|
Please print out or copy this page to Notepad. Make sure to work through the fixes in the exact order it is mentioned below. If there's anything that you don't understand, ask your question(s) before proceeding with the fixes. You should not have any open browsers when you are following the procedures below.
Go to Start->Run and type in regedit and hit OK. Go to File->Export and save the registry somewhere as a backup. While in the Registry Editor, navigate to:
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\ and delete fmtmgsgy
If any of the above registry keys are giving you problems deleting, right click on them and click on Permissions. Then click on the Advanced button. Make sure the first box (Inherit from parent...) is checked. Click OK and OK. Then try deleting the entry again. Once you're done, close the Registry Editor.
Boot into Safe Mode. Check and fix this in HijackThis:
O4 - HKLM\..\Run: [KavSvc] C:\WINDOWS\System32\vimira.exe
Delete this file -> C:\WINDOWS\System32\vimira.exe
Restart and post a new HjiackThis log and FindQoologic log. Also try running remv3 and rkfiles.bat again. I want to see if anything changed since then.
__________________
Please do NOT PM me. Post whatever questions you may have in the forum and we will take a look at it when we get to it. If you have waited for more than 3 days, you may then and ONLY then PM me for assistance. I will take a look at it.
|