Someone downloaded NetSky.Q (Wonderful little thing) and its emailing the following URL:
mhtml:mid://000000*8/!cid:0**40*Mfdab4$*f*dL7807**870*8@57W8*fa70Re
Can someone break down the different parts of this URL?
Someone downloaded NetSky.Q (Wonderful little thing) and its emailing the following URL:
mhtml:mid://000000*8/!cid:0**40*Mfdab4$*f*dL7807**870*8@57W8*fa70Re
Can someone break down the different parts of this URL?
[url=http://www.syntax******.info/tools/services.php]Speed Up Windows XP[/url]
[url=http://www.syntax******.info/tools/ip.php]Get An Ip Address[/url]
[url=http://www.syntax******.info/tools/base_converter.php]Base Converter[/url]
--------------------------------
[URL=http://www.boninroad.com/syntax******/]Old Site[/URL]
[URL=http://www.syntax******.info]Comming Soon[/URL]
That isn't a url
Originally Posted by SyntaX******
SyntaX******:is it possible for you to email me? I have a question for you.
That Last Link Is A Viurs!!!! It Downloades Several Viruses>>>do Not Open It Under Any Circumstances!!!!!!!!
You Have Been Warned!
What makes the link a virus? Are you referring to my post? Please explain.Originally Posted by *2*456
NetSky.P ring any bells to you? As well as other exploits it downloads.
Take my advice do not open the link!
Ok. Tested on another machine and you're right. Sorry for all the questions.
I'm running Firefox on this machine. Makes sense that Trend wouldn't detect.
Running a scan with Trend and still no instance. Deleted posts above just to be safe for everyone else.
I guess what I'm looking at is the output from a spam filter that includes the email one would get. Amazing part is grinding through Google to arrive at that link.
On the other system, Trend popped up with the detection in the Temp Internet files.
Last edited by disregardme; 07-13-2006 at 04:18 PM.