Democratic Underground Latest Greatest Lobby Journals Search Options Help Login
Google

Executable force downloaded from anncoulter.com??

Printer-friendly format Printer-friendly format
Printer-friendly format Email this thread to a friend
Printer-friendly format Bookmark this thread		 This topic is archived.
Home » Discuss » Archives » General Discussion (1/22-2007 thru 12/14/2010) Donate to DU
 
Yael Donating Member (1000+ posts) Send PM | Profile | Ignore Sun Oct-14-07 04:57 PM
Original message
Executable force downloaded from anncoulter.com??
I went to her site due to the hack thread and what shows up on my desktop right after but a MSDOS executable called anncoulter.com.

I am not a virus expert, so don't want to crack it open, but if anyone smarter than me wants to take a peek and see what it is supposed to do, I zipped it into a .rar file and can send.

Whoever went after her site wasn't very smart as this file landed smack on the desktop as opposed to buried in the system32 folder or something...
Printer Friendly | Permalink |  | Top
ret5hd Donating Member (1000+ posts) Send PM | Profile | Ignore Sun Oct-14-07 04:59 PM
Response to Original message
1. how many bytes is it? are you sure it's not just a desktop shortcut to her site?
Printer Friendly | Permalink |  | Top
 
Yael Donating Member (1000+ posts) Send PM | Profile | Ignore Sun Oct-14-07 05:02 PM
Response to Reply #1
2. In the rar, it is 176,218 and I am sure that it isn't a shortcut
Shortcuts don't need MSDOS .exe files...
Printer Friendly | Permalink |  | Top
 
flyingfysh Donating Member (1000+ posts) Send PM | Profile | Ignore Sun Oct-14-07 05:57 PM
Response to Reply #1
3. a "com" file is never a shortcut
It is an executable file using an old-fashioned format. Unless you know what it is, DON'T RUN IT!!
Printer Friendly | Permalink |  | Top
 
Yael Donating Member (1000+ posts) Send PM | Profile | Ignore Sun Oct-14-07 06:28 PM
Response to Reply #3
5. Oh, I realize! I am trying to get my Ubuntu laptop running so that I can poke at it
No way am I going to look at this on my Windoze machine. Heh.

Problem is that other machine has a bad motherboard and keeps crapping out.

I work in IT. Maybe take it to work and have one of our geeks take a look.

It probably isn't anything more than a cheesola redirect or something, but my curiosity is up.
Printer Friendly | Permalink |  | Top
 
blogslut Donating Member (1000+ posts) Send PM | Profile | Ignore Sun Oct-14-07 06:11 PM
Response to Original message
4. what is the name of the file?
?
Printer Friendly | Permalink |  | Top
 
Yael Donating Member (1000+ posts) Send PM | Profile | Ignore Sun Oct-14-07 06:30 PM
Response to Reply #4
6. anncoulter.com
Edited on Sun Oct-14-07 06:30 PM by Yael
176,216 in rar archive, reporting as .exe, MSDOS Application, dated 10/14/07

I was going to be nice and send it to her web admin, but there isn't a email address to be found on her vapid site.
Printer Friendly | Permalink |  | Top
 
blogslut Donating Member (1000+ posts) Send PM | Profile | Ignore Sun Oct-14-07 09:30 PM
Response to Reply #6
7. that is the name of the site
Edited on Sun Oct-14-07 09:31 PM by blogslut
what was the name of the executable file that was auto downloaded to your machine?

or then again, perhaps what was downloaded to your machine was a desktop shortcut to her site?
Printer Friendly | Permalink |  | Top
 
Yael Donating Member (1000+ posts) Send PM | Profile | Ignore Mon Oct-15-07 12:26 PM
Response to Reply #7
9. *sigh*
It is a COM file -- anncoulter.com is a MSDOS executable. It is not a shortcut. Believe me, I know the difference.

I am going to have someone here in our office take a look at it.
Printer Friendly | Permalink |  | Top
 
blogslut Donating Member (1000+ posts) Send PM | Profile | Ignore Mon Oct-15-07 07:42 PM
Response to Reply #9
11. OK. I get it
It's a command file.

Can't you open it in notepad and take a look?
Printer Friendly | Permalink |  | Top
 
Yael Donating Member (1000+ posts) Send PM | Profile | Ignore Mon Oct-15-07 08:54 PM
Response to Reply #11
12. I am reloading my *nix install. Don't want to mess with it on a Windows machine.
If I could only get half of my stuff to work with WINE, I could abandon Windows alltogether.
Printer Friendly | Permalink |  | Top
 
havocmom Donating Member (1000+ posts) Send PM | Profile | Ignore Sun Oct-14-07 09:48 PM
Response to Original message
8. Might wanna post in that thread if it is still floating around here
Meanwhile, I am doing a scan of my machine. What browser were you running when you went to the site?
Printer Friendly | Permalink |  | Top
 
Yael Donating Member (1000+ posts) Send PM | Profile | Ignore Mon Oct-15-07 12:26 PM
Response to Reply #8
10. Opera
Printer Friendly | Permalink |  | Top
 
DU AdBot (1000+ posts) Click to send private message to this author Click to view this author's profile Click to add this author to your buddy list Click to add this author to your Ignore list Wed May 15th 2024, 04:03 AM
Response to Original message
Advertisements [?]
 Top

Home » Discuss » Archives » General Discussion (1/22-2007 thru 12/14/2010) Donate to DU

Powered by DCForum+ Version 1.1 Copyright 1997-2002 DCScripts.com
Software has been extensively modified by the DU administrators

Important Notices: By participating on this discussion board, visitors agree to abide by the rules outlined on our Rules page. Messages posted on the Democratic Underground Discussion Forums are the opinions of the individuals who post them, and do not necessarily represent the opinions of Democratic Underground, LLC.

Home  |  Discussion Forums  |  Journals |  Store  |  Donate

About DU  |  Contact Us  |  Privacy Policy

Got a message for Democratic Underground? Click here to send us a message.

© 2001 - 2011 Democratic Underground, LLC