WARNING: AIM Virus... you want to read this

[fiznat]

I suppose this could be a hoax, but I think I should let you guys know about it just in case. Considering the fact that a lot of us are probably on eachothers AIM buddy lists, this could probably spread pretty quickly.

You might get an IM from someone (probably someone you know) that'll say somethin like "hey check this out" and then a link. Dont do it.

I'm still looking around for good info, but I know for sure a few people on NICO have been effected, so watch out.

I donno if this is the same thing or not, but:

http://www.antivirus.vt.edu/pr...e.asp

Any of you more computer oriented people have some insight?

[bumpermatic]

http://vil.nai.com/vil/content/v_100746.htm describes the link you posted in detail. The actual security breach comes from an IE exploit, and since the profiles in AIM are html based and rendered via an IE control (I believe). If you have IE patched up, then you shouldn't be affected. http://vil.nai.com/vil/content/v_100715.htm regards the actual vulnerability. Still this virus gets spread via profiles, so it only infects when you click on a link in someone's profile.

http://vil.nai.com/vil/content/v_99437.htm talks bout a virus that actually IMs people on ur buddylist and tries to propagate by sending them links to download itself. This is probably what you are looking for.

[rydwhite]

Thanks for the warning guys.

[fiznat]

[quote=" bumpermatic http://vil.nai.com/vil/content/v_99437.htm talks bout a virus that actually IMs people on ur buddylist and tries to propagate by sending them links to download itself. This is probably what you are looking for. [/quote]

yeeaah I was reading about that virus, but the link doesnt look like that (with the IP and port). I suppose it coulda been a hyperlink, I honestly didnt even check-- forgot. Ill letcha know next time I get the link, or maybe someone else can..

It was definetly transmitted through IMs though, not profiles.

[240marcuSX]

i know people that have gotten the virus by clicking on a link in someones profile that reads something along the lines of "look what i found!" or "look who i found pictures of." but this is the first ive heard of an actual IM being sent with a virus, thanks for the warning.

[Touchdown038]

I had gotten that a while ago, but I found it in someone's profile and my damn curiosity got the best of me.

It's easy to get rid of, though, so wasn't really a big thing for me.

EDIT: The website you posted says that in order to get rid of it you have to reformat and reinstall the OS... not so! I got rid of it using CWShredder, Adaware, and HijackThis.

[BB Turbo]

the link says something like "Whoa, look what I found click here" I clicked on it, my computer immediately shut it self donw and got rid of it. I just never clciked on that again.

[milo]

If you have a download manager and have decent security settings you can simply refuse to download it, thats what happened when I clicked one of those stupid links

[s86d]

i did that too by stupidity and i went to http://www.trendmicro.com and they erased all my bugs (I had many )

[MainEvent212]

oh crap, i kno a couple people that have that in their profiles...luckily my computer dosent let me directly link form any people's infos...so i never got to see what "they found"

[I30T]

I had that a year and ahalf ago... Sucks that its still around.

[nametakennow]

Grrr! I got one of those freaks around Christmas and I'm still fighting it. I now have some file named like "backdoor.trojan" and I can't figure out how to get rid of it, as it is like the "download.trojan" that was in the same place before it which I tried to get rid of using Safe Mode, but the file wasn't showing up... grrrr... how the hell do I get rid of it if it's not showing up in safe mode?

[Megaseth]

that happened to me. a friend had "Happy New Years Photos" or something like that in her profile. i clicked it and it took me to a site and asked if i wanted to DL something to see the site. the dummy i am, i clicked yes. well, its not a virus, just adware. the way i got rid of it was to go back to the site, and click the link that says, "have our adware installed and want to get rid of it? click here" this takes you to another page after a few minutes and then just follow those steps.

and a friend sent an IM saying that if i got something from him with a link, dont go cause its not him, its the virus.

[I30T]

nametakennow, trojans steal passwords and stuff, and if you buy stuff online they can get your credit card #s (sometimes). I'd get rid of that behotch.

[andrave]

just so everyone knows I've had several of my friends pop messages up, it says "hey man check this out" and the link is something like "www.something.saddam(or osama, I can't remember which)" and if you click it it propogates itself... so don't click !!! just message the person back and inform them that they have a virus.

[rico05]

My roommate just got that as I was reading this. Good info guys!

[juxaguy]

Ad-Aware is your friend. You'd be surprised at how many bugs you have after scanning.

To remove that aim virus, uninstall a program called buddylink. Thats what I found out after trying to fix my friends comp.

[Healing]

Hey thanks Fiznat- just saved me. So last night some random guy I never heard of IM's me out of nowhere, saying something like "Hey check this out", and then a link (something about Osama Bin Ladin's capture in it or something). Having read this thread, I just closed the window and ignored it. :pface

[Japican]

My friend sent me an IM and had that virus, but luckily i asked wat it was first, he then typed back in huge caps DONT CLICK IT, ITS A VIRUS. Curiousity killed the cat!

[SHIFTrl240]

you people and your security unsound ie browsers, get something thats not microsoft :p

[Megaseth]

GO LINUX!