B
Bruce
Hi,
I'm running WinXPHome SP1 with OE6 SP1. I keep up with critical updates,
and I run McAfee Virus Scan Online.
I'm trying to understand why, as my daughter was browsing the internet, the
real time mode of McAfee automatically detected and cleaned three trojans,
even though I have everything patched up.
Here are the McAfee messages, one for each trojan:
1) The file C:\Documents and Settings\DEFAULT\Local Settings\Temporary
Internet Files\Content.IE5\WXW7P0KM\wmp[1].htm was infected by the Exploit-
MhtRedir.gen trojan and has been deleted to complete the Clean process.
2) The file C:\Documents and Settings\DEFAULT\Local Settings\Temporary
Internet Files\Content.IE5\6LFC3M9D\wmp[1].htm was infected by the Exploit-
MhtRedir.gen trojan and has been deleted to complete the Clean process.
3 The file C:\Documents and Settings\DEFAULT\Local Settings\Temporary
Internet Files\Content.IE5\89CGO98L\FRAMEPB_1U[1].HTML was infected by the
Exploit-IFrame trojan and has been deleted to complete the Clean process.
Numbers 1) and 2) are supposed to be prevented by a patch issued on
3/29/01, as described in MS01-020, Q290108.
Number 3) is supposed to be prevented by a patch issued on 4/13/04, as
described in MS04-013, KB837009.
If I go into my Update History, I see that I installed the patch in 3) on
4/19/04. It's decsribed as a Cumulative Security Update for Outlook
Express 6 Service Pack 1 (KB837009).
The other, older patch from 3/29/01, I assume was incorporated in the newer
versions on OE, i.e OE 5.5/6.
Question?
Am I justified in wondering how these trojans even got in, or am I missing
something very basic.
(I also have the basic XP firewall enabled.)
Sincerely,
Bruce
I'm running WinXPHome SP1 with OE6 SP1. I keep up with critical updates,
and I run McAfee Virus Scan Online.
I'm trying to understand why, as my daughter was browsing the internet, the
real time mode of McAfee automatically detected and cleaned three trojans,
even though I have everything patched up.
Here are the McAfee messages, one for each trojan:
1) The file C:\Documents and Settings\DEFAULT\Local Settings\Temporary
Internet Files\Content.IE5\WXW7P0KM\wmp[1].htm was infected by the Exploit-
MhtRedir.gen trojan and has been deleted to complete the Clean process.
2) The file C:\Documents and Settings\DEFAULT\Local Settings\Temporary
Internet Files\Content.IE5\6LFC3M9D\wmp[1].htm was infected by the Exploit-
MhtRedir.gen trojan and has been deleted to complete the Clean process.
3 The file C:\Documents and Settings\DEFAULT\Local Settings\Temporary
Internet Files\Content.IE5\89CGO98L\FRAMEPB_1U[1].HTML was infected by the
Exploit-IFrame trojan and has been deleted to complete the Clean process.
Numbers 1) and 2) are supposed to be prevented by a patch issued on
3/29/01, as described in MS01-020, Q290108.
Number 3) is supposed to be prevented by a patch issued on 4/13/04, as
described in MS04-013, KB837009.
If I go into my Update History, I see that I installed the patch in 3) on
4/19/04. It's decsribed as a Cumulative Security Update for Outlook
Express 6 Service Pack 1 (KB837009).
The other, older patch from 3/29/01, I assume was incorporated in the newer
versions on OE, i.e OE 5.5/6.
Question?
Am I justified in wondering how these trojans even got in, or am I missing
something very basic.
(I also have the basic XP firewall enabled.)
Sincerely,
Bruce