BFE5C52}]    <C:\WINDOWS\system32\fcmkdbmg.dll>
[{4936E268-A090-4436-9194-1613BED89BB1}]    <C:\WINDOWS\system32\kpjmeimo.dll>
[{D8790516-E237-4721-9ED6-7F6AC12E8BEA}]    <C:\WINDOWS\system32\donpglhm.dll>
[{4936E268-A090-4436-9194-1613BED89BB1}]    <C:\WINDOWS\system32\kpjmeimo.dll>
[{FE9C2E9B-F1B4-4540-A877-26709FE18FA3}]    <C:\WINDOWS\system32\fepciepb.dll>
[{4D00AD27-4EF2-42FE-9D2F-14F4D6048726}]    <C:\WINDOWS\system32\kdggadin.dll>
[{4A2DA188-2B66-45C2-8089-579C3C7AB1CD}]    <C:\WINDOWS\system32\kaidahoo.dll>
[{0C524A45-CC23-485B-878A-EED02989E007}]    <C:\WINDOWS\system32\gclikakl.dll>
[{5CCFC2BD-D728-47E8-8064-9EB6F53FE607}]    <C:\WINDOWS\system32\lccfcibd.dll>
[{5CCFC2BD-D728-47E8-8064-9EB6F53FE607}]    <C:\WINDOWS\system32\lccfcibd.dll>
[{137D7736-CBC2-424B-B036-82F700756DBE}]    <C:\WINDOWS\system32\hjndnnjm.dll>
[{F2134A99-C9CC-441F-82F6-84D3CD5790BC}]    <C:\WINDOWS\system32\fihjkapp.dll>
[{B884D21B-2982-45BD-92DD-8034A0EE4808}]    <C:\WINDOWS\system32\bookdihb.dll>
[{E6BAA772-C21A-4684-9B9B-0EFC00360EEF}]    <C:\WINDOWS\system32\embaanni.dll>
[{89780071-93CF-412B-91FA-682DFDB4C80C}]    <C:\WINDOWS\system32\opnoggnh.dll>
[{AA3E6B44-D68E-4DDC-A244-698DF5AAF726}]    <C:\WINDOWS\system32\aajembkk.dll>
[{F909B7CA-0E10-49C0-87F0-C42C7D98A7EE}]    <C:\WINDOWS\system32\fpgpbnca.dll>
[{BFA32C3E-4195-403C-A42A-F937E44EE932}]    <C:\WINDOWS\system32\bfajicje.dll>
[{ACF6A3D1-7F5E-4276-84C1-A639ACB31359}]    <C:\WINDOWS\system32\acfmajdh.dll>
[{0BE87F85-3AB2-4571-B439-6832387EA10D}]    <C:\WINDOWS\system32\gbeonfol.dll>
[{5E585093-7E04-4DE1-A30C-DB0780E03694}]    <C:\WINDOWS\system32\lelolgpj.dll>
[{5E585093-7E04-4DE1-A30C-DB0780E03694}]    <C:\WINDOWS\system32\lelolgpj.dll>
[{AE9E3AE1-819F-45C1-82AA-6AF34426D2E4}]    <C:\WINDOWS\system32\aepejaeh.dll>
[{EA474992-FD56-4ACB-AB26-14211424C226}]    <C:\WINDOWS\system32\eaknkppi.dll>
[{C5B813D3-D61C-46F2-BC38-2E519BDA3642}]    <C:\WINDOWS\system32\clbohjdj.dll>
[{B1A999ED-A1B3-489D-B7B8-990BB8D7BFC0}]    <C:\WINDOWS\system32\bhappped.dll>
[2665D42C]    <C:\WINDOWS\system32\immldkic.dll>
[359F23B2]    <C:\WINDOWS\system32\jlpfijbi.dll>
[3289051D]    <C:\WINDOWS\system32\jiopglhd.dll>
[5C2AF800]    <C:\WINDOWS\system32\lciafogg.dll>
[BA147507]    <C:\WINDOWS\system32\bahknlgn.dll>
[30E3986D]    <C:\WINDOWS\system32\jgejpomd.dll>
[175F6CC7]    <C:\WINDOWS\system32\hnlfmccn.dll>
[DBB8D0E4]    <C:\WINDOWS\system32\dbbodgek.dll>
[62A3C035]    <C:\WINDOWS\system32\miajcgjl.dll>
[817FAC4F]    <C:\WINDOWS\system32\ohnfackf.dll>
[9FD46150]    <C:\WINDOWS\system32\pfdkmhlg.dll>
[FD514236]    <C:\WINDOWS\system32\fdlhkijm.dll>
[FD514236]    <C:\WINDOWS\system32\fdlhkijm.dll>
[32F4CDB2]    <C:\WINDOWS\system32\jifkcdbi.dll>
[32F4CDB2]    <C:\WINDOWS\system32\jifkcdbi.dll>
[30D1DD40]    <C:\WINDOWS\system32\jgdhddkg.dll>
[01C751CD]    <C:\WINDOWS\system32\ghcnlhcd.dll>
[8350B05B]    <C:\WINDOWS\system32\ojlgbglb.dll>
