Intraday malicious virus program: Dropper.Win32.Mnless.flm

Behaviour:
This is a malicious virus dropper program.
After being executed, the virus program shall replace Windows system files, and release “Mnless” virus program to infected computers. And this “Mnless” virus program shall shut down antivirus software of infected computers, and create hijack option of Windows registry to prevent check and scan from antivirus program of the infected devices. Then, the malicious dropper virus program shall download varieties of viruses and Trojan viruses to infected computers according to the URL which specified by hackers. So, this malicious virus dropper program threatens computer security seriously. 

Statistics:
RISING Cloud Security reported:
December 7, 2009 there were 428,227 devices got malicious attack via malicious Webpage Horse Hanging tech, and RISING Virus Lab has intercepted 120,980 malicious hyperlinks with webpage Horse Hanging tech. And Rising Cloud Security got 39,646 reports from end users.

Top5 Infected Website:
1, e-zone.9e3.com/html/blog/2007/4/11/2007411134314.html
with malicious hyperlink: ***.org/4/cqq0.htm, etc.
2, hd.eastmoney.com/zhuanti/yinhua
with malicious hyperlink: ***.org/4/cqqmp.htm, etc.
3, www.37c.com.cn/topic/047/04701.asp
with malicious hyperlink: ***.org/4/cqqmp.htm, etc.
4, www.wjw.cn/merchants/mbr090410123023190725/mer090411123728061576.xhtml
with malicious hyperlink: ***.org/4/cqqmp.htm, etc.
5, ga.mlr.gov.cn/SearchGo.aspx?
with malicious hyperlink: ***.org/4/cqqmp.htm, etc.

Notice: the symbol ‘*’ means a stochastic letter or number.

Solutions:
1. Install Rising Internet Security or Rising Anti-virus, personal firewall, update in time, and at least 3 times per day for updating Rising.
2. Install Rising PC Doctor, and choose “Leaks” function to check the leaks or vulnerabilities exist in your computer operation system, patch your computer system in a timely manner as many viruses spread by taking advantage of the system exploits or vulnerabilities.
3. Do not browse suspicious websites, and suspicious inserter; turn off or delete unnecessary system services.
4. Do not receive the suspicious file from QQ, MSN, Email, etc.
5. Open RISING Active Defense and Auto-Protect function when accessing to the internet.


*You can buy RISING Security products here or free download to try.
*If you have any questions about RISING products, please visit Rising support centre for help.