G.O.D Saikoboy’s - Internet Explorer
G.O.D Saikoboy’s is the modified title of Internet Explorer for computers that was infected by a worm that runs itself with an Autorun.inf file
Aliases:
-
Risk Level: Low
File Size: Varies
Affected System: Windows
Common Symptoms:
1. Modified Internet Explorer Title
1. Click Start>Run
2. Cut and paste on Run “field” the line below to Unlock Task Manager.
REG add HKCU\Software\Microsoft\Windows\CurrentVersion\Pol icies\System /v DisableTaskMgr /t REG_DWORD /d 0 /f
3. Cut and paste on Run “field” the line below to Unlock Registry Editor.
REG add HKCU\Software\Microsoft\Windows\CurrentVersion\Pol icies\System /v DisableRegistryTools /t REG_DWORD /d 0 /f
4. Using Registry Editor, delete the following value in the registry:
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Window Title
5. Go to Start>Run, type regedit and delete the following value:
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Window Title
6. Exit registry editor.
7. Delete autorun files from your USB drive and Local drive
- Start>Run type CMD
- DOS prompt will appear
- type C:\ (to go to Root of Drive C:)
- on C:\ type del /f /a autorun.inf
- type X: (where x is the drive letter of USB drive)
- type del /f /a autorun.inf
del I: /f/a autorun.inf
Its working. Thanks a lot.
This G.O.D. Saikoboy virus is creating autorun.inf files on my USB drive. Even I try removing the files using the step 7 it is not getting removed. Even after formatting also this files are not getting removed.
Can you please suggest any alternative solution
This virus is also disabling folder options.
u can try the one exe file name scanner.exe which can make disable the G.O.D saikoboy’s and enable the taskmanager once try this option and revert to me thank you
This G.O.D. Saikoboy virus is creating autorun.inf files on my USB drive. Even I try removing the files using the step 7 it is not getting removed. Even after formatting also this files are not getting removed.
Can you please suggest any alternative solution
Guys
u can try this,
1) Unlock Task Manager
Goto Start -> Run and copy and paste this code (in one line)
REG add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableTaskMgr /t REG_DWORD /d 0 /f
(2) Unlock Registry Editor
REG add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableRegistryTools /t REG_DWORD /d 0 /f
(3) Using Registry Editor, delete the following value in the registry:
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Window Title
Next, Open the task manager you will find two processes with the name svchost.exe
one has the user name “SYSTEM” and the other has your user name (login ID) end the process “svchost.exe” which have your user name beside it (it is a trojan)
Then go to C: and find a hidden file called CONFIG (not config.sys) and delete it
thanks
good job done
how do i see the registry files and how to repair the registry, every time i open the system one message is coming that component file is missing? please help me out
how do i see registry files every time i open the system one message is coming component registry file is missing please help me out
Hey thanks a ton Suresh….
sikoboy virus had psyched me out completely… have finally got rid of it….
your solutions works perfectly well…
but was unable to delete Trojan…
neither could i find CONFIG folder…
anyways thanks again
Thanks Suresh….
My IE’s working fine….
looks like saikoboy has finally been sacked(atleast as of now).
Thanks a lot, Suresh.
His fix is working fine.
I was able to remove it even without admin rights on my official PC.
Thanks!
It’s done. Thank you.