Hi malware fighters,
Another variation of the zero-day exploit found up Sept 14th last seems on the loose, infecting XP SP2 computers, the browser crashes, but the malware is succesfully installed:
http://sunbeltblog.blogspot.com/2006/09/another-zero-day-on-loose-keyframe.html
A mitigation is given here too.
In a hjt log the malware may look anything like:
O21 - SSODL: rjgoitr - {CDEFEE3D-EDCB-4226-931B-90E184C11CAC} - C:\WINDOWS\SYSTEM\hehesox.dll
polonus