[snively]

HI Excal,

I got all the way to the part where to"Click yes at the Delete on Reboot prompt",
and a window pops up saying...

"PENDING FILE RENAME OPERATIONS REGESTRY DATA HAS BEEN REMOVED
BY EXTERNAL PROCESS!"

The winik file and the uuxosuxu file were not deleted any suggestions.

[Advertisements]

Go ahead and do this - we're going to see if we can use command prompt to rename the infected file.

please copy these instructions and paste them into notepad for use while in safe mode

Please reboot your computer into safe mode.

Once in Safe Mode go to start > run and type:

sc stop winik

then type in:

sc delete winik

go to Start > Run

Type in: cmd

Click OK.

Please copy the following line and paste it into the black window:

CD C:\WINDOWS\system32\drivers

Hit enter.

attrib -r -s -h winik.sys

Hit enter

It will go to the next line, then copy this line and paste it in:

rename winik.sys winik.old

Then hit enter

del winik.old

then hit enter.

Now this one:

Go to start>run and type in CMD, then hit ok

Type the following:

cd C:\

then enter>

cd PROGRAM FILES

then enter>

cd uuxosuxu

then enter>

attrib -r -s -h bMQDD0BN.exe

then enter>

del bMQDD0BN.exe

then enter>


Locate fixme.reg on your Desktop and double-click on it. You will receive a prompt similar to: "Do you wish to merge the information into the registry?". Answer "Yes" and wait for a message to appear similar to "Merged Successfully".

reboot then attempt to delete the uuxosuxu folder again.

Please let me know how this worked out.

[Excal]

Go ahead and do this - we're going to see if we can use command prompt to rename the infected file.

please copy these instructions and paste them into notepad for use while in safe mode

Please reboot your computer into safe mode.

Once in Safe Mode go to start > run and type:

sc stop winik

then type in:

sc delete winik

go to Start > Run

Type in: cmd

Click OK.

Please copy the following line and paste it into the black window:

CD C:\WINDOWS\system32\drivers

Hit enter.

attrib -r -s -h winik.sys

Hit enter

It will go to the next line, then copy this line and paste it in:

rename winik.sys winik.old

Then hit enter

del winik.old

then hit enter.

Now this one:

Go to start>run and type in CMD, then hit ok

Type the following:

cd C:\

then enter>

cd PROGRAM FILES

then enter>

cd uuxosuxu

then enter>

attrib -r -s -h bMQDD0BN.exe

then enter>

del bMQDD0BN.exe

then enter>


Locate fixme.reg on your Desktop and double-click on it. You will receive a prompt similar to: "Do you wish to merge the information into the registry?". Answer "Yes" and wait for a message to appear similar to "Merged Successfully".

reboot then attempt to delete the uuxosuxu folder again.

Please let me know how this worked out.

[Excal]

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.