Asked by:
pblm in cmd prompt, regedit

Question
-
Some days back my system was affect by virus... while trying 2 solve it a script(IISDLL.dll) was erased it seems... im not sure of it... bcas of tis i couldnt access my cmd prompt, regedit... i dont hav 'folder option' under my 'tool' menu... wenever i try 2 open cmd prompt/ regedit i get an error prompting 'appln not enabled by t administrator'... wats t pblm actually? how 2 solve it?
Sunday, October 14, 2007 1:36 PM
All replies
-
visit this link.......
http://www.karthickraghavan.com/2007/03/20/hacked-by-moozilla/
Search each partition for : (include hidden and system files)
kernel32.dll.vbs and autorun.inf
delete both the files.
Also open cmd and type the following command :
del %windir%\IISDLL.dll.vbs
Then Start -> Run type regedit
- Navigate to and delete the following entries:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run\"kernel32" = "%WinDir%\kernel32.dll.vbs
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\"Window Title" = "Hacked by 8BITS"
HKEY_CURRENT_USER\Software\Microsoft\"nFlag" = "[NUMBER OF TIMES SCRIPT HAS RUN]"
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\"Start Page" = "about:_______________________________________:Hac ked_By_8BITS:_____________________________________ __" - Restore the following registry entry to its original value, if required:
HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings\"Timeout" = "0"
Reboot in normal mode. (remember to check boot.ini settings if you followed the msconfig method to boot into safe mode.)
Post a Link: log file if the problem still continues.
And last of all, what AntiVirus do you use ? and yes vbs files can be viewed in notepad or any text editor. And it is better if you do not go double clicking and executing every .vbs files that you come across. Those are executable Visual Basic scripts.Monday, October 15, 2007 12:32 PM - Navigate to and delete the following entries:
-
hi better u format u r system n reinstall windows xp ya...Tuesday, October 16, 2007 6:23 AM -
Sandhya_S_1aee10 wrote: Some days back my system was affect by virus... while trying 2 solve it a script(IISDLL.dll) was erased it seems... im not sure of it... bcas of tis i couldnt access my cmd prompt, regedit... i dont hav 'folder option' under my 'tool' menu... wenever i try 2 open cmd prompt/ regedit i get an error prompting 'appln not enabled by t administrator'... wats t pblm actually? how 2 solve it?
No don't format first try this:-
Try by making a new user account system admin ofcourse and then restart your computer and login to ur new account and look for folder options etc they will come back for 60-70% chances are their then delete ur older account.
Then install norton internet security 2007 or 2008 or panda 2008Update them then scan ur pc
It will be fine.
AAfter formating also virus can be still their .
So try this first even if u plan to format.Thursday, October 18, 2007 9:45 PM -
I think ur system must be infected by "Sohonand" or "Brontok" worm or any variant of them
Try an antivirus with latest update
U may also try NOD32 or AVG free antivirus
NOD32 is best but not free.............
Friday, October 19, 2007 8:06 AM