Choke.exe worms origins are traced back to Netherlands. It spreads only via MSN messenger. This pesky MSN virus worm spreads with the following message in your messenger
“President bush shooter is game that allows you to shoot Bush balzz hahaha”
To remove, do the following.
1. Press Ctrl, Alt, Del and select Choke.exe press and kill it by pressing End Task
2. Close MSN Messenger
3. Go to Start> Run> [type] “msconfig”
4. Click the tab at the top right hand corner that says “Startup”
5. Uncheck the box next to “Choke.exe”, “ShootPresidentBUSH.exe”, or “*The user name here*.exe
6. Find all using search “Choke.exe”, “ShootPresidentBUSH.exe”, or “*The user name here*.exe
7. Delete the file an Empty recycle bin
Now you are disinfected. Update your antivirus to stay safe from MSN Virus.
How to get remove MSN Virus Project 1/ Generic2.EXO / Backdoor.Generic3.SAT
This virus also installs a toolbar into Internet Explorer called “Toolbar888″. Goto: Start > Control Panel > Add/Remove Programs.
Find Toolbar888 and click the “Change/Remove” button to uninstall it
Press CTRL+ALT+DELETE all at the same time so you are viewing the “Process Tab.
If you find any (or all) of the following (don’t worry if you cant find all of them):
- Update.exe
- goll.exe
- loadadv455.exe
- drsmartload.exe
- goll.exe
- two.exe
- vcncr.exe
- rorjxk.exe
- eyewblbby.exe
- cgqrvrva.exe
Highlight the name and click the button “End Process to each of the above you find in the list.
Find and Delete The Following Folders and their Contents:
- C:\Program Files\Common Files\{28676FB5-0AE9-3081-1205-03030930003d}\
- C:\Program Files\Common Files\{38676FB5-0AE9-3081-1205-03030930003d}\
Find and Delete the Following Files with the Folder (NOT the folder itself):
In the folder: C:\Windows\system32\ (don’t worry if you cant find all of them)
Find and Delete:
- goll.exe
- drv.exe
- loadadv455.exe
- one.exe
- two.exe
In the folder: C:\Documents and Settings\[current user]
(replace [current user] with the name you are currently logged on as, don’t worry if you cant find all of them)
Find and Delete:
- goll.exe
- drv.exe
- loadadv455.exe
- one.exe
- two.exe
In the folder: C:\ (main level of C drive, be careful here, don’t worry if you cant find all of them)
Find and Delete:
- goll.exe
- drv.exe
- loadadv455.exe
- one.exe
- two.exe
- drsmartload.exe
Update your Antivirus with the most current virus definitions and run a full system scan to clean up any remaining files. If you do not have any antivirus software. AVG Free is a great option.
The virus has now been deactivated. Happy? 
Tell us in the comments if this does not work. Also you might want to do a online scan or get an anti-virus to protect yourself in the future.
MSN is one of the most popular tools exploited by hackers to gain access to systems using it since MSN Messenger is a popular IM client with teens all over the world. A photo virus currently on the wild, prompts users to download a photo to their computer and many innocent victims tend to download these files thinking that it is a photo sent from one of their friends. This virus then latches to the victims computer and spreads itself virally using the victims friends list on messenger.
photo album.zip is a file that will will prompted to be downloaded. Other filenames include IMG-0012.zip, rachel.exe, newsXX.zip, Jenny.zip and etc which comes with a message making it look like a innocent download.
There are many tools which allow you to remove these kind of viruses include: