Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Is this a Virus ??

0 views
Skip to first unread message

ReneDonkers.com

unread,
Jun 19, 2001, 4:00:04 PM6/19/01
to
Is this a virus ??

Txt version of the file send to me by email:

MZ ÿÿ ¸ @ € º
´ Í!¸ LÍ!This program cannot be run in DOS mode.

$ PE L o’d4 C à ¦
@ Ò7 d P 0 À
p 8 h
.text Ø Ó³ `.data
@ À.rsrc 0 @ À
* > l \ x Ž œ ® Ä â î ü . B T
À ¤ ˆ Ì t o’d4 o’d4
P o’d4 P + o’d4 Œ à+
o’d4 Àå¾ÿ Software\Microsoft\Active Setup OSRInstall
Rename Wininit.ini NUL welcome.exe /init U‹ìƒì VW‹=T 3öhÿ
E ÿu VPj ÿ X ;Æt'ƒø t ƒøÿt ëÛj VV EäVPÿ×…ÀtÌ EäPÿ ` ëå_^ÉÂ U‹ì ì” ¡
ƒø u( …lÿÿÿÇ…lÿÿÿ” Pÿ 3Àƒ½|ÿÿÿ ”À£ ÉÃU‹ì ìh SVWhP ÿu ÿ 8
…À¾ … ýÿÿVP „G ‹=4 ÿ× … ýÿÿhD Pèò èvÿÿÿ3Û…Àt j … ýÿÿSPÿ 0
ëM …œüÿÿh@ Pÿ , …¤þÿÿVPÿ× …¤þÿÿh4 Pè¨ …¤þÿÿP … ýÿÿP …œüÿÿPh,
ÿ ( E Ph Sh h €ÿ …À …à Eü‰uüP …¤þÿÿPSSh ÿu ÿ
…Àt ˆ ¤þÿÿÿu ÿ 8 ¤þÿÿ „£ …˜ûÿÿVPÿ $ j 3ÀY }¨ó« EìÇE¨D
P E¨P …˜ûÿÿPSh SS …¤þÿÿSPSÿ …ÀtZjÿÿuìè þÿÿÿuì‹5 ÿÖÿuðÿÖë>ÿ 4
… ýÿÿhD Pè­ …¤þÿÿVPÿu ÿ … ýÿÿj P …¤þÿÿPÿ _^3À[ÉÂ
U‹ìƒìDVÿ H ‹ðŠ <"u ŠF F„Àt <"uô€>"u

< ~ F€> úŠ „Àt < Fëóƒeè E¼Pÿ D öEè t ·Eìë j
XPVj j ÿ @ PèÔýÿÿ‹ðVÿ < ‹Æ^ÉÃVW‹|$ Wÿ L ‹ð ÷;÷v VWÿ \
€8\t Æ \F‹D$ €8 u @ëøPVÿ , _^Â ÌÌ´ N Ä f
´ T * > l \ x Ž œ
® Ä â î ü . B T À ¤ ˆ Ì t
/ RegCloseKey N RegQueryValueExA F RegOpenKeyExA ADVAPI32.dll
V GetVersionExA % CopyFileA GetModuleFileNameA CloseHandle =
CreateProcessA : GetSystemDirectoryA £ WritePrivateProfileStringA
À lstrcpyA º MoveFileExA Z GetWindowsDirectoryA ½ lstrcmpiA p ExitProcess
GetModuleHandleA 1 GetStartupInfoA ± GetCommandLineA KERNEL32.dll ”
DispatchMessageA Ç MsgWaitForMultipleObjects Ù PeekMessageA USER32.dll
Æ lstrlenA ' CharPrevA
«>c4 € «>c4 0 € «>c4 H `0
\ \ 4 V S _ V E R S I O N _ I N F O ½ ïþ H
: H : ? ¼ S t r i n g F i l e I n f o
˜ 0 4 0 9 0 4 B 0 L C o m p a n y N a m e M i c r o s o f t
C o r p o r a t i o n d F i l e D e s c r i p t i o n L a n g u a
g e C h e c k H e l p e r P r o g m a n 8 F i l e V e r s i o n
4 . 7 2 . 2 1 0 6 . 1 0 I n t e r n a l N a m e L A N G C H K t (
L e g a l C o p y r i g h t C o p y r i g h t ( C ) M i c r o s o f
t C o r p . 1 9 8 1 - 1 9 9 7 @ O r i g i n a l F i l e n a m e
L A N G C H K . E X E x , P r o d u c t N a m e M i c r o s o f t (
R ) W i n d o w s N T ( R ) O p e r a t i n g S y s t e m < P
r o d u c t V e r s i o n 4 . 7 2 . 2 1 0 6 . 1 D V a r F i l e I n
f o $ T r a n s l a t i o n °
--
Met vriendelijke groet,
Cordiali Saluti,
Best regards,

René Donkers


Newsgroup handeling by XNEWS
http://xnews.3Dnews.net

Frederic Bonroy

unread,
Jun 19, 2001, 4:07:02 PM6/19/01
to
"ReneDonkers.com" wrote:

> Is this a virus ??

It's an executable file, so it could contain a virus. But the pure text
representation of a binary file reveals very little about the code, so
I strongly suggest you get hold of a virus scanner and scan the file.

If you have not requested the file then it is very likely malicious.
As a result, even if it's reported as being clean by the scanner, you
should not open it but send it to one or more of the following
addresses:

AVP: submit...@avp.ch
CAI: ipev...@vet.com.au
Frisk: viru...@complex.is
F-Secure: sam...@f-secure.com
NAI: virus_r...@nai.com
Sophos: sup...@sophos.com
Symantec: avsu...@symantec.com
Trend: virus_...@trendmicro.com

S.NAPper

unread,
Jun 20, 2001, 8:57:14 AM6/20/01
to
In article <Xns90C5DFFF07...@194.159.73.10>
Nom...@ReneDonkers.com (ReneDonkers.com) writes:

>Is this a virus ??

Who cares ?? <SSS>

>Txt version of the file send to me by email:
>
>MZ ÿÿ ¸ @ € º
>´ Í!¸ LÍ!This program cannot be run in DOS mode.

You,

>René Donkers

... didn't ask for it; it wasn't packaged; and have no idea of what it
might, or might not, do, correctly ==

== chuck it & forget about it.

S.that.obvious,

S.ays.so

-- -
Stuff the B's - Show Me the Honey !

0 new messages