On XP and 2003 all is stabilized.

BUT : a new information is coming today.

I received on comments some complains that the DNS was changed on several networks on the uses computers.

So after analysis, it seems that a new bahavior is coming today :

- No scheduled task was created

- nobody can access to the internet, the DHCP doesn't answer, the workstation DHCP is disabled and it is impossible to fix IP addr or to run ipconfig

- All DNS are located on 127.0.0.1

- All entries on TCPIP parameters are blocked by the malware, so impossible to modify some values.

But if users try to access to the internet, he can if and only if numeric IP addresses are written.

So this new behavior is needed to be studied.

That's why i decide to install a new computer infected by this new generation and try to analyze what's happen and how.

So, when this new plateform will be online, i will report this one also on this section.