Re: Moncash.net - Virus Alert

From: Alex Papadimoulis (apapadimoulis-at-SCKDesign.com)
Date: 02/26/04 

Date: Thu, 26 Feb 2004 10:06:17 -0500

Dave,

NAV popped up two alerts for me also, identifiying it as a
Bloodhoud.6.Exploit, and also deleted the temp files.

Did it still slip through for you? One symptom for me was the keyboard was
not working in any office applications. If your safe, perhaps I should
change to McAfee :-D.

Alex Papadimoulis

"David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message
news:eJ3sVdH$DHA.3452@TK2MSFTNGP11.phx.gbl...
> McAfee Logs from going to Web Site referenced:
>
> 2/26/2004 9:38 AM Infected lipman C:\Documents and Settings\lipman\Local
Settings\Temporary
> Internet Files\Content.IE5\F6C5KU7J\index[1].html Exploit-MhtRedir
> 2/26/2004 9:38 AM Deleted lipman C:\Documents and Settings\lipman\Local
Settings\Temporary
> Internet Files\Content.IE5\F6C5KU7J\index[1].html Exploit-MhtRedir
> 2/26/2004 9:38 AM Infected lipman C:\Documents and Settings\lipman\Local
Settings\Temporary
> Internet Files\Content.IE5\LFSC1IZW\chm[1].chm MultiDropper-GP.dr
> 2/26/2004 9:38 AM Deleted lipman C:\Documents and Settings\lipman\Local
Settings\Temporary
> Internet Files\Content.IE5\LFSC1IZW\chm[1].chm MultiDropper-GP.dr
>
>
> Dave
>
>
>
> "Alex Papadimoulis" <apapadimoulis-at-SCKDesign.com> wrote in message
> news:103s0k2ec7pk7c0@corp.supernews.com...
> | Hello Group,
> |
> | Just wanted to warn about the email below. A simple click to moncash.net
and
> | I was infected -- I have latest NAV Definitions and IE Security patches.
If
> | you go to Moncash.net (which, i'd highly advise against), it'llcontain a
1px
> | by 1px IFRAME with the following:
> | [snip]

Quantcast