Daily Virus Report (Mar 31, 2009) - Worm.Win32.DownLoad.ok
-
RISING
Intraday malicious virus program: Worm.Win32.DownLoad.ok
Behaviour:
This is a malicious Worm program. After being executed, the virus shuts down varieties of popular anti-virus software; then links to an appointed website to download Trojan virus program to infected device; the two malicious behaviours make the virus difficult to be cleaned.
Statistics:
RISING Cloud Security reported:
March 31, 2009, there were 2,576,103 devices got malicious attack via Webpage Horse Hanging tech, and RISING Virus Lab has intercepted 692,542 malicious hyperlinks with webpage Horse Hanging tech. And Rising Cloud Security got 53,597 reports from end users.
Top5 Infected Website:
1, download.tkgame.com/down/pcgame/fps/2006-07-14/558.html
with malicious hyperlink: www.o****.cn/a1/GLWORLD.html, etc.
2, pk.sogua.com/i.aspx?id=36282*3
with malicious hyperlink: g.****.cn/d5/x1/4.htm, etc.
3, www.podlook.com/item/886911
with malicious hyperlink: g.k****/d1/13/1.htm, etc.
4, game.tkgame.com/downinfo/4500.html
with malicious hyperlink: www.****u.com.cn/11/14.htm, etc.
5, www.ziyoukan.com/Book/1368/Index.html
with malicious hyperlink: www.****z.com.cn/6/14.htm, etc.
Solutions:
1. Install Rising Internet Security or Rising Anti-virus, personal firewall, update in time, and at least 3 times per day for updating Rising.
2. Install Rising PC Doctor, and choose “Leaks” function to check the leaks or vulnerabilities exist in your computer operation system, patch your computer system in a timely manner as many viruses spread by taking advantage of the system exploits or vulnerabilities.
3. Do not browse suspicious websites, and suspicious inserter; turn off or delete unnecessary system services.
4. Do not receive the suspicious file from QQ, MSN, Email, etc.
5. Open RISING Active Defense and Auto-Protect function when accessing to the internet.
Daily Virus Report (Feb 07, 2012)- Rootkit.Win32.Undef.cvu ()
