The VBS virus creates Autorun.inf files in root directories, making the virus execute whenever those directories are accessed. It is a notoriously difficult virus to get rid of. The virus infects computers through malicious webpages. Most antivirus software will have trouble removing this virus completely, making manual removal the best option.
Step
Hold down the \"Ctrl,\" \"Alt\" and \"Delete\" keys simultaneously to open the Task Manager. Select the \"Processes\" tab and end the \"dxdlg.exe\" and \"wscript.exe\" processes.
Step
Click the \"Start\" menu, type \"regedit\" and press \"Enter.\" Locate the registry key \"HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogon.\" In the window pane on the right, select \"Userinit.\" Delete all values other than \"C:windowssystem32userinit.exe.\"
Step
Open the folder \"C:\WINDOWS\System32.\" Delete the files \"dxdlg.exe\" and \"boot.vbs.\"
Step
Open the \"Start\" menu again and select the search function. Search your entire hard drive for \"boot.vbs\" and \"kinza.exe.\" If you are using Vista or Windows 7, select \"Computer\" from the \"Start\" menu. Search in the box in the top-right corner. Delete every copy of these two files you find.
Step
Open the \"Start\" menu, right-click on \"My Computer\" and select \"Properties.\" Select the \"System Restore\" tab and click the \"Turn off System Restore\" check box. In Vista and Windows 7, click \"Start,\" \"Control Panel\" and \"System and Maintenance,\" and select \"System protection\" from the left pane. Unselect the C: drive from the Automatic Restore Points box and click \"Apply.\"
Step
Restart your computer. Run a virus scan to confirm that the virus has been deleted.
