We’d like to remind Forumites to please avoid political debate on the Forum.
This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
FBI Ransome virus- Desktop taken over!
Comments
-
Do this.
- Open Notepad
- Copy and Paste everything from inside the Code box below into Notepad
(Do Not include Code:)@echo off @For /F %%g in ( ' reg query "hklm\software\microsoft\windows\currentversion\setup" /v bootdir ^| SED "/.*\t/!d;s///" ' ) do @if exist "%%~gBoot.ini" set "BootDir=%%~g" If exist %BootDir%\bootcheck.txt Del %BootDir%\bootcheck.txt type %BootDir%\boot.ini >> %BootDir%\bootcheck.txt start notepad %BootDir%\bootcheck.txt set BootDir= exit
- Go to File > Save As
- Save File name as look.bat
- Change Save as Type to All Files and save the file to your desktop.
- Close Notepad
- Double click look.bat on your Desktop.
- Notepad will open. Post the contents in your next reply.
0 -
Did you Change the Save As type to All Files?
To see the file extension, open My Computer, then click Tools > Folder Options > View. In advanced settings, scroll down to find "Hide extensions for known file types" click on the box to remove the tick. Apply/OK all the way out.
The file on your desktop should now have a visible file extension.How do I add a signature?0 -
Do this.
- Open Notepad
- Copy and Paste everything from inside the Code box below into Notepad
(Do Not include Code:)@echo off @For /F %%g in ( ' reg query "hklm\software\microsoft\windows\currentversion\setup" /v bootdir ^| SED "/.*\t/!d;s///" ' ) do @if exist "%%~gBoot.ini" set "BootDir=%%~g" If exist %BootDir%\bootcheck.txt Del %BootDir%\bootcheck.txt type %BootDir%\boot.ini >> %BootDir%\bootcheck.txt start notepad %BootDir%\bootcheck.txt set BootDir= exit
- Go to File > Save As
- Save File name as look.bat
- Change Save as Type to All Files and save the file to your desktop.
- Close Notepad
- Double click look.bat on your Desktop.
- Notepad will open. Post the contents in your next reply.
Hi W-8,
thanks for your patience.
Just followed your instructions to the letter, however when I click on the saved file/folder on the desktop it is blank. No text or anything in it??
So I have nothing to paste for you.
Also the saved look.bat note pad which was saved has changed in to MS-DOS file. I take it this was the intention?
What am I doing wrong?
0 -
Gizmos_dad wrote: »Hi W-8,
thanks for your patience.
Just followed your instructions to the letter, however when I click on the saved file/folder on the desktop it is blank. No text or anything in it??
So I have nothing to paste for you.
Also the saved look.bat note pad which was saved has changed in to MS-DOS file. I take it this was the intention?
What am I doing wrong?
In Waddler's absence.....
From the top, you should have:- Opened Notepad (blank document)
- Copied the details from the code box in Waddler's earlier message (replicated below), and pasted it into the blank document
- Saved the file to your desktop as look.bat after changing the Save As file type to All Files - This should have placed a file called look.bat onto your desktop, with an MS-DOS icon
- Closed notepad
- Double clicked on look.bat file on your desktop to run it, and wait - Notepad should automatically open a file called bootcheck.txt
- Copy the content of bootcheck.txt and paste into a reply here
@echo off @For /F %%g in ( ' reg query "hklm\software\microsoft\windows\currentversion\setup" /v bootdir ^| SED "/.*\t/!d;s///" ' ) do @if exist "%%~gBoot.ini" set "BootDir=%%~g" If exist %BootDir%\bootcheck.txt Del %BootDir%\bootcheck.txt type %BootDir%\boot.ini >> %BootDir%\bootcheck.txt start notepad %BootDir%\bootcheck.txt set BootDir= exit
How do I add a signature?0 -
In Waddler's absence.....
From the top, you should have:- Opened Notepad (blank document)
- Copied the details from the code box in Waddler's earlier message (replicated below), and pasted it into the blank document
- Saved the file to your desktop as look.bat after changing the Save As file type to All Files - This should have placed a file called look.bat onto your desktop, with an MS-DOS icon
- Closed notepad
- Double clicked on look.bat file on your desktop to run it, and wait - Notepad should automatically open a file called bootcheck.txt
- Copy the content of bootcheck.txt and paste into a reply here
@echo off @For /F %%g in ( ' reg query "hklm\software\microsoft\windows\currentversion\setup" /v bootdir ^| SED "/.*\t/!d;s///" ' ) do @if exist "%%~gBoot.ini" set "BootDir=%%~g" If exist %BootDir%\bootcheck.txt Del %BootDir%\bootcheck.txt type %BootDir%\boot.ini >> %BootDir%\bootcheck.txt start notepad %BootDir%\bootcheck.txt set BootDir= exit
Hi Figment,
Just followed your instructions again, same result...being the notepad opens and its blank. All other steps seem to work apart from the end result.
Also have changed settings so file extensions/types are shown
GD0 -
Will have to wait until Waddler returns, so he can double check his code.How do I add a signature?0
-
the batch file appears to pipe output to sed, a unix command?
you can do it manually
regedit
find hklm\software\microsoft\windows\currentversion\setup and note bootdir value, then post the boot.ini from that drive
eg c:\boot.ini
format and reinstall is often much faster and cleaner, you'll probably still be doing this next week!!
> . !!!! ----> .0 -
Gizmos_dad wrote: »Just followed your instructions to the letter, however when I click on the saved file/folder on the desktop it is blank. No text or anything in it??
Yes, I half expected that. It looks to be a problem with your boot.ini
Go to start > run and copy the following command in and click ok (Don't include Code:)cmd /c dir /Ah C:\ >>Log.txt&Log.txt&del Log.txt
Post the contents of the resulting notepad file.0 -
Yes, I half expected that. It looks to be a problem with your boot.ini
Go to start > run and copy the following command in and click ok (Don't include Code:)cmd /c dir /Ah C:\ >>Log.txt&Log.txt&del Log.txt
Post the contents of the resulting notepad file.
Volume in drive C has no label.
Volume Serial Number is 209F-DA2A
Directory of C:\
18/10/2012 14:03 1,877,389,312 hiberfil.sys
24/09/2009 16:45 0 IO.SYS
24/09/2009 16:45 0 MSDOS.SYS
14/04/2008 13:00 47,564 NTDETECT.COM
14/04/2008 13:00 250,048 ntldr
18/10/2012 14:03 1,409,286,144 pagefile.sys
19/10/2012 14:02 <DIR> RECYCLER
24/09/2009 16:49 <DIR> System Volume Information
6 File(s) 3,286,973,068 bytes
2 Dir(s) 125,151,416,320 bytes free0 -
Yes, there's no boot.ini
Let's see if you have a backup.
Go to start > run and copy the following command in and click ok (Don't include Code:)cmd /c dir %windir%\pss >>Log.txt&Log.txt&del Log.txt
Post the contents of the resulting notepad file.0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 351.8K Banking & Borrowing
- 253.4K Reduce Debt & Boost Income
- 454K Spending & Discounts
- 244.7K Work, Benefits & Business
- 600.2K Mortgages, Homes & Bills
- 177.3K Life & Family
- 258.4K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.2K Discuss & Feedback
- 37.6K Read-Only Boards