Re: New piece of spyware?

["Rob" <johnnehb () hotmail com>]

At first I thought this was a virus that my friend had a while back, but
then I checked the site you posted. It actually is a security site, and
looks legit so.. If its your client sending the adverts, check your .ini
files for timers (search for something related to sockets (GET)) and if its
not yours then its just a basic news site script modified for this site.

Hope this helps
-Robert

----- Original Message ----- 
From: <caldcv () students fccj org>
To: <incidents () securityfocus com>
Sent: Thursday, May 13, 2004 10:04 PM
Subject: New piece of spyware?


> Hi,
>
>  I have a Windows Server 2003 machine. Lately, I noticed on my mIRC IRC
client that something is pasting out ads to the current window.
> [14:40] <nickname> New threat exploits flaw in Internet Explorer -
http://www.addict3d.org/index.php?page=viewarticle&type=news&ID=2039 ,
please support them by clicking the GOOGLE AD inside the articles on the
right.
> [09:46] <nickname> Sasser worm author needs money -
http://addict3d.org/index.php?page=viewarticle&type=news&ID=2035 , also
please support us by clicking the AD inside the article on the right.
> [09:55] <nickname> 'Doom' creator Id - soon to start on new game -
http://addict3d.org/index.php?page=viewarticle&type=news&ID=2030 , also
please support us by clicking the AD inside the article on the right.
> [14:49] <nickname> please support http://www.addict3d.org (A computer
security website) by clicking a google AD, INSIDE the articles on the right.
Thanks alot. :]
> This last ad was the first one I've seen. I've ran SpyBot S&D and Ad-aware
with no results. I've search Google for addict3d with no results either.
> Thanks,
>
> CC.
>
> --------------------------------------------------------------------------
-
> --------------------------------------------------------------------------
--
>

---------------------------------------------------------------------------
----------------------------------------------------------------------------