Download
KillBox v2.0.0.175 & save it to Desktop
I have attached a file to this post -
regdel.txt
Download it & rename it "regdel.REG" (inclusive of the quotes)
Make sure you do not mistakenly rename it as regdel.
reg.
txt (double extensions)
Double-click on it & answer YES when prompted to merge into the Registry
= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =
Uninstall the following programs, if present, using Control Panel->Add/Remove Programs:
Delete this directory/folder -
C:\Program Files\Media Gateway
= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =
Launch
KillBox.exe & select the following
options:
- Replace on Reboot
- Use Dummy
- end Explorer shell while killing file
- unregister dlll before deleting * if it's not grayed out
Select all the filenames below & then click on Notepad's 'Edit' menu & select Copy
- C:\WINDOWS\cnmirri.exe
C:\WINDOWS\cygjtam.exe
C:\WINDOWS\cygz.dll
C:\WINDOWS\mzorj.dll
C:\WINDOWS\SYSTEM32\37h52g2c.ini
C:\WINDOWS\SYSTEM32\7obevefj.ini
C:\WINDOWS\SYSTEM32\9uniq4jm.ini
C:\WINDOWS\SYSTEM32\aaodogso.exe
C:\WINDOWS\SYSTEM32\cygz.dll
C:\WINDOWS\SYSTEM32\eanrj.dll
C:\WINDOWS\SYSTEM32\fsjfsdj.dll
C:\WINDOWS\SYSTEM32\gtrtk8e9.ini
C:\WINDOWS\SYSTEM32\lj7k29es.ini
C:\WINDOWS\SYSTEM32\mqhmaaaa.exe
C:\WINDOWS\SYSTEM32\nlame.dll
C:\WINDOWS\SYSTEM32\pqdvdf.exe
C:\WINDOWS\SYSTEM32\rb10dolf.ini
C:\WINDOWS\SYSTEM32\vbskpro2.ocx
C:\WINDOWS\Tasks\RUTASK.job
C:\Documents and Settings\scott\Application Data\Sskdmns.dll
* Go to the File menu, and choose
Paste from Clipboard
* Click on the dropdown menu next to
Full Path of File to Delete field.
* Verify that the filenames you pasted are found there
* Click the
RED X button.
* Click Yes at the Delete on Reboot prompt.
* Click Yes at the 'Pending Operations prompt'.
Quote:
If you received a message such as: "PendingFileRenameOperations registry data has been removed by external process", you have to restart Windows manually .
If you receive a message such as: "Component 'MsComCtl.ocx' or one of its dependencies not correctly registered: a file is missing or invalid." when trying to run TheKillbox, download and run missingfilesetup.exe. Then try Killbox again.
|
= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =
After you have rebooted, run
CleanUp!
= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =
Next, perform an online scan with Internet Explorer with
Kaspersky WebScanner
Next Click on
Launch Kaspersky Anti-Virus Web Scanner
You will be promted to install an ActiveX component from Kaspersky, Click
Yes.
- The program will launch and then begin downloading the latest definition files:
- Once the files have been downloaded click on NEXT
- Now click on Scan Settings
- In the scan settings make that the following are selected:
- Scan using the following Anti-Virus database:
- Scan Options:
- Scan Archives
- Scan Mail Bases
- Click OK
- Now under select a target to scan:Select My Computer
- This will program will start and scan your system.
- The scan will take a while so be patient and let it run.
- Once the scan is complete it will display if your system has been infected.
- Now click on the Save as Text button:
- Save the file to your desktop.
Copy and paste that information in your next post along with a fresh HijackThis log
* Turn off the real time scanner of any existing antivirus program while performing the online scan
__________________
Question - what have you done for the community today?