posted on Aug, 13 2006 @ 02:09 PM
I got hit with it twice yesterday.
Both times it was Bloodhound.Exploit.56
My Norton notified me that the file couldn't be repaired and that access was denied.
Temporary Internet Files/Content.IE5\6BOND672\exp[1]windowsmetafile
Couldn't get a url on it but was able to find out that expected damage was low and it's supposed to be easy to get rid of.
Here's a copy of what it said.
Bloodhound.Exploit.56Risk Level 1: Very LowPrinter Friendly Page
SUMMARY TECHNICAL DETAILS Discovered: December 27, 2005
Updated: February 10, 2006 02:47:15 PM ZW3
Type: Trojan Horse, Worm
Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows Server 2003, Windows XP
Bloodhound.Exploit.56 is a heuristic detection for the Microsoft Windows Graphics Rendering Engine WMF Format Unspecified Code Execution Vulnerability
(as described in Microsoft Security Bulletin MS06-001).
Note: Bloodhound.Exploit.56 is designed to identify behavior that would occur if the Microsoft Windows Graphics Rendering Engine WMF Format
Unspecified Code Execution Vulnerability (as described in Microsoft Security Bulletin MS06-001) is exploited. As Symantec becomes aware of changes to
the exploit code, or if files are identified that trigger this detection but are not malicious, the detection is refined. It is important to keep your
definitions up to date to ensure the most complete protection.
Behavior
Symptoms
Transmission
ProtectionVirus Definitions (LiveUpdate™ Weekly) December 28, 2005
Virus Definitions (Intelligent Updater) December 28, 2005
Threat AssesmentWildWild Level: Low
Number of Infections: 0 - 49
Number of Sites: 0 - 2
Geographical Distribution: Low
Threat Containment: Easy
Removal: Easy
DamageDamage Level: Low
DistributionDistribution Level: Low
This is what I found looking under properties.
HyperText Protocol
type- HTML Document
connection- Not Encrypted.
.