I saw a new Trojan Virus this morning (11/19/01 est) it shows up as RootCMD and seems to infect the root.exe file in the MSADC directory. My anti-virus caught it but my IDS didn't know about it. McAfee is working on it. Has anyone else seen this?
toadhall
8:01 pm on Nov 19, 2001 (gmt 0)
More info: [vil.mcafee.com...] Risk: Low "...most commonly seen as a result of a W32/CodeRed.c.worm infection. "
guardian
8:10 pm on Nov 19, 2001 (gmt 0)
Thanks...I found that after I posted. Couldn't find it earlier. It was new to me and it's coded as the .ida overflow error on my IDS from Cisco.
