I've seen a lot of removal techniques posted in the internet for this infection and most of the victims returned unsatisfied because of manual registry editing of a very very crucial system key --userinit.
In these instructions, file deletions are manual but registry fix is automated --that way, errors can be minimized and success rate is higher.
How to remove Imgkulot:
Note: Be sure to insert your flashdrives before we begin!
Configure your machine to view hidden files:
Windows XP
Click Start.
Open My Computer..
Select the Tools menu and click Folder Options.
Select the View Tab.
Under the "Hidden files and folders" heading select Show hidden files and folders.
Uncheck the Hide Protected Operating System Files Option.
Click Yes to confirm.
Click OK.
Open my computer and open the drive of your flashdrive (ie. E:\) After you have opened it, search for autorun.inf and any imgkulot.* files then delete all of them.
*= any extension
After that,
Click Start > Search > Click "All Files and Folders".
Under look in: make sure it's in "my computer"
Under "Advanced Options", make sure the following are checked:
*Search System Folders.
*Search Hidden Files And Folders.
*Search Subfolders.
Then into the search box, copy and paste each of these:
imgkulot.*
autorun.inf
Then, click Search after you copy and paste each of those. After that, delete all instances of those files.
empty your recycle bin.
______
Open notepad.
Copy and paste the bolded green text below into Notepad
Choose File > Save As and under "Save as type", choose "All Files".
Type fix.reg in the File name and save it to your desktop.
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
;
Make sure there are NO blank lines before REGEDIT4
Find the fix.reg file on your desktop.
Double click it.
It will then ask if you want the file merged to your registry.
Answer Yes.
Reboot.
Hope this helps.
Should the problems persist, use the malware removal forums links on the right side for help.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment