Having recently been stupid enough to download the MSN Photo Album Virus, which then infected several of my friends, I wrote a batch file to remove it that doesn't require any system restarting.
http://www.scriptmarket.co.uk/msnVirusRemoval.zip
It's a Zip file that contains 2 files, run.bat & kill.exe.
Just extract the file then double click run.bat to remove the virus.
Kill.exe is used by the batch file to close running programs that have been infected by the virus.
I've tested the batch file on XP and 2000 and it's worked with out any problems.
Hope this helps a few people.
Enter your hotmail address and password to automaticly send ever one on your contancts list an email with a link to this site, and help stop the virus.
Also, If you have any talent in web design and are interested in working on a web project on a 50/50 basis (no pay just split any profits). Email me at b.flatman at gmail dot com.
I'm just looking for some one to start a project with on a very part time basis.
I'm currently working as an application developer, but have worked in web development and even SEO in the past so those are the skills i'll be bringing to the table.
Thanks.
96 comments:
Thanks so much,what a nightmare this virus was!!
Even my antivirus program did not remove it.
I have sent copies of you cure to all my contacts.
WELL DONE
wooh billy *high five* you l33t c0d3r hahaha :D
hey..
just want to know if this will re-boot my computer?? or will i just have to restart my computer?
cs otherwise..i will have to save everything on my computer right?
It doesn't require a restart at all.
Just run the file and thats it.
WOW this cure is good!! THank you! it has worked...at least i think it has..
=)
hi billy, i double click on run.bat but it says windows cannot find "REGEDIT" what does this mean?? cheers, josh.
REGEDIT is the program used by windows to make changes to your registry. It should be on any windows operating system. What operating system are you using?
I have tried this, but my computer is detecting this as a virus and wont let me open it! yet it completly missed the msn bug. can you help?
I would try disabling your anti virus and try it again, or uninstall it for what use it seems to be. Try Avast! it's personal edition is free and it's always been really good for me, although it didn't remove the MSN virus.
It's strange that your anti virus is detecting this file as a virus, perhaps it's being infected by a virus in your system upon download.
Weheyy Fankooo Darlin =]
Dont Aculi Kno If Its Worked Yet But Seems To Have Atm ..
Lol I Had Given Up And Just Stopped Using Msn Til I Found This
Fanxx Againn =D
xxxx
heeey thanks sooo much for the fix .. it did work. Its now removes and my antivirus program got rid of the left overs!
thanks so much!!! you IT genius haha
from australia
Hi billy, I've downloaded and used your files. After running the "run.bat" file, it just opens a "MY Computer" window..isit supposed to do that? and am i right to assume that the bug has been fixed?
Wow thanks a lot, this thing was so annoying i tried deleting it so many times manually, and ran spyware and antivirus programs, it just kept coming back. ive beeb on for 2 hours now and it hasnt come back :D
Sorry for the slow reply, but I've been on holls.
For some reason My Computer or My Documents some times opens after running the program. Not sure exactly why, It just seems to happen when explorer.exe is restarted. Nothing to worry about though.
Billy, I posted before about the "My Computer" thing. I've tried ur stuff..it seemed to work for awhile but the virus still comes back..any help? Thanks!
All I can think is that either your PC is getting reinfected, or you have a slightly different version of the virus than this program can remove.
Not really sure of the solution i'm affraid becasue it would depend on the specifics of your version of the virus. This program removes 3 different versions, but i'm sure more will ahve been developed.
Sorry that this isn't much help.
Its ok..Thanks for everything anyway!
Dude, I just uploaded and scanned it on this site:
http://www.virustotal.com
And it found a couple of trojan/backdoors and such shits inside the file -.-
Are you trying to screw people up a little more or is it just a mistake, which I doubt ?
I just run the same scan and got similar results, but I can assure you the files are not infected. I sujest you try scanning the files with a more reliable anti virus application. The site your using is giving very conflicting results.
hi billy,
i hope you can understand me because of my bad english xD i have the virus and i run your program, but after this i run my anti virus program (Antivirus personal edition) and it found the same virus once.-.-''' why?
