[unisog] New Virus?

Kevin T. Shivers kts at umd.edu
Thu Feb 12 18:43:09 GMT 2004

On Tue, 10 Feb 2004, Phillip G Deneault wrote:

> A student reported that this link was sent to her via AOL Instant 
> Messanger:
> http://www.wgutv.com/osama_capture.php?lmpZ
> A LOT of systems on campus are currently trying to connect to it from my
> Class-B and I cannot connect to anything on the IP address that this URL
> is resolving to(currently
> I'm not sure if this is a new virus, but it sure seems like one... or else 
> someone really did capture Osama. :-)
> Phil


It's Adware.  Basically Infectees just need to go to Add/Remove programs 
and remove the following:

    * BuddyLinks
    * PSDT Messaging Integration
    * PSD Tools ChannelUp v1.0 (remove only)

That should remove the BuddyLinks Adware stuff.  Anti-Virus software that 
searches for "potentially unwanting programs" and "joke programs" should 
also turn this up.

I actually got quoted in our school newspaper thanks to this little 
Adware. (I'd post the URL but it's not online yet, just in the print 


Kevin T. Shivers

IT Security Analyst                                CSS4417
Office of Information Technology            (301) 405-8836
University of Maryland, College Park
OIT Security: (301) 226 HACK

More information about the unisog mailing list