Wednesday, June 17, 2009

Cmd Auto Shutdown Virus

Remove the pc-off.bat



A few months ago, I've found fixed my friend’s computer’s problem. She was having problems accessing the command prompt (DOS) from her Windows XP operating system. Every time she attempts to execute “cmd” on her Run dialog box, her computer automatically shuts down. Here is my analysis on how the virus prevents her from using the command prompt and how to remove the virus from the system.

Problem


A virus is preventing the user from using the command prompt. When “cmd” is used, the system automatically shuts off.



Analysis


After giving attempting the “cmd” on her system, the command prompt executes a file called “pc-off.bat“. If my assumptions are correct, this file causes the system to shut down. The file injects itself before the “cmd” command starts.


The only way that this can be done is to inject a command in the Command Processor registry entry. To solve the problem, we have to trace and remove the command that was injected by the virus.


Solution


We must first gain access to our registry editor (regedit on your run prompt). In some cases, the virus disables user (admin) access to the registry. Since the virus injects itself in our command prompt, using DOS to access the registry is not possible. What I can suggest is you download and install an alternate registry editor which you can use to browse your registry editors.


One you gain access to the system registry, browse on the [HKEY_CURRENT_USERSoftwareMicrosoftCommand Processor] and remove the “autorun“= “c:Windowspc-off.bat” entry.

Free Image Hosting at www.ImageShack.us

QuickPost Quickpost this image to Myspace, Digg, Facebook, and others!


After removing the autorun entry, download and run this batch file.


Today i would like to share with u my new version of virus washer for pc-off.bat, click the link below :-


Click Here


In some reported cases, the pc-off.bat virus have other variations like bar311.exe, password_viewer.exe, and photos.zip.exe. The fix file above should remove these files as well.

After fixing the problem, update your anti-virus or buy an updated anti-virus to prevent further infection.
Posted by at 229 comments:

Wednesday, June 3, 2009

Configure Riger DB102

Fisrt of all:-

1)

Go to http://192.168.1.1.


* Username: tmadmin

* Password: tmadmin

Then you will see this above page. Go and click at the WAN Tab and click at PPP.

2)

Set the new interface as:


* PPP interface = 0

* ATM VC = aal5-0

* Protocol = PPoE

* Use DNS = enable

* Security = PAP


3)

Don’t forget to set your username as username@streamyx and also your TMNet Streamyx password. When done, click Submit.

Click on ATM VC and make sure interface are set as:


* aal5-0 VPI = 0

* VCI = 35

* MUX = LLC

* Max proto = 2


4)

After that, click on Admin and then Commit and then Reboot Once it’s done you should check your Internet connectivity by loading your favorite website.


If you’re unable to go to 192.168.1.1, please make sure that your PC IP is in the range of 192.168.x.x.


Done!
Posted by at 1 comment:

Monday, June 1, 2009

Change Computer Name On Registry

Got trouble when change computer name? No heart feelin..i will teach you how to change the computer name easily with the simple command line with parameters. There's no special tools needed,first of all, go to :-


Start>Run>Regedit

1.) Using registry
(HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\ComputerName\ComputerName\ComputerName)..
this method works after reboot, with some side effects.
(If you check in control
Panel->System it will keep show you old name, although system uses new
name). Any explanations how to fix that?;p



2.) I'd really like to hear from MS expert whether any of command line
utils can change computer name (I believe it does). I've been playing
around with netsh, net.


That's all for today,. Im tired rite now.. C ya next day ^_^
Posted by at No comments:
Subscribe to: Posts (Atom)