hey... pls help me,i think its a virus!!!

[Deep_crawler]

this is how it started.....i got some videos and audio files from my friend... in his machine there was a problem..but i didnt took it so serious..this was the problem..when ever i opened his internet explorer, on top of his windows bar appears as "MICROSOFT INTERNET EXPLORER- HACKED BY VJ" when ever i opened it i always get that error name with it..same thing happened to my computer..when ever i opened the site it appears like that...its really a big shit to see like that...i tried several antivirus to get it off..but it never goes..stays still there..and it never detects also...

can any one help me to get rid of this shit..it will be a big thing if any one helps me out..thanks a lot..hoping to get your reply as soon as possible..thanks again ..bye

 

[edklite]

if its a virus or spyware then an anti virus or spysweeper should catch it.

its the same webpage you go to? or any webpage?

if its any webpage then sombody changed one of your regkeys so have a look here

http://support.microsoft.com/kb/176497

 

[Deep_crawler]

hey thanks a lot... i really owe u....i ll try that now...thanks again....bye

 

[edklite]

besure to post back if that was the problem so others can benefit also.

good luck hope that is it

 

[Deep_crawler]

Het ...guy..there s a nother problem...when i try to go "REGEDIT" i get a error msg sayingn "REG EDIT IS NOT A VALID APPLICATION" could you tell me how can get rid of this trouble.....hoping to get your reply asap...thanks again...see you...

 

[Deep_crawler]

Het ...guy..there s a nother problem...when i try to go "REGEDIT" i get a error msg sayingn "REG EDIT IS NOT A VALID WIN32 APPLICATION" could you tell me how can get rid of this trouble.....hoping to get your reply asap...thanks again...see you...

 

[edklite]

go to C:\WINDOWS\regedit.exe

try and run regedit.exe from there and tell me what happens, if you still get that error or its not ther then your got a trojen or virus or you have been hacked which would explain how your ie title got changed

 

[ozykid]

This letter has been given to TAFE students in Adelaide as VJ has been let loose.[/b]The virus commonly know as"Hached By V J" Replecates through USB and removable media. Its most noticable effect is changing the title bar of MS Internet exployer to " Hacked by VJ". When a removable device is plugged in to a windows computer it automatically seaches for"autoRun.inf" and executes its contents, this is how the second file, a visual basic script, is initiated.
This virus should be able to be found by most anti virus software. Be sure to have your usb drive installed and get the program to do a full scan including the USB drive.
If this doent seem to work you can attempt it maually.
As yet there is no official "fix" but there are some way to contain and stop the spreading. Before inserting a USB drive press and hold the shift key. this will prevent auto play from starting and therefore stopping the virus from spreading, hoprfully. In the root of the drive there will, should be 2 files"auotrun.inf" and "<somthing>dll.vbs, you may need to show hidden and also system files. (delete these)
The following is the manual way to delete the value in the registry.
it is stongly recommened that you back up registry before making any changes to it. Incorrect changes to the registry can result in permanent data loss or corrupted files. Modify the specified subkey only. For instrutions refer to the document: how to make back up of the Windows registry. Http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/199762382617?Open Document&src=sec doc nam.
!.Click start > run.
2.Type regedit.
3. click ok.
Note: If the registry editor fail to open the threat may have modified the registry to prevent access to the registry editor. secuity response has developed a tool to resolve this problem. Down load and run this tool and then continue with the removal.
4.Navigate to the subkey:
HKEY_LOCAL_MACHINE|SOFTWARE|MICROSOFT|WINDOWS|CURRENTVERSION|RUN
5. In the right pane, Delete the value:
"MS32.DLL"="%Windir%MS32DLL.dll.vbs.
6. Navigate to the subkey:HKEY_CURRENT_USER|SOFTWARE|MICROSOFT|INTERNET EXPLOYER|MAIN.
7.In the right pane, delete the value:
"Window title"= " hacked by[REMOVED]"
8.Exit the registry editor.

 

[edklite]

if its a virus or spyware then an anti virus or spysweeper should catch it.

its the same webpage you go to? or any webpage?

if its any webpage then sombody changed one of your regkeys so have a look here

http://support.microsoft.com/kb/176497

your advice was already posted read the other posts before you posts

 

[rafdevis]

hi guys -

i have the same problem and don't seem to be able to get it fixed

it says hacked by vj in title bar of internet explorer
i can't access my drives unless through 'explore'
also, all of a sudden my cd-rom doesn't get recognized anymore

help is very much appreciated!

 

[edklite]

you need to go here and edit the registry

http://support.microsoft.com/kb/176497

 

[rafdevis]

i cleaned registry plenty of times
it keeps coming back!
also, this would not explain my drives not being accessible, would it?
anyone?

 

[edklite]

did I say anthing about cleaning the registry? did my link say anything about cleaning the registry?

your ie's problem and your drives are separate problems.

but if you think your system is not clean then why don't you make sure its clean first?

 

[rafdevis]

ow, no hard feelings!
i'm trying to stay stuff with my limited vocabulary and close to non-existent knowledge of computers

i followed all the instructions given in the link
what i mean by 'cleaning' is changing and deleting these values in the registry
but the problem remains

anyone on the problem with accessing my drives?

 

[edklite]

have you made sure your system is clean? sounds like you got something there.

plus are you sure you edited the registry correctly?

did you find the txt "hacked by vj"in the registry and delete it?

if yes then after you edited the registry, was the txt there?

 

[rafdevis]

how do i make sure my system is clean?
you mean virus scan?
i have norton virus scan and it hasn't reported anything as far as i know

i deleted 'hacked by vj' and it came right back as soon as i tried to access one of my drives

sure, this has nothing to do with not being able to access my drives?
because both problems came up at the same time

 

[edklite]

ok then do this, first of all norton sucks.

second do this:

download and installNod32 Free 30 Day Trial

then make its settings like this:

nod settings

then download and install spysweeper

make its settings like this:

SS settings

now do a scan first with nod then after nod is done with SS.

lets see what you got

 

[riser]

Not sure what version of IE you're running but search Microsoft for IEAK.

IE Admin Kit is what it is. You can go through and re-create your package of IE (which is what the person did to you) and reinstall IE to overwrite whatever that person did.