I couldn't say for sure, there are quite a few different strains of this virus going round now and this program doesn't remove them all. As I don't know what strain you have I can't be of much assistance sorry.
If any one has a strain that this program doesn't remove and they find information else where to remove it, please could they let me know what site they used for the info and I will incouperate that information into this program.
Hi Looks like I have a different strain of the virus as just tried your download and hasn't helped.
Worth a try though I am sure.
Craig.
tried this software because my girlfreind got this virus we run it and thought it had cleared then up popped "Check out my pics from my workplace" how can we tell wether the software worked ? you say at the beginning to extract the file after download...do you mean open it then double click on the run.bat? if so what do we do with the kill.exe file ? any help would be appreciated as this is doing her nut in lol
Thanks so much
Just wanted to say thanks alot for sorting this out. Manual deletion didn't seem to solve anything.
That's the last time I let someone else use MSN on my comp :P
I've got one prob here..I received a "photo album 2007" file from MSN and it's not denieable and it's not deletable..but eventually the file is gone because I shred it with McAfee Shredder..pls tell me if sumting is wrong..
Hey Billy... your script does not seem to work on my pc -
this is what it is sending out to all my contacts :
K-U-D-U-S said:
http://www.cbswest.com have you ever been thinking_to_enlarge_your_penis?
K-U-D-U-S said:
Check out my pics from my workplace.
K-U-D-U-S said:
http://www.cbswest.com have you ever been thinking_to_enlarge_your_penis?
K-U-D-U-S said:
Here are my pictures from my vacation
K-U-D-U-S said:
http://www.cbswest.com have you ever been thinking_to_enlarge_your_penis?
K-U-D-U-S said:
Nice new photos of me and my friends and stuff...
K-U-D-U-S said:
Here are my pictures from my vacation
K-U-D-U-S said:
Here are my pictures from my vacation
K-U-D-U-S said:
hmm is this you on the photo ?
Does not work on my computer :( . My firewall is on hard work. Constantly blocking outgoing traffic...
What can I do?
hey billy i try to run that programm but it;s say access denied. now wht i hv to do??? pls tell me, i m in a big prblm with my msn.
i have tried it nut the virus is still on my pc , what else can I do?
i used the program to remove the virus but it says that there is no virus and when i open my msn it still sending to everyboy some message saying that i made an album picture or whatever :S...i try everything they told me in internet and it still dont work can anybody help plz?? and sick oh that viruss it wont desapear...
Is the virus gone, when I use your program?
I may also need to delete it completely somewhere, right?
If yes, where?
My program should remove the virus completely, provided you have the same strain this program was ment for. If the virus appears to be removed then all trace of the virus will be removed too.
hi,Billy i downloaded your program but it dosent seem to work for me...and now more and more rar file of photo and album are poping out from no where in my windows system..help me pls
It doesn't work on my pc :(
thank you very much
that was GOOD
so fast and so simple
download so fast that i tot it had a mistake or something
and the pogram went so fast i tot it was another virus
helo.. hmmm is there any other ways than re-boosting the computer? my this friend sent me this file. and i was 2pid enough to open it. argh.. do you have any thing that can delete this file/virus: picturealbum2007.zip
The program doesn't require a reboot. Just run it and thats it.
when i try to open the file, this is what happens:
Windows cannot access the specified device, path or file. You may not have the appropriate permissions to access the item
Are you using an account with limited permissions? You may have to use an administrator account to run the program.
helo again.. my virus is from msn PictureAlbum2007.zip your virus killer didnt kill the whole "C" drive. But it only kill a recent spot, while the virus is still in my "C" drive. can i sent u this file. so that u can re-edit the batch??
by KiTT3N
Hi Billy, I accepted the file from a friend but I didn't extract it so I dont think I was infected??
I tried to run your script anyway and I recieved the error: "Windows cannot access the specified device, path or file. You may not have the appropriate permissions to access the item" and I have no restriction limits in place. I think I recieved the file: PictureAlbum2007.zip
Thanks alot...
