the address is:
Quoting Stefanie Ploof <[log in to unmask]>:
> We've had another round of this worm infecting computers which in turn
> attempt unauthorized entry into other computers.
> One more very important cleaning tip: Make sure to scan local drives
> *and* mounted network drives. We have confirmed one reinfection as the
> result of wh0is.exe hiding out on the user's network space and
> reinfecting when the network drive was remounted. A HouseCall scan
> (trendmicro.housecall.com using Internet Explorer!!) cleaned the
> infection from the network drive and also identified other computers
> that were attempting to communicate the wh0is.exe file to the infected
> I'm happy to have you report computer names to me if you run a scan and
> it detects other machine names. Thanks, everyone!