[F1ACF617]    <C:\WINDOWS\system32\fhacfmhn.dll>
[87AEA5A2]    <C:\WINDOWS\system32\onaealai.dll>
[FAA3A945]    <C:\WINDOWS\system32\faajapkl.dll>
[3DA61932]    <C:\WINDOWS\system32\jdamhpji.dll>
[306CED42]    <C:\WINDOWS\system32\jgmcedki.dll>
[29FA476B]    <C:\WINDOWS\system32\ipfaknmb.dll>
[BEC7301A]    <C:\WINDOWS\system32\becnjgha.dll>
[F9FB0969]    <C:\WINDOWS\system32\fpfbgpmp.dll>
[B3C283FB]    <C:\WINDOWS\system32\bjciojfb.dll>
[7163057E]    <C:\WINDOWS\system32\nhmjglne.dll>
[00DA5AB0]    <C:\WINDOWS\system32\ggdalabg.dll>
[CE4014EB]    <C:\WINDOWS\system32\cekghkeb.dll>
[DE30BD39]    <C:\WINDOWS\system32\dejgbdjp.dll>
[8A1847C7]    <C:\WINDOWS\system32\oahokncn.dll>
[93C3A8D8]    <C:\WINDOWS\system32\pjcjaodo.dll>
[A9216949]    <C:\WINDOWS\system32\apihmpkp.dll>
[042DAA36]    <C:\WINDOWS\system32\gkidaajm.dll>
[4074483A]    <C:\WINDOWS\system32\kgnkkoja.dll>
[2FDB19D6]    <C:\WINDOWS\system32\ifdbhpdm.dll>
[0644695C]    <C:\WINDOWS\system32\gmkkmplc.dll>
[7B69358C]    <C:\WINDOWS\system32\nbmpjloc.dll>
[66655B77]    <C:\WINDOWS\system32\mmmllbnn.dll>
[CDBF4674]    <C:\WINDOWS\system32\cdbfkmnk.dll>
[545D480E]    <C:\WINDOWS\system32\lkldkoge.dll>
[2C193B6E]    <C:\WINDOWS\system32\ichpjbme.dll>
[829C7B41]    <C:\WINDOWS\system32\oipcnbkh.dll>
[7AEF1374]    <C:\WINDOWS\system32\naefhjnk.dll>
[F347FA78]    <C:\WINDOWS\system32\fjknfano.dll>
[FC64DB60]    <C:\WINDOWS\system32\fcmkdbmg.dll>
[D8790516]    <C:\WINDOWS\system32\donpglhm.dll>
[4936E268]    <C:\WINDOWS\system32\kpjmeimo.dll>
[FE9C2E9B]    <C:\WINDOWS\system32\fepciepb.dll>
[4A2DA188]    <C:\WINDOWS\system32\kaidahoo.dll>
[4D00AD27]    <C:\WINDOWS\system32\kdggadin.dll>
[0C524A45]    <C:\WINDOWS\system32\gclikakl.dll>
[5CCFC2BD]    <C:\WINDOWS\system32\lccfcibd.dll>
[137D7736]    <C:\WINDOWS\system32\hjndnnjm.dll>
[F2134A99]    <C:\WINDOWS\system32\fihjkapp.dll>
[B884D21B]    <C:\WINDOWS\system32\bookdihb.dll>
[B884D21B]    <C:\WINDOWS\system32\bookdihb.dll>
[E6BAA772]    <C:\WINDOWS\system32\embaanni.dll>
[89780071]    <C:\WINDOWS\system32\opnoggnh.dll>
[AA3E6B44]    <C:\WINDOWS\system32\aajembkk.dll>
[F909B7CA]    <C:\WINDOWS\system32\fpgpbnca.dll>
[BFA32C3E]    <C:\WINDOWS\system32\bfajicje.dll>
[ACF6A3D1]    <C:\WINDOWS\system32\acfmajdh.dll>
[0BE87F85]    <C:\WINDOWS\system32\gbeonfol.dll>
[5E585093]    <C:\WINDOWS\system32\lelolgpj.dll>
[AE9E3AE1]    <C:\WINDOWS\system32\aepejaeh.dll>
[AE9E3AE1]    <C:\WINDOWS\system32\aepejaeh.dll>
[EA474992]    <C:\WINDOWS\system32\eaknkppi.dll>
[C5B813D3]    <C:\WINDOWS\system32\clbohjdj.dll>
[B1A999ED]    <C:\WINDOWS\system32\bhappped.dll>
  <AppInit_DLLs><C:\WINDOWS\fonts\CtmRes.dll,aepejaeh.dll,eaknkppi.dll,clbohjdj.dll,bhappped.dll,kmon.dll,effmoppd.dll,oddkpaih.dll,bdkkjoia.dll,ajningpe.dll,djhlpoid.dll,majgoadb.dll,okkeakkf.dll,jgkcbieb.dll,ponnoeic.dll,ddjpgppf.dll,jlilneki.dll,kffhjlnf.dll,bpehgpjo.dll>  []
改为<kmon.dll>

