If the system folder and more like media player, a video-related procedures for the storm, we must be careful, it may be "rebellious demons" back door family, the latest variant of Backdoor / StormAttack.u "Storm demons" variant u.
Backdoor / StormAttack.u "Storm demons" variant of u using "Borland Delphi 6.0 - 7.0" preparation, and protection through packers handle.
"Storm demons" variant u run, it will copy itself to the infected computer systems, "% SystemRoot% system32" directory, re-named "svcpos.exe", and set file attributes to "system, hidden." Meanwhile, also in the same directory as the release of malicious DLL component "StormServer.dll".
"Storm demons" variant of u running, will steal a user's computer configuration information. Connect hacker designated site "fsjyes.3322.org: 1237", to obtain configuration information and, based on the contents of the target computers to launch DDoS attacks, greatly depleted attack the computer's network bandwidth and system resources, thus to be the attacker caused varying degrees of loss.
"Storm demons" variant of u may also specify a remote server from hackers to download malicious programs on site and automatically call the run. Among them, the malicious program may be downloaded online games Daohao trojan, backdoor or malicious remote control advertising program (malware), etc., causing users to face different levels of risk. "Storm demons" variant of u will be infected by the computer registration system services "Storm DDOS Service" means (service display name "Storm DDOS soft Service"), to achieve backdoors boot from Kai.