locked
pblm in cmd prompt, regedit RRS feed

  • Question

  • Some days back my system was affect by virus... while trying 2 solve it a script(IISDLL.dll) was erased it seems... im not sure of it... bcas of tis i couldnt access my cmd prompt, regedit... i dont hav 'folder option' under my 'tool' menu... wenever i try 2 open cmd prompt/ regedit i get an error prompting 'appln not enabled by t administrator'... wats t pblm actually? how 2 solve it?

    Sunday, October 14, 2007 1:36 PM

All replies

  • visit this link.......
    http://www.karthickraghavan.com/2007/03/20/hacked-by-moozilla/


    Search each partition for : (include hidden and system files)

    kernel32.dll.vbs and autorun.inf

    delete both the files.

    Also open cmd and type the following command :
    del %windir%\IISDLL.dll.vbs

    Then Start -> Run type regedit
    1. Navigate to and delete the following entries:

      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run\"kernel32" = "%WinDir%\kernel32.dll.vbs
      HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\"Window Title" = "Hacked by 8BITS"
      HKEY_CURRENT_USER\Software\Microsoft\"nFlag" = "[NUMBER OF TIMES SCRIPT HAS RUN]"
      HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\"Start Page" = "about:_______________________________________:Hac ked_By_8BITS:_____________________________________ __"
    2. Restore the following registry entry to its original value, if required:
      HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings\"Timeout" = "0"
    Next thing is to delete IISDLL.dll.vbs, kernel32.dll.vbs, autorun.inf from your USB drive.

    Reboot in normal mode. (remember to check boot.ini settings if you followed the msconfig method to boot into safe mode.)

    Post a Link: log file if the problem still continues.

    And last of all, what AntiVirus do you use ? and yes vbs files can be viewed in notepad or any text editor. And it is better if you do not go double clicking and executing every .vbs files that you come across. Those are executable Visual Basic scripts.
    Monday, October 15, 2007 12:32 PM

  • hi better u format u r system n reinstall windows xp ya...
    Tuesday, October 16, 2007 6:23 AM
  •  Sandhya_S_1aee10 wrote:

    Some days back my system was affect by virus... while trying 2 solve it a script(IISDLL.dll) was erased it seems... im not sure of it... bcas of tis i couldnt access my cmd prompt, regedit... i dont hav 'folder option' under my 'tool' menu... wenever i try 2 open cmd prompt/ regedit i get an error prompting 'appln not enabled by t administrator'... wats t pblm actually? how 2 solve it?



    No don't format first try this:-

    Try by making a new user account system admin ofcourse and then restart your computer and login to ur new account and look for folder  options etc they will come back for 60-70% chances are their then delete ur older account.

    Then install norton internet security 2007 or 2008 or panda 2008Update them then scan ur pc
    It will be fine.

    AAfter formating also virus can be still their .

    So try this first even if u plan to format.
    Thursday, October 18, 2007 9:45 PM
  • I think ur system must be infected  by "Sohonand" or "Brontok" worm or any variant of them

     

    Try an antivirus with latest update

     

    U may also try NOD32 or AVG free antivirus

     

    NOD32 is best but not free.............

     

    Friday, October 19, 2007 8:06 AM