Yahoo! Messenger Virus Attack, how to prevent it if effected

This Yahoo messenger virus attack is one of the most powerful Trojan/virus.. If your computer is infected with this virus; It will sends the nsl-school.org url to all of your friend list in yahoo messenger using your ID . So with in few hours many of your friends will get infected with it.


To solve this problem, Just go through the below steps carefully.

What are those links ?:
Nsl-school.org or other (Do not open this url in your browser).

IPB Image

If you are infected with it what is going to happen ?

1: It sets your default IE page to nsl-school.org, you can't even change it back to other page. If you open IE from your comp some malicious code will automatically executed into your computer.

2: It will disables the Task manager / reg edit. So you can't kill the Trojan process anymore.

3: Files that are gonaa installed by this virus are svhost.exe , svhost32.exe , internat.exe.

You can find these files in windows/ & temp/ directories.

4: It will sends the secured & protected information to attacker



How to remove this manually from your computer ?

1: Close the IE browser. Log out messenger / Remove Internet Cable.

2: To enable Regedit

Click Start, Run and type this command exactly as given below: (better - Copy and paste)

Code: REG add HKCU\Software\Mic*ft\Windows\CurrentVersion\Policies\System /v DisableRegistryTools /t REG_DWORD /d 0 /f 3: To enable task manager : (To kill the process we need to enable task manager)

Click Start, Run and type this command exactly as given below: (better - Copy and paste)
Code: REG add HKCU\Software\Mic*ft\Windows\CurrentVersion\Policies\System /v DisableTaskMgr /t REG_DWORD /d 0 /f 4: Now we need to change the default page of IE though regedit.

Start>Run>Regedit

From the below locations in Regedit chage your default home page to google.com or other

Code: HKEY_CURRENT_USER\SOFTWARE\Mic*ft\Internet Explorer\Main

HKEY_ LOCAL_MACHINE\SOFTWARE\Mic*ft\Internet Explorer\Main

HKEY_USERS\Default\Software\Mic*ft\Internet Explorer\Main Just replace the attacker site with google.com or set it to blank page.

5: Now we need to kill the process from back end. Press Ctrl + Alt + Del

Kill the process svhost32.exe . ( may be more than one process is running.. check properly)

6: Delete svhost32.exe , svhost.exe files from Windows/ & temp/ directories. Or just search for svhost in your comp.. delete those files.

7: Go to regedit search for svhost and delete all the results you get
Code: Start>Run>Regedit 8: Restart the computer. That's it now you are virus free

2 comments:

Anonymous said...

Simple way to hack Yahooo :- IT WORKS 100%

1. Log in to your own yahoo account. Note: Your account must be at least 30 days old for this to work.
2. Once you have logged into your own account, compose an e-mail to: noreply_retrieve@yahoo.com
This is a mailing address to the Yahoo Staff. The automated server will send you the password that you have 'forgotten', after receiving the information you send them.
3. In the subject line type exactly: password retrieve.
4. On the first line of your mail write the email address of the person you want to hacking.
5. On the second line type in the e-mail address you are using.
6. On the third line type in the password to YOUR email address (your OWN password). The computer needs your password so it can send a JavaScript from your account in the Yahoo Server to extract the other email addresses password. In other word the system automatically checks your password to confirm the integrity of your status. Remember you are sending your password to a machine not a man. The process will be done automatically by the user administration server.

STEALTH_HACKER said...

Don'T Ever Try This lol Method It's Fake By Doing This You Will Lost Your Own Id Because The Email Address noreply_retrieve@yahoo.com Is Created By Any Person I Mean A Guy Like Us. Its Not The Yahoo Default Email Id.

Post a Comment

Sponsers