I saw a small .bat file Kinza Virus Remover in my friends PC. Download from here:
http://www.ziddu.com/download/6321132/kinzaremoval.zip.html
Some details could be found here :
source : http://www.troublefixers.com/remove-kinza-virus-with-free-kinza-removal-tool/
Trouble:
There are hell lot of virus which infects Windows and makes your computer respond slowly to each action. One such virus is Kinza.exe virus. It comes normally through virus infected pen drives and Internet.
What does Kinza.exe Virus do ?
Firstly it makes your computer too slow in doing anything, restricts to use Task Manager, Regedit, Command Prompt, msconfig and Group Policy etc. All these windows tool like task manager or command prompt or regedit flashes for a second when user try to launch them and then nothing happens.
All these tools opens for few seconds and then close themselves, most common example would be command prompt flashes for a second when tried to be launched. Kinza virus also disable folder options in windows and remove folder options from windows explorer. It creates a lot of exe and boot.vbs files which got executed on system startup.
Let’s see how to remove kinza virus from your infected computer system.
Fix:
In order to remove kinza virus, you will need to download the Kinza Virus Removal Patch and run it in the Windows’s safe mode.
Note: Make sure to turn off system restore before using kinza removal tool.
How to Use Kinza Removal Tool
( Download Link to kinza removal tool is given at the bottom )
1. Restart your computer in safe mode, for this you will need to press F8 at the time of Windows boot to enter in Windows Safe Mode.
2. Run Kinza Removal Tool to delete kinza virus from your system.
3. Delete temp files and Internet temp file.
And then ….
source : http://www.troublefixers.com/remove-your-pen-drive-and-autorun-viruses-with-smart-virus-remover/
window.google_render_ad(); Trouble:
We receive a majority of virus problems which are due to virus which spread through pen drives, cd’s and other portable devices like mp3 players, ipod etc.
Today, we have come up with a free tool called smart virus removal by Muhammad Abdullah. This small tool will let you remove a group of viruses from your system including the following list of viruses.
- Virus.Win32.Agent.aw.a
- Virus.Win32.AutoIt.a.a
- Virus.Win32.AutoRun.abt.a
- im.worm.win32.sohanad.bm.a
- im.worm.win32.sohanad.t.a
- Trojan.Win32.Agent.abt.aTrojan-Downloader.Win32.AutoIt.aa.a
- Trojan-Downloader.Win32.AutoIt.q.a
- Trojan-PSW.Win32.OnLineGames.mgw.com.a
- Trojan-PSW.Win32.OnLineGames.pno.a.com
- Virus.Win32.AutoRun.ajn.com
Let’s see how can you use smart virus remover tool to eliminate any on these mentioned viruses from your computer or pen drive.
Smart Virus Remover is simple tool which gives you four main options for virus removal, which includes:
- Delete Autorun.inf files
- Restore Windows to default settings
- Remove Virus from a Folder
- Remove Virus from USB
If your windows drive does not open mouse double click, you can also easily delete those autorun.inf files which stops a drive being opened on mouse double click, this utility will be most help full in such a kind of associations.
We hope this tool which will help delete autorun.inf viruses from your computer and also on other portable drives, Smart virus removal tool was quit forum like History, EULA,Disclaimer, Newer Version Check .
How to remove kinza.exe?
source : http://ssovit.com/how-to-remove-kinzaexe.html
kinza.exe is one of the malware that has been a trouble to lots of people as it spread. This kinda virus is easy remove but it gives a lots of trouble till is lies in the victim’s computer or laptop. Basically, it attacks the system registry and modifies it to keep it alive. As a result you won’t be able to access most of the window’s components like Task Manager, Comand Prompt, Regedit, msconfig, gpedit. You can open these components but it suddenly shuts down which is what i did hate the most!!
How to remove kinza.exe?
1. Download the Kinza.exe Removal Tool here.
http://ssovit.com/wp-content/uploads/2008/11/kinza.zip
2. Turn off the System Restore point.
3. Restart the computer the computer in Safemode.
4. double click kinza.bat from the extracted file.
5. Delete temp file and internet temp file.
6. Restart the computer.
By: phuchungbhutia on March 9, 2009
at 7:19 pm
SmitFraudFix v2.400 (WinXP, Win2K)
Download:
Use this URL to download the latest version (the file contains both English and French versions):
http://siri.urz.free.fr/Fix/SmitfraudFix.exe
Mirrors: Alternate official download locations for Smitfraudfix.zip
http://siri.geekstogo.com/SmitfraudFix.exe
http://downloads.securitycadets.com/SmitfraudFix.exe
Zebulon.fr
Use:
* Search:
o Double-click SmitfraudFix.exe
o Select 1 and hit Enter to create a report of the infected files. The report can be found at the root of the system drive, usually at C:\rapport.txt
* Clean:
o Reboot your computer in Safe Mode (before the Windows icon appears, tap the F8 key continually)
o Double-click SmitfraudFix.exe
o Select 2 and hit Enter to delete infect files.
o You will be prompted: Do you want to clean the registry ? answer Y (yes) and hit Enter in order to remove the Desktop background and clean registry keys associated with the infection.
o The tool will now check if wininet.dll is infected. You may be prompted to replace the infected file (if found): Replace infected file ? answer Y (yes) and hit Enter to restore a clean file.
o A reboot may be needed to finish the cleaning process. The report can be found at the root of the system drive, usually at C:\rapport.txt
* Optional:
o To restore Trusted and Restricted site zone, select 3 and hit Enter.
o You will be prompted: Restore Trusted Zone ? answer Y (yes) and hit Enter to delete trusted zone.
