Intraday malicious virus program: Trojan.Win32.KillAV.byr

Behaviour:
This is a malicious Trojan virus program.
This malicious Trojan virus program is Trojan virus downloader, antivirus software destructor; and has the characteristic of “DOG ARP” virus program. After being executed, the virus program shall release driver file on the infected computers; shuts down 8 kinds of popular antivirus software, and destruct security tools of infected devices. And the virus shall infect and destruct many important system file of Windows OS. This virus program shall access to the malicious website “www.good****188.com” which specified by hackers to download Trojan viruses in vast amount. Because of the infection and destruction of important Windows system files, computer users can not clean this malicious Trojan virus program easily. 

Statistics:
RISING Cloud Security reported:
September 10, 2009 there were 2,100,886 devices got malicious attack via malicious Webpage Horse Hanging tech, and RISING Virus Lab has intercepted 460,709 malicious hyperlinks with webpage Horse Hanging tech. And Rising Cloud Security got 23,232 reports from end users.

Top5 Infected Website:
1, fcasp.zjol.com.cn/zjfc/06asp_gg_15_5.asp?qishu=2009124
with malicious hyperlink: ****.cn/x150/Td14.htm, etc.
2, zs.examda.com/s/7/61/163.html
with malicious hyperlink: ****.cn/x150/td09.htm, etc.
3, jxsbbs.enet.com.cn
with malicious hyperlink: *****.cn/x96/yt.htm, etc.
4, art.soart.com/pm/pmnews/194512.html
with malicious hyperlink: ****.cn/x6/yt.htm, etc.
5, bbs.qnr.cn
with malicious hyperlink: made****org/2/td09.htm, etc.

Notice: the symbol ‘*’ means a stochastic letter or number.

Solutions:
1. Install Rising Internet Security or Rising Anti-virus, personal firewall, update in time, and at least 3 times per day for updating Rising.
2. Install Rising PC Doctor, and choose “Leaks” function to check the leaks or vulnerabilities exist in your computer operation system, patch your computer system in a timely manner as many viruses spread by taking advantage of the system exploits or vulnerabilities.
3. Do not browse suspicious websites, and suspicious inserter; turn off or delete unnecessary system services.
4. Do not receive the suspicious file from QQ, MSN, Email, etc.
5. Open RISING Active Defense and Auto-Protect function when accessing to the internet.


*You can buy RISING Security products here or free download to try.
*If you have any questions about RISING products, please visit Rising support centre for help.