Sorry for that..it was my mischevoius brother..

The Problem - from (http://www.xblock.com/product_show.php?id=3438)



Full Name:

YMWorm

Type: Worm

Danger Level: 10

Category Description: Virus-like program that spreads automatically to other computers by sending itself out by email or by any other means. A program that propagates itself by attacking other machines and copying itself to the affected machine.



Worms have self-replicating code that travels from machine to machine by various means. A worms first objective is merely propagation. Worms can be destructive depending on what payload they have been given. Worms may replace files, but do not insert themselves into files.

Comment: This is a worm that is spread through Yahoo Messenger. The most common message seen distributing this worm is: "never click into the links like something in this image http://quicknews.info/dontclick.jpg !!!"



Once the worm is on the infected PC it has the ability to:

Disable the Task Manager

Disable the Registry Editor

Disable the System Restore

Hides the 'Run' option from the Start Menu

Also will remove all bookmarks from Firefox.

Manipulates Lsass.exe.

Hijacks Internet Explorer.

Drops a Rootkit.





FULL REVIEW

How to remove quicknews.info malware virus worm?



In this lense, we only discuss the basic steps for manual removal of quicknew.info.



Here are the Steps in removing the quicknews.info



1. Disconnect your computer from the Internet.



2. Restart your computer.



3. Open IE browser. Go to Tools>Internet Option>Programs. Click "Reset Web Setting">Yes.



3. Go to Tools>Internet Option, Click Delete files, Delete Cookies, and Clear History.



4. Go to Drive C > Document and Setting > ( the administrator folder). Clean the folders named Cookies, My Recent Document.



5. Under the folder open in #4, go to folder "Local Setting". If you cannot see any local setting, click Search (fond in the toolbar)>All Files and Folders then type Local Setting. Make sure that under the "More Advance Option", found below,the "Search Hidden Files and Folders" is checked before searching.



6. Under Local Setting folder, clean the folder Temp, Temporary Internet Files and History.



7. Delete the IEXPLORER icon found in your Desktop. This logo is different from the original IExplorer Logo. Also Delete the IEXPLORER found in your desktop with EXE function.



8. Restart Your computer. Run Antivirus for more clean up.



Note: If other threats are found and your anti virus is not working, follow the location folder where the threats are. Delete any recognized threat. Make sure to delete the exact name of the threat because you might delete some important components.



You don't have to buy other software to delete quicknews.info. Ignore those advertisers who are trying to give advice.



OR







NOTE:

First of all, you are advised not to follow any suspicious links

that are possibly brought to your attention by web and/or

real-time messaging programs. Having a real-time scanning

and monitoring anti-virus would help in case of harmful links.



NEVER and NEVER follow the next link: quicknews.info



As soon as you get infected with "quicknews.info", your

Task Manager, Homepage and Run services will be disabled

by the trojan. Follow these steps in order to succeed :



1. Restart your computer in Safe Mode and run a full scan

with your anti-virus. Remove any malicious software.

(There should be several trojans on your computer. It

has been reported that some of them are brought by

quicknews itself.)



2. Restart in Normal Mode. Download and install HijackThis

and "Do a system scan only". The results will appear;

search for an entry with "DisableRegEdit=1". Check the

proper box and hit Fix checked.



3. Once the Registry Editor has been enabled, download

a pre-defined registry editor restoration .reg file

(http://www.kellys-korner-xp.com/regs_edi...

and execute it. Next, go to WINDOWS\System32\gpedit.msc.

In the User Configuration select Administrative Templates>>

Start Menu and Taskbar>>Remove Run menu from Start Menu>>

Disabled. You will be able to go to Start>>Run.



4. To restore to your functional web page do the following :

- Start>>Run>>regedit

- Locate the subkey:

HKEY_CURRENT_USER\Software\Pol... Explorer\Control Panel

On the right there is a Homepage entry. Delete it.

Now you are capable to start your Internet Options and

choose your deserved homepage.

2

First u should get a good anti virus software,



the virus r talking about runs as u start up ur system, if u u can to to task manager then to go the precesses tab and then find the file which is doing this, u will need to terminate that process,



If u have found the process name then do a search to find where is the virus located, then just delete it. Caution the virus usually locates itself in a system folder using a name very similar to system files, u may accidentally delete system file while doing this.



There are certain programs the can search the startup entries and find the virus file and even give u the location, I used TuneUp Utilities.



And if all fails u should format ur pc, backup files that u need do not backup anything else, this virus creates copies of itself so that it can come back even after u format the pc



Hope this helps

Symantec lists this as W32.Imaut.U



W32.Imaut.U is a worm that spreads via Yahoo! Instant Messenger, Microsoft Windows Live Messenger, and AOL Instant Messenger. The worm may attempt to download remote files on to the compromised computer and disable Windows Task Manager and Registry tools.



