Remove Yahoo Messenger virus
hello… sorry for the long vacation actually i been busy with my work and some other part time job, thats why i haven’t got time to add new post. ok now back to our topic on how to remove YM virus. if any of you been receiving link from your friend but when you ask him/her they say that they did’t send it thats mean your friend pc/notebook been infected with ym trojan or maybe alot of friend in your list complain that you been sending them link or spaming link to them then its mean your pc/laptop been infected with this virus.. i maybe have the solution to remove it..but it is not as simple as you thought it is..
What are those links ?:
www.myspacee-img.com/image.php or other (Do not open this url in your browser).
the virus symptom
1. It sets your default IE page to nsl-school.org, you can’t even change it back to other page. If you open IE from your comp some malicious code will automatically executed into your computer.
2. It will disables the Task manager / reg edit. So you can’t kill the Trojan process anymore.
3. Files that are gonaa installed by this virus are svhost.exe , svhost32.exe , internat.exe.
You can find these files in windows/ & temp/ directories.
4. It will sends the secured & protected information to attacker
Remove It Manually (Just follow the step below and you’ll be back to your normal activity and save from virus)
1. Close the IE browser. Log out messenger / Remove Internet Cable.
2. To enable Regedit
Click Start, Run and type this command exactly as given below: (better – Copy and paste)
Code: REG add HKCUSoftwareMic*ftWindowsCurrentVersionPoliciesSystem /v DisableRegistryTools /t REG_DWORD /d 0 /f
3. To enable task manager : (To kill the process we need to enable task manager)
Click Start, Run and type this command exactly as given below: (better – Copy and paste)
Code: REG add HKCUSoftwareMic*ftWindowsCurrentVersionPoliciesSystem /v DisableTaskMgr /t REG_DWORD /d 0 /f
4. Now we need to change the default page of IE though regedit.
Start>Run>Regedit
From the below locations in Regedit chage your default home page to hackgyan.com or other
Code: HKEY_CURRENT_USERSOFTWAREMic*ftInternet ExplorerMain
HKEY_ LOCAL_MACHINESOFTWAREMic*ftInternet ExplorerMain
HKEY_USERSDefaultSoftwareMic*ftInternet ExplorerMain
Just replace the attacker site with hackgyan.com or set it to blank page.
5. Now we need to kill the process from back end. For this, Press “Ctrl + Alt + Del”
Kill the process svhost32.exe . ( may be more than one process is running.. check properly)
6. Delete svhost32.exe , svhost.exe files from Windows/ & temp/ directories. Or just search for svhost in your comp.. delete those files.
7. Go to regedit search for svhost and delete all the results you get
Code: Start>Run>Regedit
8. Restart the computer. Done… hehe
Good luck ..
be save and dont make the infection spread.. :p
( Source : Comptalks )
May 6th, 2010 at 6:52 pm
This is a great post, I stumbled across your post while looking for free downloads. Thanks for sharing, I’ll be sure to return regularly.
May 9th, 2010 at 2:35 am
I usually don’t normally post on many Blogs, yet I just has to say thank you… keep up the amazing work. Ok unfortunately its time to get to school.
May 29th, 2010 at 2:24 am
It is nice to definitely find a blog where the blogger is polished. Thanks for creating your website.
May 29th, 2010 at 6:23 pm
I really enjoyed this post. I can tell you put in a great deal of effort and time into this post. I will be back to read more as you post more!
June 5th, 2010 at 3:19 pm
Blue screen of death can be repaired with a simple click of Registry Easy software.
June 13th, 2010 at 6:56 pm
I’m feel lucky to visit your site.
June 14th, 2010 at 1:23 pm
Very interesting site, but you must improve your logo graphics.
June 17th, 2010 at 6:39 pm
you are a great help.
June 18th, 2010 at 7:03 pm
This is my very first time i visit right here. I found so numerous interesting stuff inside your blog especially its discussion. From the tons of comments on your articles, I guess I am not the only one having all the enjoyment right here! maintain up the great work.
June 20th, 2010 at 1:08 pm
HI dude, can i post articles to your website ? Let me know if you are interested
June 20th, 2010 at 1:18 pm
I want to start blogging too, what do you think, which blog platform is good for noob?
June 20th, 2010 at 10:27 pm
Heya¡my very first comment on your site. ,I have been reading your blog for a while and thought I would completely pop in and drop a friendly note. . It is great stuff indeed. I also wanted to ask..is there a way to subscribe to your site via email?
June 22nd, 2010 at 4:52 am
Thank you for writing this. I love the internet because you can learn something new every day. I’ll share this with my friends, thank you!
June 23rd, 2010 at 11:31 am
Very cool blog, but you must improve your logo graphics.
June 28th, 2010 at 4:02 am
sure u can
June 29th, 2010 at 2:17 am
I’m glad I found your site through google , really enjoyed it. Thank you..
July 9th, 2010 at 6:10 pm
I think, that you are mistaken. Let’s discuss. Write to me in PM, we will talk.
July 10th, 2010 at 1:50 am
Nice site,i have bookmarked it for later use, thanks.
July 10th, 2010 at 7:33 am
Well written post. In fact I like the whole blog. Did not browse through each entry but I thought you people might want to know that I bookmarked you and will certainly come back here pretty soon.
July 10th, 2010 at 7:55 pm
Nice site and great text.
July 11th, 2010 at 7:35 am
Great blog, I will add this blog to my favorites.
August 14th, 2010 at 5:17 am
good articles here hopefully i learned from it.
August 14th, 2010 at 11:03 am
That is very sublime stuff. Never new that beliefs could be this varied. Thanks for all the enthusiasm to extend such helpful information at this site.