Posted by: phuchungbhutia | March 9, 2009

Kinza and Pen Drive Virus Removal

I saw a small .bat file Kinza Virus Remover in my friends PC. Download from here:

http://www.ziddu.com/download/6321132/kinzaremoval.zip.html

Some details could be found here :
source : http://www.troublefixers.com/remove-kinza-virus-with-free-kinza-removal-tool/

Remove Kinza Virus With Free Kinza Removal Tool

Trouble:

There are hell lot of virus which infects Windows and makes your computer respond slowly to each action. One such virus is Kinza.exe virus. It comes normally through virus infected pen drives and Internet.

virus-in-pen-drive

What does Kinza.exe Virus do ?

Firstly it makes your computer too slow in doing anything, restricts to use Task Manager, Regedit, Command Prompt, msconfig and Group Policy etc. All these windows tool like task manager or command prompt or regedit flashes for a second when user try to launch them and then nothing happens.

All these tools opens for few seconds and then close themselves, most common example would be command prompt flashes for a second when tried to be launched. Kinza virus also disable folder options in windows and remove folder options from windows explorer. It creates a lot of exe and boot.vbs files which got executed on system startup.

Let’s see how to remove kinza virus from your infected computer system.

Fix:

In order to remove kinza virus, you will need to download the Kinza Virus Removal Patch and run it in the Windows’s safe mode.

Note: Make sure to turn off system restore before using kinza removal tool.

How to Use Kinza Removal Tool

( Download Link to kinza removal tool is given at the bottom )

1. Restart your computer in safe mode, for this you will need to press F8 at the time of Windows  boot to enter in Windows Safe Mode.

2. Run Kinza Removal Tool to delete kinza virus from your system.

3. Delete temp files and Internet temp file.

Download Kinza Removal Tool

And then ….

source : http://www.troublefixers.com/remove-your-pen-drive-and-autorun-viruses-with-smart-virus-remover/

Remove your pen drive and autorun viruses with smart virus remover

window.google_render_ad(); Trouble:

We receive a majority of virus problems which are due to virus which spread through pen drives, cd’s and other portable devices like mp3 players, ipod etc.

smart-virus-remover

Today, we have come up with a free tool called smart virus removal by Muhammad Abdullah. This small tool will let you remove a group of viruses from your system including the following list of viruses.

  • Virus.Win32.Agent.aw.a
  • Virus.Win32.AutoIt.a.a
  • Virus.Win32.AutoRun.abt.a
  • im.worm.win32.sohanad.bm.a
  • im.worm.win32.sohanad.t.a
  • Trojan.Win32.Agent.abt.aTrojan-Downloader.Win32.AutoIt.aa.a
  • Trojan-Downloader.Win32.AutoIt.q.a
  • Trojan-PSW.Win32.OnLineGames.mgw.com.a
  • Trojan-PSW.Win32.OnLineGames.pno.a.com
  • Virus.Win32.AutoRun.ajn.com

Let’s see how can you use smart virus remover tool to eliminate any on these mentioned viruses from your computer or pen drive.

window.google_render_ad();
window.google_render_ad();Fix:

Smart Virus Remover is simple tool which gives you four main options for virus removal, which includes:

  • Delete Autorun.inf files
  • Restore Windows to default settings
  • Remove Virus  from a Folder
  • Remove Virus from USB

If your windows drive does not open mouse double click, you can also easily delete those autorun.inf files which stops a drive being opened on mouse double click, this utility will be most help full in such a kind of associations.

We hope this tool which will help delete autorun.inf viruses from your computer and also on other portable drives, Smart virus removal tool was quit forum like History, EULA,Disclaimer, Newer Version Check .

Download Smart Virus Remover

About these ads

Responses

  1. How to remove kinza.exe?
    source : http://ssovit.com/how-to-remove-kinzaexe.html

    kinza.exe is one of the malware that has been a trouble to lots of people as it spread. This kinda virus is easy remove but it gives a lots of trouble till is lies in the victim’s computer or laptop. Basically, it attacks the system registry and modifies it to keep it alive. As a result you won’t be able to access most of the window’s components like Task Manager, Comand Prompt, Regedit, msconfig, gpedit. You can open these components but it suddenly shuts down which is what i did hate the most!!

    How to remove kinza.exe?

    1. Download the Kinza.exe Removal Tool here.

    http://ssovit.com/wp-content/uploads/2008/11/kinza.zip

    2. Turn off the System Restore point.
    3. Restart the computer the computer in Safemode.
    4. double click kinza.bat from the extracted file.
    5. Delete temp file and internet temp file.
    6. Restart the computer.

  2. SmitFraudFix v2.400 (WinXP, Win2K)
    Download:

    Use this URL to download the latest version (the file contains both English and French versions):

    http://siri.urz.free.fr/Fix/SmitfraudFix.exe

    Mirrors: Alternate official download locations for Smitfraudfix.zip

    http://siri.geekstogo.com/SmitfraudFix.exe

    http://downloads.securitycadets.com/SmitfraudFix.exe

    Zebulon.fr

    Use:

    * Search:
    o Double-click SmitfraudFix.exe
    o Select 1 and hit Enter to create a report of the infected files. The report can be found at the root of the system drive, usually at C:\rapport.txt

    * Clean:
    o Reboot your computer in Safe Mode (before the Windows icon appears, tap the F8 key continually)
    o Double-click SmitfraudFix.exe
    o Select 2 and hit Enter to delete infect files.
    o You will be prompted: Do you want to clean the registry ? answer Y (yes) and hit Enter in order to remove the Desktop background and clean registry keys associated with the infection.
    o The tool will now check if wininet.dll is infected. You may be prompted to replace the infected file (if found): Replace infected file ? answer Y (yes) and hit Enter to restore a clean file.
    o A reboot may be needed to finish the cleaning process. The report can be found at the root of the system drive, usually at C:\rapport.txt

    * Optional:
    o To restore Trusted and Restricted site zone, select 3 and hit Enter.
    o You will be prompted: Restore Trusted Zone ? answer Y (yes) and hit Enter to delete trusted zone.

    Note:

    process.exe is detected by some antivirus programs (AntiVir, Dr.Web, Kaspersky) as a “RiskTool”. It is not a virus, but a program used to stop system processes. Antivirus programs cannot distinguish between “good” and “malicious” use of such programs, therefore they may alert the user.

    http://www.beyondlogic.org/consulting/processutil/processutil.htm

  3. Nice article. You can find pen drive virus protection methods at http://www.srnmicro.com/customers/techfaq.htm

  4. here is the bat file content of kinza removal and also many other edits
    just save it as .bat file and run in xp

