Coutsanif.A is A Virus That Make Danger to your Yahoo Messenger and Skype
Coutsonif.A attack is a virus that attacks skype and yahoo messenger. the way to Coutsonif.a attacks are spread and send to all contact via computer that was infected.
If you got message from computer that was infected, you don't click link from the message. because your pc will be infected by virus. if Your PC has infected by Coutasanif.A, it will make random using extension .tmp and .exe that will be saved in [C:\Documents and Settings\%user%\Local Settings\Temp] with difference name. Let's go to prevent Coutsanif.A attack from your PC using vaksin reference :
1. Disable 'System Restore' during the cleaning process.
2. Disable Windows auto run ,so that the virus is not active when the flash disk connect to pc.
- Press 'start'
- Click 'run'
- Type 'GPEDIT.MSC', without quotes. 'Group Policy' will be appear
- Menu 'Computer Configuration and User Configuration', Click 'Administrative templates'
- Click 'System'
- Right click at 'Turn On Autoplay', choose 'Properties'. 'Tun on Autoplay properties' will be appear
- Choose 'Enabled'
- Choose 'All drives'
- Click 'Ok'
3. Turn off virus process, use 'security task manager' then erase files [sysmgr.exe, vshost.exe, winservices.exe, *.tmp]
.tmp shows the files that have the extension TMP [ex: 5755.tmp]. Right click at that file and choose 'Remove', and choose 'Move File to Quarantine'.
4. Repair registry That is changed by virus. Please copy source code bellow to fast your process, then save file using name repair.inf.
Run repair.inf: Right click repair.inf, and select install.
[Version]
Signature="$Chicago$"
Provider= vaksincom via tolearnfree
[DefaultInstall]
AddReg=UnhookRegKey
DelReg=del
[UnhookRegKey]
HKLM, Software\CLASSES\batfile\shell\open\command,,,"""%1"" %*"
HKLM, Software\CLASSES\comfile\shell\open\command,,,"""%1"" %*"
HKLM, Software\CLASSES\exefile\shell\open\command,,,"""%1"" %*"
HKLM, Software\CLASSES\piffile\shell\open\command,,,"""%1"" %*"
HKLM, Software\CLASSES\regfile\shell\open\command,,,"regedit.exe "%1""
HKLM, Software\CLASSES\scrfile\shell\open\command,,,"""%1"" %*"
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon, Shell,0, "Explorer.exe"
HKCU, SessionInformation, ProgramCount, 0x00010001,3
HKCU, AppEvents\Schemes\Apps\Explorer\BlockedPopup\.current,,,"C:\WINDOWS\media\Windows XP Pop-up Blocked.wav"
HKCU, AppEvents\Schemes\Apps\Explorer\EmptyRecycleBin\.Current,,,"C:\Windows\media\Windows XP Recycle.wav"
HKCU, AppEvents\Schemes\Apps\Explorer\Navigating\.Current,,,"C:\Windows\media\Windows XP Start.wav"
HKCU, AppEvents\Schemes\Apps\Explorer\SecurityBand\.current,,,"C:\WINDOWS\media\Windows XP Information Bar.wav"
[del]
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Microsoft(R) System Manager
HKCU, Software\Microsoft\Windows\CurrentVersion\Run, bMaxUserPortWindows Service help
HKLM, SYSTEM\CurrentControlSet\Services\Tcpip\Parameters, MaxUserPort
5. Clean files virus :
C:\vshost.exe [all drive]
C:\autorun.inf [all drive]
C:\RECYCLER\S-1-5-21-9949614401-9544371273-983011715-7040\winservices.exe
C:\Documents and Settings\%user%\Local Settings\Temp
A415.tmp [acak]
034.exe [acak]
Lady_Eats_Her_Shit--www.youtube.com
C:\WINDOWS\system32\sysmgr.exe
C:\WINDOWS\TEMP\5755.tmp
C:\windows\system32\crypts.dll
C:\windows\system32\msvcrt2.dll
6. If you want get optimal result, you can download new anti virus via tolearnfree with label Anti Virus
7. You don't forget to update your anti virus to protect your pc, and don't scared to surf on internet. Cracker, hacker, malware are friends in unreal world like internet. KEEP ON..... ^_^
thank for share....
keep post
OOh win, thanks atas commentnya