new variant of Palevo-worm?
At the moment, there is a real 'wave' of spreading a MSN-bot in the Netherlands.
This malware sends an e-mail to all MSN-contacts with a message like "It that you on this picture?" and a link which directs to a fake MSN-login page (phishing).
Obvisiously they want to capture your credentials and send them to a remote server.
It is very hard to see anything in a HijackThis-log or ComboFix-log, also MBAM or other AV/AM-products can not see this malware.
So removing the infection is difficult, and sometimes the best advice is to reinstall the OS or at least reinstall MSN.
All looks like a Palevo-variant, but this one is hidden in sev. systemlogs.
According to Bitdefender this is the Worm.P2P.Palevo.DP (http://tiny.cc/6m2ul) but I'm not sure about that.
I already found several Palevo's in the OC's db, but not this one.
Does anyone know more about this malware, or, better, does anyone has a sample?
Please upload it to OC.
Thanks in advance,