<DRS>GPF
04-12-2008, 11:30 AM
i just spent about an hour on my sons PC doing battle with a nasty trojan-horse type of malware.. ive got a fix, but dont try it if you dont understand any part of what i describe below. (it could get ugly if you do the wrong thing)
a folder named 'NetProject' gets created in the Program Files folder and in this folder, about 6 files get installed.
of them, scit.exe, scm.exe and sbmntr.exe will be running in the background(check task manager for these entries) causing popups/adware and potentially using your PC to do the same to others.
the AVG anti-virus caught it, but couldnt kill it.. perhaps a bit more potent anti-virus couldve killed it, but those arent free and they tend to really bog down the PC.
it took a couple of tries to figure it out but i got it by following the steps below.. later after a bit of digging online, i found similar solutions/answers to my method, but they suxors at telling you a simple way.
ok.. here's how:
-turn off system restore.
-now do a disk cleanup, making sure to clean out any temp files, including internet cache.(temporary internet files) *be sure you know your passwords..
-then you'll need to do a 'regedit'(start-run and type 'regedit', then hit enter), and search for NetProject, scit.exe, scm.exe and sbmntr.exe, deleting any entries you find. do this over and over until all entries are gone except the one locate in the microsoft/run entry.(itll just keep coming back every time you search)
-now go to the 'NetProject' folder in your Program Files and delete everything it will let you delete.(some will error out because theyre still active)
-now reboot into a 'safemode with dos prompt'(hold the F8 key during bootup) and delete the folder 'NetProject' from the 'Programs Files' folder. (youll need to know how to manuever in a 'dos' window)
-now reboot again and the .exe files noted above should be gone from your 'task manager'.
-just in case, i again went into the registry to clean any re-attempt entries(searching for the above terms again) that came after the previous regedit, prior to shutdown.
and finally, repeat after me while splashing holy water on the keyboard:
"THE POWER OF CHRIST COMPELS YOU!","THE POWER OF CHRIST COMPELS YOU!"..
repeat as necessary..
a folder named 'NetProject' gets created in the Program Files folder and in this folder, about 6 files get installed.
of them, scit.exe, scm.exe and sbmntr.exe will be running in the background(check task manager for these entries) causing popups/adware and potentially using your PC to do the same to others.
the AVG anti-virus caught it, but couldnt kill it.. perhaps a bit more potent anti-virus couldve killed it, but those arent free and they tend to really bog down the PC.
it took a couple of tries to figure it out but i got it by following the steps below.. later after a bit of digging online, i found similar solutions/answers to my method, but they suxors at telling you a simple way.
ok.. here's how:
-turn off system restore.
-now do a disk cleanup, making sure to clean out any temp files, including internet cache.(temporary internet files) *be sure you know your passwords..
-then you'll need to do a 'regedit'(start-run and type 'regedit', then hit enter), and search for NetProject, scit.exe, scm.exe and sbmntr.exe, deleting any entries you find. do this over and over until all entries are gone except the one locate in the microsoft/run entry.(itll just keep coming back every time you search)
-now go to the 'NetProject' folder in your Program Files and delete everything it will let you delete.(some will error out because theyre still active)
-now reboot into a 'safemode with dos prompt'(hold the F8 key during bootup) and delete the folder 'NetProject' from the 'Programs Files' folder. (youll need to know how to manuever in a 'dos' window)
-now reboot again and the .exe files noted above should be gone from your 'task manager'.
-just in case, i again went into the registry to clean any re-attempt entries(searching for the above terms again) that came after the previous regedit, prior to shutdown.
and finally, repeat after me while splashing holy water on the keyboard:
"THE POWER OF CHRIST COMPELS YOU!","THE POWER OF CHRIST COMPELS YOU!"..
repeat as necessary..