Intraday malicious virus program: Trojan.PSW.Win32.AliPay.pd

Behavior:
This is a malicious Trojan virus program. The virus program pretends as goods pictures to cheat users to click on.
After being executed, the virus program will shut down system firewall of Microsoft windows system for implementing its Trojan behaviors; and change Windows Registry key value to achieve startup while computers power on. While users access to the third party payment system to accomplish the payment, the virus program shall automatically save Cookies files and modify the relevant Registry key value of payment software. Finally the virus program shall steal users’ accounts and corresponding passwords and send them to hackers’ servers while users paying through the third party payment system. So the virus program threatens users’ privacy information seriously.

Statistics:
RISING Cloud Security reported:
Nov 14, 2011, Rising Cloud Security detected that there were 84,086 computers got attacks from malicious URL injection and, RISING has intercepted 29,406 malicious URLs successfully. Meanwhile, 63915 suspicious URLs were submitted from Rising Cloud Security members.

Top5 Infected Website:
1, www.gameaxis.com.cn**
Injected malicious URL: ** 2011/0114/d/ie.html
2, www.jxrc.cn**
Injected malicious URL: ** com:10/images/1.htm
3, www.qqstock.com**
Injected malicious URL: ** book/html/50/ie.html
4, www.wojucn.com**
Injected malicious URL: ** ad/ie.html
5, www.xiaoyuanju.com**
Injected malicious URL: ** . article/wddd1.htm

Notice: the symbol ‘*’ means a stochastic letter or number.

Solutions:
1. Install Rising Internet Security, or Rising Antivirus plus Rising Firewall, and get update in time.
2. Install Rising PC Doctor, and choose “Leaks” function to check the leaks or vulnerabilities exist on your computer operating system, patch your computer system in a timely manner because many viruses spread by taking advantage of Windows operating system vulnerabilities.
3. Do not browse suspicious websites, and do not run suspicious plugins; turn off or delete unnecessary system services.
4. Do not receive the suspicious file from QQ, MSN, Email, etc.
5. Open RISING Active Defense and Auto-Protect function while accessing to Internet.


*You can buy RISING Security products here or free download to try.
*If you have any questions about RISING products, please visit Rising support centre for help.