• Hello!

    Either you have not registered on this site yet, or you are registered but have not logged in. In either case, you will not be able to use the full functionality of this site until you have registered, and then logged in after your registration has been approved.

    Registration is FREE, so please register so you can participate instead of remaining a lurker....

    Please be certain that the location field is correctly filled out when you register. All registrations that appear to be bogus will be rejected. Which means that if your location field does NOT match the actual location of your registration IP address, then your registration will be rejected.

    Sorry about the strictness of this requirement, but it is necessary to block spammers and scammers at the door as much as possible.

stupid msn virus

T

tanner123

New member
"Wanna see my pics before i send em to facebook?"

then it sends you a little zip file thing then accept and decline you know what im talkin bout. No im not retarded im just alittle slow and wasn't paying attention one day and clicked it by accident then realized how stupid i was.

but heres my question HOW DO YOU GET RID OF IT!!!?

it would be a great help because my brothers the computer nerd but hes being a n arsehole thanks for any help
 
well thx but those dont have what im looknig for but i atleast figured out the name of it "polyglot" so if anyone comes up with anything please let me know
 
Which polyglot is it? trojan or worm?.

(When you scan with your antivirus it will come up w32.polyglot or troj.polyglot

The trojan is less serious, quite old and easy to remove... its been around since '99 so most anti-virus software should be able to remove it. As for the worm version its very new (8days since first official report?) so not many removal instructions available.


When you press load up task manager (Ctrl+alt+del) and click on the process's tab is there a process called Y2KCount.exe ?
 
If its the trojan version:

1. Click Start, and click Run.
2. Type sysedit and click OK.
3. Click the System.ini window.
4. Click Search, and click Find.
5. Type ntsvsrv.dll and then click Next. It should be at the end of the drivers= line.
6. Remove the Ntsvsrv.dll entry.
7. Restart Windows into MS-DOS mode. Restarting to MS-DOS mode ensures that Wsock32.dll is not loaded (Wsock32.dll is used for Internet connections).
8. Type cd \windows\system to change to the \Windows\System folder.
9. Type dir wsock32.dll to check the size of Wsock32.dll.
* If the size is 14848 bytes, the Trojan horse program has replaced it with Proclib16.dll. To restore the original Wsock32.dll, type
copy nlhvld.dll Wsock32.dll
and then press Enter.
10. Delete the following files from the \Windows\System folder:
* Proclib.exe
* Proclib.dll
* Proclib16.dll
* Ntsvsrv.dllL
* Nlhvld.dll
Click to expand...
source: symantech

I'll keep looking for details on the worm version.
 
its the worm version i have... what a crappy invention who does this stuff id hunt him down and kick him in the jewels lol sry rambling but ty
 
Cant find any removal instructions for the worm unfortunately... What anti-virus do you use? Might be worth getting in contact with them.

Alternatively you could attempt to remove it manually if you know what files it uses and registry entry changes... but not something i'd attempt unless your very confident with your PC knowledge/ability.
 
honestly... i dont even think i use an anti virus my brothers the nerd of the family im almost possitive he could do it but he moved out.. so i guess ill have to wait till he comes back to visit
 
You must log in or register to reply here.
Back
Top