PC Help: How do I get rid of a Yahoo Messenger virus?

I just wanna share this post since I find it very helpful and I’m sure a lot of people who are using Yahoo! Messenger are also experiencing the same problem. Hope this post can help you fix it.

The Problem:

A message is sent by someone’s ID that I know but they did not actually send it. It says something like”Hey I won the lottery etcc…click here and come around my house for a party tonight” etc…I did not click on it cos I was suspicious but it was sent to another person too and they clicked on the link and it wiped out thier PC hard drive..
How can the orginating person get rid of it on thier pc so it stops sending this virus/massage around to everyone on his contact list?

Additional Info:

The orginating persons PC has anti virus software and he completley delted his Yahoo Messenger and reinstalled the latest version too but still the virus messeges keep coming up.

Here’s how to fix it …

This is a virus that has to be uninstalled manually.

1: Close the IE browser. Log out messenger / Remove Internet Cable.

2: To enable Regedit

Click Start, Run and type this command exactly as given below: (better – Copy and paste)

REG add HKCU\Software\Microsoft\Windows\CurrentV… /v DisableRegistryTools /t REG_DWORD /d 0 /f

3: To enable task manager : (To kill the process we need to enable task manager)

Click Start, Run and type this command exactly as given below: (better – Copy and paste)

REG add HKCU\Software\Microsoft\Windows\CurrentV… /v DisableTaskMgr /t REG_DWORD /d 0 /f

4: Now we need to change the default page of IE though regedit.

Start>Run>Regedit

From the below locations in Regedit chage your default home page to google.com or other.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\I… Explorer\Main

HKEY_ LOCAL_MACHINE\SOFTWARE\Microsoft\Interne… Explorer\Main

HKEY_USERS\Default\Software\Microsoft\… Explorer\Main

Just replace the attacker site with google.com or set it to blank page.

5: Now we need to kill the process from back end. Press Ctrl + Alt + Del

Kill the process svhost32.exe . ( may be more than one process is running.. check properly)

6: Delete svhost32.exe , svhost.exe files from Windows/ & temp/ directories. Or just search for svhost in your comp.. delete those files.

7: Go to regedit search for svhost and delete all the results you get.

Start menu > Run > Regedit >

8: Restart the computer. That’s it now you are virus free.

courtesy of Yahoo! Answers



You may also like to read:


  • very helpful jey, i know lots of people having probs with their YM!

    hope this helps them
    :D

  • @vannie . . yeah.. that’s why I posted the topic ‘coz I knw a lot of people out there are also experience the same problem as this.. :)