Description |
- Reboot your computer in Safe Mode – press and hold F8 while the machine is rebooting and choose Safe Mode from the menu when it appears.
- In Task Manager, terminate any process with one of the following names:
rundll16.exe
scanregw.exe
Update.exe
Winzip.exe
WINZIP_TMP.EXE
New WinZip File.exe
WinZip Quick Pick.exe
- Manually delete the following files from the Windows root and system directories, and the system registry:
%Windir%rundll16.exe
%System%scanregw.exe
%System%Update.exe
%System%Winzip.exe
%System%WINZIP_TMP.EXE
%System%New WinZip File.exe
%User Profile%Start MenuProgramsStartupWinZip Quick Pick.exe
- Delete the following value from the system registry:
[HKLMSoftwareMicrosoftWindowsCurrentVersionRun]
"ScanRegistry" = "scanregw.exe /scan"
- Reboot your computer and check you have deleted all infected messages from all mail folders.
- If any applications have been damanged (in most cases this will be antivirus solutions and firewall programs) you will need to re-install them.
- Perform a full scan of your computer (download a trial version of Kaspersky Anti-Virus here
|