Storm mutates yet again.
Do not click on the links or attachments you may receive. These particular ones are so clearly spam don’t be tempted to play chicken.
I am hammering it home as many will fall victim, especially during this holiday season with people receiving new computers for Christmas.
I tested this in a virtual machine:
Microsoft added detection of the Storm family of malware to the September build of its Malicious Software Removal Tool (MSRT) which is released as part of the monthly security update cycle. I recommend downloading and running each month’s updated version along with your other Microsoft updates.
However MSRT is released but once a month, please keep all your security software up to date.
{ 5 comments… read them below or add one }
Great post. I just hope next year brings more educated users. So many are not paying attention.
Domain name: NEWYEARWITHLOVE.COM
FROM GODADDY.COM:
Registrant ID: XHAEJUS-RU
Registrant Name: Bill Gudzon
Registrant Organization: Bill Gudzon
Registrant Street1: 1920 str., office 345
Registrant City: Los-Angeles
Registrant State: CA
Registrant Postal Code: 32089
Registrant Country: US
Domain name: NEWYEARWITHLOVE.COM
Name Server: ns.newyearwithlove.com 69.148.251.234
Name Server: ns10.newyearwithlove.com 67.8.56.110
Name Server: ns11.newyearwithlove.com 83.7.208.236
Name Server: ns12.newyearwithlove.com 86.101.3.252
Name Server: ns13.newyearwithlove.com 125.14.229.130
Name Server: ns2.newyearwithlove.com 75.17.124.140
Name Server: ns3.newyearwithlove.com 74.140.209.145
Name Server: ns4.newyearwithlove.com 75.24.24.249
Name Server: ns5.newyearwithlove.com 76.119.119.58
Name Server: ns6.newyearwithlove.com 67.180.183.105
Name Server: ns7.newyearwithlove.com 69.138.252.207
Name Server: ns8.newyearwithlove.com 89.136.176.227
Name Server: ns9.newyearwithlove.com 82.240.196.133
Creation Date: 2007.12.26
Updated Date: 2007.12.26
Expiration Date: 2008.12.26
Status: DELEGATED
Administrative, Technical Contact
Contact ID: XHAEJUS-RU
Contact Name: Bill Gudzon
Contact Organization: Bill Gudzon
Contact Street1: 1920 str., office 345
Contact City: Los-Angeles
Contact State: CA
Contact Postal Code: 32089
Contact Country: US
Contact Phone: +1 320 5427834
Contact E-mail: bgudzon1956@hotmail.com
From Russia with love. My bad
Google: Fresh StormWorm spreader domain
how do I remove this trojan from my computer? Help?
Hello J, sorry to hear this nasty has infiltrated your computer.
Please see Storm Worm botnet
If your security programs are not able to remove this infection, go to one of the security forums and ask for assistance. Help is free, and the people who provide it are well versed in malware removal.