Daily Virus Report (Apr 3 to Apr 6, 2009) - Trojan.PSW.Win32.GameOL.wfa
-
RISING
Intraday malicious virus program: Trojan.PSW.Win32.GameOL.wfa
Behaviour:
This is a malicious Trojan virus program. After being executed, the virus releases an ‘exe’ file which has 8 stochastic letters, and a ‘dll’ file which named with 8 stochastic letters. Then the virus drops the two malicious file to Explorer.exe and online game application. And the virus steals account and password information of infected computer, then sends the record to hacker’s appointed website.
Statistics:
RISING Cloud Security reported:
From April 3 to April 6, 2009, there were 11,655,844 devices got malicious attack via Webpage Horse Hanging tech, and RISING Virus Lab has intercepted 3,994,035 malicious hyperlinks with webpage Horse Hanging tech. And Rising Cloud Security got 121,530 reports from end users.
Top5 Infected Website:
1, ask.2118.com.cn/
with malicious hyperlink: www.8****.com.cn/3/02.htm, etc.
2, hy.2118.com.cn
with malicious hyperlink: www.****.com.cn/3/yy.htm, etc.
3, xinan.ccw.com.cn/shangpin.asp?id=39687
with malicious hyperlink: www.q****d.cn/gua/lz.htm, etc.
4, bt.acnow.net
with malicious hyperlink: h.****cn/d1/01/ytgg.htm, etc.
5, dxy.cug.edu.cn
with malicious hyperlink: ****.cn/d1/04/ytgg.htm, etc.
Solutions:
1. Install Rising Internet Security or Rising Anti-virus, personal firewall, update in time, and at least 3 times per day for updating Rising.
2. Install Rising PC Doctor, and choose “Leaks” function to check the leaks or vulnerabilities exist in your computer operation system, patch your computer system in a timely manner as many viruses spread by taking advantage of the system exploits or vulnerabilities.
3. Do not browse suspicious websites, and suspicious inserter; turn off or delete unnecessary system services.
4. Do not receive the suspicious file from QQ, MSN, Email, etc.
5. Open RISING Active Defense and Auto-Protect function when accessing to the internet.
Daily Virus Report (Feb 07, 2012)- Rootkit.Win32.Undef.cvu ()
