IMPORTANT: The instructions on this page are                              NOT information for the Xanga virus spreading in October 2004.      For information to fix the October 2004 virus, please see John's     Xanga Post About The Virus, as he posted instructions about how to remove it.                                                                                      
The information below is from the virus spreading in the Spring/Early Summer 2004     which is no longer spreading. Thank you for your time.                                       
                                                                                                           
-Music Codes Central.com                                                               

For the future... To help stay free of viruses in the future, make sure to patch your Windows system with Windows Update. Install the critical updates. It may take a while depending on your computer and internet connection, but is worth it in the end.  If you do not have an antivirus program, you should get one. AVG Anti-virus is an excellent FREE antivirus program. With free unlimited updates, what is there to lose? If you don't have an antivirus, definitely consider getting this one. You can download it for free here with NO strings attached. Make sure that after installing it, to update it. (this can be done by right clicking the tray icon, clicking "Run AVG Antivirus Control Center" and then clicking "Update Now!" After you update, do a system scan and remove detected viruses. Even if you install AVG anti-virus, it is recommended that you still use the removal tools provided below. Artist/Song Title

To All XANGA/FLOOBLE CHATTERBOX USERS Users... Information regarding the SPRING 2004 virus: The virus is no longer spreading through Flooble's Chatterboxes. If you have removed the code, it is now safe to place the code (chatterbox) back in your Xanga. Many people have cool chat boxes in their Xanga which you can post cool messages in... well, one of them, the Flooble Chatterbox, isn't so nice anymore. In the past week, flooble has made it so that one of the popups caused by this chatterbox will attempt to exploit your computer and put spyware and a Trojan horse virus on your computer. (Update: we have found out that this virus was unintentionally spreading through one of Flooble's ads. It has been removed and is no longer a threat)   Even if you close out of the popup, you will still be infected. All you have to do to be infected, is to visit a Xanga with that popup on it from the chatterbox and then you are infected. Click here for a screenshot of the virus. If that screenshot looks familiar on your computer; your computer is most likely infected. Infected computers will receive popups on websites that don't normally have popups (like Yahoo! Google, etc.). Also, whenever a Internet Explorer window is closed, various popups will be displayed. Infected computers may also have Adware/Spyware installed on your computer due to the virus. If you have ever seen this (click for screenshot) or if "bdcank.exe" is running, you unfortunately are infected with this virus.   Removal Instructions This virus is NO LONGER spreading through Chatterboxes. Here is what I have done to remove the virus from my computer - USE AT YOUR OWN RISK! Windows 98/95 users, please scroll down. Removal for Windows ME/2000/XP Users I have noticed the process of the adware/(possibly) spyware program is "bdcank.exe". Windows XP/2000 users, press CTRL+ALT+DEL, click on the Processes tab, and click "Image Name" so that it sorts the processes in alphabetical order. Check if "bdcank.exe" is running. If it is, you are definitely infected. If it is not running, and you are still suspicious, please read on. Go to Start>Search. Choose "ALL FILES AND FOLDERS" and type in exploit.exe Under "More Advanced Options" Check off Search System Folders, Search hidden files and folders, search subfolders, and Search Tape Backup. (do not check off "case sensitive" Delete any files which may come up. (WARNING: DO AT YOUR OWN RISK!) To verify if they are really the files, check if the date the file was created is about the same as the date you think you were infected. I would call it safe to remove these files because I don't think any program would name their file "exploit". If you want to be 100% sure, create a System Restore file so if the file is important, you can probably restore it. Or you can keep it in the recycle bin to see if anything happens to your programs. I also had to use System Restore. This feature comes installed on Windows XP/2000/ME users. Go to Start > Programs > Accessories > System Tools > System Restore. Restore your computer to a time before the virus was on your computer. (I usually do it a day before to make sure ;) ) CAUTION: DOING A SYSTEM RESTORE WILL RESTORE YOUR SETTINGS TO THE DATE YOU SET IT TO. ANY PROGRAMS OR CHANGES IN THE REGISTRY MADE AFTER THE RESTORE DATE WILL BE GONE. However, saved documents, e-mail, History, and Favorites will not be touched and you may UNDO the restore. If the system restore is successful, check if "bdcank.exe" is running in your processes. If not, choose another restore date before you think the virus was on your computer again. If the System Restore was successful, you have removed it! Also to be double sure the virus won't be coming back, see steps 3-5 except do a search for bdcank.exe (also do if System Restore keeps failing) Removal for Windows 95/98 Press CTRL+ALT+DEL. Check if "bdcank.exe" is running. If it is, you are definitely infected. If it is not running, and you are still suspicious, please read on. Go to Start>Search. Choose select drive C:/ and type in exploit.exe Check in "Include Subfolders" Delete the three files which may come up with exploit.exe. (WARNING: DO AT YOUR OWN RISK!) WARNING: Windows 95/98's search tool may come up with irrelevant files to your search term. Check if the date the file was created is about the same as the date you think you were infected. I would call it safe to remove these files because I don't think any program would name their file "exploit". If you want to be 100% sure, you can keep it in the recycle bin to see if anything happens to your programs. Now do a search for bdcank.exe Delete any files that come up with bdcank.exe (SEE WARNING ABOVE) If bdcank.exe doesn't run anymore on Startup, it is probably gone. *****Please note that this virus may still leave keys in the registry and Startup folder. Because the registry can be dangerous to edit, I have not bothered to search for any registry keys left behind. However, if the files are removed (instructions above) the virus will not be running on your computer.

NOTICE: As for the Spring 2004 virus.... This virus is no longer spreading through Flooble's Chatterboxes. If you have removed the code, it is now safe to place the code back in your Xanga.   Need a free antivirus scanner? Get AVG Anti-Virus here for free with unlimited updates! See the "In The Future..." [in the left column] for more details.