Anti Rootkit

Since we received first Email-Worm.Win32.Zhelatin.h on Jan.28,we have received many variants of Email-Worm.Win32.Zhelatin.h these two days.The author of this worm updates the worm frequently to prevent itself to be detected by AV vendors.We advise everyone should keep your antivirus database to the latest.
As the time of writing,we have received eight different MD5 hashes samples:
adf5fb96b97d8e822e22abe0cbcac0e8
475dc6856f7cf9f2f3ff8bdbed422ee9
272d76a5c8d3a389eef9d8b08ee17dc2
4029a8a3578e6b89f4b558ebb653f8d3
3d61373eb65719e693fae9e8eff8074d
58f790b4eb55dfdb50ca2046d88520e3
cc47d58edfd4004259e34e36355df5b5
6ba2b09befde2a20a5e0212e76d8e2ed
Size: 50,634 [...]

Since last Friday,a new worm(aka trojan spam) began spreading all over the world. Most of AV vendors had declared an alert for this worm. And lots of variants of this worm have been found this week.
Today we receive a new variant of this worm.It also spread as the attachment via email.The size of new variant [...]

As the time of writing,we notice that a new email worm is now spreading in the wild.This is a new variant of Email-Worm.Win32.Banwarum(aka WORM_NUWAR).The subjects used in the e-mails are like the storm worm very much,we warn everyone should be careful of this new worm.
We have received four different MD5 hashes samples:

bd9c3c57373f84e3e114238682f50a9a
05dfbd4ffcaecc37d40aee4553c0ae74
6f57feed43269616de6282fe441066c2
7045fb1d7f01ce93e2ecd6c675b72954(New added)

The email message [...]

In the past few months, Email-Worm.Win32.Zhelatin always masquerades as “ecard.exe” in the lots of spams.
Since last night, the file name has been changed. The latest file name is “msdataaccess.exe”. Everyone should be careful.