Sign in to follow this  
Followers 0
Flamo353

Someone infected my computer using AutoIt - Please help me with removal

11 posts in this topic

So it seems that javacl.exe is running on my computers start up using some java script. This program is keylogging me and I've already been hacked. I tried closing the program in task manager, but when I do, my screen turns blue and my computer crashes. I tried deleting the java script but a new one is recreated afterwards. I'm really wondering what autoit is and why it's able to crash my computer if I try closing this program.

 
1 person likes this

Share this post


Link to post
Share on other sites



#2 ·  Posted (edited)

So it seems that javacl.exe is running on my computers start up using some java script. This program is keylogging me and I've already been hacked. I tried closing the program in task manager, but when I do, my screen turns blue and my computer crashes. I tried deleting the java script but a new one is recreated afterwards. I'm really wondering what autoit is and why it's able to crash my computer if I try closing this program.

What makes you think Autoit is the source of your problem? It doesn't necessarily nothing to do with java. But I suspect you are trolling, as a rudemntary search will tell you exactly what Autoit is.

But in any case, use http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx to see what is starting automatically with your computer.

Edited by DicatoroftheUSA
1 person likes this

Share this post


Link to post
Share on other sites

#3 ·  Posted (edited)

Startup in safe mode, delete the exe.  Or, safe mode, restore to earlier image you stored from maybe a month or 2 ago.  If you don't have one, then you learned a good lesson about backups.  Last option would be a factory reset.

If your game is to get someone to decompile it, it won't happen.  If your game is to get the exe onto someone else's comp, good luck, but again, it won't happen.

Edited by jdelaney
1 person likes this

IEbyXPATH-Grab IE DOM objects by XPATH IEscriptRecord-Makings of an IE script recorder ExcelFromXML-Create Excel docs without excel installed GetAllWindowControls-Output all control data on a given window.

Share this post


Link to post
Share on other sites

Ok, before I begin, I am no expert when it comes to virus removal, but if I where you, I would start windows in safe mode, delete the file and then try to install this program- http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx -This tells you what programs, scripts, etc. startup on your computer. I would try to remove anything that you see is not necessary or suspicious. If this does not work, I would then use the these programs, SpyBot- http://www.safer-networking.org/dl/, and Malwarebytes- http://www.malwarebytes.org/. I hope this helps!


online.png?theme=dark profile for Tom on Stack Exchange, a network of free, community-driven Q&A sites 

scientia potentia est

Share this post


Link to post
Share on other sites

So it seems that javacl.exe is running on my computers start up using some java script. This program is keylogging me and I've already been hacked. I tried closing the program in task manager, but when I do, my screen turns blue and my computer crashes. I tried deleting the java script but a new one is recreated afterwards. I'm really wondering what autoit is and why it's able to crash my computer if I try closing this program.

My question is a bit more simple - if "javacl.exe" is doing something, just why are you then asking about "autoit"?  What led you to this site for the question (other than to cause confusion and/or trouble about some odd agenda you must have......)

Personal belief?  spammer/hacker/troublemaker.........  and with this being the first post and using a name like 'Flamo' - well, IMHO, this person will never respond and this thread should be deleted.

Though, Flamo353, I am certainly looking forward to you proving me wrong by responding to the questions.

Share this post


Link to post
Share on other sites

#6 ·  Posted (edited)

My question is a bit more simple - if "javacl.exe" is doing something, just why are you then asking about "autoit"?  What led you to this site for the question (other than to cause confusion and/or trouble about some odd agenda you must have......)

Personal belief?  spammer/hacker/troublemaker.........  and with this being the first post and using a name like 'Flamo' - well, IMHO, this person will never respond and this thread should be deleted.

Though, Flamo353, I am certainly looking forward to you proving me wrong by responding to the questions.

 

What makes you think Autoit is the source of your problem? It doesn't necessarily nothing to do with java. But I suspect you are trolling, as a rudemntary search will tell you exactly what Autoit is.

But in any case, use http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx to see what is starting automatically with your computer.

 

Here is what led me to AutoIt, analyze these images.

zd1h.jpg
 
d9rm.jpg
 
l2hf.jpg
 
No need to be so rude. There's also nothing wrong with the username flamo.
Edited by Flamo353

Share this post


Link to post
Share on other sites

? how did you learn that it was key logging?

Share this post


Link to post
Share on other sites

This looks like it could be a badly written piece of malware. Follow jdelaney's advice. If you can't remove it in safe mode (I imagine you can), then you can try using a linux live cd - the one I use is knoppix. This way you can remove it without starting windows at all. Failing that, you will need to get advice from a different forum. This forum is for people who write decent code using AutoIt and not a forum about malware topics.

Share this post


Link to post
Share on other sites

If you can't remove it by using a live CD, use the cmd-utilman exploit. When you've done that boot up windows as normal, don't login & open cmd. Then put in a stick with http://www.malwarebytes.org/. This should be able to get you non-infected.


Thanks for your help & have a good day. Yours sincerely, -Jonniy-  

Share this post


Link to post
Share on other sites

Flamo353,

I am very sorry that your machine has been infected, but AutoIt as such is blameless. AutoIt is a language like any other (e.g. the various flavours of C, Python, Java, etc) which can be used to write apps. Most people write useful or instructive programs; some, alas, use it to write malware and you appear to have fallen foul of one of these unpleasant individuals. A glance at our Forum rules (there is also a link at bottom right of each page) will show you that we have no truck with such idiots here, but obviously we have no ability to stop these people other than here in our own forum. :(

You have been offered some good advice above as to how you might proceed - I suggest that you follow it if you feel confident in so doing. If not, then I suggest you seek professional help - as has been pointed out, this forum is for helping decent coders with problems in Autoit coding, not for giving out advice on PC malware removal. Good luck. :)

M23

2 people like this

Any of my own code posted anywhere on the forum is available for use by others without any restriction of any kind._______My UDFs:

Spoiler

ArrayMultiColSort ---- Sort arrays on multiple columns
ChooseFileFolder ---- Single and multiple selections from specified path treeview listing
Date_Time_Convert -- Easily convert date/time formats, including the language used
ExtMsgBox --------- A highly customisable replacement for MsgBox
GUIExtender -------- Extend and retract multiple sections within a GUI
GUIFrame ---------- Subdivide GUIs into many adjustable frames
GUIListViewEx ------- Insert, delete, move, drag, sort, edit and colour ListView items
GUITreeViewEx ------ Check/clear parent and child checkboxes in a TreeView
Marquee ----------- Scrolling tickertape GUIs
NoFocusLines ------- Remove the dotted focus lines from buttons, sliders, radios and checkboxes
Notify ------------- Small notifications on the edge of the display
Scrollbars ----------Automatically sized scrollbars with a single command
StringSize ---------- Automatically size controls to fit text
Toast -------------- Small GUIs which pop out of the notification area

 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0