Hi all,
For those who've got the virus name: Photoalbum2007.zip, please visit this website and follow the steps in the removal tab to clear your virus. I've tried it and it works on my comp.
http://www.symantec.com/security_response/writeup.jsp?docid=2007-081000-2334-99&tabid=1
erm dumb question...hw do i noe if its removed?
hey, thanks for what you've posted. however my antivirus detects the file to run as a trojan. the file accepted on my comp was picturealbum2007. anyone has any ideas how i can solve this? would really appreciate it. thanks.
hi, is this the cure for the virus that sends the link with comments like 'heres me drinking juice'?
Hi i have that one to... it sends comments and beach picures..
I have tried everything can anyone help me?
Hi.. Anyone out here cuaght this bug known as myphoto2007.zip? I managed to delete the file from C:\windows. The windows still pop up and my comp hangs. However, the file cannot be send to my contacts anymore.
Hi,
I used the program to remove it already. I have stop sending the virus file via my msn. I ran alot of anti virus programe and spyware on my computer, they cannot detect it.
But i ran trojan guarder golden version 7.23 which i dload from www.download.com, they told me that there was a trojan detected... Why is that so? And i cannot remove the trojan unless i buy the damn product...
Please help
I think i am infected by a new variant of the msn virus. Now it is called mjd.zip. And i will send wierd comments like:
"a new picture off me and mjd"
or
"hmm, is that me and you? got the picture from mjd, yo mamma is so fat, look at this picture"
or
the one which i got when i 1st opened it : "lol, thats mjd."
Help pls! Ur programme doesnt seem to work!
hi there i cant seem to be able to run the ms dos batch file...says something about i dont have permission to access this item, please help meee its driving me nuts =S thanxxx
i have contracted a similar virus known as MyGallery5156.zip. I ran your zip file and killed it... But it did not seem to work. I still auto send a message that i have failed to send this virus. Can you help me? I m really desperate.
Hi
I just tried. Anyway, it doesnt work. The virus is still attacking every single one from my msn list. GAAAAAAAAAAAAAAHHH...so depressing.
Hi.
I found this web by surprise and thought that you could help me with my problem.
Few months ago I stupidly accepted the PhotoAlbum virus from a MSN contact but I did not execute or touch the file.
Does it mean I am infected with the virus?
How do I remove the file and would a reformat do the job?
Thanks.
hi there e msn virus removal i use already but no use for me:( when i login msn after awhile it keep send virus automat to everyone in my msn n i need to log off..u gt other removal?i need help
I have also been so stupid to download the virus and the cure you have posted does not seem to work - please help me.....
It's not called Photoalbum2007.zip
but IMG0024.zip
When ever i run i doesnt do anything i just come up with my Documents..?
Why wont it work!!!!
HELP
It doesn't show any prompts to screen. It opens up my documents some times when windows explorer restarts so it sounds like it's executed normally. If it hasn't stopped the problems with Messenger then the version of the virus you have must be different than this batch file can help with. If Messenger is working ok now then it should be sorted.
You have no idea how much I love you right now ^-^~
grrr who made this annoying virus this seems 2 hav been around 4ever u think u rid of it then all of sudden u start get msgs again with those annoying rar!!!
Hey Billy, even now people are thanking for this tool :D
hi there! thank you for creating this cure but im not sure if it has removed the files or not, im a little afriad to go on to msn and see if everythings ok cuz im think it mite take over msn again!...so i searched my whole computer for ne more "hotmail.####" files and i still found like 8 of them...im pretty sure that means i still have the virus...can u help in ne way?? oh well i just read over some of your replies...i guess i must have a different strain to the virus??
How do i know if its cured?
will they give a sign or anything?
How do i know if its cured?
will they have a sign or anything?
if yes what should i do?
if no, then im good.
woah awesome dude u really helped me out here. spent like the whole night trying to remove it with scans, almost wanted to reformat. thanks so much man
hey! whenever the virus takes over my msn, my friends tell me that i send them a file called "image30". is it one of the strains that can be removed?
