Diary of a left-handed woman with a career, a cat with a cat of her own, and the most fabulous friends.
Tuesday, June 15, 2010
New malware popped up in the office this morning. It came over pidgeon as an instant message to our user from a person that we believe is using yahoo messenger. A link popped up to a "party pic" zip file, coming from a url with "picturesharehost" in the name. We have the full link still, but how about I don't post it here and cause it to proliferate? The domain is hosted in France.
A pop-up asked the user to download something to protect her computer. The user just Xed out of that, but still noticed her computer was behaving oddly. Thus the call to the IT department. We searched and found that wmpxk3.exe in the startup directory.
It didn't change the background, and didn't effect browsing.
We simply deleted that file and rebooted. Everything seems fine for now.