Author: Michael Yee
Date: 15:35:56 06/03/05
Go up one level in this thread
On June 03, 2005 at 05:56:52, Michael Diosi wrote: >On June 03, 2005 at 05:42:41, Michael Yee wrote: >Hello Michael, > >>Sorry if this has already been discussed... >> >>I have a couple questions regarding the virus embedded in Fafis 2.0: >> >>(1) Is it likely that my system is fine considering my antivirus software caught >>the suspicious newly-created file before it was run? I can't find any other >>traces (e.g., modified hosts file, modified registry keys, etc.) > >Port 7000 needs to be closed to our knowledge. Do you mean that the worm/virus is running a program or service that opens port 7000? (If so, do you know what it's called?) Thanks for the help. It's been confusing for me--I'm nearly sure that my system is fine, but I'd like to be 100% sure. Michael >>(2) I'm not familiar at all with exe compression/encryption. But isn't it >>possible that the worm attached itself to the clean fafis exe first (and without >>the author's knowledge)--*before* the author compressed? The author could have >>tested the uncompressed exe for a while before finally packaging it up for >>distribution. (Note : It still would apparently be the first reported case of >>this worm attaching itself to files, but that's not what I'm asking about.) > >To our knowledge it must have beed done manualy. There is no way the virus/worm >does this automaticly. > >>Thanks, >>Michael > >Best, > >Michael
This page took 0 seconds to execute
Last modified: Thu, 15 Apr 21 08:11:13 -0700
Current Computer Chess Club Forums at Talkchess. This site by Sean Mintz.