ok, i don't have this virus but a friend does(in a hurry and can't report it), this is what the virus sent me:

hey, look at this:
              hxxp://vbulettin.com/msn.php?email=<Insert the resiprcents e-mail>

then she went offline

she hasn't removed it yet, anybody know how?

seems like a virus... but i'm not an expert on anything like it, but i still think it looks like a virus

its bit hard to say how to remove it because can't tell what it is..

Yep it's definitely a virus, there's loads similar to that floating around MSN now causing many users computers to be infected. Your friend could try looking here for more help on the matter as i don't really have much knowlege of how to remove it, if not try doing a scan with a good virus scanner to see if it picks anything up.

I had reported this on mess.be a month back tbh...they posted about it but never an anti-virus

Let her do an online virusscan here

The viruses going around most on MSNM are variants of Kelvir, there's a removal tool for that right here. Read the instructions given on how to use the tool.

Submitted this virus to Symantec and McAfee.  Will update you when the results come back.  I am guessing it is W32.Kelvir, as Sunshine said.

This is the virus outbreak of W32.IRCBot. Symantec has issued RapidRelease Virus Defintions for this thread, so users of Norton AntiVirus can download and apply them for immediate protection.

Information: W32.IRCBot

Rapid Release Virus Definitions: Download Here for Immediate Protection

Nice Work Dane

Btw, how would the virus infect you with this url "hxxp://vbulettin.com/msn.php?email=<Insert the resiprcents e-mail>" ? and exploit?

quote:

---

Originally posted by DJeX
Nice Work Dane

Btw, how would the virus infect you with this url "hxxp://vbulettin.com/msn.php?email=<Insert the resiprcents e-mail>" ? and exploit?

---

How to remove the W32.IRCBot messenger virus
Based on info by Symantec Security Repsonse

Step 1: Killing the process

• Press Ctrl + Alt + Del to bring up the windows task manager
  
• Click on the processes tab (if you are using an older version of Windows, eg: Windows 98. Do not worry about this step
  
• Scroll down to the process: winapii.exe, and click End Process (or End Task for older versions of windows

• Navigate to where Windows is installed on your hard drive (Usually C:\Windows)
  
• Find and delete the folder named: Winapii

• Open your registry editor (Start > Run > regedit.exe) and navigate to "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run"
  
• Delete the key named winapii
  (For a small tutorial on this, go to this site, because deleting the wrong keys could corrupt Windows).

• Clean out your recycle bin to totally remove the files from your HDD.
  
• Do a complete system scan of your system to make sure that no other files have been infected

hmmm if i were you id get AVG its awsome it will check your comp for viruses everytime your comp boots up and it only takes a few seconds

quote:

---

Originally posted by Dane
This is the virus outbreak of W32.IRCBot. Symantec has issued RapidRelease Virus Defintions for this thread, so users of Norton AntiVirus can download and apply them for immediate protection.

Information: W32.IRCBot

Rapid Release Virus Definitions: Download Here for Immediate Protection

---

The scanner i mentioned before in this thread oughta remove it. Another stand-alone utility (you can use this alongside your own Av program) that will remove this one is Avert Stinger

quote:

---

Originally posted by dennis
hmmm if i were you id get AVG its awsome it will check your comp for viruses everytime your comp boots up and it only takes a few seconds

---