How to remove yahoo messenger virus (W32.Yimfoca) completely?

May09
2010 2 Comments Written by Rabin Acharya


Recently a new virus is determined and found easy to remove. It is named as W32.Yimfoca

It is considered as itself less risky but more dangerous because it can download more malware.

Discovered May 2,2010
Updated May 3,2010
Type Worm
Infection length Varies
System Affected Windows 98, Windows 95, Windows XP, Windows Me, Windows Vista, Windows NT, Windows Server 2003, Windows 2000

Main target of the virus is the users using Yahoo! Messenger

To remove this virus completely we have to follow following steps:

  1. Disable System Restore (Windows Me/XP).
  2. Update the virus definitions.
  3. Run a full system scan.
  4. Delete any values added to the registry.

Disable System Restore

This virus mainly makes a restore point where virus includes itself within it. So temporary disable them.

To disable them in windows XP:-

  1. On the Desktop, Right Click on My Computer
  2. Select the System Restore Tab
  3. Mark the “Turn Off System Restore” to disable and UnMark to Enable
  4. Click Apply on the Bottom of the Dialog Box to save the settings.
  5. A message “This deletes all existing restore points” will appear, click Yes to disable.
  6. Click OK.

Update the virus Definitions

Many of the antivirus have been updated with this new virus definition and it is not hard to delete the virus. So use good antivirus and update it.

Some of the antivirus softwares that may help you are:-

Symantec, Kaspersky, Eset antivirus.

Run a full system scan

For the full system scan it will be more fruitful if you do it in Safe mode. So open the computer in Safe mode and run the antivirus software. Be sure that you checked full system scan.  Run the scan.

After the completion of full system scan restart the computer in normal mode.

Delete values in the registry

  1. Click Start > Run.
  2. Type regedit.
  3. Click OK.
  4. Navigate to and delete the following registry entry:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\”Firewall Administrating” = “%Windir%\infocard.exe”
  5. Exit the Registry Editor.

If registry editor is disabled then follow this <download and run this tool>

You are now free from the Yahoo! Messenger virus.

Note:- Every steps are only for XP because it is the most popular OS. And for Mac users there is effect of this virus.

Reference:

Symantec

Posted in Featured, Security - Tagged



TECH TIPS & NEWS VIA EMAIL

About Technott

Technott is a blog on Web and Tech. Our articles focus on Digital World, Hardware & Softwares, Blogging, Linux, Mobile phones and so on. More