due to some wierd AIM events happening..
hacks, hoax what not..
i suggest everyone install the AIM security
esp on your work computer.
http://www.aimencrypt.com/

 

bull****. don't be trying to hack.

 

no thats jerry's fault..

 

ok, my AIM is going crazy. i am also using Dead AIM. i just uninstalled and reinstalled AIM and it's still doing the same thing. it 's opening random windows to message everybody on my list. (i have 200+ buddies, not cool) this is most likely from the .pif file i opened, from jerry . does anybody have any info on this worm/virus/whatever? my virus scanner (mcafee enterprise 8.0) is not picking anything up and i can't seem to find any relevant info through virus databases. thanks for any help

 

also my OS is Windows 2000 Advanced Server, Service Pack 4. help!!!

 

jerry you a$$hole!!!!

used 3 anti spywares, running antivirus still nothing...but yet im still sending messages.. gawd damn it jerry

 

try uninstall AIM.

 

it's some sort of worm. my firewall looks ok, but i need to look through my logs. this sucks. i'd close off all your ports and monitor them just in case. most of the AIM worms seem to bespamming through IRC, but i'm really not sure what this one is.

 

you might have to clean out all registry of AIM/AOL.

 

try upgrading to the new AIM..

 

this might be it!!!!

http://us.mcafee.com/virusInfo/defau...irus_k=133397#

Virus Profile: W32/Opanki.worm
Risk Assessment
- Home Users: Low
- Corporate Users: Low
Date Discovered: 5/2/2005
Date Added: 5/2/2005
Origin: Unknown
Length: Varies
Type: Virus
SubType: Worm
DAT Required: 4481
Virus Characteristics

As of May 24, 2005, there are more than 20 known variants of this worm.

This threat "spreads" via a hyperlink that is received via AOL Instant Messenger. Recipients may receive a message such as:

* hey check out this
* hehe i found this funny movie

Following the hyperlink results in users be prompted to save/run an executable file (such as pictures@gallery.com). If users choose to download and/or run this file, it will contact a remote IRC server, logon to a specified channel and wait for further instructions. One of these instructions can result in the bot program sending the aforementioned hyperlink to all recipients on the infected users buddy list. Technically not a worm, this threat requires a bot commander to initiate the "spimming" (IM spam) routine.
Indications of Infection

This threat copies itself to the WINDOWS (%WinDir%) directory as svchost.exe (note a valid svchost.exe file exists in the WINDOWS SYSTEM directory). The shell is hooked via the registry to ensure the threat is run at system startup:

* HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon "Shell" = Explorer.exe C:\WINDOWS\svchost.exe

The bot will attempt to connect to a remote IRC server, such as "d205.yi.org" or "ftpd.there3d.com"
Method of Infection
This threat "spreads" via AOL Instant Messenger
Removal Instructions

All Users :
Use current engine and DAT files for detection and removal.

Modifications made to the system Registry and/or INI files for the purposes of hooking system startup, will be successfully removed if cleaning with the recommended engine and DAT combination (or higher).

Additional Windows ME/XP removal considerations
Aliases
Oscarbot, W32.Allim (Symantec)

 

this is why we never open .exe files through AIM kids

too many of these have passed through AIM. It's funny when it happens though cuz the same people fall for it.

 

yeah but this latest file is a .pif.

 

Sorry guys... We use Norton Corp Edition at work. Basically what my IT guy at work did is to do a restore point to a date before I sent that link. We haven't had any issues with this since.. Again, I am truely sorry....

 

hahaha, the only security warnings I pay attention to is Norton security warnings...everything else...is just uncivilized.