Posted 06 June 2010 - 06:29 AM
Just a note that I was working on a computer trying to use your self help guide and not much of it
worked, Security Tool would not let rkill.com run, the guide never says how long to keep trying, I
tried for 30 minutes, leaving all warning windows open as suggested.
No difference, Security Tool kept killing the process.
So here is what I did:
Grab all the programs (from a clean computer, of course) and save them to a Recordable CD or PEN Drive
From your clean computer, if Malwarebyte's Antimalware is installed, update the database.
Now on your clean computer, browse to \Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware
(on Windows XP, can someone supply the Vista/W7 path to the above please?)
The file that you want to copy to the cd or pen drive is rules.ref.
Now that you have all the files that the guide asks for on a CD or a Pen Drive do the following:
Disable all Network connections Unplug cable) , we do NOT want internet access, (don't forget about wireless).
Boot into REGULAR Safe Mode (We don't need networking).
If the Desktop comes up without a Window Waring for Security Tool, now run rkill.com, if your lucky, you should get a window open saying that the only thing that was killed by rkill was rkill.com.
Actually, if you do get the rkill.com end window, it is a good thing.
Now click on Explorer (The renamed MBAM installer) and let it install. Remember, to uncheck both boxes.
Now copy the rules.ref file to the directory path mentioned earlier (This is the signature file/data file that MBAM uses), overwrite the current one.
Now that you have the latest def file, start MBAM and do a full scan (good time for lunch :-) )
Follow the rest of the guide from the point about when the scan ends
Rebioot the computer (keeping it removed from internet), got a clean desktop?
Good time to reset (or disable) System Restore and delete all restore points.
This method should only be used if the normal method doesn't work.
One suggestion for the self-help guides, could they all be updated to include ALL the files, including all processes, dll names, service file names and directory paths?
It would help us more technically advanced users in removing files/directories as there are other ways to remove files without loading Windows. :-)
The only real problem that I have with being an I.T. Tech is that I can't use the excuse:
"Sorry, I don't do windows."