Your Ad Here Your Ad Here
Results 1 to 6 of 6

Thread: Im Virus *fyi*

  1. #1
    muchspl2
    Guest
    **DO NOT INSTALL THE ACTIVEX SOFTWARE ON LINK BELOW**
    im stats something to the effect of
    "hey check this out - http://www.wgutv.com/osama_capture.php?7Uax"
    it installs www.buddylinks.com

    BuddyLinks provides a revolutionary new way for instant messenger users to instantaneously share entertaining content with their entire IM "buddy list" network all at one time.

    The permission-based software, including interactive games, can be downloaded directly through IM via a URL link. Once the software is downloaded, users can easily and quickly communicate jokes, games and amusing pictures within their entire IM social network.

  2. Lounge   -   #2
    Aaron_T's Avatar A duck is watching.
    Join Date
    Oct 2003
    Location
    Newcastle Upon Tyne
    Age
    28
    Posts
    4,506
    Those who dont learn from the past are doomed to repeat It.

  3. Lounge   -   #3
    DarthInsinuate's Avatar Died in battle
    Join Date
    Jan 2003
    Location
    Arkham Asylum
    Posts
    5,001
    Originally posted by muchspl2@10 February 2004 - 22:07
    **DO NOT INSTALL THE ACTIVEX SOFTWARE ON LINK BELOW**
    now a good idea would be to not make it a hyperlink, unless you want them to click on it , hmmmmmmmmmmmm
    The Sexay Half Of ABBA And Max: Freelance Plants

  4. Lounge   -   #4
    muchspl2
    Guest
    you can click it, but it will pop up a gray box
    I wouldn't recommend you saying yes

  5. Lounge   -   #5
    Busyman's Avatar Use Logic Or STFU!!!
    Join Date
    Apr 2003
    Location
    Washington D.C.
    Posts
    13,839
    Originally posted by DarthInsinuate+10 February 2004 - 20:26--></div><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td>QUOTE (DarthInsinuate @ 10 February 2004 - 20:26)</td></tr><tr><td id='QUOTE'> <!--QuoteBegin-muchspl2@10 February 2004 - 22:07
    **DO NOT INSTALL THE ACTIVEX SOFTWARE ON LINK BELOW**
    now a good idea would be to not make it a hyperlink, unless you want them to click on it , hmmmmmmmmmmmm [/b][/quote]
    If someone clicks it, they deserve to get, as some of you call it, OWNED OR PWNED&#33;&#33;&#33;
    Silly bitch, your weapons cannot harm me. Don't you know who I am? I'm the Juggernaut, Bitchhhh!

    Flies Like An Arrow, Flies Like An Apple
    ---12323---4552-----
    2133--STRENGTH--8310
    344---5--5301---3232

  6. Lounge   -   #6
    muchspl2
    Guest
    here a fix strait jacked from another forum

    Systems Affected:
    AOL AIM client (does not affect trillian, miranda, etc)
    MS Internet Explorer 4.x, 5.x, 6.x

    What you can do:
    In order of preference:
    1, format, reinstall, and apply a sensible security policy, such as not logging on as administrator
    2, change your IE settings to not automatically download and install programs just because a web site tells it to
    3, tell IE to ignore the buddylinks worm installer

    Here&#39;s how you do each:
    1, it&#39;s involved.
    2, this is easy. You&#39;ll need to run a couple of commands. If you don&#39;t have windows XP, you&#39;ll need reg.exe, free from lots of places:
    Code:
    reg add &#34;HKLM&#092;Software&#092;Microsoft&#092;Windows&#092;CurrentVersion&#092;Internet Settings&#092;Zones&#092;3&#34; /v &#34;1001&#34; /t REG_DWORD /d 1 /f
    reg add &#34;HKLM&#092;Software&#092;Microsoft&#092;Windows&#092;CurrentVersion&#092;Internet Settings&#092;Zones&#092;3&#34; /v &#34;1004&#34; /t REG_DWORD /d 1 /f
    3, This is easy too. Just add its CLSID to the blacklist:
    Code:
    reg add &#34;HKLM&#092;Software&#092;Microsoft&#092;Internet Explorer&#092;ActiveX Compatibility&#092;{FDDCE9FF-1FC6-413c-80B1-37B101FDA1D4}&#34; /v &#34;Compatibility Flags&#34; /t REG_DWORD /d 1024 /f


    If you&#39;re already infected, you need to unregister the file, then delete it. Run these commands:
    Code:
    regsvr32 /s /u &#34;%SYSTEMROOT%&#092;Downloaded Program Files&#092;shellinstaller.ocx&#34;
    reg add &#34;HKLM&#092;Software&#092;Microsoft&#092;Windows&#092;CurrentVersion&#092;RunOnce&#34; /v &#34;Buddylinks&#34; /t REG_STRING /d &#34;del /s %SYSTEMDRIVE%&#092;shellinstaller.ocx&#34;

    All of this in one code block:
    Code:
    reg add &#34;HKLM&#092;Software&#092;Microsoft&#092;Windows&#092;CurrentVersion&#092;Int &nbsp;ernet Settings&#092;Zones&#092;3&#34; /v &#34;1001&#34; /t REG_DWORD /d 1 /f
    reg add &#34;HKLM&#092;Software&#092;Microsoft&#092;Windows&#092;CurrentVersion&#092;Int &nbsp;ernet Settings&#092;Zones&#092;3&#34; /v &#34;1004&#34; /t REG_DWORD /d 1 /f
    reg add &#34;HKLM&#092;Software&#092;Microsoft&#092;Internet Explorer&#092;ActiveX Compatibility&#092;{FDDCE9FF-1FC6-413c-80B1-37B101FDA1D4}&#34; /v &#34;Compatibility Flags&#34; /t REG_DWORD /d 1024 /f
    regsvr32 /s /u &#34;%SYSTEMROOT%&#092;Downloaded Program Files&#092;shellinstaller.ocx&#34;
    reg add &#34;HKLM&#092;Software&#092;Microsoft&#092;Windows&#092;CurrentVersion&#092;Run &nbsp;Once&#34; /v &#34;Buddylinks&#34; /t REG_STRING /d &#34;del /s %SYSTEMDRIVE%&#092;shellinstaller.ocx&#34;
    To run these, copy them to the clipboard and paste them into a command prompt window (start/programs/accessories/command prompt).

    To see if you&#39;re infected, do "dir /s %SYSTEMDRIVE%&#092;shellinstaller.ocx". If anything comes up, you have it

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •