FYI...
MSRT November '12 ...
- https://blogs.technet.com/b/mmpc/arc...edirected=true
4 Dec 2012
> https://www.microsoft.com/security/p...sof/Weels4.png
> https://www.microsoft.com/security/p...sof/Weels5.png
___
Unexpected reboot: Necurs
- https://blogs.technet.com/b/mmpc/arc...edirected=true
6 Dec 2012 - "Necurs is a prevalent threat in the wild at the moment - variants of Necurs were reported on 83,427 unique machines during the month of November 2012. Necurs is mostly distributed by drive-by download. This means that you might be -silently- infected by Necurs when you visit websites that have been compromised by exploit kits such as Blackhole. So what does Necurs actually do? At a high level, it enables further compromise by providing the functionality to:
- Download additional malware
- Hide its components
- Stop security applications from functioning
In addition Necurs contains backdoor functionality, allowing remote access and control of the infected computer. Necurs also monitors and filters network activity and has been observed to send spam and install rogue security software. Nefariousness aplenty. See our Trojan:Win32/Necurs* family write-up for the full details... we've had reports from a number of users stating that they're having trouble with the Microsoft Security Essentials real time protection option being turned off after their computer has rebooted. We will continue to monitor variants of Necurs in the wild..."
* http://www.microsoft.com/security/po...n:Win32/Necurs
Updated: Dec 05, 2012