Daily Virus Report (Mar 21, 2009) - Trojan.Spy.Win32.KeyLogger.epr
-
RISING
Mar 21, 2009 one virus needs your attention. It is EPR (Trojan.Spy.Win32.KeyLogger.epr). This malicious virus program records users’ computer keyboard operation via NotePad process; then, the virus will send this privacy record to hackers’ appointed E-mail box and website. This malicious virus threatens computer users’ privacy information seriously.
Name: EPR (Trojan.Spy.Win32.KeyLogger.epr)
Warning level: Dangerous
Category: Trojan
Affected System: Windows 9X/NT/2000/XP
Description:
This malicious Trojan program can record computer keyboard operation and, spread through webpage horse hanging tech. After being executed, the virus copies its executable files down to system32 directory; releases dynamic data ‘logx.dll’ and ‘Mail.dll’ files. The virus changes registry key value to achieve startup with system. Then, the virus starts ‘notepad.exe’ process; the two dynamic data base files will drop into ‘notepad.exe’ to monitor computer keyboard operation. This malicious virus records computer keyboard operation and save the record in ‘MaildllSyvc.sys’ file of system32 directory; then send the record to virus writer’s appointed E-mail box or website at pre-programmed time. This makes computer users’ privacy information lost; it threatens users’ privacy security seriously.
Anti-virus experts suggest that computer users take the following measures to protect against this virus:
1. Install Rising Internet Security or Rising Anti-virus, personal firewall, update in time, and at least 3 times per day for updating Rising.
2. Install Rising PC Doctor, and choose “Leaks” function to check the leaks or vulnerabilities exist in your computer operation system, patch your computer system in a timely manner as many viruses spread by taking advantage of the system exploits or vulnerabilities.
3. Do not browse suspicious websites, and suspicious inserter; turn off or delete unnecessary system services.
4. Do not receive the suspicious file from QQ, MSN, Email, etc.
5. Open RISING Active Defense and Auto-Protect function when accessing to the internet.
Daily Virus Report (Feb 07, 2012)- Rootkit.Win32.Undef.cvu ()
