My mistake earlier, Google.com had indeed not been infected with the virus.
They had just problems with their WAP (mobile phones, etc..) code on their
front page. the file extension was awfully similar to the .eml which is that
used
by the virus thats running about.
Michael
Jeff wrote:
> I viewed the default web page on a machine known to be infected with Code
> Red II. In doing so, another browser window that appeared to be blank
> popped open, and the address in the title bar the name 'readme.eml'
> appeared. When I viewed the source of the page, this is the code that was
> contained there in-- attached as 'readme.txt' just in case it is malicious
> and would affect others using MS Outlook to read this.
>
> Can anybody tell me what purpose this might serve?
>
> ------------------------------------------------------------------------
>
> <HTML><HEAD></HEAD><BODY bgColor=#ffffff>
> <iframe src=cid:EA4DMGBP9p height=0 width=0>
> </iframe></BODY></HTML>
--
Michael Sim
System/Network Administrator
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Mobile: +61 (0)413 417 822 Level 1, 3 Montague St
Phone: +61 (0)2 9555 5666 Balmain NSW
Fax: +61 (0)2 9555 5688 Australia 2041
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
