Quote:
Originally Posted by kronik420
If I may add to this when you boot into safe mode with networking support you need to open and run a program called rkill http://www.technibble.com/rkill-repa...the-week/after the program has finished. Your explorer will automatically restart and you will be looking at your desktop open up malware bytes and then click on update it should go through and do the update if it does not do then update and it says malwarebytes cannot connect to update site. You need to open up the program files folder open up the malware bytes folder you will see a program in there that says MBAM.exe rightclick mbam.exe and click rename name it something totally different like shs123.exe after that click ok double click shs123.exe program will open up then click update after it has downloaded the updates run a full scan. Delete everything it finds it will ask you to restart the computer say yes. When the computer gets back to normal mode go to start, my computer, c drive, windows, system 32, drives, etc, open up your host file an open file window will come up choose to open with notepad normal host file should only have 127.0.0.1 localhost if your on xp if your on vista
127.0.0.1 local host
::1
anything below that line ie would need to be deleted
127.0.0.1 local host
::1
65.45.34.23 virusfree download <~~~~~~ you need to delete anything that looks like this
After that is done go back to program files under malwarebytes folder double click shs123.exe go to quarentine and delete everything in quarentine. After that click scanner run another full scan should take about 30 minutes to a few hours depending on how big your harddrive is and thats it virus free computer. That way if you fix yourself your IT department won't put restrictions against your account depending on the company you work for several of the companies I do consultanting for makes me put restrictions against the account on a domain level that prevents a lot of things that you used to be able to do. Hope this helps. |
Sorry to get way OT here but i have been finding that the best way to get rid of this crapware is to remove the hard drive and connect it to a clean comuter (I keep one in my shop just for this) and scan it as a external drive. If its the virus that I'm thinking of, it blocks most antimalware/AV websites and disables your AV/antimalware programs...including running them in safe mode. After scanning from a clean computer several times, I have to use a regedit called "fixexe" to reassociate all the file types with their proper commands.
For the last several computers I've worked on, it ended up being easier to just recover the documents and reinstall the OS. However, I sometimes like a challenge so cleaning and defeating it was more fun.
Finally, after talking with the owners of the infected computers, I have found that most of the viruses probably came from rogue banner adds. (several of the people used their infected computers ONLY on facebook). I've gotten several warnings from my AV software obout blocked scripts - including several right here on PPCgeeks - that could have caused problems had they not been stopped. So, always run good and updated antivirus software and sandboxing is a good idea too as previously mentioned.
Now back to our regularly scheduled forum thread.
************************************************** *****
Hey Mike,
I'm anxiously awaiting your next release! I have a VIRGIN Touchpro running a stock ROM 2 that is only a week old and is waiting to be flashed with your latest ROM.
I'm coming over from the TP (RootROM) and have been doing my research and look forward to trying out one of yuor excellent ROM's this weekend.
David