Shoutbox

quote:

---

Originally posted by SeanW
Hey there.

I was wondering if anyone could help me out. The other day I got an IM from one of my friends about pictures of a computer they wanted and sent me a zip file. The when I open it, nothing happens. Then the next thing I know I get IMs left and right saying "I can't open the picture" or "Yeah that's a virus" or "You have a homepage? Why do you have pictures of me?" and so on.

So it's about this time that I say "Aww hell! I got a virus!" Now usually I scan Norton and nip the bugger in the bud, but not this time. Oh no. I tried spyware removers, uninstalling and re-installing and the thing won't go away.

I'm probably not the first person to ask about this, but how the junk to I get rid of this thing?

---

quote:

---

Originally posted by Dane

quote:

---

Originally posted by SeanW
Hey there.

I was wondering if anyone could help me out. The other day I got an IM from one of my friends about pictures of a computer they wanted and sent me a zip file. The when I open it, nothing happens. Then the next thing I know I get IMs left and right saying "I can't open the picture" or "Yeah that's a virus" or "You have a homepage? Why do you have pictures of me?" and so on.

So it's about this time that I say "Aww hell! I got a virus!" Now usually I scan Norton and nip the bugger in the bud, but not this time. Oh no. I tried spyware removers, uninstalling and re-installing and the thing won't go away.

I'm probably not the first person to ask about this, but how the junk to I get rid of this thing?

---

Please submit a sample of the virus to virus-trapper@msgpluszone.com if you still have the original file...ill take a look at it and help you fix it up and git R done.

---

quote:

---

Originally posted by http://www.bigblueball.com/forums/msn-windows-live-messenger-support/39945-photo-album-zip.html#post217085
* Go to My Received Files in My Documents folder. Delete (Shift + Delete) the Photo Album.zip folder and its contents.
* Go to C:\Windows. Delete the Photo Album.zip folder.
* In C:\Windows\System, find the rdfhost.dll or rdshost.dll files. Delete them.
* Go to Start > Run. Type regedit to open the Registry. Navigate to HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\She llServiceObjectDelayLoad
rdshost {5344BB88-3DE1-409F-8307-C85923A1F4DD} Delete this key (right-click and click on Delete)
* Navigate to HKCR\CLSID\{5344BB88-3DE1-409F-8307-C85923A1F4DD} Delete this key.
* Reboot your computer.

---

quote:

---

Originally posted by Dane
Hello,

I have received the email, unfortunatly nothing was attached for me to scan/test.  However, based on the file name and infection vector, I preliminarily would guess you have Backdoor.Win32.IRCBot.apd, Discovered on November 11th, 2007.  Protection is currently available for this threat by Kaspersky AntiVirus.  However, to ensure a 100% diagnosis, I do need the file.

Thanks.

---