AppInit_DLLs has been in all public versions of Windows NT, going back to the first public release in 1993 (NT 3.1). Like a lot of "legacy...
Just an update: there are at least three other variants that are scanning for open file shares on tcp/445...those were collected...
I only have the one file, copied about 25 times now in the last day or so (and about the same number of events prior to being able to receive the...
Just as an "add," I've started a page on this thing here: http://www.lupwa.org/malware/KazaaSpyBot.html It's still incomplete and doesn't add...
Just thought I'd pass this along; I starting picking up activity from this bot a couple of days ago, but didn't actually snag it until yesterday....
Thanks, Paul. I hope to take a longer look around here after the holidays... Happy Holidays, Philip Sloss
Do you recall what responses you saw come back from the server? There are several IPs that are excluded based on information we've received from...
Separate names with a comma.