  启动项目 －－ 服务－－ 驱动程序之如下项删除：
(勾选隐藏已认证的微软项目,选中有问题的驱动/服务后，点"删除服务"，点"设置"按钮即可。注意弹出的窗口中要点"否NO"才是确认删除服务）

[reqngztgxlds / reqngztgxlds]    <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\upbmlbtcdltk>
[Safe Mon 360 / SafeMon0]    <\??\C:\WINDOWS\system32\37C7E13D.dat>
[msiffei / msiffei]    <System32\Drivers\msiffei.sys>

    系统修复－－　浏览器加载项之如下项删除：
[]    <C:\Program Files\Internet Explorer\PowerNeNt.Onz>

**************以上分析报告由SREngLog分析助手提供******************

I cannot clean every virus,can you help me????

My English is bad

Please Remove regedit or Try Removal Tool                Download    http://devbuilds.kaspersky-labs.com/devbuilds/AVPTool/

found The following Threat:
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><kmon.dll,ehbbjicf.dll,boeibcjn.dll,epelomdm.dll,pmibapki.dll,akjdfieg.dll,dncaempi.dll,appfdddo.dll,hegbdmdl.dll,fkefcjnh.dll,jadilgcc.dll,emfaoopp.dll,ncehfnhk.dll,okogmigj
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{1E0BD6D5-55A2-432A-A862-E4F48D972CCD}><C:\WINDOWS\system32\hegbdmdl.dll>  []
    <{A99FDDD8-34A8-419A-8180-FCC64AE5AADD}><C:\WINDOWS\system32\appfdddo.dll>  []
    <{962BA942-2060-43A6-8188-3F9A0D519A6C}><C:\WINDOWS\system32\pmibapki.dll>  []
    <{D7CAE692-F779-4BDB-B6BC-3F0CEDB956F0}><C:\WINDOWS\system32\dncaempi.dll>  []
    <{B8E2BC37-3F4B-4266-B646-5F66192AA450}><C:\WINDOWS\system32\boeibcjn.dll>  []
    <{E1BB32CF-E1ED-41DD-ADAB-C65D7380A436}><C:\WINDOWS\system32\ehbbjicf.dll>  []
    <{E9E586D6-8B8A-416D-9B9A-2E67E753A49D}><C:\WINDOWS\system32\epelomdm.dll>  []
    <{3AD250CC-BE96-4D3E-BC08-49B05BF45847}><C:\WINDOWS\system32\jadilgcc.dll>  []
    <{E6FA8899-B437-4FB9-B04B-F54CD3C5B69B}><C:\WINDOWS\system32\emfaoopp.dll>  []
    <{A43DF2E0-BBE0-4694-85E0-924C7ADA9A48}><C:\WINDOWS\system32\akjdfieg.dll>  []
    <{84806203-EC27-423D-8263-437DE3A105DA}><C:\WINDOWS\system32\okogmigj.dll>  []
    <{7CE1F714-FE0D-4387-95A2-452420F2C565}><C:\WINDOWS\system32\ncehfnhk.dll>  []
    <{F4EFC371-47B5-404F-8677-49CF2DD2A5AE}><C:\WINDOWS\system32\fkefcjnh.dll>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <1E0BD6D5><C:\WINDOWS\system32\hegbdmdl.dll>  []
    <A99FDDD8><C:\WINDOWS\system32\appfdddo.dll>  []
