Roirpy.exe,mrnds3oy.dll,qh55i.dll and other Trojan Group manual removal solution _ virus killing

Roirpy.exe,mrnds3oy.dll,qh55i.dll and other Trojan Horse Group manual removal Solution

Delete the following file with Xdelbox (add all the following paths or right-click in the margin-import from the Clipboard, right-click on the added file path, and choose to restart immediately to delete the file without prompting for the deletion, add additional files]):
C:\windows\roirpy.exe
C:\windows\uunjkd.exe
C:\windows\49400l.exe
C:\windows\49400m.exe
C:\windows\fjrlwx.exe
C:\windows\downlo~1\mrnds3oy.dll
C:\windows\downlo~1\qh55i.dll
C:\windows\system32\lyloadqr.exe
C:\windows\system32\lyloadhr.exe
C:\windows\system32\lyloadmr.exe
C:\windows\system32\lyloadar.exe
C:\windows\system32\lyloador.exe
C:\windows\system32\lyleador.exe
C:\windows\system32\lyloadbr.exe
C:\windows\system32\lyloader.exe
C:\windows\system32\792405c6.exe
C:\windows\system32\9f651.exe
C:\windows\system32\usbplay.exe
C:\windows\system32\drivers\4ounutb.sys
C:\windows\system32\drivers\mxdispdr.sys
C:\windows\system32\drivers\hyswki7.sys
C:\windows\system32\drivers\acpidisk.sys
C:\windows\system32\d9f1.dll

C:\Program Files\Common Files\cpush\cpush0.dll
C:\windows\system32\wbem\1391\svchost.exe
C:\windows\system32\1707e7b.dll
C:\windows\system32\msplrct.dll
C:\windows\system32\winlib. dll
C:\windows\system32\rghsm2jw.dll
C:\windows\downlo~1\mrnds3oy.dll

Sreng Delete the following item in the Startup Project-> registry:
[MSDQG32] <; Lyloadqr.exe>
[MSDHG32] <; Lyloadhr.exe>
[MSDMG32] <; Lyloadmr.exe>
[MSDSG32] <; Lyloadar.exe>
[MSDOG32] <; Lyloador.exe>
[MSDCG32] <; Lyleador.exe>
[MSDWG32] <; Lyloadbr.exe>
[MSDEG32] <; Lyloader.exe>
[WSOCKDRV32] <; C:\windows\roirpy.exe>
[REGSRV64D] <; C:\windows\uunjkd.exe>
[Nvdispdrv] <; C:\windows\uunjkd.exe>
[WINSYSW] <; C:\windows\49400l.exe>
[Winsysm] <; C:\windows\49400m.exe>

[msprint32d] <; C:\windows\fjrlwx.exe>
[Mrnds3oy] <rundll32 "C:\windows\downlo~1\mrnds3oy.dll",start>
[qh55i] <rundll32 "C:\windows\downlo~1\qh55i.dll",run>

sreng-in the Start Project-> service-> Win32 Service Application Check "Hide Certified Microsoft Project" and then remove the service name below (select the service after the problem, click "Delete Service", click the "Settings" button. Note pop-up window key "No no" is to confirm the deletion of the service (can not be deleted on the disabled: Start type to Disabled, point to modify the startup type, point settings):
[219829da/219829da] <>
[286ee121/286ee121] <c:\windows\system32\792405c6. Exe-k>
[Ms_2fax/ms_2fax] <C:\WINDOWS\system32\9f651.exe>
[Servicevchelp/serviceusbhelp] <C:\WINDOWS\system32\usbplay.exe>

sreng-Startup Project-> Service-driver "Select" Hide Certified Microsoft Project "and then remove the driver with the following name (select the problem driver, click" Remove Service ", click" Set "button.) Note pop-up window key "No no" is to confirm the deletion of the service (can not be deleted on the disabled: Start type to Disabled, point to modify the startup type, point settings):
[4ounutb/4ounutb] <\?? \c:\windows\system32\drivers\4ounutb.sys>
[MXDISPDR/MXDISPDR] <\?? \c:\windows\system32\drivers\mxdispdr.sys>
[Hyswki/hyswki7] <\SystemRoot\System32\DRIVERS\hyswki7.sys>
[Acpidisk/acpidisk] <\?? \c:\windows\system32\drivers\acpidisk.sys>

sreng-system Fix-Removes the following items from the browser add-in:

[Invoke Class] <C:\WINDOWS\system32\d9f1.dll>
[Cadlogic Object] <c:\program Files\Common Files\cpush\cpush0.dll>
[Invoke Class] <C:\WINDOWS\system32\d9f1.dll>
[Cadlogic Object] <c:\program Files\Common Files\cpush\cpush0.dll>
Cleaning up the helper to clean up the malicious software