Last weekend I bumped into a digicam which had a malware in it.
The malware like to shut my pc off as soon as I'm trying to access the command prompt. My antivirus was able to detect it, but was unable to delete it from my system.
So with a little research I was able to erase it completely from my system! Thank God!
I'll share to you this method, hoping it can help you too!
This is the symptom of a computer having JBLCF_Scandal.exe virus.
The virus comprises of JBLCF_Scandal.exe and pc-off.bat.
When you boot your Windows XP in Safe Mode the message appears: "Dont Worry. I will do no harm here"
The pc-off.bat contains the syntax like this”C:/path/shutdown -s -f -t 2 -c” which automatically shutdown your computer when you run the cmd.exe.
So heres the solution to this problem… just follow these simple steps that will be discussed below.
For Manual removal:
1. Upon start up... After OS loading... Go to task manager by pressing CTRL+ALT+DEL then kill (end process) JBLCF_Scandal.exe
2. Press START then at the RUN, enter REGEDIT.
Then start to EDIT the following registry entries thru regedit at start/run
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
“Userinit”=”userinit.exe,JBLCF_Scandal.exe” —> remove “,JBLCF_Scandal.exe” only… leave userinit.exe because this is used by Windows when you log-in…
[HKEY_CURRENT_USER\Software\Microsoft\Windows\
CurrentVersion\Explorer\Advanced]
“Hidden”=dword:00000001
“HideFileExt”=dword:00000000
“ShowSuperHidden”=dword:00000001
[HKEY_CURRENT_USER\Software\Microsoft\Command Processor]
“autorun”=”c:\Windows\pc-off.bat” –> remove “c:\Windows\pc-off.bat” or delete the autorun key.
3. go to your thumb drive, please use the folders view in the explorer and use the navigation panel on the left side when accessing the drives to avoid triggering the autorun… then delete autorun.inf and JBLCF_Scandal.exe
4. open notepad then type what is shown below as is…
@echo off
del /a /f c:\Windows\JBLCF_Scandal.exe
del /a /f c:\Windows\pc-off.bat
pause
then save this as pc-off remove.bat then click to run…. it will remove this annoying types of PC shut-off thing of virus…
After doing this, you may need to scan again your system using your antivirus.
I'm using AVAST to scan my system, and hey, It really works!
The malware like to shut my pc off as soon as I'm trying to access the command prompt. My antivirus was able to detect it, but was unable to delete it from my system.
So with a little research I was able to erase it completely from my system! Thank God!
I'll share to you this method, hoping it can help you too!
This is the symptom of a computer having JBLCF_Scandal.exe virus.
The virus comprises of JBLCF_Scandal.exe and pc-off.bat.
When you boot your Windows XP in Safe Mode the message appears: "Dont Worry. I will do no harm here"
The pc-off.bat contains the syntax like this”C:/path/shutdown -s -f -t 2 -c” which automatically shutdown your computer when you run the cmd.exe.
So heres the solution to this problem… just follow these simple steps that will be discussed below.
For Manual removal:
1. Upon start up... After OS loading... Go to task manager by pressing CTRL+ALT+DEL then kill (end process) JBLCF_Scandal.exe
2. Press START then at the RUN, enter REGEDIT.
Then start to EDIT the following registry entries thru regedit at start/run
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
“Userinit”=”userinit.exe,JBLCF_Scandal.exe” —> remove “,JBLCF_Scandal.exe” only… leave userinit.exe because this is used by Windows when you log-in…
[HKEY_CURRENT_USER\Software\Microsoft\Windows\
CurrentVersion\Explorer\Advanced]
“Hidden”=dword:00000001
“HideFileExt”=dword:00000000
“ShowSuperHidden”=dword:00000001
[HKEY_CURRENT_USER\Software\Microsoft\Command Processor]
“autorun”=”c:\Windows\pc-off.bat” –> remove “c:\Windows\pc-off.bat” or delete the autorun key.
3. go to your thumb drive, please use the folders view in the explorer and use the navigation panel on the left side when accessing the drives to avoid triggering the autorun… then delete autorun.inf and JBLCF_Scandal.exe
4. open notepad then type what is shown below as is…
@echo off
del /a /f c:\Windows\JBLCF_Scandal.exe
del /a /f c:\Windows\pc-off.bat
pause
then save this as pc-off remove.bat then click to run…. it will remove this annoying types of PC shut-off thing of virus…
After doing this, you may need to scan again your system using your antivirus.
I'm using AVAST to scan my system, and hey, It really works!
Comments