For reference

To resolve this issue, Safe Mode: Rename the malicious driver by using "My Computer"

1. Start in Safe Mode computer. To do this, follow these steps: a. Restart your computer.

b. While the computer starts, press the F8 key repeatedly (once per second). This displays the Microsoft Windows advanced boot menu options.

c. Use the Up Arrow and Down Arrow keys to highlight Safe Mode, and then press Enter.

2. Open Internet Explorer and type C:\WINDOWS\system32\drivers in the Address Bar.

3. Enable viewing hidden files. To do this, follow these steps: a. Click Start, click My Computer, click Tools, and then click Folder Options.

b. Click View.

c. Click to clear the Hide protected operating system files (recommended) check box.

d. Click to select Show all files and folders, and then click to clear Hide extensions for known file types.

e. Click to select Apply to all folders, and then click OK.

4. Find the folder named C:\WINDOWS\system32\drivers.

5. Find any .sys file with the following characteristics: a. Randomly generated eight-digit lowercase file name, such as gbqxmhia.sys, upzvlbvv.sys, or jsbmefvk.sys

b. The file is dated January 11, 2005

c. The file size is 14 KB (13,824 bytes)

d. The Hidden attribute has been set

e. The file has no version, product name, or manufacturer information

6. Right-click the file and select Rename. Rename the file to malware.old and press Enter.

7. Find \WINDOWS\system32.

8. Rename the following files, if they exist: msupd5.exe (renamed to msupd5.old) msupd4.exe (renamed msupd4.old) msupd.exe (renamed msupd .old) Reloadmedude.exe (renamed to Reloadmedude.old)

9. Restart the computer.

10. Make sure your antivirus/antispyware software is updated with the latest signatures, and then perform a full system scan.