Daily Virus Report (Apr 14, 2009) - Worm.Win32.VB.ue
-
RISING
Intraday malicious virus program: Worm.Win32.VB.ue
Behaviour:
This is a malicious Worm virus program. After being executed, the virus copies its executable files down to system directory; changes the place of ‘Start Menu’ and the homepage of IE Browser, so the virus program can download other malicious virus program in vast amount. This malicious virus program makes it difficult in cleaning the virus program in infected computer.
Statistics:
RISING Cloud Security reported:
April 13, 2009 there were 2,957,229 devices got malicious attack via malicious Webpage Horse Hanging tech, and RISING Virus Lab has intercepted 837,185 malicious hyperlinks with webpage Horse Hanging tech. And Rising Cloud Security got 62,473 reports from end users.
Top5 Infected Website:
1, auto1.zbinfo.net/jhby
with malicious hyperlink: www.****.net.cn/22/02.htm, etc.
2, welcome.xz.vnet.cn
with malicious hyperlink: www.**********.cn/sina/real.html, etc.
3, iom.ccom.edu.cn
with malicious hyperlink: www.****.net.cn/22/Qvod.htm, etc.
4, car.bitauto.com/serial/1679.html
with malicious hyperlink: www.*********.cn/sina/lz.htm, etc.
5, invest.eefoo.com/jd/sdpx/200904/02-1313860.html
with malicious hyperlink: www.****.net.cn/22/real.html, etc.
Notice: the symbol ‘*’ means a stochastic letter or number.
Solutions:
1. Install Rising Internet Security or Rising Anti-virus, personal firewall, update in time, and at least 3 times per day for updating Rising.
2. Install Rising PC Doctor, and choose “Leaks” function to check the leaks or vulnerabilities exist in your computer operation system, patch your computer system in a timely manner as many viruses spread by taking advantage of the system exploits or vulnerabilities.
3. Do not browse suspicious websites, and suspicious inserter; turn off or delete unnecessary system services.
4. Do not receive the suspicious file from QQ, MSN, Email, etc.
5. Open RISING Active Defense and Auto-Protect function when accessing to the internet.
Daily Virus Report (Feb 06, 2012)- Trojan.Win32.Fednu.ual ()
