PIDGIN virus (omg IS THIS REALLY YOUR PIC?) - (igfxdn86.exe)

Philip Mooney philipmooney at hotmail.com
Mon Feb 13 06:54:10 EST 2012


Hi,
Eventually mcaffe on-demand found something;
It was detected as 'Bot-FAD!1D74FC9653BB & 'Bot-FAD!0EF8D7922B7F.
 
It found two files called "tmp136.exe' in my C: users temp folder.
It also found two files called "20[1].zip" and "23[1].zip" in my temp internet files @
 ... \Content.IE5\618ZM57F.
 
The application which mcafee recognsied them as belonging to is called "igfxdn86.exe".
Problem seems solved now hopefully.
 
 
Thx,

 

> Subject: Re: PIDGIN virus (omg IS THIS REALLY YOUR PIC?)
> From: david at davidcoulson.net
> Date: Fri, 10 Feb 2012 14:41:57 -0500
> CC: philipmooney at hotmail.com; support at pidgin.im
> To: isaaclw at gmail.com
> 
> Someone at my office was hit with the same issue - I'll post once our End User Support people have had a change to run diagnostics on the system.
> 
> David
> 
> 
> On Feb 10, 2012, at 12:22 PM, Isaac Witmer wrote:
> 
> > General suggestions with viruses:
> > 1) switch to safe mode and then do a system scan
> > 2) pull the hard drive and scan the hard drive in another computer
> > (after making sure that the other computer doesn't "auto-run" files on
> > external hard drives)
> > 3) Try 1 and 2 with multiple virus scanners:
> > 
> > http://www.pendriveapps.com/avg-anti-virus-rescue-usb/
> > http://portableapps.com/apps/utilities/clamwin_portable
> > 
> > If you don't have another computer to work with, you can always boot
> > Ubuntu (http://www.ubuntu.com/download/ubuntu/download) and then
> > install clam scan (clamav in the software center).
> > 
> > If all else fails Nuke it from Orbit (reinstall windows).
> > 
> > Anyway, some of this might be rather complicated if you're not used to
> > it, but I'm sure you can find all sorts of guides online to walk you
> > through it.
> > 
> > -Isaac
> > 
> > 
> > On Fri, Feb 10, 2012 at 6:34 AM, Philip Mooney <philipmooney at hotmail.com> wrote:
> >> Hi,
> >> An instant message was sent to me by a colleage which contains the text
> >> "OMG, Is this really you".
> >> It contained a link, and I inadvertantly clicked on the link.
> >> 
> >> What happened then was that my PIDGIN program seemed to automatcially send
> >> this same message to everyone in my contacst list, I also noticed that the
> >> message or link was not always the same, see below for some examples;
> >> 
> >> 
> >> rofl THIS ISN'T YOUR PICTURE RIGHT? HTTP://BIT.LY/XHtCqe?J391PRB27VK93RA
> >> omg IS THIS REALLY YOUR PIC? HTTP://BIT.LY/a5PPhG?887754714W54V46
> >> OMG this isn't your photo right? http://bit.ly/wDmBYw?kayl082cp4bm9r2
> >> LOL this isn't your pic right? http://bit.ly/yDq89I?0mr578253m33ssm
> >> 
> >> I have tried to remove this sing Mcaffee but with no luck, I have also
> >> unintalled and re-installed PIDGIN and still no result.
> >> Even when my status is offline, PIDGIN still trys to open my contact list
> >> but it cannot get past that status.
> >> Can you tell me how I can find and remeove this virus?
> >> Thx,
> >> Philip
> >> 
> >> _______________________________________________
> >> Support at pidgin.im mailing list
> >> Want to unsubscribe? Use this link:
> >> http://pidgin.im/cgi-bin/mailman/listinfo/support
> > 
> > _______________________________________________
> > Support at pidgin.im mailing list
> > Want to unsubscribe? Use this link:
> > http://pidgin.im/cgi-bin/mailman/listinfo/support
> 
 		 	   		  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://pidgin.im/pipermail/support/attachments/20120213/69948353/attachment-0002.html>


More information about the Support mailing list