Check out http://www.symantec.com/security_response/writeup.jsp?docid=2007-010615-5630-99&tabid=3 for the removal.

Dagger virus Cuts all files into 9 parts and pastes them all over the place. Also slashes your 1024MB RAM to a measly 32 MB RAM and shoots out all inserted disks. Has a good sense of humour though :) stars (:

Scan your system with the X-Cleaner Micro Edition . The install is an activex and will popup in your information bar. After you install it, reclick on the picture of the scanner if it doesn't start scanning right a way.



http://www.spywareguide.com/onlinescan.php



Remove what it finds. If you run any type of p2p software such as Kazaa or Bearshare, you will be advised to remove it.



If you do not run an Antivirus, please download the free AVG Anti Virus program from :



http://free.grisoft.com/freeweb.php/doc/5390/lng/us/tpl/v5#avg-anti-virus-free



Make sure to chose the correct file for your Operating system. For windows chose the file named avg75free_472a1024.exe . Download it, get off the internet and Install it and Run it.

look my friend. you have the option to do what the first guy say. and follow all the process. but if you are willing to spend money. why don't you get a good antivirus, so you can get rid of that virus( and some other you must have in you computer) and stay protected against future attacks

good luck

Install either SpySweeper with Antivirus or Windows Live OneCare while in Safe Mode. Be careful not to get Norton, though, as Norton bogs down your system.



A few graphs to show which antivirus programs slow your computer up the most...remember, the more it shows on the graph, the slower it makes your computer.



http://www.thepcspy.com/articles/other/what_really_slows_windows_down/5

i think it is due to brontok or broton.if u will try 2 download "any" exe file then the system will reboot. it is 4 sure. and the more u restart the virus will expand more.

u bettre tyr out any latest antivirus software. Virus buster pro,

Mc affee(2007 versions)

Boot into safe mood with networking support using F8 during boot, and select it from the menu, then download AVG, spybot S&D, Ad-aware and run it, etc. this should help some

Here are 2 free anti-virus.



Download Grisoft AVG 7.5 Anti-Virus,Anti-Malware.(free)



AVG is a collection of anti-virus protection tools that gives you full protection against viruses, worms, Trojans and malware. AVG provides you with all that you need to be completely protected: including a tool for scanning your hard drive and e-mail, as well as a real-time shield to prevent infections.

Top Features



» Provides automatic update functionality

» Its a reliable anti-virus scanning engine

» Provides free Virus Updates for life

» Options to define file name extensions

» Real time protection with resident shield, email scanning

http://free.grisoft.com/doc/5390/lng/us/...





PC Tools AntiVirus Free Edition feature highlights

Protects your PC as you are working, surfing and playing

Detects, quarantines, disinfects and destroys Viruses, Trojans and Worms

OnGuard™ protects your computer against threats in real-time



Automatically checks for frequent updates against the latest threats.

http://www.pctools.com/free-antivirus/



*Never install more than one anti-virus on your PC, as they may conflict with each other. On the other hand, its always good to install more than one anti-spyware.





Free spyware removel -



Spybot - Search & Destroy detects and removes spyware, a relatively new kind of threat not yet covered by common anti-virus applications. Spyware silently tracks your surfing behaviour to create a marketing profile for you that is transmitted without your knowledge to the compilers and sold to advertising companies. If you see new toolbars in your Internet Explorer that you haven't intentionally installed, if your browser crashes inexplicably, or if your home page has been "hijacked" (or changed without your knowledge), your computer is most probably infected with spyware. Even if you don't see the symptoms, your computer may be infected, because more and more spyware is emerging. Spybot-S&D is free.

http://www.spybot.info/



http://superantispyware.com/

SUPERAntiSpyware is the most thorough scanner on the market. Our Multi-Dimensional Scanning and Process Interrogation Technology will detect spyware that other products miss! SUPERAntiSpyware will remove ALL the Spyware, NOT just the easy ones!

Easily remove over 100,000 pests such as SmitFraud, Vundo, WinFixer, SpyAxe, SpyFalcon, WinAntiVirus, AntiVermins and thousands more!

holy crap. go into safe mode and download avast antivirus, spybot:search and destroy, hijack this, CCleaner, and run them all and clean up your computer as much as you can. oh and if you don't want avast you can get a 60 day trial of mcafee but you don't have to pay for it for 60 days so thats good. but don't get two antivirus programs because they will conflict. oh yeah and with hijack this, only use it for the logfile, and let a pro analyze it and tell you what's up.

hey i faced the same problem ,u can use McAfee9 antivirus for this it will remove all the spams and virus from your sysytem without harming your data

I suggest you to restor in back date.



run>msconfig>launch restore.

i have kaspersky and its for all viruses

as i know.its really good