About the virus "Coutsonif.A" for Yahoo Messenger - 6 Steps to Kill it

Virus attacks that threaten Coutsonif.A Yahoo Messenger and Skype should be wary of. This virus spreads by sending itself to all contacts in the application address of infected computers.

These messages look like the message in general. But don’t click on the link provided, though sent by your friend. The reason is, the message was not sent by someone you know, but by a virus that has managed to infect your computer partner.

Well, if it is infected, then it will automatically create a random file name extension. Tmp and. Exe which will be stored in the directory [C:\Documents and Settings\%user%\Local Settings\Temp] with a different.

If you have this, the user can simply let go and did not calm activity on the internet again. In fact, might even damaged his reputation for allegedly spreading the virus, too. Therefore, the recipient of a suspect who deliberately harm others by sending him a virus.

Therefore, before the incident happened. There’s a good idea to refer to 6 surefire way to eradicate the destructive virus that attacks the good name of this chat application as Vaksincom Reporting:

1. Disable ‘System Restore’ during the cleaning process.
2. Disable autorun Windows, so viruses can not be automatically activated when access to the drive/flash disk.

* Click the ’start’
* Click ‘run’
* Type ‘gpedit.msc’ without the quotes. This will bring up the screen ‘Group Policy’
* On the menu ‘Computer Configuration and User Configuration’, click ‘Administrative templates’
* Click the ‘System’
* Right click on ‘Turn On Autoplay’, select ‘Properties’. This will bring up the screen ‘Tun on propeties Autoplay’
* In the tabulation ‘Settings’, select ‘Enabled’
* In the column ‘Tun off Autoplay on “select” All drives ”
* Click ‘Ok’
3. Turn off the virus, use the tools ’security task manager’ and then delete the file [sysmgr.exe, vshost.exe, winservices.exe,*.tmp]
Just a note, .Tmp files that have showed TMP extension [example: 5755.tmp]. Right-click on the file and select ‘Remove’, then select the option ‘Move files to Quarantine’.
4. Repair registry that has been changed by the virus. To speed up the removal process please copy this script in notepad and save it with the name repair.inf. Execute the following manner: repair.inf Right-click and select install.
[Version]
Signature=”$Chicago$”
Provider=Vaksincom Oyee
[DefaultInstall]
AddReg=UnhookRegKey
DelReg=del
[UnhookRegKey]
HKLM, Software\CLASSES\batfile\shell\open\command,,,”"”%1″” %*”
HKLM, Software\CLASSES\comfile\shell\open\command,,,”"”%1″” %*”
HKLM, Software\CLASSES\exefile\shell\open\command,,,”"”%1″” %*”
HKLM, Software\CLASSES\piffile\shell\open\command,,,”"”%1″” %*”
HKLM, Software\CLASSES\regfile\shell\open\command,,,”regedit.exe “%1″”
HKLM, Software\CLASSES\scrfile\shell\open\command,,,”"”%1″” %*”
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon, Shell,0, “Explorer.exe”
HKCU, SessionInformation, ProgramCount, 0×00010001,3
HKCU, AppEvents\Schemes\Apps\Explorer\BlockedPopup\.current,,,”C:\WINDOWS\media\Windows XP Pop-up Blocked.wav”
HKCU, AppEvents\Schemes\Apps\Explorer\EmptyRecycleBin\.Current,,,”C:\Windows\media\Windows XP Recycle.wav”
HKCU, AppEvents\Schemes\Apps\Explorer\Navigating\.Current,,,”C:\Windows\media\Windows XP Start.wav”
HKCU, AppEvents\Schemes\Apps\Explorer\SecurityBand\.current,,,”C:\WINDOWS\media\Windows XP Information Bar.wav”
[del]
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Microsoft(R) System Manager
HKCU, Software\Microsoft\Windows\CurrentVersion\Run, bMaxUserPortWindows Service help
HKLM, SYSTEM\CurrentControlSet\Services\Tcpip\Parameters, MaxUserPort
5. Delete the following viruses:
C:\vshost.
exe [all drive]
C:\autorun.inf [all drive]
C:\RECYCLER\S-1-5-21-9949614401-9544371273-983011715-7040\winservices.exe
C:\Documents and Settings\%user%\Local Settings\Temp
A415.tmp [acak]
034.exe [acak]
Lady_Eats_Her_Shit–www.youtube.com
C:\WINDOWS\system32\sysmgr.exe
C:\WINDOWS\TEMP\5755.tmp
C:\windows\system32\crypts.dll
C:\windows\system32\msvcrt2.dll

6. For optimal cleaning and prevent reinfection please use the antivirus which can detect and eradicate this virus up to date. You can also download the tools in Norman Malware Cleaner. Just search in google.

Disconnect Yahoo Messenger users

The Changcuters ( SSL Login Booter ) is able to hit Yahoo Messenger 8, 9 and 10 users, working many times on the same victim with some trick.

If your bots does not login, try to change your bots and password.
Hit Chat Client Very fast with only 1 bot
Login problem ? just make sure you copy and paste VoodoEncrypt15.dll at your /system and /system32 folder
Your antivirus blocked the program? This program is packed to prevent crackers or preent decompiled by a ripper, that packer will make antivirus show false alarm, but it safe guarantee !

Kill someone's Yahoo Messenger

A new/old trick is still working also for Yahoo Messenger 10. The command:

ymsgr:-kill

Just send to someone this command in the chat window and convince him to click on it (because it will be displayed as a link). When the conversation partner will do this, his Yahoo Messenger will close himself. This is a fun command.

YCC Bot Maker

YCC Bot Maker is a program designed to quickly and efficiently create Yahoo! Network (email, Messenger, etc.) users. Over the course of studying Yahoo! I have found that making numerous Yahoo! users is a necessity. One of the primary uses for making multiple Yahoo! users or bots is the testing of certain classes of booters. I have also found this tool useful for signing up to other websites that require a unique email for each user.

 

Download it 

 

Add Yahoo Messenger Powered Online Presence to Web Pages

If you use Yahoo! Messenger instant messenger and would like to stay connected with visitors on your website, Yahoo Online Presence is a cool way to display to them when you are online and available to chat / IM with them.

Just enter your Yahoo ID in thier form and they will generate a html code that you can copy and paste into your web document html code. Then whenever you are online and your Yahoo Instant Messenger is connected and available for chat, your website will display “I am Online” logo. If a Yahoo! Messenger user clicks your online presence, an instant message window will open for them so they can type you an instant message / IM. If you are not online, A message can be sent to you when you are online later.

Remember that this will reveal your Yahoo ID to the visitors on your site. If you wish to protect your privacy and original Yahoo identity, create a new Yahoo ID and use it for this purpose.