Daily Virus Report (Oct 23, 2008) - Worm.Win32.VB.zqo
-
RISING
Oct 23, 2008 one virus needs your attention. It is ZQO (Worm.Win32.VB.zqo). The virus pretends as an icon of file folder. The virus can copy itself in a large amount down to system root directory, and modify the location of system Start menu and homepage of IE Browser; in this way, the virus can download lots of viruses to infected computer. The virus is very difficult to be cleaned.
Name: ZQO (Worm.Win32.VB.zqo)
Warning level: Dangerous
Category: Worm
Affected System: Windows NT/2000/XP/2003
Description:
This is a Worm which is written in VB language. The virus has an icon which is similar to file folder. And the virus can copy itself in large amount down to system root directory, and give these virus files different names, also, the virus will replace some system files. The virus releases Autorun.inf at system root directory; when users open Windows or system32 folder, the virus will shut down this Autorun.inf folder to prevent from manual virus clean. The virus modifies system Start menu location, when mouse pointer points at start menu, the start menu will move randomly to prevent from click. And the virus modifies a large mount of registry values to achieve startup with system. The virus modifies homepage of IE Browser to download new virus file to local computer; this makes a second infection to local computer, and it is difficult to be cleaned.
Anti-virus experts suggest that computer users take the following measures to protect against this virus:
1. Install Rising Anti-virus, personal firewall, update in time, and at least 3 times per day for updating Rising.
2. Use Rising Vulnerability Check, patch your computer system in a timely manner as many viruses spread by taking advantage of the system exploits or vulnerabilities.
3. Do not browse suspicious websites, and suspicious inserter; turn off or delete unnecessary system services.
4. Do not receive the suspicious file from QQ, MSN, Email, etc.
5. Open auto-protect and auto-monitor function when accessing to the internet.
6. Put your account information of networks bank, networks game, MSN, QQ, Yahoo Messenger etc, into Rising Application Protection, Rising Application Protection can protect specified applications from attack by malicious programs. A user can apply rules to game software, instant messenger, etc. to customize protection.
Daily Virus Report (Feb 06, 2012)- Trojan.Win32.Fednu.ual ()
