Daily Virus Report (Apr 2, 2009) - Trojan.PSW.Win32.QQPass.ect
-
RISING
Intraday malicious virus program: Trojan.PSW.Win32.QQPass.ect
Behaviour:
This is a malicious Trojan program. After being executed, the virus copies its executable files down to system directory; changes startup option of registry to achieve being launched with system. And the virus records the input operation of infected device users, to steal users’ QQ account and password; and then send the record to hackers.
Statistics:
RISING Cloud Security reported:
April 1, 2009, there were 2,501,573 devices got malicious attack via Webpage Horse Hanging tech, and RISING Virus Lab has intercepted 794,761 malicious hyperlinks with webpage Horse Hanging tech. And Rising Cloud Security got 34,826 reports from end users.
Top5 Infected Website:
1, 114.gznet.com/page.aspx?id=10000125
with malicious hyperlink: 163.****.cn/gua/lz.htm, etc.
2, ashwaria.ttsite.com
with malicious hyperlink: g.****7.cn/d1/06/newlz.htm, etc.
3, www.xitek.com/html/info/topplay/200812/17-8805.html
with malicious hyperlink: ****3s.cn/d2/a1/bf.htm, etc.
4, ce.scu.edu.cn/bkjx/detail.asp?id=249
with malicious hyperlink: y.v***.cn/d3/b1/4.htm, etc.
5, www.cass.net.cn/file/20081027202176.html
with malicious hyperlink: tt*****.cn/19/lz.htm, etc.
Solutions:
1. Install Rising Internet Security or Rising Anti-virus, personal firewall, update in time, and at least 3 times per day for updating Rising.
2. Install Rising PC Doctor, and choose “Leaks” function to check the leaks or vulnerabilities exist in your computer operation system, patch your computer system in a timely manner as many viruses spread by taking advantage of the system exploits or vulnerabilities.
3. Do not browse suspicious websites, and suspicious inserter; turn off or delete unnecessary system services.
4. Do not receive the suspicious file from QQ, MSN, Email, etc.
5. Open RISING Active Defense and Auto-Protect function when accessing to the internet.
Daily Virus Report (Feb 07, 2012)- Rootkit.Win32.Undef.cvu ()
