A few moments ago, I fixed my friend’s computer’s problem. She was having problems accessing the command prompt (DOS) from her Windows XP operating system. Every time she attempts to execute “cmd” on her Run dialog box, her computer automatically shuts down. Here is my analysis on how the virus prevents her from using the command prompt and how to remove the virus from the system.
Problem
A virus is preventing the user from using the command prompt. When “cmd” is used, the system automatically shuts off.
Analysis
After giving attempting the “cmd” on her system, the command prompt executes a file called “pc-off.bat“. If my assumptions are correct, this file causes the system to shut down. The file injects itself before the “cmd” command starts.
The only way that this can be done is to inject a command in the Command Processor registry entry. To solve the problem, we have to trace and remove the command that was injected by the virus.
Solution
We must first gain access to our registry editor (regedit on your run prompt). In some cases, the virus disables user (admin) access to the registry. Since the virus injects itself in our command prompt, using DOS to access the registry is not possible. What I can suggest is you download and install an alternate registry editor which you can use to browse your registry editors.
One you gain access to the system registry, browse on the [HKEY_CURRENT_USERSoftwareMicrosoftCommand Processor] and remove the “autorun“= “c:Windowspc-off.bat” entry.
Remove or delete the highlighted entry.
After removing the autorun entry, download and run this batch file.
In some reported cases, the pc-off.bat virus have other variations like bar311.exe, password_viewer.exe, and photos.zip.exe. The fix file above should remove these files as well.
After fixing the problem, update your anti-virus or buy an updated anti-virus to prevent further infection.
Related articles
Tagged with: anti-virus, auto shutdown virus windows xp, auto-shutdown virus, cmd prompt shutdown virus, how to fix auto shutdown, pc-off.bat, remove auto shutdown from computer, removing pc off.bat, shutdown cmd, tips, Tricks, Virus, virus cmd command shutdown, virus cmd shutdown, worm
November 16th, 2008 at 12:44 am
wow! thanks for this post! It helped me solve my shutdown prob
Reply
November 27th, 2008 at 10:36 am
it is the best solution i ever found! i tried a lot but this is the most accurate. thanks!
Reply
November 29th, 2008 at 5:47 am
ah. had the same problem a few months ago… pero ang ginamit ko noob killer.
Reply
November 29th, 2008 at 6:21 am
not working
Reply
December 11th, 2008 at 7:45 pm
Great… my friend problem was solve.. thanks br0
Reply
December 14th, 2008 at 11:18 am
Hi there! Thanks very much for this. I was able to get rid of this extremely annoying virus and can now use “CMD” anytime. Thanks again!
-BC
Reply
January 17th, 2009 at 12:57 pm
ei thanks…it really works…;)
Reply
January 25th, 2009 at 1:57 pm
Im having trouble with my PC coz every 2:30 min in using it, my internet connection is gone…how to solve this please help me..tnx
Reply
March 1st, 2009 at 8:59 pm
hi
got into registry editor but auto run is not there ??
Reply
March 11th, 2009 at 12:38 am
WOW IT IS A GOOD WAY BUT MAK IT EASY FOR THOSE WHO DONT KNOW COMPUTER BY USEDING THE COAD ONLY BESIDE THIS PC AutoOff Fix
Reply
March 14th, 2009 at 8:50 pm
This is the first time I commented here and I should say that you give genuine, and quality information for other bloggers! Great job.
p.s. You have a very good template . Where have you got it from?
Reply
March 25th, 2009 at 1:06 am
it’s not working for me. i followed all instructions (deleted the registry value and ran the batchfile editor) but still it went autoshut down..when i checked it again, the value was still there.. Please help me. ae there other alternatives for my problem? PLEASE MAIL ME. dhey_scarlet16@yahoo.com your tip will be highly appreciated! thanks and God bless!
Reply
March 25th, 2009 at 1:44 am
i want to thank the owner of this blog for being generous in posting some solutions regarding malwares..
may God bless you more 
)
(unfortunately it didn’t work for me, but it worked for others though..
i’ve surfed the net for alternative solutions..i found something that works for my pc. so if the solution above doesn’t work on your pc,it may have other problems that should be fixed first.
you may try this:
http://www.testmy.net/forum/index.php?topic=22968.msg266502
just click the link
Thanks people.:) God Bless!
Reply
May 21st, 2009 at 10:46 am
It works!!! Thanks….
Reply
May 25th, 2009 at 1:09 pm
Hello guys,
Thanks for the solution but you are lacking one important thing!
Pls do this first before following the instructions above:
First, stop the virus application running at the Windows background (processes)
Press CTRL-ALT-DEL and select Task Manager.
Go to the Processes tab and stop the application: (bar311.exe, password_viewer.exe, and photos.zip.exe).
Then you can proceed with the other remaining steps..
Thanks!
Reply
June 3rd, 2009 at 9:55 am
Thank bro!..
it’s really work..
Reply
June 3rd, 2009 at 3:19 pm
WOWOWOWOWOWOW!!!!!!! WHAT A GENIUS!!!!!!!!!! 100 STARS FOR YOU BRO!!!!!! YOU’VE SOLVE MY PROBLEM IN A FEW SECONDS!!!!
Reply
June 6th, 2009 at 10:43 pm
how to make a shutdown virus??????????
Reply
June 13th, 2009 at 4:31 pm
thank you very much…
since i cannot go to “regedit,” i just search for the “.bat” file and alas! the “pc-off.bat” appeared…i just deleted this file and the problem with “cmd autshutoff” is corrected…
Reply