This entry show that they're back
O4 - HKLM\..\Run: [dmqdg.exe] C:\WINDOWS\system32\dmqdg.exe
* * * * * * *
Let's do this with another variation.
Please download
KillBox v2.0.0.175.exe (it's important that you get version v2.0.0.175)
* * * * * * *
Run the tool again. Go to Start > Run - type
C:\fixwareout\FixIt.bat <Press Enter>
Follow the on-screen prompts & reboot your computer when instructed to do so.
After you have restarted, wait for HijackThis to launch automatically.
With HiJackThis & place a check next to these items and select "Fix checked":
O4 - HKLM\..\Run: [dmqdg.exe] C:\WINDOWS\system32\dmqdg.exe
## Note: You may see similarly named entries. Fix them but let me know their names later
Close HijackThis, and click
OK to proceed.
* * * * * * *
Then, Open the fixwareout log & look for these entries.. we want the
file-paths
»»»»» Search by size and names...
C:\WINDOWS\SYSTEM32\CSGFG.EXE
C:\WINDOWS\SYSTEM32\DMQWA.EXE
Take note of the
file-paths. These are the files we wanna killbox.
* * * * * * *
Launch KillBox.exe & select the following options:
- delete on Reboot
- All files (if available)
Use your mouse to select all the filenames highlighted & then right-click & select Copy
- C:\WINDOWS\SYSTEM32\CSGFG.EXE
C:\WINDOWS\SYSTEM32\DMQWA.EXE
* Go to the File menu, and choose
Paste from Clipboard
* Click the
RED X button.
* Click Yes at the Delete on Reboot prompt.
* Click Yes at the 'Pending Operations prompt'.
Let me know how that went
__________________
Question - what have you done for the community today?