Hi

Continuation of Stage 1,  File removal

Now the registry entries will be greyed out I think, will get them later.

Tick (check) these entries (little square box beside each entry) Only the entries below, not the others

C:\Windows\Temp\kbiwkmcdbnsluoos.tmp

C:\Windows\System32\kbiwkmmtpwnyor.dll

C:\Windows\System32\kbiwkmcqxiuorf.dat

C:\Windows\System32\kbiwkmnwtcigqr.dll

C:\Users\GEORGINA\AppData\Local\Temp\Low\kbiwkmsuwhohcqpn.tmp

C:\Users\GEORGINA\AppData\Local\Temp\Low\kbiwkmpvuwisfqwx.tmp

C:\Users\GEORGINA\AppData\Local\Temp\Low\kbiwkmrnxsbwcxgx.tmp

C:\Users\GEORGINA\AppData\Local\Temp\Low\kbiwkmwxdgqevqvx.tmp

C:\Users\GEORGINA\AppData\Local\Temp\Low\kbiwkmrmwmjeyysj.tmp

C:\Users\MUM\AppData\Local\Temp\Low\kbiwkmrpopyqruwm.tmp

C:\Users\GEORGINA\AppData\Local\Temp\Low\kbiwkmpsnunglujc.tmp

C:\Users\GEORGINA\AppData\Local\Temp\Low\kbiwkmoxtcqwbinp.tmp

C:\Users\GEORGINA\AppData\Local\Temp\Low\kbiwkmwwtrhluise.tmp

C:\Users\GEORGINA\AppData\Local\Temp\Low\kbiwkmibdbxfqqyy.tmp

C:\Users\GEORGINA\AppData\Local\Temp\Low\kbiwkmqisrieskme.tmp

C:\Users\GEORGINA\AppData\Local\Temp\Low\kbiwkmklxdvosopp.tmp

C:\Users\GEORGINA\AppData\Local\Temp\Low\kbiwkmmmrtqfnkej.tmp

C:\Users\GEORGINA\AppData\Local\Temp\Low\kbiwkmbhtkucclit.tmp

C:\Users\GEORGINA\AppData\Local\Temp\Low\kbiwkmfhsgocaimn.tmp

C:\Users\GEORGINA\AppData\Local\Temp\Low\kbiwkmeixiklbnpi.tmp

C:\Users\GEORGINA\AppData\Local\Temp\Low\kbiwkmiesrihoeic.tmp

C:\Users\GEORGINA\AppData\Local\Temp\Low\kbiwkmxpioufnhws.tmp

C:\Users\GEORGINA\AppData\Local\Temp\Low\kbiwkmsviurmesbk.tmp

C:\Users\GEORGINA\AppData\Local\Temp\Low\kbiwkmcytfpbumuc.tmp

C:\Users\GEORGINA\AppData\Local\Temp\Low\kbiwkmatbxqijynh.tmp

C:\Users\GEORGINA\AppData\Local\Temp\Low\kbiwkmnipdxrdcej.tmp

C:\Users\GEORGINA\AppData\Local\Temp\Low\kbiwkmtqurinnciy.tmp

C:\Users\GEORGINA\AppData\Local\Temp\Low\kbiwkmbgcsscpfye.tmp

C:\Users\GEORGINA\AppData\Local\Temp\Low\kbiwkmswuvujpgqe.tmp

C:\Users\GEORGINA\AppData\Local\Temp\Low\kbiwkmctwwwgodcg.tmp

C:\Users\GEORGINA\AppData\Local\Temp\Low\kbiwkmqeprlwfner.tmp

C:\Users\GEORGINA\AppData\Local\Temp\Low\kbiwkmxmixgydqgm.tmp

C:\Users\GEORGINA\AppData\Local\Temp\Low\kbiwkmdvkecqvfcm.tmp

C:\Users\GEORGINA\AppData\Local\Temp\Low\kbiwkmvqbprjrqtx.tmp

C:\Users\GEORGINA\AppData\Local\Temp\Low\kbiwkmxxpwrjlbjh.tmp

C:\Users\GEORGINA\AppData\Local\Temp\Low\kbiwkmcgdnqoulgk.tmp

C:\Users\GEORGINA\AppData\Local\Temp\Low\kbiwkmaeovgylkoa.tmp

C:\Users\GEORGINA\AppData\Local\Temp\Low\kbiwkmqxnpeinhpq.tmp

C:\Users\GEORGINA\AppData\Local\Temp\Low\kbiwkmhvmagdqepq.tmp

C:\Users\GEORGINA\AppData\Local\Temp\Low\kbiwkmbiurytrklo.tmp

C:\Users\GEORGINA\AppData\Local\Temp\Low\kbiwkmhvfqkvsrby.tmp

C:\Users\GEORGINA\AppData\Local\Temp\Low\kbiwkmuqtjcvcqgx.tmp

C:\Users\GEORGINA\AppData\Local\Temp\Low\kbiwkmleygbxekhw.tmp

C:\Users\GEORGINA\AppData\Local\Temp\Low\kbiwkmvgofcvyvsg.tmp

