Welcome to WebmasterWorld Guest from 126.96.36.199 , register , free tools , login , search , subscribe , help , library , announcements , recent posts , open posts Pubcon Website
setup akl.exe wilderness msg:4422891 11:40 pm on Feb 28, 2012 (gmt 0) Am I the only lucky recipient? 208.50.101.zzz - - [28/Feb/2012:22:38:03 +0000] "GET /downloads/setup_akl.exe HTTP/1.1" 403 533 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; GTB6.6; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; MALC; InfoPath.1; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; InfoPath.2; OfficeLiveConnector.1.4; OfficeLivePatch.1.3; Windows Live Messenger 14.0.8117.0416)"
Pfui msg:4422947 2:09 am on Feb 29, 2012 (gmt 0)
Recipient of -- yet another exploit probe? Hang on, I got a million of 'em for ya:) keyplyr msg:4422977 5:22 am on Feb 29, 2012 (gmt 0)
I guess if you don't use Ardamax Keylogger then its a 404. Trouble is, many inexperienced web masters leave these .exe files on the server instead of deleting them after installation. They CHMOD to absolute server path, thus why they're exploited. I and many others block all Level 3 ranges.