How to fix is this you on this pic virus on Windows Vista

Saturday, 25th December 2010

Is your pc infected with a annoying virus/spyware (worm) which constantly tries to distribute itself over Skype or the other messangers you’re using?

The virus spreads around the message similar to the message is this you on this pic? http://zp.rs/photo88.php
The second part of is this you on this pic? consists of an URL which is actually randomly generated
The virus behaviour is that it sends a link to a random hostname which does contain the spyware itself and gets infected the Windows PC of the person who is naive enough to open the link.

What is really annoying about this virus is that it sends around to random people in the skype contact list advertisement the virus like shown in the paste below directly from my Skype program:
[Sun Dec 19 2010 12:18:55] salinuriev: is this you on pic? http://icanhaz.com/photos8.php etc.

The virus uses an old cracker’s trick “provoking the people’s curiosity by initiating personal message with the link to a picture”.

I should say the Virus creators has done a good job since the first time I saw the virus I was stupid enough to open the link, as it was naturally part of one of my conversations in Skype.
Luckily I’m using GNU/Linux and an old skype version and therefore my PC couldn’t get infected by the malware.

Recently the family which lives in the same house as me herem, had their notebook infected with the virus and since they’re not too much computer literated asked me to help them in fixing their Windows Vista from this sticky virus.

It took me a while to find out the solution, but eventually I cleared it up!

In this article I’ll describe step by step what I did to clean up the virus:

1. Make sure you have some kind of Antivirus software installed;

If you do not have an antivirus software installed on your PC you should get one:

I personally prefer Avira as it’s a freeware for personal use, other Antivirus softwaresyou might use is AVG or if you can afford to buy one, then I would advise you to pick up NOD32.
Another option of yours is to use one of the NOD32 cracked versions with the FixIt crack file applied.
The cracked NOD32 can easily be find in thepiratebay.com or some other major torrent racker, however be awarethat using a cracked version of NOD32 might endanger your PC. Many of the available distributed NOD32 said to a cracked onesare actually contains viruses or spyware attached to either the crack or the NOD32 main executable or ldd (libraries).

2. Install MalwareBytes and check your PC for spyware/malware software

Check out my previous post about the Malwarebytes

3. Download and run Oldtimer’s TFC.exe

TFC will close ALL open programs including browser etc. It’s necessary that the file is run with Administrator in Windows Vista.

After the program starts up press the Start button to begin the cleaning process and let the program complete.
The moment TFC prompts you for a reboot you will have to agree.

What TFC does is it does check all the Temporary Files folders in your Windows and deletes all the junk and old files.
This is very nice actually since many of today’s viruses, spyware and malware keep themselves copies in the Temporary Files folders and execute themselves from there during boot.
One more thing to know some antivirus softwares including TrendMicro’s Housecall will consider the TFC to contain a Trojan, however you can safely ignore this warning since the detection is incorrect.
4. Use trendmicro’s housecall Online Virus Scan

HouseCall – Free Online Virus Scan

This is quite handy tool, the disadvantage is that you leave an external program over the internet to mess up with your files, however if you really want to get rid of the Skype spamming worm virus , you have no other choice.

Download either the Housecall for a 32bit or for 64bit in accordance to your Windows platform and the program will scan your system for you and hopefully clean up the trojan.

Following this 4 steps cleaned up the PC from the is this you on the pic? infection!

I hope that all has been cleared but with closed proprietary systems like Windows you never know … If there are some further problems I’ll try to post about them in the comments here.
Users feedback on how well this article helped is also mostly welcome!

Share this on:

Download PDFDownload PDF

Tags:

One Response to “How to fix is this you on this pic virus on Windows Vista”

  1. Ute Gayer says:
    Internet Explorer 8.0 Internet Explorer 8.0 Windows 7 x64 Edition Windows 7 x64 Edition
    Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; Media Center PC 6.0; InfoPath.2; MS-RTC LM 8)

    Neat. I’m really looking forward to speed up my computer. Ta for the brilliant ideas.

    View CommentView Comment

Leave a Reply

CommentLuv badge