This notorious trojan (which spreads by exploiting the autorun feature in Windows OS) locks the taskbar, taskmanager as well as registry editing. To enable all the above features and to remove the irritating G.O.D Saikoboy's Internet explorer message that comes at the top of your IE - read on
(1) Unlock Task Manager
Goto Start -> Run and copy and paste this code (in one line)
REG add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableTaskMgr /t REG_DWORD /d 0 /f
(2) Unlock Registry Editor
REG add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableRegistryTools /t REG_DWORD /d 0 /f
(3) Using Registry Editor, delete the following value in the registry:
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Window Title
Next, Open the task manager you will find two processes with the name svchost.exe
one has the user name "SYSTEM" and the other has your user name (login ID) end the process "svchost.exe" which have your user name beside it (it is a trojan)
Then go to C: and find a hidden file called CONFIG (not config.sys) and delete it.
2 comments:
Hi, Thanx for your tips. It helped me correct all the problems. However I could not spot the Trojan (as in, I found a lot of files with name 'config', but couldn't spot which of them is the trojan).
Can you please help?
Excellent. Thanks a lot. Finally I got rid of this irritating trojan.
Post a Comment