Mdesvc.exe, IRCBot.aof
Really Monitor Your Telephone Line?
Zhelatin gang(Storm Worm) masqueraded as the theme of Halloween Day on Oct.31. At that time, a file "halloween.exe" was downloaded.
Today, we found Zhelatin spams began active again. And the file name has been changed into "dancer.exe". So we remind everyone should be careful again.
The size is about 123KB.
Please keep your anti-virus database to the latest.
Today, we found Zhelatin spams began active again. And the file name has been changed into "dancer.exe". So we remind everyone should be careful again.
The size is about 123KB.
Please keep your anti-virus database to the latest.
Current Storm infection payload is sony.exe
You can view the source safely at
http://tools.devshed.com/?go=1&option=com_mechtools&tool=4&go=1&url=http%3A%2F%2F69.76.58.200%2Fsony.exe
More information is posted at
http://www.spamtrackers.eu/wiki/index.php?title=Storm
It contains the following trojan fingerprints within its code:
Software\Microsoft\Windows\CurrentVersion\Run ...noskrnl.exe
noskrnl.config
You can view the source safely at
http://tools.devshed.com/?go=1&option=com_mechtools&tool=4&go=1&url=http%3A%2F%2F69.76.58.200%2Fsony.exe
More information is posted at
http://www.spamtrackers.eu/wiki/index.php?title=Storm
It contains the following trojan fingerprints within its code:
Software\Microsoft\Windows\CurrentVersion\Run ...noskrnl.exe
noskrnl.config
Pages: 1/1 
1 
1
