How-to remove Bar311.exe PC shuts down virus
6/07/2009 09:17:00 AM Posted In virus protection Edit This 0 Comments »
bar311.exe that keeps blocking my cmd (command prompt) thing… so ill just shared this method on how to solve this problem…
This is the symptom of a computer having bar311.exe virus A.K.A. winzip123. The virus comprises bar311.exe, password_viewer.exe, photos.zip.exe and pc-off.bat.
When you boot your Windows XP in Safe Mode the message appears: Thank You!!!
Password:Winzip123
The pc-off.bat contains the syntax like this"C:/path/shutdown -s -f -t 2 -c" which automatically shutdown your computer when you run the cmd.exe. So heres the solution to this problem… just follow these simple steps that im goin to discuss….
Manual removal:
1. upon start up…. after os loading… go to task manager by pressing CTRL+ALT+DEL then kill (end process) password_viewer.exe or bar311.exe or photos.zip.exe…
2. EDIT the following registry entries thru regedit at start/run
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="userinit.exe,bar311.exe" —> remove ", bar311.exe" only… leave userinit.exe because this is used by Windows when you log-in…
[HKEY_CURRENT_USER\Software\Microsoft\Windows\
CurrentVersion\Explorer\Advanced]
"Hidden"=dword:00000001
"HideFileExt"=dword:00000000
"ShowSuperHidden"=dword:00000001
[HKEY_CURRENT_USER\Software\Microsoft\Command Processor]
"autorun"="c:\Windows\pc-off.bat" –> remove "c:\Windows\pc-off.bat" or delete the autorun key.
3. go to your thumb drive, please use the folders view in the explorer and use the navigation panel on the left side when accessing the drives to avoid triggering the autorun… then delete autorun.inf and password_viewer.exe or bar311.exe
4. open notepad then type what is shown below as is…
@echo off
del /a /f c:\Windows\bar311.exe
del /a /f c:\Windows\password_viewer.exe
del /a /f c:\Windows\photos.zip.exe
del /a /f c:\Windows\pc-off.bat
pause
then save this as remove.bat then click to run…. it will remove this annoying types of PC shut-off thing of virus… ;)
Try it.. it works peepz…
This is the symptom of a computer having bar311.exe virus A.K.A. winzip123. The virus comprises bar311.exe, password_viewer.exe, photos.zip.exe and pc-off.bat.
When you boot your Windows XP in Safe Mode the message appears: Thank You!!!
Password:Winzip123
The pc-off.bat contains the syntax like this"C:/path/shutdown -s -f -t 2 -c" which automatically shutdown your computer when you run the cmd.exe. So heres the solution to this problem… just follow these simple steps that im goin to discuss….
Manual removal:
1. upon start up…. after os loading… go to task manager by pressing CTRL+ALT+DEL then kill (end process) password_viewer.exe or bar311.exe or photos.zip.exe…
2. EDIT the following registry entries thru regedit at start/run
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="userinit.exe,bar311.exe" —> remove ", bar311.exe" only… leave userinit.exe because this is used by Windows when you log-in…
[HKEY_CURRENT_USER\Software\Microsoft\Windows\
CurrentVersion\Explorer\Advanced]
"Hidden"=dword:00000001
"HideFileExt"=dword:00000000
"ShowSuperHidden"=dword:00000001
[HKEY_CURRENT_USER\Software\Microsoft\Command Processor]
"autorun"="c:\Windows\pc-off.bat" –> remove "c:\Windows\pc-off.bat" or delete the autorun key.
3. go to your thumb drive, please use the folders view in the explorer and use the navigation panel on the left side when accessing the drives to avoid triggering the autorun… then delete autorun.inf and password_viewer.exe or bar311.exe
4. open notepad then type what is shown below as is…
@echo off
del /a /f c:\Windows\bar311.exe
del /a /f c:\Windows\password_viewer.exe
del /a /f c:\Windows\photos.zip.exe
del /a /f c:\Windows\pc-off.bat
pause
then save this as remove.bat then click to run…. it will remove this annoying types of PC shut-off thing of virus… ;)
Try it.. it works peepz…
0 comments:
Post a Comment