This Yahoo messenger virus attack is one of the most powerful Trojan/virus....
If your computer is infected with this virus; It will sends the nsl-school.org url to all of your friend list in yahoo messenger using your ID .
So with in few hours many of your friends will get infected with it.
To solve this problem, Just go through the below steps carefully.
are those links ?: Nsl-school.org or other (Do not open this url in your browser).
IPB Image
If you are infected with it what is going to happen ?
1): It sets your default IE page to nsl-school.org, you can't even change it back to other page. If you open IE from your comp some malicious code will automatically executed into your computer.
2): It will disables the Task manager / reg edit. So you can't kill the Trojan process anymore.
3:) Files that are gonaa installed by this virus are svhost.exe , svhost32.exe , internat.exe.You can find these files in windows/ & temp/ directories.
4): It will sends the secured & protected information to attacker.
How to remove this manually from your computer ?
1): Close the IE browser. Log out messenger / Remove Internet Cable.
2): To enable Regedit
Click Start, Run and type this command exactly as given below: (better - Copy and paste)
Code: REG add HKCUSoftwareMic*ftWindowsCurrentVersionPoliciesSystem /v DisableRegistryTools /t REG_DWORD /d 0 /f
3): To enable task manager : (To kill the process we need to enable task manager)
Click Start, Run and type this command exactly as given below: (better - Copy and paste)
Code: REG add HKCUSoftwareMic*ftWindowsCurrentVersionPoliciesSystem /v DisableTaskMgr /t REG_DWORD /d 0 /f
4): Now we need to change the default page of IE though regedit. Start>Run>Regedit From the below locations in Regedit chage your default home page to somewebsite.com or other
Code: HKEY_CURRENT_USERSOFTWAREMic*ftInternet ExplorerMainHKEY_ LOCAL_MACHINESOFTWAREMic*ftInternet ExplorerMainHKEY_USERSDefaultSoftwareMic*ftInternet ExplorerMain
Just replace the attacker site with somesite.com or set it to blank page.
5): Now we need to kill the process from back end.
For this, Press "Ctrl + Alt + Del"Kill the process svhost32.exe . ( may be more than one process is running.. check properly)
6): Delete svhost32.exe , svhost.exe files from Windows/ & temp/ directories.
Or just search for svhost in your comp.. delete those files.
7): Go to regedit search for svhost and delete all the results you get
Code: Start>Run>Regedit
8): Restart the computer.
That's it now your system is virus free
skip to main |
skip to sidebar
Techsavy....
Search This Blog
Labels
- Android (3)
- C C++ (4)
- Computer hacks (29)
- DOS commands (4)
- File extensions (27)
- Gmail Hacks (2)
- Google tricks (4)
- Hacking tools (7)
- Internet related (11)
- Miscellaneous (2)
- Network hacking (6)
- Orkut tricks (15)
- Pendrives (2)
- Proxysites (1)
- Rapidshare hacks (1)
- Registry Hacks (16)
- reviews (1)
- Software bugs (2)
- Softwares (3)
- Tablets (1)
- TaskManager Process (7)
- Torrents (1)
- UNIX tricks (1)
- USB hacks (2)
- Virues tricks (11)
- Windows tricks (3)
- XP hacks (35)
- Xp tricks (37)
- Yahoo hacks (7)
Top
Copyright 2009 Kamuju's Blog All rights reserved. Powered by Blogger
Blogger Template
Latest Computer Hacks,tricks and tips
created by Deluxe Templates | Wordpress by NeoEase.
0 comments:
Post a Comment