Daily Virus Report (Mar 24, 2009) - Trojan.PSW.Win32.XYOnline.aky
-
RISING
Mar 24, 2009 one virus needs your attention. It is AKY (Trojan.PSW.Win32.XYOnline.aky). The virus will search antivirus software process, and try to shut down antivirus process in victim device. This virus steals password of online game “XYOnline II”, by dropping its executed program in IE browser process and send the game password out by penetrating through victim device’s firewall.
Name: AKY (Trojan.PSW.Win32.XYOnline.aky)
Warning level: Dangerous
Category: Trojan
Affected System: NT/2000/XP/2003
Description:
This is an account stealer Trojan; the virus releases virus files “msosdohs**.Dll”, “msosfpids**.sys” to Windows system directory after being executed. The virus modifies registry key value to achieve startup with system; searches antivirus software process, and try to shut down it by force, this will make some antivirus software can not work steadily. And the virus records the game account and password information of online game “XYonline II”, and sends this record out to hackers.
Anti-virus experts suggest that computer users take the following measures to protect against this virus:
1. Install Rising Internet Security or Rising Anti-virus, personal firewall, update in time, and at least 3 times per day for updating Rising.
2. Install Rising PC Doctor, and choose “Leaks” function to check the leaks or vulnerabilities exist in your computer operation system, patch your computer system in a timely manner as many viruses spread by taking advantage of the system exploits or vulnerabilities.
3. Do not browse suspicious websites, and suspicious inserter; turn off or delete unnecessary system services.
4. Do not receive the suspicious file from QQ, MSN, Email, etc.
5. Open RISING Active Defense and Auto-Protect function when accessing to the internet.
Daily Virus Report (Feb 07, 2012)- Rootkit.Win32.Undef.cvu ()
