Intraday malicious virus program: Worm.Win32.Agent.awk

Behaviour:
This is a malicious Worm virus program which has the characteristic of the virus program “QQ Tail”.
After being executed, the virus program shall send virus files with attractive name to attract users to open; send malicious virus program to other computers which located in the same network segment through the vulnerability MS08-067. And then the virus program shall connect to hackers’ server to access the latest information, and get upgrade. This malicious virus program also shall change Internet browser’s homepage of the infected computers, and modify the homepage setting according to the latest information of the hackers’ server. This malicious virus program threatens computer security seriously.

Statistics:
RISING Cloud Security reported:
October 15, 2009 there were 1,575,475 devices got malicious attack via malicious Webpage Horse Hanging tech, and RISING Virus Lab has intercepted 338,243 malicious hyperlinks with webpage Horse Hanging tech. And Rising Cloud Security got 41,300 reports from end users.

Top5 Infected Website:
1, auto.teein.com/source/1295391.html
with malicious hyperlink: *****.cn/x2/yt.htm, etc.
2, finance.newssc.org/system/2009/10/15/012373935.shtml
with malicious hyperlink: *****. cn/x67/yt.htm, etc.
3, jkwwk98.blog.lanews.com.cn
with malicious hyperlink: *****.cn/x2/td09.htm, etc.
4, mypage.zhyww.cn/pagex.asp?pgid=281959
with malicious hyperlink: ****. cn/x150/yt.htm, etc.
5, news.netandtv.com/column/etime/2009-1/21/09_1_21_16_7_23_2336_2.html
with malicious hyperlink: ****.cn/x110/Td14.htm, etc.

Notice: the symbol ‘*’ means a stochastic letter or number.

Solutions:
1. Install Rising Internet Security or Rising Anti-virus, personal firewall, update in time, and at least 3 times per day for updating Rising.
2. Install Rising PC Doctor, and choose “Leaks” function to check the leaks or vulnerabilities exist in your computer operation system, patch your computer system in a timely manner as many viruses spread by taking advantage of the system exploits or vulnerabilities.
3. Do not browse suspicious websites, and suspicious inserter; turn off or delete unnecessary system services.
4. Do not receive the suspicious file from QQ, MSN, Email, etc.
5. Open RISING Active Defense and Auto-Protect function when accessing to the internet.


*You can buy RISING Security products here or free download to try.
*If you have any questions about RISING products, please visit Rising support centre for help.