Re: buddylinks worm
From: Alexander Kiwerski (alex_at_winstar.net)
Date: 02/12/04
- Previous message: Brian Eckman: "Re: WebDav Worm?"
- In reply to: Dennis Cheung: "Re: buddylinks worm"
- Next in thread: upallnight42: "Re: buddylinks worm"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: incidents@securityfocus.org Date: 12 Feb 2004 11:34:15 -0800
On Wed, 2004-02-11 at 08:16, Dennis Cheung wrote:
> A friend has gotten infected with this "revolutionary" product. Has
> anyone tried removing this thing manually before? The buddylinks site
> has a unsubscribe feature that claims to work, but at the moment I am
> reluctant until I figure out what exactly this thing is.
>
> -Dennis
Well, on Windows 2000 an entry appears in 'Add/Remove Programs' for this
lovely little package. Removing it there seems to remove it from the
machine and cease the activity, at least on the one workstation here
that got nailed.
Also seems that setting IE to prompt for downloading signed Active-X
controls instead of the default of just downloading them prevents the
install in the first place of course.
Anyone know if people using Netscape, Mozilla or any browser other than
IE get "infected" by this?
/Alex K.
---------------------------------------------------------------------------
Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection
Protect your network with the comprehensive security solution that
integrates six applications for ease of use and lower TCO.
Firewall - Virus protection - Spam protection - URL blocking - VPN
- Wireless security.
Download 30-day evaluation at:
http://www.astaro.com/php/contact/securityfocus.php
----------------------------------------------------------------------------
- Previous message: Brian Eckman: "Re: WebDav Worm?"
- In reply to: Dennis Cheung: "Re: buddylinks worm"
- Next in thread: upallnight42: "Re: buddylinks worm"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
