Tech Support Forum - View Single Post

Ried · 07-16-2005, 10:04 PM

Hi,

Download KillBox http://www.greyknight17.com/spy/KillBox.exe.

Reboot into Safe Mode.

Click Start>Run and type in regedit. Click File>Export and save a copy of the registry somewere in case you make a mistake.

Navigate to each of the following keys and delete the file/folder/entry that I highlighted in RED.

HKEY_CLASSES_ROOT\Interface\{00ada225-ea6c-4fb3-82e8-68189201ccb9}
HKEY_CLASSES_ROOT\Interface\{48E59292-9880-11CF-9754-00AA00C00908}
HKEY_CLASSES_ROOT\TypeLib\{15696ae2-6ea4-47f4-bea6-a3d32693efc7}

Run KillBox and check the box that says 'End Explorer Shell While Killing File'. Next click on 'Delete on Reboot'. For each of the following files below, check the box that says 'Unregister .dll Before Deleting' if it's not grayed out. Copy and paste each of the following into KillBox (hitting the X button for each file - choose NO when it asks if you want to reboot):

C:\PROGRAM FILES\Q330994.exe
C:\WINDOWS\SYSTEM32\ide21201.vxd
C:\DOCUMENTS AND SETTINGS\JONATHAN\FAVORITES\Casino & Carrers
C:\Documents and Settings\Family\Local Settings\Temp\wu.exe
C:\Documents and Settings\Jonathan\Local Settings\Temp\uninstall.exe
C:\WINDOWS\system32\temperror32.dat

Using Windows Explorer, delete the following files:

C:\PROGRAM FILES\Q330994.exe
C:\WINDOWS\SYSTEM32\ide21201.vxd
C:\DOCUMENTS AND SETTINGS\JONATHAN\FAVORITES\Casino & Carrers
C:\Documents and Settings\Family\Local Settings\Temp\wu.exe
C:\Documents and Settings\Jonathan\Local Settings\Temp\uninstall.exe
C:\WINDOWS\system32\temperror32.dat

Reboot into Normal Mode. Run another scan with Panda ActiveScan and post those results here.

07-16-2005, 10:04 PM	#5 (permalink)
Ried Assistant Manager, TSF Academy; Moderator/Analyst Security Team Join Date: Jan 2005 Location: Ohio Posts: 26,975 OS: WinXP and Vista	Hi, Download KillBox http://www.greyknight17.com/spy/KillBox.exe. Reboot into Safe Mode. Click Start>Run and type in regedit. Click File>Export and save a copy of the registry somewere in case you make a mistake. Navigate to each of the following keys and delete the file/folder/entry that I highlighted in RED. HKEY_CLASSES_ROOT\Interface\{00ada225-ea6c-4fb3-82e8-68189201ccb9} HKEY_CLASSES_ROOT\Interface\{48E59292-9880-11CF-9754-00AA00C00908} HKEY_CLASSES_ROOT\TypeLib\{15696ae2-6ea4-47f4-bea6-a3d32693efc7} Run KillBox and check the box that says 'End Explorer Shell While Killing File'. Next click on 'Delete on Reboot'. For each of the following files below, check the box that says 'Unregister .dll Before Deleting' if it's not grayed out. Copy and paste each of the following into KillBox (hitting the X button for each file - choose NO when it asks if you want to reboot): C:\PROGRAM FILES\Q330994.exe C:\WINDOWS\SYSTEM32\ide21201.vxd C:\DOCUMENTS AND SETTINGS\JONATHAN\FAVORITES\Casino & Carrers C:\Documents and Settings\Family\Local Settings\Temp\wu.exe C:\Documents and Settings\Jonathan\Local Settings\Temp\uninstall.exe C:\WINDOWS\system32\temperror32.dat Using Windows Explorer, delete the following files: C:\PROGRAM FILES\Q330994.exe C:\WINDOWS\SYSTEM32\ide21201.vxd C:\DOCUMENTS AND SETTINGS\JONATHAN\FAVORITES\Casino & Carrers C:\Documents and Settings\Family\Local Settings\Temp\wu.exe C:\Documents and Settings\Jonathan\Local Settings\Temp\uninstall.exe C:\WINDOWS\system32\temperror32.dat Reboot into Normal Mode. Run another scan with Panda ActiveScan and post those results here. __________________ Member of ASAP since 2005 Member of UNITE since 2006 "It is one life whether we spend it laughing or weeping." "Take the time to laugh--it is the music of the soul."