Daily Virus Report (Apr 29, 2009) - Trojan.Win32.KillAV.bbk
-
RISING
Behaviour:
This is a malicious Trojan virus program.
After being executed, the virus shuts down varieties of antivirus software; downloads Trojan viruses to infected device through websites which specified by hackers. And the virus checks all mobile devices (such as U Flash Disk, Mp3, mobile disk, etc) which connected with infected computer; writes auto-run script files to these mobile devices, so while users use the infected mobile device, his/her computer will get infected by this malicious Trojan virus program.
Statistics:
RISING Cloud Security reported:
April 29, 2009 there were 3,296,415 devices got malicious attack via malicious Webpage Horse Hanging tech, and RISING Virus Lab has intercepted 711,409 malicious hyperlinks with webpage Horse Hanging tech. And Rising Cloud Security got 188,352 reports from end users.
Top5 Infected Website:
1, blog.csdn.net/kkshizhu520/archive/2008/04/01/2240425.aspx
with malicious hyperlink: *****.com.cn/real11.htm, etc.
2, cgi.qianlong.com/medianet/lwoper/lwDisp_XX.asp?id=27#_ftn2
with malicious hyperlink: *****.2288.org/a/yy.htm, etc.
3, www.hzueu.com.cn/new/bareaupage.asp?bareau_id=103
with malicious hyperlink: ******.2288.org/a/bf.htm, etc.
4, xhyd.hdt.net.cn/xiangxi.asp?id=370
with malicious hyperlink: ****.com/safe/newlz.htm, etc.
5, www.nlwoool.net.cn/html/down/10/
with malicious hyperlink: *******.com/nn/bf.htm, etc.
Notice: the symbol ‘*’ means a stochastic letter or number.
Solutions:
1. Install Rising Internet Security or Rising Anti-virus, personal firewall, update in time, and at least 3 times per day for updating Rising.
2. Install Rising PC Doctor, and choose “Leaks” function to check the leaks or vulnerabilities exist in your computer operation system, patch your computer system in a timely manner as many viruses spread by taking advantage of the system exploits or vulnerabilities.
3. Do not browse suspicious websites, and suspicious inserter; turn off or delete unnecessary system services.
4. Do not receive the suspicious file from QQ, MSN, Email, etc.
5. Open RISING Active Defense and Auto-Protect function when accessing to the internet.
Daily Virus Report (Feb 07, 2012)- Rootkit.Win32.Undef.cvu ()
