visit this link.......
http://www.karthickraghavan.com/2007/03/20/hacked-by-moozilla/
Search each partition for : (include hidden and system files)
kernel32.dll.vbs and
autorun.infdelete both the files.
Also open cmd and type the following command :
del %windir%\IISDLL.dll.vbs
Then Start -> Run type
regedit
- Navigate to and delete the following entries:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run\"kernel32" = "%WinDir%\kernel32.dll.vbs
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\"Window Title" = "Hacked by 8BITS"
HKEY_CURRENT_USER\Software\Microsoft\"nFlag" = "[NUMBER OF TIMES SCRIPT HAS RUN]"
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\"Start Page" = "about:_______________________________________:Hac ked_By_8BITS:_____________________________________ __"
- Restore the following registry entry to its original value, if required:
HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings\"Timeout" = "0"
Next thing is to delete IISDLL.dll.vbs, kernel32.dll.vbs, autorun.inf from your USB drive.
Reboot in normal mode. (remember to check boot.ini settings if you followed the msconfig method to boot into safe mode.)
Post a
Link: log file if the problem still continues.
And last of all, what AntiVirus do you use ? and yes vbs files can be viewed in notepad or any text editor. And it is better if you do not go double clicking and executing every .vbs files that you come across. Those are executable Visual Basic scripts.