C:\Users\GEORGINA\AppData\Local\Temp\Low\kbiwkmqbgogtsydm.tmp

C:\Users\GEORGINA\AppData\Local\Temp\Low\kbiwkmdnweahroks.tmp

C:\Users\GEORGINA\AppData\Local\Temp\Low\kbiwkmhwcrxmtxjl.tmp

C:\Users\GEORGINA\AppData\Local\Temp\Low\kbiwkmtrhqavdodg.tmp

C:\Users\GEORGINA\AppData\Local\Temp\Low\kbiwkmnydpprvtyf.tmp

C:\Users\GEORGINA\AppData\Local\Temp\Low\kbiwkmdvxyystqtw.tmp

C:\Users\GEORGINA\AppData\Local\Temp\Low\kbiwkmppnqtroxfp.tmp

C:\Users\GEORGINA\AppData\Local\Temp\Low\kbiwkmfirqnttyhh.tmp

C:\Users\GEORGINA\AppData\Local\Temp\Low\kbiwkmtpsqkdcqlr.tmp

C:\Users\GEORGINA\AppData\Local\Temp\Low\kbiwkmcqtjnosuhh.tmp

C:\Windows\System32\kbiwkmxvihiowm.dat

C:\Users\GEORGINA\AppData\Local\Temp\Low\kbiwkmtpaemikoxb.tmp

C:\Users\GEORGINA\AppData\Local\Temp\Low\kbiwkmhavqrdpcyc.tmp

C:\Windows\System32\kbiwkmxomiwjve.dat

C:\Users\GEORGINA\AppData\Local\Temp\Low\kbiwkmjhngfvkusi.tmp

C:\Windows\System32\drivers\kbiwkmypcscnrx.sys

C:\Windows\System32\drivers\kbiwkmuhmqciqp.sys

C:\Windows\System32\kbiwkmhxkmyhpb.dll

C:\Windows\System32\kbiwkmiurqsspt.dll

C:\Windows\System32\kbiwkmbwwvaxuu.dat

C:\Users\APOSTOLIS\AppData\Local\Temp\Low\kbiwkmxbttaecsew.tmp

C:\Users\APOSTOLIS\AppData\Local\Temp\Low\kbiwkmmuaqeetovn.tmp

C:\Users\APOSTOLIS\AppData\Local\Temp\Low\kbiwkmdouitqekgr.tmp

C:\Users\GEORGINA\AppData\Local\Temp\Low\kbiwkmhrbulxoapl.tmp

C:\Users\GEORGINA\AppData\Local\Temp\Low\kbiwkmtqxcgebtin.tmp

C:\Users\GEORGINA\AppData\Local\Temp\Low\kbiwkmkkigjslxnn.tmp

C:\Users\GEORGINA\AppData\Local\Temp\Low\kbiwkmcwsnrdpmph.tmp

C:\Users\GEORGINA\AppData\Local\Temp\Low\kbiwkmlyjopwgcri.tmp

C:\Users\GEORGINA\AppData\Local\Temp\Low\kbiwkmxyjxffnlmt.tmp

C:\Users\GEORGINA\AppData\Local\Temp\Low\kbiwkmahjedqdfew.tmp

C:\Users\APOSTOLIS\AppData\Local\Temp\Low\kbiwkmojebcljjbb.tmp

C:\Users\APOSTOLIS\AppData\Local\Temp\Low\kbiwkmspsqjjxuki.tmp

C:\Users\APOSTOLIS\AppData\Local\Temp\Low\kbiwkmflwboxiuix.tmp

C:\Users\GEORGINA\AppData\Local\Temp\Low\kbiwkmqkfmvibtux.tmp

C:\Users\GEORGINA\AppData\Local\Temp\Low\kbiwkmiaptxysnll.tmp

C:\Users\GEORGINA\AppData\Local\Temp\Low\kbiwkmoyhanuflqy.tmp

C:\Users\APOSTOLIS\AppData\Local\Temp\Low\kbiwkmwcysjucplf.tmp

C:\Users\APOSTOLIS\AppData\Local\Temp\Low\kbiwkmvedjlspsqa.tmp

C:\Users\GEORGINA\AppData\Local\Temp\Low\kbiwkmnukdekhuue.tmp

C:\Users\GEORGINA\AppData\Local\Temp\Low\kbiwkmwtrpeesybg.tmp

C:\Users\GEORGINA\AppData\Local\Temp\Low\kbiwkmgdynhtjafx.tmp

C:\Users\GEORGINA\AppData\Local\Temp\Low\kbiwkmfxuxhpyvdj.tmp

C:\Users\GEORGINA\AppData\Local\Temp\Low\kbiwkmganawvnjsv.tmp

C:\Users\GEORGINA\AppData\Local\Temp\Low\kbiwkmpbnjtqinof.tmp

C:\Users\MUM\AppData\Local\Temp\Low\kbiwkmtpngiyeeui.tmp 

Then click the Clean items button

Follow the prompts to remove them and restart your computer.

After reboot, a dialog box displays the files you selected for removal and the action taken.

Step 2 after 

Quads