PDA

View Full Version : Remains of a virus



Supertrooper
30-05-2004, 02:38 PM
Recently sorted out a friend's computer which had something like 15 viruses on it including the W32/sobig.b@MM virus.

He hadn't updated the virus def's since 2001 (!) and the appearance of an obscure DOS window opening shortly after Windows loaded is what triggered my mind into thinking something was wrong.

After dealing to all the problems, this DOS window still comes up and I'm not sure where it's being kicked off from.
It may just be a BAT file (it tries to load c:\windows\regedit.exe /s srch.reg) and of course just brings up an error now as the srch.reg file has been deleted.

Can anyone tell me how to get rid of this damn DOS window?

johnboy
30-05-2004, 02:50 PM
have a look here go down the page a bit and it discusses your exact problemHere (http://www.wilderssecurity.com/archive/index.php/t-14715)

Jams
30-05-2004, 03:23 PM
tis not for the faint of hearted, but some virus's edit the win.ini file, with a little line which tells it to boot.

if this is the case. look carefully, and make a copy of your win.ini file (if somethign goes wrong, you have a back up) , and delete the line telling the left over virus to boot.

:)
jams