Q

Virus transferred by clicking on a URL

I was in a Yahoo chat room and clicked on the following link: http://213.123.18.112:8180/ which brought me to the

following location: http://213.123.18.112:8180/psecure20x-cgi-install.version6.01.bin.hx.com

My Norton virus scanner then told me it discovered a Trojan virus but was unable to do anything. I didn't know it was possible to get a virus by clicking on a URL -- is it? I have since installed "The Cleaner," which didn't find anything, and I still don't know if I have a Trojan virus or not. Can you help me?


If you look at the location, you'll notice that it has a .com extension, which is not normal for a Web page. However, it is trivial to set a page up to link directly to a specific file, which will then be inspected by your antivirus scanner.

According to my friends at McAfee, this is the W32/Aplore@MM worm (http://vil.nai.com/vil/content/v_99437.htm). It opens a Web server on port 8180 on an infected system and sends links to an exe file with a .com extension.

You may wish to report the person who sent you that link and the ISP hosting that file.


For more information on this topic, visit these other SearchSecurity.com resources:
Best Web Links: Malware


This was first published in September 2002

Dig deeper on Security Resources

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close