 |
Spyware Warrior
Help with Spyware, Hijacking & Other Internet Nuisances
|
| View previous topic :: View next topic |
| Author |
Message |
quietman7
Warrior Addict
Joined: 20 Dec 2004
Last Visit: 28 Mar 2012
Posts: 768
Location: Virginia, USA
|
 Posted: Fri Nov 02, 2007 7:39 pm Post subject: Storm Worm Changes Course |
 |
|
| Quote: |
| The authors of the Storm worm (also know as Trojan.Peacomm) have shown an uncanny knack of changing or shedding key components of the threat in order to enhance its persistence and spread. This week saw the latest incarnation of the threat, Trojan.Peacomm.D, reveal itself as halloween.exe or sony.exe. What is most interesting about this latest variant of the Storm worm is that its authors have removed some key functionality that was present in the previous variant, Trojan.Peacomm.C...the threat now relies less on legitimate components on the operating system and has new proprietary components to do its dirty work. The driver associated with the latest variant, noskrnl.sys, works hand in hand with the user mode noskrnl.exe to provide the same stealth-like capabilities that involved more components, both illegitimate and legitimate, in the past. |
symantec.com
_________________
Microsoft MVP - Consumer Security 2007-2012 
Member of UNITE, Unified Network of Instructors and Trusted Eliminators |
|
| Back to top |
|
 |
Chao284
Warrior
Joined: 06 Sep 2004
Last Visit: 06 Aug 2011
Posts: 220
Location: Bremerton, WA
|
| Posted: Mon Nov 05, 2007 9:28 am Post subject: |
|
|
Nice, now it attacks something that Windows 2000 to Windows XP users have to worry about,
But also NTOSKRNL is something the NT Debugger Check needs to use too, and with this latest virus, it might currupt a person's hard drive because the virus code is injected into that exe file, a big serious problem there. |
|
| Back to top |
|
|
tripkill201
Warrior
Joined: 24 Jun 2007
Last Visit: 23 Feb 2008
Posts: 175
Location: Approximately 2.3698 billion light years away.
|
| Posted: Mon Nov 05, 2007 12:49 pm Post subject: |
|
|
| Chao284 wrote: |
Nice, now it attacks something that Windows 2000 to Windows XP users have to worry about,
But also NTOSKRNL is something the NT Debugger Check needs to use too, and with this latest virus, it might currupt a person's hard drive because the virus code is injected into that exe file, a big serious problem there. |
It's the price of compatibility, I'm afraid. If you don't want your system to fall behind, well, get XP, or 2000 at least. It's also the price of not falling back to Vista, ME, 98, 95, etc.
_________________
The stakes are immense, the task colossal, the time is short. But we may hope — we must hope — that man’s own creation, man’s own genius, will not destroy him. -Albert Einstein |
|
| Back to top |
|
|
Chao284
Warrior
Joined: 06 Sep 2004
Last Visit: 06 Aug 2011
Posts: 220
Location: Bremerton, WA
|
| Posted: Mon Nov 05, 2007 9:08 pm Post subject: |
|
|
| tripkill201 wrote: |
| Chao284 wrote: |
Nice, now it attacks something that Windows 2000 to Windows XP users have to worry about,
But also NTOSKRNL is something the NT Debugger Check needs to use too, and with this latest virus, it might currupt a person's hard drive because the virus code is injected into that exe file, a big serious problem there. |
It's the price of compatibility, I'm afraid. If you don't want your system to fall behind, well, get XP, or 2000 at least. It's also the price of not falling back to Vista, ME, 98, 95, etc. |
Well I am expecting to upgrade by the time 2008 starts, since my system will be unable to handle Vista, but also the money is not on my end, also I like to report the copycat pharma sites are already going on with this latest threat, so basically it does not take long before the pecomm trojan decides to appear again. |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
smartBlue Style © 2002 Smartor
Powered by phpBB © 2001, 2002 phpBB Group
|
