Forward it to SANS if you please, so as to get the word out. Z
Edward E. Ziots Network Engineer Lifespan Organization MCSE,MCSA,MCP,Security+,Network+,CCA Phone: 401-639-3505 -----Original Message----- From: David L Herrick [mailto:[EMAIL PROTECTED] Sent: Tuesday, May 13, 2008 3:02 PM To: NT System Admin Issues Subject: RE: is this site compromised or is my symantec enterprise gone south Alex, Thanks for the confirmation David -----Original Message----- From: Alex Eckelberry [mailto:[EMAIL PROTECTED] Sent: Tuesday, May 13, 2008 11:52 AM To: NT System Admin Issues Subject: RE: is this site compromised or is my symantec enterprise gone south The site has been compromised and is serving malware. You need to shut this down asap. To list: Please don't visit this site, unless in a vmware. Alex -----Original Message----- From: David L Herrick [mailto:[EMAIL PROTECTED] Sent: Tuesday, May 13, 2008 1:14 PM To: NT System Admin Issues Subject: is this site compromised or is my symantec enterprise gone south www.mgilists.com select current button - at your own risk Symantec reports Discovered: June 8, 2001 Updated: February 13, 2007 11:50:11 AM Type: Trojan Horse Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows XP Downloader connects to the Internet and downloads other Trojan horses or components. Note: Virus definitions dated June 1, 2006 or earlier may detect this threat as Download.Trojan. ProtectionInitial Rapid Release version June 11, 2001 Latest Rapid Release version May 13, 2008 revision 008 Initial Daily Certified version June 11, 2001 revision 007 Latest Daily Certified version May 13, 2008 revision 004 Initial Weekly Certified release date June 13, 2001 Click here for a more detailed description of Rapid Release and Daily Certified virus definitions. Threat AssessmentWildWild Level: Low Number of Infections: 0 - 49 Number of Sites: 0 - 2 Geographical Distribution: Low Threat Containment: Easy Removal: Easy DamageDamage Level: Low DistributionDistribution Level: Low Writeup By: Gor Nazaryan thanks David This email and any attached files are confidential and intended solely for the intended recipient(s). If you are not the named recipient you should not read, distribute, copy or alter this email. Any views or opinions expressed in this email are those of the author and do not represent those of the Names in the News company. Warning: Although precautions have been taken to make sure no viruses are present in this email, the company cannot accept responsibility for any loss or damage that arise from the use of this email or attachments. ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ This email and any attached files are confidential and intended solely for the intended recipient(s). If you are not the named recipient you should not read, distribute, copy or alter this email. Any views or opinions expressed in this email are those of the author and do not represent those of the Names in the News company. Warning: Although precautions have been taken to make sure no viruses are present in this email, the company cannot accept responsibility for any loss or damage that arise from the use of this email or attachments. ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~