    @echo off
    color F1
    echo _khAttAm_’s kinza Remover
    echo ————————-
    echo This script will help you
    echo remove a virus named
    echo kinza from your computer.
    echo However, it has been meant
    echo to do no harm, I take no
    echo resposibility for what
    echo this program does to your
    echo PC.
    echo Close this to end this
    echo script now, or if you wish
    echo to run it, then
    pause
    echo.
    echo.
    echo Starting Process Kill
    echo ———————
    echo.
    taskkill /IM wscript.exe /F /T
    taskkill /IM wgatray.exe /F /T
    taskkill /IM imapd.exe /F /T
    taskkill /IM imapdb.exe /F /T
    taskkill /IM dxdlg.exe /F /T
    taskkill /IM svchost32.exe /F /T
    taskkill /IM wproxp.exe /F /T
    taskkill /IM ctfmon.exe /F /T
    echo.
    echo Processes Should be Terminated By Now.
    echo.
    echo.
    echo Removing Startup Entries
    echo ————————
    echo.
    echo Windows Registry Editor Version 5.00>c:\windows\temp\sta.reg
    echo.>>c:\windows\temp\sta.reg
    echo [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]>>c:\windows\temp\sta.reg
    echo “Userinit”=”C:\\WINDOWS\\SYSTEM32\\userinit.exe”>>c:\windows\temp\sta.reg
    echo “Shell”=”explorer.exe”>>c:\windows\temp\sta.reg
    echo.>>c:\windows\temp\sta.reg
    echo [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden]>>c:\windows\temp\sta.reg
    echo “ValueName”=”ShowSuperHidden”>>c:\windows\temp\sta.reg
    echo “CheckedValue”=dword:00000000>>c:\windows\temp\sta.reg
    echo “UncheckedValue”=dword:00000001>>c:\windows\temp\sta.reg
    echo “DefaultValue”=dword:00000000>>c:\windows\temp\sta.reg
    echo.>>c:\windows\temp\sta.reg
    echo [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden]>>c:\windows\temp\sta.reg
    echo @=””>>c:\windows\temp\sta.reg
    echo.>>c:\windows\temp\sta.reg
    echo [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN]>>c:\windows\temp\sta.reg
    echo “CheckedValue”=dword:00000002>>c:\windows\temp\sta.reg
    echo “ValueName”=”Hidden”>>c:\windows\temp\sta.reg
    echo “DefaultValue”=dword:00000002>>c:\windows\temp\sta.reg
    echo.>>c:\windows\temp\sta.reg
    echo [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL]>>c:\windows\temp\sta.reg
    echo “ValueName”=”Hidden”>>c:\windows\temp\sta.reg
    echo “DefaultValue”=dword:00000002>>c:\windows\temp\sta.reg
    echo “CheckedValue”=dword:00000001>>c:\windows\temp\sta.reg
    echo.>>c:\windows\temp\sta.reg
    reg import c:\windows\temp\sta.reg
    echo.
    echo.
    echo Registry should be Okay now.
    echo.
    echo.
    echo Removing Files
    echo ————–
    attrib -h -s -r -a “C:\Documents and Settings\arun\Application Data\dxdlls”
    rd /s /q “C:\Documents and Settings\arun\Application Data\dxdlls”
    attrib -h -s -r -a C:\WINDOWS\system32\dxdlg.exe
    attrib -h -s -r -a c:\Windows\System32\dllcache\wgatray.exe
    attrib -h -s -r -a c:\Windows\System32\wgatray.exe
    attrib -h -s -r -a C:\WINDOWS\system32\boot.vbs
    attrib -h -s -r -a C:\WINDOWS\system32\imapd.exe
    attrib -h -s -r -a C:\WINDOWS\system32\imapdb.exe
    attrib -h -s -r -a C:\WINDOWS\system32\wproxp.exe
    attrib -h -s -r -a C:\WINDOWS\system32\svchost32.exe
    attrib -h -s -r -a C:\WINDOWS\system32\ctfmon.exe
    attrib -h -s -r -a autorun.inf
    del autorun.inf
    attrib -h -s -r -a setup.exe
    del setup.exe
    del C:\WINDOWS\system32\dllcache\wgatray.exe
    del C:\WINDOWS\system32\wgatray.exe
    del C:\WINDOWS\system32\svchost32.exe
    del C:\WINDOWS\system32\dxdlg.exe
    del C:\WINDOWS\system32\boot.vbs
    del C:\WINDOWS\system32\imapd.exe
    del C:\WINDOWS\system32\imapdb.exe
    del C:\WINDOWS\system32\wproxp.exe
    del C:\WINDOWS\system32\ctfmon.exe
    echo Files Removed
    echo.
    pause

  5. download here :

    http://www.ziddu.com/download/6321132/kinzaremoval.zip.html

  6. Thanks for posting such helpful information concerning the Kinza Removal Tool, which can be very hard to find unless you know where and what you are looking for.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Categories

Follow

Get every new post delivered to your Inbox.

Join 26 other followers

%d bloggers like this: