Security Incidents mailing list archives
Re: buddylinks worm
From: Alexander Kiwerski <alex () winstar net>
Date: 12 Feb 2004 11:34:15 -0800
On Wed, 2004-02-11 at 08:16, Dennis Cheung wrote:
A friend has gotten infected with this "revolutionary" product. Has anyone tried removing this thing manually before? The buddylinks site has a unsubscribe feature that claims to work, but at the moment I am reluctant until I figure out what exactly this thing is. -Dennis
Well, on Windows 2000 an entry appears in 'Add/Remove Programs' for this lovely little package. Removing it there seems to remove it from the machine and cease the activity, at least on the one workstation here that got nailed. Also seems that setting IE to prompt for downloading signed Active-X controls instead of the default of just downloading them prevents the install in the first place of course. Anyone know if people using Netscape, Mozilla or any browser other than IE get "infected" by this? /Alex K. --------------------------------------------------------------------------- Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection Protect your network with the comprehensive security solution that integrates six applications for ease of use and lower TCO. Firewall - Virus protection - Spam protection - URL blocking - VPN - Wireless security. Download 30-day evaluation at: http://www.astaro.com/php/contact/securityfocus.php ----------------------------------------------------------------------------
Current thread:
- buddylinks worm Jason Yates (Feb 10)
- Re: buddylinks worm Dennis Cheung (Feb 12)
- Re: buddylinks worm falcon (Feb 12)
- Re: buddylinks worm Eric Trager (Feb 12)
- Re: buddylinks worm Mark Coleman (Feb 12)
- Re: buddylinks worm Alexander Kiwerski (Feb 13)
- <Possible follow-ups>
- RE: buddylinks worm Jeremy Junginger (Feb 10)
- Re: buddylinks worm Jason Yates (Feb 10)
- Re: buddylinks worm Clint Bodungen (Feb 12)
- Re: buddylinks worm Jason Yates (Feb 10)
- Re: buddylinks worm upallnight42 (Feb 12)
- Re: buddylinks worm Scott (Feb 12)
- Re: buddylinks worm Access Denied (Feb 18)
- Re: buddylinks worm Dennis Cheung (Feb 12)