Yes, a description is here for an existing suite of viruses that use that text:
http://securityresponse.symantec.com/avcenter/venc/data/[EMAIL PROTECTED] html Dunno if it's the official name, but this description matches and claims to be brand new, so maybe there is a new variant that still uses the same old text: http://www.bitdefender.ro/virusi/virusi_descrieri.php?virus_id=108 Andrew 8) -----Original Message----- From: Dan Geiser [mailto:[EMAIL PROTECTED] Sent: Wednesday, November 05, 2003 11:14 AM To: [EMAIL PROTECTED] Subject: [Declude.JunkMail] McAfee Hoax Hello, All, Has anybody seen this new nastygram? ================================================================ X-Message-Info: JGTYoYF78jEHjJx36Oi8+YDSEg8qKPPD Received: from 65.54.166.99 ([193.68.14.212]) by mc9-f39.hotmail.com with Microsoft SMTPSVC(5.0.2195.5600); Wed, 5 Nov 2003 11:06:20 -0800 From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Date: 05 Nov 03 21:04:02 Subject: McAfee Antivirus Monthly Report MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="----=_NextPart_000_000W_CR76L9KJ.SAS1JHRH" X-Priority: 3 Return-Path: [EMAIL PROTECTED] Message-ID: <[EMAIL PROTECTED]> X-OriginalArrivalTime: 05 Nov 2003 19:06:21.0671 (UTC) FILETIME=[E6785770:01C3A3CF] ------=_NextPart_000_000W_CR76L9KJ.SAS1JHRH Content-Type: text/html; charset="us-ascii" <HTML><BODY>McAfee Antivirus warns about several new viruses exploiting<BR> Microsoft Internet Explorer. They register themselves as ActiveX<BR> controls and subsequently grant access to the local resources of<BR> the visitors. This type of internet viruses is very dangerous,<BR> because they delete various files of the operating system.<BR> <BR> Due to the significant increase of viruses exploiting this vulnerability,<BR> McAfee Antivirus supports clients of Microsoft Windows with à patch, which<BR> fixes this bug in Internet Explorer 5.5 and minor versions. Customers who<BR> have applied this patch are already protected against the vulnerability<BR> and do not need to take additional action.<BR> <BR> <BR> -----------------<BR> McAfee Antivirus<BR> <A HREF="http://www.McAfee.com"; TARGET="_blank">www.McAfee.com</A> </BODY></HTML> ------=_NextPart_000_000W_CR76L9KJ.SAS1JHRH Content-Type: application/x-msdownload; name="IE_0216_Setup.exe" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="IE_0216_Setup.exe" TVqQAAMAAAAEAAAA//8AALgAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAA6AAAAA4fug4AtAnNIbgBTM0hVGhpcyBwcm9ncmFtIGNhbm5vdCBiZSBydW4gaW4gRE9TIG1v etc... ================================================================ Just Curious, Dan [EMAIL PROTECTED] ----------------------------------------------------------------------- Sign up for virus-free and spam-free e-mail with Nexus Technology Group http://www.nexustechgroup.com/mailscan --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