Not that i'm aware, but give it a try any way. Won't do any harm and you might get lucky. It depends whether your strain uses the same file names and registry keys.
i downloaded your zip but avg identifies it as trojan horse backdoor robobot
Nice one mate, this virus has been bugging me for a long time.
Oh..The link doesnt work... it just shows me a white screen
the link is not working.....can u please post it somewhere again.....i've heard from quite a few websites that the solution here works.....please re-post it
Some how the link to download the file was changed, not sure how but I've changed it back.
Thanks....I Salute U Sir ^_^.....i hope it worked....Thanks Again ;o
I downloaded the file, and AVG popped up. The file was also .bat, so. Don't download this, it's a virus.
No! This itself is a virus, i have never had the virus before and i personally checked this for a virus before i used it! It cdoesnt inplant the virus automatically, its a total scam to give other people virus's! Ha! Im not stupid... unlike you! its a load of bollo*ks Thank you avg
I left a copy of the virus on my pc b.c without having a copy its hard to find a solution. I ran this link and looked at the copy of the virus which was still in the in its ZIp folder.
I checked the ZIp folder and the file is gone so it did in fact remove the virus and it also stopped my friend from sending the message when I sent it to her.
-thanks
I deleted the file which was sent to me before I came across this website, but I still keep sending those messages. Does the virus try to take any personal details e.t.c? Thanks (:
HMm well i extracted the file and i double click the run.bat and it doesnt do nothing for me i still have the virus:< i use windows XP i dont know why its not working for me ehsanmarques@hotmail.com
hey billy ;D
i'm not sure if the thing worked. but everytime i sign in, a virus will atck, saying to all my contacts: hey is this your picture..? (link) then there's a link i actually pressed. so its like spreading to everyone in my list. tho. this only happens at unknown times whenever i'm signed in. does your software work in my case?
joelle
Hi all,I also stupidly received the virus from my friend saying "have you seen this picture?" Just wondering what signs can you look out for if the virus is killed? And juz to tell u guys out there try downloading the free version of AVG on ur com. might juz work! I've tried a dozen of remedies so think its killed but cant be sure yet. Think AVG's great. Just search for AVG in google and you can download it on ur com. Pls reply if you know what signs of recovery or infection I can look out for.THX!!!
Hey Billy
I got this picture virus and i ran this file it opens my documnets and then it doesn't ask to restart my computer or anything
Thanks in advance
I am unfamiliar with computers and have followed the instructions but it seems I am still sending the virus to others?? any suggestions??
Thanks
u want our hotmail address and password to cure all our friends...that's so kind of u billy!! u're so generous warf warf warf...come on guys be serious
Hmm billy,i cant find "rdfhost" or "rdihost" or "rdshost" on the folder ShellServiceObjectDelayLoad,what do i do?
i tried to download bt the zip file inside is empty..
billy.....i got many question still want to ask u .add my msn as nsphang@hotmail.com if can. tq ya billy for your solution for tat virus
Just to let you guys know, the file (.bat) contains a trojan backdoor. Also you can not have a look at the batch file, to see what commands it would run. Highly NOT RECOMMENDED TO USE THIS FILE!!!!!!!!
Thank you so much, this has been an absolute lifesaver. I use Avast and even after sweeping the computer twice it was still telling me there was no virus present.
The virus has been a nightmare but this seems to have worked.
Thanks again!
People DO NOT DOWNLOAD THIS!!! Sure it may heal the virus, but the ZIP file itself is infected with a trojan. I scanned it with AVG when I downloaded. You can download it if you want, but I would strongly advise against it. You have been warned...
I don’t know what everyone else is talking about, because my virus software did not detect a virus and it was clean. I just wanted to test it. I am not stupid enough to download the virus I was just going to see if it worked so I could pass it on to my friends and there were no trojans or shit detected.
Thank you Billy! It already worked for one of my friends
It is in reality a great and useful piece of information. I am happy that you just shared this useful info with us. Please stay us informed like this. Thanks for sharing.
Post a Comment