May16 |
6:26 pm (UTC-7) | by
Gelo Abendan (Technical Communications) |
TrendLabsSM engineers recently discovered a new Skype spam campaign. The spam arrives as a message from a user’s list of contacts. It contains a list of links with the domain {BLOCKED}4.171.116, most of which are already inactive.
 |
One of these links has been found to lead to the download of a malicious file detected by Trend Micro as WORM_PALEVO.AZA. This appears as a TinyURL link that resolves to http://{BLOCKED}4.171.116/suspended.page/slika.exe. The file slika.exe terminates Windows Update Service and attempts to establish connections to the remote servers {BLOCKED}.97.166 and {BLOCKED}.77.59 using TCP ports 80 and 1234, respectively.
Trend Micro™ Smart Protection Network™ protects product users from this threat by preventing the spammed messages from even reaching users’ inboxes via the email reputation service. It also blocks access to malicious sites and domains that host malware-ridden files via the Web reputation service and prevents the download and execution of WORM_PALEVO.AZA via the file reputation service.
Share this article |
 |
        |
May 23rd, 2010 at 7:47 pm
I am trying to figut=re out what is going on with my hotmail.
Everytime I log on I have these ………… Delivery Status Notification (Failure) from postmaster@mail.hotmail.com and the subject is some web site.
I can not figure out how to stop them.
They are being sent when my computer is shut down and tourned off.
even when I have the computer unpluged from the internet modem.
I was told it was some kind of bot but my Trend micro is not detecting anything on my computer.
What can I do?
Is there a patch for this or some software that is part of my trend micro?