Websites for sale:
Used Cars for Sale - $175 and Car Sale.
If interested drop me a line at ken@kensfi.com. Thanks!
Have questions about Toronto? Check my latest project: Ask about Toronto!
How to remove the ‘foto’ virus – Y!M and MSN
For a week or so, I’ve got tons of instant messages (on Yahoo Messenger) including a link to a getimage.php file or image.php files. Nothing odd till my antivirus started giving alerts of virus presence when I wanted to open those links. Actually I didn’t but some friends of mine does :P
Palevo is a computer worm which spreads through vulnerabilities in a computer. Although this malware isn’t that dangerous you better be prepared for it and stay alert to do not open any instant message which is sending you to any of these pages, getimage.php file or image.php.
If you already got it (wondering if you can open any webpage, especially if you can get to this page) you have to follow next steps to remove Palevo from your computer:
1. press CTRL+ALT+Del and hit end precess for Infocard.exe.
2. go to Search for files and folders and look for the following files and delete them:
C:\Windows\mds.sys
C:\Windows\mdt.sys
C:\Windows\winbrd.jpg
C:\Windows\infocard.exe
Now your system should be clean. Try next time do not open up all the links coming on your screen, and as you already know a picture can be in one of the following formats: .gif, .jpg, .png, .jpeg, .bmp. No way to be .php which is a webpage format and can’t be an image!
Another possible ways to get rid of this malware are (I’m not guarantying for any of these!):
1. download and run HJTInstall.exe
2. download and run MsnCleaner.exe
3. download and run ComboFix
4. download and run Malwarebytes Anti-Malware
Related Posts
If you enjoyed this post, please consider to leave a comment or subscribe to the feed and get future articles delivered to your feed reader.
Please read before commenting:
I don't tolerate spam comments. Be human and polite. If you are signing as "Computer repairing", "iPhone store" or other kind of bullshits you'll be marked as spam.
USE YOUR NAME! Thanks!
Hi, I have a virus on my msn that says ” Fotooo.. haha :D http://www.hi5bucket.com/image.php?=pic458973.JPG=l2ain_l3ovv@hotmail.com”
It will spam my friends and then after I’ve been logged into msn for 5 minutes it will make it to where I can’t message anyone online.
I followed the steps you said to but not all the way. Cause when I hit “End Process” for “infocard.exe” it says “WARNING: Terminating a process can cause undesired results including loss of data and system instability. The process will not be given the chance to save its state or data before it is terminated. Are you sure you want to terminate the process?”
I haven’t done it cause I don’t know if it will mess up my computer. Do you know what will happen if I delete it?
I’ve also found malwarebytes and combofix to both be quite capable for removing malware.
click here to download malwarebytes
click here to download combofix
Do NOT use http://www.combofix.org
I recommend using malwarebytes first before combofix, because it’s a more conservative tool for removing malware. If malwarebytes can’t remove it, then use combofix.
I personally use malwarebytes antimalware and Avast antivirus for virus removal..and it works great for my system…