Jump to content
Sign in to follow this  
testingtest

Big Problem ill do anything for your help

Recommended Posts

Wouldn't this be better on a virus support site or by searching google?

i am searching google and note it was made by autoit

Edited by testingtest

Share this post


Link to post
Share on other sites

Can't you go around and re-.exe some of the files?

win 2000 should have (I guess) a repair feature if you boot with the 2k disk. I don't know much about it maybe it'll re-exe the main files.

If you have to reformat I suggest getting a 3rd party program that takes the place of system restore. (like Symantec's Norton Go Back)


I'm a newbie.Sorry if I don't reposed to your replays very fast.

Share this post


Link to post
Share on other sites

Yeah, there is a command in the windows 2000 repair console that can re-copy all of the important system files.

alternatively, if you have another computer in your house, make an autoIT script to search and log all .exe files in an ini, ie:

file.exe=file.txt

and have it scan your system for everywhere that a .txt file matches the path, and rename it to a .exe

thats gotta suck, but it does re-itterate the importance of NOT running compiled scripts.

Share this post


Link to post
Share on other sites

reinstalling the OS should solve the problem, as I am sure you have backups of all your important data.

or, use a ERD CD and figure out which program is the problem and remove it (whether it be a service or something else).


> there are 10 types of people in the world, those who understand binary and those who don't.

Share this post


Link to post
Share on other sites

If your pc is still booting up into windows...

Maybe just to get past the part of 20 notepads on startup so you can try and repair the damage..

Try removing the file association for .txt with notepad.. remove the association of .txt with any program all together.

This way you won't be plagued with notepad popping up on every click while trying to repair from within windows.

Good Luck

Share this post


Link to post
Share on other sites

if the virus is indeed made by a noob, he may have registered the virus as a service. In this case you can try killing Explorer.exe, then try to locate the .exe responsible for this(in a different task manager maybe au3).

if you managed to locate it you can unload it, and then kill it removing it using the wininit technique :

http://support.microsoft.com/kb/140570

this will work in most cases if it's a weak virus.

Good Luck

Edited by mrbond007

Share this post


Link to post
Share on other sites

if the virus is indeed made by a noob, he may have registered the virus as a service. In this case you can try killing Explorer.exe, then try to locate the .exe responsible for this(in a different task manager maybe au3).

killing explorer.exe will not always help if it's installed as a service, stopping the service might be your only hope... even a n00b can call the virus svchost.exe or rundll32 or some other obscure name, which will make it harder to detect. and making the autoit file register itself as a service and leave it running isn't really n00by, n00b is when you can't even spell virrus .


> there are 10 types of people in the world, those who understand binary and those who don't.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...