Kerne1 & Sub7
Page 1 of 2 12 LastLast
Results 1 to 10 of 15

Thread: Kerne1 & Sub7

  1. #1
    Senior Member
    Join Date
    Dec 2001
    Posts
    151

    Kerne1 & Sub7

    i was deleting my sub seven server and then i accidently ran the file. It infected my kerne1.exe file in my c:\windows\ folder so since i have never seen that file in my windows folder before i figured it was probably the sub7 server. the next day i i turned on my computer everything seemed to work fine until i logged in. a window popped up saying kerne1.exe was missing and i had to reinstall windows, i can't seem to access the c:\ drive in dos so...what should i do? oh, and i'm running windows ME (i know i know...it's not my fault!)

    -thanks
    -[h3llbringer] is back, again.
    -MSN CLoNE.
    Share on Google+

  2. #2
    Senior Member
    Join Date
    Jan 2002
    Posts
    218
    i have never been one to flame. usually, if i have nothing nice to say, i say nothing at all, and limit my posts to ao for only educational posts with some real purpose. but for you i will make an exception.
    you sir, are a dumbass.

    Share on Google+

  3. #3
    AntiOnline Senior Member souleman's Avatar
    Join Date
    Oct 2001
    Location
    Flint, MI
    Posts
    2,884
    what should i do?
    Reinstall windows....from scratch. As in format the harddrive and then install. Use a boot disk to get to the c drive in dos. You want to make sure that the reinstall doesn't keep any old settings, which does happen sometims. And if at all possible, get rid of ME. Go back to 98 if you can. Preferably Win2k.

    Good luck....
    \"Ignorance is bliss....
    but only for your enemy\"
    -- souleman
    Share on Google+

  4. #4
    Senior Member
    Join Date
    Sep 2001
    Posts
    310
    haha
    LOL @ VanEck. Short, sweet and simple flame.
    But anyway...didn't the guy say he couldn't access his c: drive from dos? Well in that case check your bios settings, see if the primary and secondary drives are in the right order...and off you go. After that, don't ever touch that SK subseven crap, that MS m.e crap, and get a linux distro.
    script language=\"M$cript\";
    function beginError(bsod) {
    return true; }
    onLoad.windows = beginError;
    Share on Google+

  5. #5
    AO Curmudgeon rcgreen's Avatar
    Join Date
    Nov 2001
    Posts
    2,716

    Thumbs up

    Or, if you have a friend running the same OS.
    get a copy of the file from him (and make a
    bootable floppy while you're at it)

    Boot from floppy, replace file.
    I came in to the world with nothing. I still have most of it.
    Share on Google+

  6. #6
    Senior Member
    Join Date
    Dec 2001
    Posts
    151
    didn't i say i was deleting sub 7?....why are you guys flaming me?
    -[h3llbringer] is back, again.
    -MSN CLoNE.
    Share on Google+

  7. #7
    AntiOnline Senior Member souleman's Avatar
    Join Date
    Oct 2001
    Location
    Flint, MI
    Posts
    2,884
    Only VanEck flamed you, and he was just saying it was stupid to play with a trojan. The rest of us were trying to help you....
    \"Ignorance is bliss....
    but only for your enemy\"
    -- souleman
    Share on Google+

  8. #8
    Senior Member
    Join Date
    Sep 2001
    Posts
    310
    Well..deleting subseven sounds alot like, "i used subseven and was trying to flip my friends cursor when i accidently clicked on server.exe. now i wanna get rid of subseven"
    Get the drift? And that my friend...was not a flame. VanEck was not a flame. You have obviously not seen Negative's posts.
    script language=\"M$cript\";
    function beginError(bsod) {
    return true; }
    onLoad.windows = beginError;
    Share on Google+

  9. #9
    Junior Member
    Join Date
    May 2002
    Posts
    1
    You dont have to reinstall your windows all you have to do is this-
    The order to remove this trojan is complicated by the depth to which the trojan hooks the operating system.
    One trick that I discovered is to rename the registry editing program from their original .EXE to a .COM extension (as in REGEDIT.COM). This will by pass the limitations created by removing the trojan prior to editing the registry. This will allow you to remove references of trojans and Internet worms.
    --- Manual Removal Instructions ---

    1) Identify and note the files associated with this trojan as detected by the scanner.

    2) Click START|RUN, type

    COMMAND /C COPY %WINDIR%\REGEDIT.EXE %WINDIR%\REGEDIT.COM
    and hit ENTER
    3) Click START|RUN, type REGEDIT.COM and hit ENTER

    4) Remove references to the trojan from these keys of the registry

    HKCR\exefile\shell\open\command\

    HKLM\Software\CLASSES\exefile\
    shell\open\command

    They should contain only the value not including brackets
    [''%1'' %*].

    5) If applicable, remove any keys that run the main trojan under

    HKLM\Software\Microsoft\Windows\
    CurrentVersion\RunServices\

    HKLM\Software\Microsoft\Windows\
    CurrentVersion\Run\

    HKLM\Software\Microsoft\Active Setup\Installed Components\KeyName\

    6) If applicable, delete the registry key if it exists

    HKEY_CLASSES_ROOT\.dl

    and exit Regedit

    7) If applicable, edit WIN.INI and remove the reference to the trojan from the run= line in the [windows] section.

    8) If applicable, edit SYSTEM.INI and remove the reference to the trojan from the shell= line in the [boot] section. It should just contain the file EXPLORER.EXE.

    9) Restart the system.

    10) Delete the trojan program(s). If all is well the files should be deleted OK. If you get an error message saying that windows is unable to delete the file because it is in use, then you have made an error in the above procedure. Repeat steps 1 to 9 and try again.
    Share on Google+

  10. #10
    Senior Member linuxcomando's Avatar
    Join Date
    Sep 2001
    Posts
    432
    I would install linux on the box and then try to run your sub7 server again, oh and while your at it why dont you write some visual basic viruses on the linux box.....:P
    I toor\'d YOU!
    Share on Google+

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •