Monday, January 11, 2010

Remove C:\WINDOWS\hinhem.scr Malware - Solution to remove automated messages in Yahoo! Messenger

Today I am writing about how you can fix famous Yahoo! Messenger malware. You can see the screenshot below. The infected computer's yahoo messenger will automatically send spam messages to everyone in your contact list.


YM ID: C:WINDOWShinhem.scr
YM ID: E may, vao day coi co con nho nay ngon lam http://nhatquanglan.xlphp.net/



When I researched on this issue I came to know that its getting infected from your USB Flash drive. So I will recommend everyone to scan USB Drives before opening it. Once your computer get this infection, you will  notice that computer will start creating new folders "Newfolder". It is all automatic. If you happen to transfer this folder to other computer then that computer might get infected as well!

How to manually fix this issue:

Delete these files

C:Autorun.inf
C:FS6523.dll.vbs
C:WINDOWSFS6523.dll.vbs
C:WINDOWSsystem32autorun.ini
C:WINDOWSsystem32setting.ini
C:WINDOWSsystem32nhatquanglan20.exe
C:WINDOWSsystem32SCVHSOT.exe
C:WINDOWSsystem32blastclnnn.exe
C:WINDOWSFS6523.dll.vbs
C:WINDOWSsystem32naoway.exe
Your Flashdrive:SCVHSOT.exe
Your Flashdrive:autorun.inf
Your Flashdrive:nhatquanglan20.exe

Most of these file will be hidden so you have to enable the 'show all files' and system files. Go to 'View' - 'Folder Options' - 'View' - Select 'Show hidden files and folders' option from Hidden files and folder menu.
Categories:

0 comments:

Post a Comment

Silent gratitude isnt much use to anyone - G B Stern
Encourage our posters by saying Thank You!

Subscribe to: Post Comments (Atom)