so today at work when I logged into my hotmail, i got an intrusion. it made a fake virus program antivirus soft or soemthing like that. was a very long .exe name like mgcfpcwd.exe or something like that. now, on my home computer i logged into hotmail and it is super slow and lags my whole computer like it did at work and then norton finally tells me it blocked an intrusion.
"network traffic was deteced that matches the signature of a known attack. the attack was resulted from c:\program files\internet explorer\ieplore.exe. to stop being notified...etc.'
sooo, is msn hacked? hotmail side only? anyone else have this problem?
my work computer is xp and home is vista...both IE8. i did not click a link to goto my email. i typed msn.com then clicked the msn link for hotmail. so unless the initial msn.com home page is hacked i dont know.
think this is a false alert? my home comptuer didnt get the fake antispyware thing becasue im assuming norton stopped it in time. any suggestions??
<<Edit: Disabled active link to potential attack URL>>
What Norton product do you have? What is the year of the product and the version number please? Have you applied the latest Windows updates which just came out today?
I was in Hotmail and just had clicked to open an email from Hewlett Packard. Then, like your PC, Hotmail dogged and then I got the intrusion alert from my Norton.
I have a Vista laptop.
My hotmail seems to be fine now, so Norton must have stopped the attacker.
Wonder what's up too?!
<<Edit: Disabled active link to potential attack URL>>
Network traffic was detected that matches the signature of a known attack. The attack was resulted from c:\Program Files\Internet Explorer\ieplore.exe.
It also showed a virus that auto-protect caught at the same time as follows:
all[1}pdf. (Trojan.Pidef)
Activity: c:\document and settings\XX_Administrator\local settings\temporary internet files\content ie.5\m19gzbdu\all[1].pdf
Fortunately, NIS was on the job and blocked them. I was in Hotmail checking on my mail and was about to sign out and then my computer got attacked. It happened so fast that I don't remember exactly everything that happened. The first thing I did was turn off my DSL modem and rebooted. But I remember seeing I think a java icon in the system bar, an adobe icon on the quick taskbar, and also a popup that Microsoft wanted to installed something, which I don't remember.
After I rebooted, I ran NIS Quick Scan and Malwarebytes and all clean.
I also wonder what's up. Wondering if Hotmail is infected.
I have a friend whose Hotmail email account was hijacked the other day and it sent out spam email to everyone in an old address book. My web based spam detector caught it and I deleted it without opening it. So it is possible that it could be infected. There was also a windows update that came out this week having to do with OE and live.email and windows live email. Please make sure you have applied the windows update and it would be a good idea to change your Hotmail password also.
I'd be interested to know what Ports were involved in this. Please list both what Port your computer was on as well as the Attacking Computer's Port Number.
Excellent advice from floplot to install all Windows' Updates released on May 2010 as there are Attacks In-The-WIld happening with Hotmail that were Patched with these Updates.
hello someone with this mail FROM: YOUR MESSENGER (webmaster@genteya.com) sent me an e-mail with name whoblocksyou i didnt knew that this is virus and i open it i dont have prob with pc but with my msn/hotmail and my friend have too but they didnt open the mail why that hapens? Can norton delete that virus i update it today and i have auto update
Dido > Excellent advice from floplot to install all Windows' Updates released on May 2010 as there are Attacks In-The-WIld happening with Hotmail that were Patched with these Updates.
Relating to Floating_Red's post on what are the port number and attacking IP number - checked the history log and they were not listed.
My computer is updated with the May Windows update. Even though the Attacks-in-the Wild happening with Hotmail were patched, the attacks are still happening - on my computer at least. Had another MSIE Attribute Handler Code Exec intrusion again last night, and again NIS blocked it.
Relating to floplot's comment on the latest Adobe version. At the time this version came out, I read somewhere that Adobe also downloaded some other programs with this release. I did not want these programs on my computer, so I stayed with version 8 and kept it updated with latest version 8 updates. I guess it's time to update to version 9.
Thank you Floating_Red, bjm_, and floplot for your responses.
Norton will block any exploit that it recognizes, even if your PC has been patched and is no longer vulnerable. There are plenty of PCs out there that remain unpatched and the Intrusion Prevention signature for this exploit is all that protects them from infection. So Norton will always respond to this threat when it is seen.
Adobe Reader 8.2.2 is fully supported and patched so there is no need to upgrade to version 9 at this point unless you want the added features. As long as you continue to install the security updates for version 8 as they are released you will be safe using this software.
SendOfJive - Thank you for your response. Relating to Adobe 8.2.2 - after reading your comment that it is fully supported, I decided to stick with this version for now.
I appreciate all of you who took the time to respond to my posts. Many thanks.
While a previous version of a product may be supported and patched against all Security Holes, I would always recommend using the highest-available version that is compatible with the O.S. you use. This is because there will be greater security improvements as well as new and improved features compared with the older versions.
