NEWS
PARASITES
SOFTWARE
FORUM
DIRECTORY

 
 
 
 
 
 
  

Remove Yahmali. Description and removal instructions

 
Title: Yahmali
Type: Trojans
Severity scale:Yahmali severity is 47  (47 / 100)
 
Yahmali is a trojan that steals Yahoo! Messenger login names and passwords. Gathered data is transferred to predetermined web server. The parasite secretly runs on every Windows startup.

FORUM:
Discuss Yahmali in
spyware removal forum

Related files: csrss.exe, lsass.exe, services.exe, smss.exe, winlogon.exe

Yahmali properties:
• Connects itself to the internet
• Hides from the user
• Stays resident in background

Automatic Yahmali removal:

remover for Yahmali

Yahmali manual removal:

Kill processes:
csrss.exe, lsass.exe, services.exe, smss.exe, winlogon.exe
HELP:
how to kill malicious processes

Delete registry values:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell=explorer.exe C:\Documents and Settings\[Current User]\Local Settings\Temp\csrss.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell=explorer.exe C:\Documents and Settings\[Current User]\Local Settings\Temp\lsass.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell=explorer.exe C:\Documents and Settings\[Current User]\Local Settings\Temp\services.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell=explorer.exe C:\Documents and Settings\[Current User]\Local Settings\Temp\smss.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell=explorer.exe C:\Documents and Settings\[Current User]\Local Settings\Temp\winlogon.exe
HELP:
how to remove registry entries

Delete files:
csrss.exe, lsass.exe, services.exe, smss.exe, winlogon.exe
HELP:
how to remove harmful files

Misc:
Yahmali files can be found in the folder C:\Documents and Settings\[Current User]\Local Settings\Temp.

Other programs to remove Yahmali:

• Malwarebytes Anti Malware - Review - Download
• Malwarebytes Anti Malware - Review - Download
• Windows Defender - Review - Download

Information added: 03/05/07
Information updated: 03/05/07

Additional resources related to Yahmali:

Attention: If you know or you have a website or page about Yahmali removal, feel free to add a link to this list: add url



more resources

Post Comment:

Attention: Use this form only if you have additional information about Yahmali parasite, its removal instructions, additional resources or behavior. By clicking "post comment" button you agree not to post any copyrighted, unlawful, harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, profane, hateful, racially, ethnically or otherwise objectionable material of any kind.



Enter security code:

Latest spyware news:
Similar parasites:
Latest Spyware Threats: VirusProtect Pro | VirusLocker | SpyCrush | ContraVirus | SpyLocked | SpyDawn | AntiVerminser | SpywareQuake | VirusBurst | AntiVermins | AntiVermeans | Zlob | PopCorn.net | MovieLand | TagASaurus | BraveSentry | VirusBurster | SystemDoctor | VirusRescue | MalwareWipe | SpySheriff | CmdService | Smitfraud | SpywareStrike | WinFixer | WinHound | PestTrap | UnSpyPC
Agreement of Use | Privacy policy | Webmasters | Contact us | RSS Feeds
© 2001-2008 2-spyware.com All Rights Reserved. Reproduction in part or whole without written permission is prohibited. Powered by: eSolutions.