Daily Virus Report (Dec 12, 2008) - Trojan.DL.Win32.Mnless.brw
-
RISING
Dec 12, 2008 one virus needs your attention. It is BRW (Trojan.DL.Win32.Mnless.brw). The virus spreads through Internet, shut down varieties antivirus software, downloads and executes varieties Trojan, viruses from the website which hackers appointed at infected computer. It makes computer users suffer.
Name: BRW (Trojan.DL.Win32.Mnless.brw)
Warning level: Dangerous
Category: Trojan
Affected System: Windows NT/2000/XP/2003
Description:
This is a Trojan downloader and spreads combine with other Trojans. The virus releases 'kisawids.sys’, 'systemIdle.exe’, and ‘Winxp.dll’ file to local computer after execution. And the virus shuts down varieties antivirus software and add relevant registry hijacker to keep the antivirus check away. Virus modifies registry startup option to achieve startup with system. Virus deletes ‘hosts’ files and send mac address of infected computer to "http://XXX/getmac.jsp” for infection statistics. the virus deletes ‘%systemroot%\system32\down.sys’ after being loaded, and download virus file with name as ‘down.sys’ to local device, then, start this virus file up. The virus is difficult to be deleted and makes troubles to computer daily operation.
Anti-virus experts suggest that computer users take the following measures to protect against this virus:
1. Install Rising Anti-virus, personal firewall, update in time, and at least 3 times per day for updating Rising.
2. Use Rising Vulnerability Check, patch your computer system in a timely manner as many viruses spread by taking advantage of the system exploits or vulnerabilities.
3. Do not browse suspicious websites, and suspicious inserter; turn off or delete unnecessary system services.
4. Do not receive the suspicious file from QQ, MSN, Email, etc.
5. Open auto-protect and auto-monitor function when accessing to the internet.
6. Put your account information of networks bank, networks game, MSN, QQ, Yahoo Messenger etc, into Rising Application Protection, Rising Application Protection can protect specified applications from attack by malicious programs. A user can apply rules to game software, instant messenger, etc. to customize protection.
Daily Virus Report (Feb 07, 2012)- Rootkit.Win32.Undef.cvu ()
