Intraday malicious virus program: Backdoor.Win32.Drwolf.hkw

Behaviour:
This is a malicious Backdoor virus program which has strong covert character.
After being executed, the virus program shall be installed on infected computer covertly, so users can not find this malicious program out from Windows Task Manager. While this malicious Backdoor virus program executing, hackers can remote control the infected computers, and check the information of infected devices, such as: CPU, IP address, computer name, operating system version, and other removable devices which connect with the infected computers. Also, hackers can check, modify, or delete any files of the infected computers; check or control the infected computer screen; monitor and record infected computer users’ privacy via the web camera which connect with infected devices; and record users’ keyboard input operation from background of Windows operating system. So this typical malicious Backdoor virus program threatens computer users’ privacy seriously.

Statistics:
RISING Cloud Security reported:
February 4, 2010 there were 2,407,572 devices got malicious attack via malicious Webpage Horse Hanging tech, and RISING Virus Lab has intercepted 174,805 malicious hyperlinks with webpage Horse Hanging tech. And Rising Cloud Security got 44,501 reports from end users.

Top4 Infected Website:
1, ksj.shangdu.com/wow/150.html
with malicious hyperlink: **cn:85/ss/au.htm, etc.
2, 2008.ahedu.gov.cn
with malicious hyperlink: ** cn/ct14.htm, etc.
3, fjfa.gov.cn/fayw/fanews/201001/2980.html
with malicious hyperlink: ** . cn/main.htm, etc.
4, www.jncqly.gov.cn
with malicious hyperlink: **net/admin.htm, etc.

Notice: the symbol ‘*’ means a stochastic letter or number.

Solutions:
1. Install Rising Internet Security or Rising Anti-virus, personal firewall, update in time, and at least 3 times per day for updating Rising.
2. Install Rising PC Doctor, and choose “Leaks” function to check the leaks or vulnerabilities exist in your computer operation system, patch your computer system in a timely manner as many viruses spread by taking advantage of the system exploits or vulnerabilities.
3. Do not browse suspicious websites, and suspicious inserter; turn off or delete unnecessary system services.
4. Do not receive the suspicious file from QQ, MSN, Email, etc.
5. Open RISING Active Defense and Auto-Protect function when accessing to the internet.


*You can buy RISING Security products here or free download to try.
*If you have any questions about RISING products, please visit Rising support centre for help.