“Madforelmo!”, you can view this at windows taskbar when you are infected with samok.vbs malware. This is a variant of sowar.vbs where your task manager and folder options where disabled plus no more run command and registry editing isdisabled.
You will be annoyed when this malware changed your “Open” command in the right click menu to “b-b2g” and “Explore” command to “Owned” when you right click a drive or folder.
Registry Entries:
- The newly created Registry Values are:
- [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shell\explore]
- (Default) = “Owned!”
- [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shell\open]
- (Default) = “b-b2g”
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
- autoMe = “wscript.exe “%Windir%\samok.vbs”"
Here's a link from a site, download Regseeker
here : download samok.vbs remover
i have developed a virus removal tool for samok.vbs trojan
ReplyDeletethis virus removal tool removes all the side effects of the virus(samok.vbs)
use following link to download the removal tool
http://it.web44.net/VirusDetails/Crypt.Trojan.VBS.Agent.SamOK.php
thanks ronel for sharing your samok.vbs removal it really works...
ReplyDeletethnks kanishka, but, where is the code of your program?
ReplyDeleteGosh you really helped me God bless you and thanx :)
ReplyDeletethanks...its work thanks bro....
ReplyDeletethanks... it worked
ReplyDeleteGood work! Thanks for sharing that handy tool. That samok.vbs is a nasty little virus. It jumps onto USB sticks too so make sure you scan and clean any pen drives etc used when trying to fix your computers.
ReplyDeleteCheers, Lon
Nice tool. I have added a complete guide to remove samok.vbs and b-b2g here:
ReplyDeletehttp://bennixcomputertips.blogspot.com/2010/10/how-to-remove-samokvbs-and-b-b2g-virus.html