Intraday malicious virus program: Worm.Win32.Downloader.ja

Behaviour:
This is a malicious Worm virus program which has strong offensive, destructive, and propagating characters.
After being executed, the virus program shall replace Windows system files with its executable files; so the infected computers can not access to Safe Mode. And the virus program shall shut down antivirus software of the infected computers, e.g. 360 Security Defender, Kingsoft antivirus, Kaspersky antivirus, NOD32, McAfee, etc; and then download Trojan viruses program to infected devices from the hyperlink which specified by hackers. Also, the virus program shall infect files in “exe”, “rar”, “html” and other formats; so while computer users run these infected files, the virus program shall be re-activated and download Trojan viruses program to the infected computers. The virus program also can spread through LAN (Local Area Network) and Flash Disk to extend the scale of propagation.

Statistics:
RISING Cloud Security reported:
September 16, 2009 there were 2,339,772 devices got malicious attack via malicious Webpage Horse Hanging tech, and RISING Virus Lab has intercepted 499,930 malicious hyperlinks with webpage Horse Hanging tech. And Rising Cloud Security got 32,758 reports from end users.

Top5 Infected Website:
1, game.woku.com
with malicious hyperlink: *****.com/html/tiyu/zt/wmb/of.htm, etc.
2, ilife.enet.com.cn
with malicious hyperlink: *****.cn/x118/Td14.htm, etc.
3, shop.c029.com/comview.asp?id=6924
with malicious hyperlink: *****.cn/x150/td09.htm, etc.
4, www.bio-equip.com/show1equip.asp?equipid=14282&division=202
with malicious hyperlink: ****.cn/x150/td09.htm, etc.
5, www.hometexnet.com/Company/Product_Detail.aspx?ProductID=10373&ThisID=883
with malicious hyperlink: *****.cn/x150/yt.htm, etc.

Notice: the symbol ‘*’ means a stochastic letter or number.

Solutions:
1. Install Rising Internet Security or Rising Anti-virus, personal firewall, update in time, and at least 3 times per day for updating Rising.
2. Install Rising PC Doctor, and choose “Leaks” function to check the leaks or vulnerabilities exist in your computer operation system, patch your computer system in a timely manner as many viruses spread by taking advantage of the system exploits or vulnerabilities.
3. Do not browse suspicious websites, and suspicious inserter; turn off or delete unnecessary system services.
4. Do not receive the suspicious file from QQ, MSN, Email, etc.
5. Open RISING Active Defense and Auto-Protect function when accessing to the internet.


*You can buy RISING Security products here or free download to try.
*If you have any questions about RISING products, please visit Rising support centre for help.