Daily Virus Report (Mar 26, 2009) - Dropper.Win32.Agent.zzg
-
RISING
Intraday malicious virus program: Dropper.Win32.Agent.zzg
Behaviour:
After being executed, this malicious virus program shuts down certain popular antivirus software, then releases malicious Worm program, which carry attacks via the vulnerability of MS08-067, to infected device. This malicious virus program threatens computer security safe seriously.
Statistics:
RISING Cloud Security reported:
March 26, 2009, there were 3,464,832 devices got malicious attack via Webpage Horse Hanging tech, and RISING Virus Lab has intercepted 943,451 malicious hyperlinks with webpage Horse Hanging tech.
Top5 Infected Website:
1, http://www.hffangchan.com/house_search.asp?type=sale&htype=%C3%C5%C3%E6%B7%BF
with malicious hyperlink: www.****0.cn/a1/GLWO***.html, etc.
2, www.cnyw.net/search/hylist.asp?id=8&id1=63
with malicious hyperlink: www.****.cn/a1/ss.htm, etc.
3, moe.zzu.edu.cn/
with malicious hyperlink: www.****n.com/v/1.htm, etc.
4, youth.bnu.edu.cn/Article/TNDT/200901/1680.html
with malicious hyperlink: www.****0.cn/a1/ss.htm, etc.
5, www.boe.com.cn/Joinjdf/Accession/rsggnry.asp?id=63
with malicious hyperlink: www.m****.cn/a1/re**.hTml, etc.
Solutions:
1. Install Rising Internet Security or Rising Anti-virus, personal firewall, update in time, and at least 3 times per day for updating Rising.
2. Install Rising PC Doctor, and choose “Leaks” function to check the leaks or vulnerabilities exist in your computer operation system, patch your computer system in a timely manner as many viruses spread by taking advantage of the system exploits or vulnerabilities.
3. Do not browse suspicious websites, and suspicious inserter; turn off or delete unnecessary system services.
4. Do not receive the suspicious file from QQ, MSN, Email, etc.
5. Open RISING Active Defense and Auto-Protect function when accessing to the internet.
Daily Virus Report (Feb 07, 2012)- Rootkit.Win32.Undef.cvu ()
