Mysterious instant message/

Discussion in 'Security Software' started by Scott Francis, Feb 11, 2004.

  1. I received the following IM from my brother in law:

    check this out...

    When I clicked on the link I was taken to a "WGUC TV NEWS
    PLAYER WAR GAMES UPDATE" page. I was prompted to install
    a "News Player" ActiveX control.

    I refused to install the control and asked my brother-in-
    law what he'd sent. He said he hadn't sent me anything.

    This seems fishy to me. Is there any knowledge about this
    (a Google search returned nothing)? To whom should I
    report this?


    Scott Francis
    Scott Francis, Feb 11, 2004
    1. Advertisements

  2. Scott;
    I suspect he has spyware on his comnputer.
    It would be a good idea for both of you to follow at least steps #1,
    #5 &#6 on this link:
    Jupiter Jones [MVP], Feb 11, 2004
    1. Advertisements

  3. This is an AIM worm. See the incidents list thread at:
    Keith W. McCammon, Feb 11, 2004
  4. Also see

    It's good you didn't click on "accept" to install the software. The EULA
    (not like most people read those, sigh) states:

    ...In addition, the Software will interoperate with your current
    instant messaging client so as to permit the automatic sending of
    advertising messages originating from your Computer to your contact or
    "buddy" list regarding Content offered by PSD Tools or its suppliers. If you
    desire to stop this activity, you may elect to stop the messages by
    navigating to the "" entry in your "Start Menu", selecting the
    " Configuration" item, and unchecking the appropriate option.
    You may also refer to PSD Tools' website at for an
    Lanwench [MVP - Exchange], Feb 11, 2004
  5. Others have suggested what this is; a google search now may be more

    As for who to report it to, I'd suggest the FTC. That's my general
    reaction to not-quite-technically-trojan-but-massively-deceptive
    Daniel Martin, Feb 11, 2004
  6. Scott Francis

    Tedd Riggs Guest

    It might be worth a email to WGUTV as there site might be promoting this
    junk or just used as a jump point.

    McAfee Visual Trace Version 3.25 Results

    Administrative Contact:
    Drew Williams
    1770 Mass. Ave 213
    Cambridge, MA 02140
    Phone: 6176614664
    Visual Trace Copyright ©1997-2001 NeoWorx Inc
    Tedd Riggs, Feb 11, 2004
  7. Scott Francis

    TiJ Guest

    i got alot of information on the osama aim thingy here:
    TiJ, Feb 11, 2004
  8. Scott Francis

    Kendra Guest

    Hi Scott,
    I recieved a similar message from my old government teacher from
    when I was in high school the moment I signed onto AOL messenger
    "check this out..." but when I
    clicked the link the page came up as "Action canceled: Internet
    Explorer was unable to link to the Web page you requested. The page
    might be temporarily unavailable." While the page was loading I could
    see the I.P. address in the bottom left corner of the explorer window
    and it read "". I don't know if that would help someone
    figure out what this camo'd spam is, but I hope it does.
    ~Kendra, California
    Kendra, Feb 11, 2004
  9. Here's the whois info on the website:

    Drew Williams
    1770 Mass. Ave # 213
    Cambridge, MA 02140
    Phone: 6176614664
    anonymous coward, Feb 12, 2004
  10. Scott Francis

    Tedd Riggs Guest

    I was a little surprised by the answer that I got from Drew asking if they
    know of this or support it, Looks like they do. Copy of email back from

    Tedd Riggs
    PDA Square Content Developer
    Redmond, WA

    We hope you are enjoying your BuddyLinks program.
    If you would like to uninstall BuddyLinks, we offer
    easy methods to do this:

    -Via "Add/Remove Programs":

    Click "Start", Settings, Control Panel
    Click "Add/Remove Programs"
    Locate the " Messaging Integration"
    option and click "Remove".
    Click "Yes" on the prompt.

    -Via a website link:
    Navigate to

    Choose "Run" or "Open" when the download window

    We hope this helps answer your questions about
    BuddyLinks. Our support staff will be happy to help
    with any additional uninstall issues via email at
    Tedd Riggs, Feb 12, 2004
  11. Scott Francis

    Mike Burgess Guest

    Yeah I'm enjoying the program ......
    I hope they enjoy my HOSTS file!

    # [PSD Tools][Adware-BuddyLinks] #[ShellInstaller Control]
    For SpywareBlaster users: (add via "Custom Blocking")

    Title: Adware-BuddyLinks
    CLSID: {FDDCE9FF-1FC6-413c-80B1-37B101FDA1D4}
    Mike Burgess [MVP Windows Shell\User]
    Blocking Spyware, Adware, Parasites, Hijackers, Trojans, with a HOSTS file [updated 02-07-04]
    Please post replies to this Newsgroup, email address is invalid
    Mike Burgess, Feb 12, 2004
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.