Note:
process.exe is detected by some antivirus programs (AntiVir, Dr.Web, Kaspersky) as a “RiskTool”. It is not a virus, but a program used to stop system processes. Antivirus programs cannot distinguish between “good” and “malicious” use of such programs, therefore they may alert the user.
http://www.beyondlogic.org/consulting/processutil/processutil.htm
By: phuchungbhutia on March 9, 2009
at 7:28 pm
Nice article. You can find pen drive virus protection methods at http://www.srnmicro.com/customers/techfaq.htm
By: palival on June 26, 2009
at 9:25 pm
here is the bat file content of kinza removal and also many other edits
just save it as .bat file and run in xp
@echo off
color F1
echo _khAttAm_’s kinza Remover
echo ————————-
echo This script will help you
echo remove a virus named
echo kinza from your computer.
echo However, it has been meant
echo to do no harm, I take no
echo resposibility for what
echo this program does to your
echo PC.
echo Close this to end this
echo script now, or if you wish
echo to run it, then
pause
echo.
echo.
echo Starting Process Kill
echo ———————
echo.
taskkill /IM wscript.exe /F /T
taskkill /IM wgatray.exe /F /T
taskkill /IM imapd.exe /F /T
taskkill /IM imapdb.exe /F /T
taskkill /IM dxdlg.exe /F /T
taskkill /IM svchost32.exe /F /T
taskkill /IM wproxp.exe /F /T
taskkill /IM ctfmon.exe /F /T
echo.
echo Processes Should be Terminated By Now.
echo.
echo.
echo Removing Startup Entries
echo ————————
echo.
echo Windows Registry Editor Version 5.00>c:\windows\temp\sta.reg
echo.>>c:\windows\temp\sta.reg
echo [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]>>c:\windows\temp\sta.reg
echo “Userinit”=”C:\\WINDOWS\\SYSTEM32\\userinit.exe”>>c:\windows\temp\sta.reg
echo “Shell”=”explorer.exe”>>c:\windows\temp\sta.reg
echo.>>c:\windows\temp\sta.reg
echo [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden]>>c:\windows\temp\sta.reg
echo “ValueName”=”ShowSuperHidden”>>c:\windows\temp\sta.reg
echo “CheckedValue”=dword:00000000>>c:\windows\temp\sta.reg
echo “UncheckedValue”=dword:00000001>>c:\windows\temp\sta.reg
echo “DefaultValue”=dword:00000000>>c:\windows\temp\sta.reg
echo.>>c:\windows\temp\sta.reg
echo [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden\Policy\DontShowSuperHidden]>>c:\windows\temp\sta.reg
echo @=”">>c:\windows\temp\sta.reg
echo.>>c:\windows\temp\sta.reg
echo [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN]>>c:\windows\temp\sta.reg
echo “CheckedValue”=dword:00000002>>c:\windows\temp\sta.reg
echo “ValueName”=”Hidden”>>c:\windows\temp\sta.reg
echo “DefaultValue”=dword:00000002>>c:\windows\temp\sta.reg
echo.>>c:\windows\temp\sta.reg
echo [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL]>>c:\windows\temp\sta.reg
echo “ValueName”=”Hidden”>>c:\windows\temp\sta.reg
echo “DefaultValue”=dword:00000002>>c:\windows\temp\sta.reg
echo “CheckedValue”=dword:00000001>>c:\windows\temp\sta.reg
echo.>>c:\windows\temp\sta.reg
reg import c:\windows\temp\sta.reg
echo.
echo.
echo Registry should be Okay now.
echo.
echo.
echo Removing Files
echo ————–
attrib -h -s -r -a “C:\Documents and Settings\arun\Application Data\dxdlls”
rd /s /q “C:\Documents and Settings\arun\Application Data\dxdlls”
attrib -h -s -r -a C:\WINDOWS\system32\dxdlg.exe
attrib -h -s -r -a c:\Windows\System32\dllcache\wgatray.exe
attrib -h -s -r -a c:\Windows\System32\wgatray.exe
attrib -h -s -r -a C:\WINDOWS\system32\boot.vbs
attrib -h -s -r -a C:\WINDOWS\system32\imapd.exe
attrib -h -s -r -a C:\WINDOWS\system32\imapdb.exe
attrib -h -s -r -a C:\WINDOWS\system32\wproxp.exe
attrib -h -s -r -a C:\WINDOWS\system32\svchost32.exe
attrib -h -s -r -a C:\WINDOWS\system32\ctfmon.exe
attrib -h -s -r -a autorun.inf
del autorun.inf
attrib -h -s -r -a setup.exe
del setup.exe
del C:\WINDOWS\system32\dllcache\wgatray.exe
del C:\WINDOWS\system32\wgatray.exe
del C:\WINDOWS\system32\svchost32.exe
del C:\WINDOWS\system32\dxdlg.exe
del C:\WINDOWS\system32\boot.vbs
del C:\WINDOWS\system32\imapd.exe
del C:\WINDOWS\system32\imapdb.exe
del C:\WINDOWS\system32\wproxp.exe
del C:\WINDOWS\system32\ctfmon.exe
echo Files Removed
echo.
pause
By: phuchungbhutia on September 2, 2009
at 12:13 pm
download here :
http://www.ziddu.com/download/6321132/kinzaremoval.zip.html
By: phuchungbhutia on September 2, 2009
at 12:21 pm
Thanks for posting such helpful information concerning the Kinza Removal Tool, which can be very hard to find unless you know where and what you are looking for.
By: Brandi McDaniels on June 30, 2010
at 11:49 am