    <962BA942><C:\WINDOWS\system32\pmibapki.dll>  []
    <D7CAE692><C:\WINDOWS\system32\dncaempi.dll>  []
    <B8E2BC37><C:\WINDOWS\system32\boeibcjn.dll>  []
    <E1BB32CF><C:\WINDOWS\system32\ehbbjicf.dll>  []
    <E9E586D6><C:\WINDOWS\system32\epelomdm.dll>  []
    <3AD250CC><C:\WINDOWS\system32\jadilgcc.dll>  []
    <E6FA8899><C:\WINDOWS\system32\emfaoopp.dll>  []
    <A43DF2E0><C:\WINDOWS\system32\akjdfieg.dll>  []
    <84806203><C:\WINDOWS\system32\okogmigj.dll>  []
    <7CE1F714><C:\WINDOWS\system32\ncehfnhk.dll>  []
    <F4EFC371><C:\WINDOWS\system32\fkefcjnh.dll>  []
The Threat is running
    [C:\WINDOWS\system32\ehbbjicf.dll]  [N/A, ]
    [C:\WINDOWS\system32\boeibcjn.dll]  [N/A, ]
    [C:\WINDOWS\system32\epelomdm.dll]  [N/A, ]
    [C:\WINDOWS\system32\pmibapki.dll]  [N/A, ]
    [C:\WINDOWS\system32\akjdfieg.dll]  [N/A, ]
    [C:\WINDOWS\system32\dncaempi.dll]  [N/A, ]
    [C:\WINDOWS\system32\appfdddo.dll]  [N/A, ]
    [C:\WINDOWS\system32\hegbdmdl.dll]  [N/A, ]
    [C:\WINDOWS\system32\fkefcjnh.dll]  [N/A, ]
    [C:\WINDOWS\system32\jadilgcc.dll]  [N/A, ]
    [C:\WINDOWS\system32\emfaoopp.dll]  [N/A, ]
    [C:\WINDOWS\system32\ncehfnhk.dll]  [N/A, ]
    [C:\WINDOWS\system32\okogmigj.dll]  [N/A, ]

Please replacement this program
to  C:\WINDOWS\SYSTEM32

建议断网操作：

系统目录外的其他各软件程序同目录内病毒恶意创建的usp10.dll文件，以及QQ目录内被病毒恶意创建的psapi.dll文件先上传，之后全部删除




使用XDelBox(下载地址：http://bbs.ikaka.com/attachment.aspx?attachmentid=446806）
删除以下文件：（使用说明：删除时复制所有要删除文件的路径，在待删除文件列表里点击右键选择剪贴板导入.在要删除文件上点击右键，选择立刻重启删除，电脑会重启进入DOS界面进行删除操作。运行xdelbox前最好卸载所有可移动存储设备

c:\windows\system32\akjdfieg.dll
c:\windows\system32\appfdddo.dll
c:\windows\system32\boeibcjn.dll
c:\windows\system32\dncaempi.dll
c:\windows\system32\ehbbjicf.dll
c:\windows\system32\emfaoopp.dll
c:\windows\system32\epelomdm.dll
c:\windows\system32\fkefcjnh.dll
c:\windows\system32\hegbdmdl.dll
c:\windows\system32\jadilgcc.dll
c:\windows\system32\ncehfnhk.dll
c:\windows\system32\okogmigj.dll
c:\windows\system32\pmibapki.dll
c:\program files\internet explorer\powernent.onz
c:\windows\system32\ctfmon.exe
c:\windows\system32\ieoecgeh.dll
c:\windows\system32\odapblce.dll
c:\windows\system32\fbmbbipg.dll
c:\windows\system32\dgffhajk.dll

删除重启后使用SREng修复下面各项：

启动项目 －－ 注册表之如下项删除：

<{2665D42C-5EF5-4EB6-ACA7-E220A2EBD8BD}><C:\WINDOWS\system32\immldkic.dll>  [File is missing]
    <{359F23B2-2F7E-4F06-AF2E-86ACC8704F0D}><C:\WINDOWS\system32\jlpfijbi.dll>  [File is missing]
    <{3289051D-D8FB-42ED-A14D-E8868190B65A}><C:\WINDOWS\system32\jiopglhd.dll>  [File is missing]
    <{5C2AF800-1E99-4F97-9FE2-07F9634FB9AA}><C:\WINDOWS\system32\lciafogg.dll>  [File is missing]
    <{BA147507-ADE8-465D-A063-807E7BBF6221}><C:\WINDOWS\system32\bahknlgn.dll>  [File is missing]
    <{30E3986D-DD27-42B7-B5AB-0FDC40420DE8}><C:\WINDOWS\system32\jgejpomd.dll>  [File is missing]
    <{175F6CC7-9992-4636-BFA6-1E84765F13D6}><C:\WINDOWS\system32\hnlfmccn.dll>  [File is missing]
    <{DBB8D0E4-2708-420D-8BBD-5B4925E58944}><C:\WINDOWS\system32\dbbodgek.dll>  [File is missing]
    <{62A3C035-2B8C-4B55-BE3B-3DAA695289FB}><C:\WINDOWS\system32\miajcgjl.dll>  [File is missing]
    <{817FAC4F-C5B8-42C1-AB73-93A8C45D0C0B}><C:\WINDOWS\system32\ohnfackf.dll>  [File is missing]
    <{9FD46150-D5C5-4732-8C99-B71184FF9E74}><C:\WINDOWS\system32\pfdkmhlg.dll>  [File is missing]
    <{6A8D34D7-08D7-421F-AFF6-956A0BD6F0BF}><C:\Program Files\Internet Explorer\PowerNeNt.Onz>  []
    <{FD514236-692C-4F46-B36E-0014B46170CB}><C:\WINDOWS\system32\fdlhkijm.dll>  [File is missing]
    <{32F4CDB2-9AF0-4297-904B-223E36A9D70A}><C:\WINDOWS\system32\jifkcdbi.dll>  [File is missing]
    <{30D1DD40-ED1F-4B7F-8AAE-498B4DC1421F}><C:\WINDOWS\system32\jgdhddkg.dll>  [File is missing]
    <{01C751CD-F176-4D38-B62E-32A7F940F940}><C:\WINDOWS\system32\ghcnlhcd.dll>  [File is missing]
    <{2E8EC0E1-0B43-47FB-B1B4-740FDBCCEECC}><C:\WINDOWS\system32\ieoecgeh.dll>  [File is missing]
    <{8DA9B5CE-AA4C-4D04-BFCD-B1481FF23573}><C:\WINDOWS\system32\odapblce.dll>  [File is missing]
    <{FB6BB290-83B8-4C86-8EE6-26530C6E4162}><C:\WINDOWS\system32\fbmbbipg.dll>  [File is missing]
    <{D0FF1A34-1B8B-406C-96D5-9A05778F50FA}><C:\WINDOWS\system32\dgffhajk.dll>  [File is missing]
    <{1E0BD6D5-55A2-432A-A862-E4F48D972CCD}><C:\WINDOWS\system32\hegbdmdl.dll>  []
    <{A99FDDD8-34A8-419A-8180-FCC64AE5AADD}><C:\WINDOWS\system32\appfdddo.dll>  []
    <{962BA942-2060-43A6-8188-3F9A0D519A6C}><C:\WINDOWS\system32\pmibapki.dll>  []
    <{D7CAE692-F779-4BDB-B6BC-3F0CEDB956F0}><C:\WINDOWS\system32\dncaempi.dll>  []
    <{B8E2BC37-3F4B-4266-B646-5F66192AA450}><C:\WINDOWS\system32\boeibcjn.dll>  []
    <{E1BB32CF-E1ED-41DD-ADAB-C65D7380A436}><C:\WINDOWS\system32\ehbbjicf.dll>  []
    <{E9E586D6-8B8A-416D-9B9A-2E67E753A49D}><C:\WINDOWS\system32\epelomdm.dll>  []
    <{3AD250CC-BE96-4D3E-BC08-49B05BF45847}><C:\WINDOWS\system32\jadilgcc.dll>  []
    <{E6FA8899-B437-4FB9-B04B-F54CD3C5B69B}><C:\WINDOWS\system32\emfaoopp.dll>  []
    <{A43DF2E0-BBE0-4694-85E0-924C7ADA9A48}><C:\WINDOWS\system32\akjdfieg.dll>  []
    <{84806203-EC27-423D-8263-437DE3A105DA}><C:\WINDOWS\system32\okogmigj.dll>  []
    <{7CE1F714-FE0D-4387-95A2-452420F2C565}><C:\WINDOWS\system32\ncehfnhk.dll>  []
    <{F4EFC371-47B5-404F-8677-49CF2DD2A5AE}><C:\WINDOWS\system32\fkefcjnh.dll>  []

    <B5F9B573><C:\WINDOWS\system32\blfpblnj.dll>  [File is missing]
    <2E8EC0E1><C:\WINDOWS\system32\ieoecgeh.dll>  [File is missing]
    <8DA9B5CE><C:\WINDOWS\system32\odapblce.dll>  [File is missing]
    <FB6BB290><C:\WINDOWS\system32\fbmbbipg.dll>  [File is missing]
    <D0FF1A34><C:\WINDOWS\system32\dgffhajk.dll>  [File is missing]
    <1E0BD6D5><C:\WINDOWS\system32\hegbdmdl.dll>  []
    <A99FDDD8><C:\WINDOWS\system32\appfdddo.dll>  []
    <962BA942><C:\WINDOWS\system32\pmibapki.dll>  []
    <D7CAE692><C:\WINDOWS\system32\dncaempi.dll>  []
    <B8E2BC37><C:\WINDOWS\system32\boeibcjn.dll>  []
    <E1BB32CF><C:\WINDOWS\system32\ehbbjicf.dll>  []
    <E9E586D6><C:\WINDOWS\system32\epelomdm.dll>  []
    <3AD250CC><C:\WINDOWS\system32\jadilgcc.dll>  []
    <E6FA8899><C:\WINDOWS\system32\emfaoopp.dll>  []
    <A43DF2E0><C:\WINDOWS\system32\akjdfieg.dll>  []
    <84806203><C:\WINDOWS\system32\okogmigj.dll>  []
    <7CE1F714><C:\WINDOWS\system32\ncehfnhk.dll>  []
    <F4EFC371><C:\WINDOWS\system32\fkefcjnh.dll>  []

<AppInit_DLLs><kmon.dll,ehbbjicf.dll,boeibcjn.dll,epelomdm.dll,pmibapki.dll,akjdfieg.dll,dncaempi.dll,appfdddo.dll,hegbdmdl.dll,fkefcjnh.dll,jadilgcc.dll,emfaoopp.dll,ncehfnhk.dll,okogmigj.dll>
编辑为<AppInit_DLLs><kmon.dll>

启动项目 －－ 服务－－ 驱动程序之如下项删除:
SREng-在"启动项目->服务－>驱动程序中"选中"隐藏已认证的微软项目"然后删除下面名称的驱动程序(选中有问题的驱动后，点"删除服务"，点“设置”按钮即可。注意弹出的窗口中要点 "否NO"才是确认删除服务）(不能删除的就禁用:启动类型改为disabled,点中修改启动类型，点设置):


Safe Mon 360 / SafeMon0disabled


系统修复——浏览器加载项之如下项删除

[]
  {6A8D34D7-08D7-421F-AFF6-956A0BD6F0BF} <C:\Program Files\Internet Explorer\PowerNeNt.Onz, N/A>
[]
  {6A8D34D7-08D7-421F-AFF6-956A0BD6F0BF} <C:\Program Files\Internet Explorer\PowerNeNt.Onz, N/A>


http://bbs.ikaka.com/showtopic-8417665.aspx#3508975找ctfmon.exe放到C:\windows\system32下


用下载的“清理临时文件工具ATF-Cleaner-cn”，全选所有项目，点击“立即清理”
下载：http://bbs.ikaka.com/attachment.aspx?attachmentid=447126
用W i n d o w s 清理助手 ，清理系统。
W i n d o w s 清理助手 下载：http://www.arswp.com/

两位。。。
楼主是外国的
我们的中文对他们来说是鸟语——————不知所云
还有就是天月说的我那个鸟文工具终于能用上了。。。。

只不过 输入法没了打不出汉字而已

那个标题不是中文的么

你看看标题通顺？
标准复制的

sorry...I'm Chinese..
I just cannot type Chinese since the virus hit me on 27th Jan~~!!
My English is also very bad!!
SO!! please type Chinese,thank you!!!!!!!!!!!!!!!!!!!!!!!